53-1003028-02 9 December, 2013 ® Multi-Service IronWare Administration Guide Supporting Multi-Service IronWare R05.6.00 Download complete user manual (PDF). Use the links to the left to view the content in HTML format. Note: If the Table of Contents is not visible, click the “Show Navigation” button ( ) to display it.
Copyright © 2013 Brocade Communications Systems, Inc. All Rights Reserved. ADX, AnyIO, Brocade, Brocade Assurance, the B-wing symbol, DCX, Fabric OS, ICX, MLX, MyBrocade, OpenScript, VCS, VDX, and Vyatta are registered trademarks, and HyperEdge, The Effortless Network, and The On-Demand Data Center are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries. Other brands, products, or service names mentioned may be trademarks of their respective owners.
Contents About This Document In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii Supported hardware and software . . . . . . . . . . . . . . . . . . . . . . . . . . xiv Supported software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiv Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Specifying an SNMP trap receiver . . . . . . . . . . . . . . . . . . . . . . . 23 Specifying a single trap source . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Setting the SNMP trap holddown time . . . . . . . . . . . . . . . . . . . . 25 Disabling SNMP traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Configuring SNMP ifIndex . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 On Brocade NetIron CES and Brocade NetIron CER only . . . . .
Displaying and modifying default settings for system parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 Enabling or disabling layer 2 switching . . . . . . . . . . . . . . . . . . . . . . 48 Configuring static MAC addresses . . . . . . . . . . . . . . . . . . . . . . . . . . 49 Changing the MAC age time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 Configuring static ARP entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring Detection Parameters . . . . . . . . . . . . . . . . . . . . . . . 81 Showing Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83 Chapter 3 Telemetry Solutions About telemetry solutions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Chapter 6 Operations, Administration, and Maintenance (OAM) IEEE 802.1ag Connectivity Fault Management (CFM) . . . . . . . . . .145 Ethernet OAM capabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145 IEEE 802.1ag purpose. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .145 IEEE 802.1ag provides hierarchical network management . . 147 Mechanisms of Ethernet IEEE 802.1ag OAM . . . . . . . . . . . . . . . . . 147 Fault detection (continuity check message) . . . . . . . . . . .
Enabling and disabling EFM-OAM . . . . . . . . . . . . . . . . . . . . . . .192 Enabling an interface to accept remote loopback. . . . . . . . . .193 Display information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .194 Ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .198 Executing ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .199 Executing ping VRF . . . . . . . . . . . . . . . . . . . . . . . . .
Configuration procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .243 Configuration examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .246 Show commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .249 Syslog messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .250 Synthetic loss measurement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251 Configuration considerations . . . . . . . . . . . . . . . . . . . .
NETCONF commands and specifications. . . . . . . . . . . . . . . . .297 Data models and mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .301 Chapter 9 Foundry Direct Routing and CAM Partition Profiles for the NetIron XMR and the Brocade MLX Series Configuring Density Mode for the 2x100G CAM . . . . . . . . . . .303 Configuring IPv6 host CAM mode . . . . . . . . . . . . . . . . . . . . . . .303 Configuring IPv6 host drop CAM limit . . . . . . . . . . . . . . . . . . . .
Global BGP4 commands and BGP4 unicast route commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .384 Appendix C Commands That Require a Reload Appendix D NIAP-CCEVS NIAP-CCEVS certified Brocade equipment and Ironware releases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .389 Web management access to NIAP-CCEVS certified Brocade equipment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .390 Warning: local user password changes .
xii Multi-Service IronWare Administration Guide 53-1003028-02
About This Document In this chapter • Audience. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Supported hardware and software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Notice to the reader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Related publications . . . . . . . . .
In this chapter Supported hardware and software The following hardware platforms are supported by this release of this guide: TABLE 1 Supported devices Brocade NetIron XMR Series Brocade MLX Series NetIron CES 2000 and NetIron CER 2000 Series Brocade NetIron XMR 4000 Brocade MLX-4 Brocade NetIron CES 2024C Brocade NetIron XMR 8000 Brocade MLX-8 Brocade NetIron CES 2024F Brocade NetIron XMR 16000 Brocade MLX-16 Brocade NetIron CES 2048C Brocade NetIron XMR 32000 Brocade MLX-32 Brocade NetIr
In this chapter Document conventions This section describes text formatting conventions and important notice formats used in this document.
In this chapter Notice to the reader This document may contain references to the trademarks of the following corporations. These trademarks are the properties of their respective companies and corporations. These references are made for informational purposes only.
In this chapter Getting technical help or reporting errors To contact Technical Support, go to http://www.brocade.com/services-support/index.page for the latest e-mail and telephone contact information.
In this chapter xviii Multi-Service IronWare Administration Guide 53-1003028-02
Chapter 1 Getting Started with the Command Line Interface Table 2 displays the individual devices and the command line features they support.
1 Logging on through the CLI • Web Management Interface – a GUI-based management interface accessible through an HTTP (web browser) connection. NOTE The following interface cards are not supported by the front panel of the Web Management Interface: BR-MLX-100Gx2-X, NI-MLX-1Gx48-T, BR-MLX-10GX4-X-ML • Brocade Network Advisor – an optional SNMP-based standalone GUI application. This user guide describes how to configure the features using the CLI.
Logging on through the CLI 1 Example Brocade(config)# rooter ip Unrecognized command Command completion The CLI supports command completion, so you do not need to enter the entire name of a command or option. As long as you enter enough characters of the command or option name to avoid ambiguity with other commands or options, the CLI understands what you are typing.
1 EXEC commands TABLE 3 CLI line-editing commands (Continued) Ctrl-key combination Description Ctrl-C Escapes and terminates command prompts and ongoing tasks (such as lengthy displays), and displays a fresh command prompt. Ctrl-D Deletes the character at the cursor. Ctrl-E Moves to the end of the current command line. Ctrl-F Moves the cursor forward one character. Ctrl-K Deletes all characters from the cursor to the end of the command line.
CONFIG commands 1 or Brocade> enable user1 mypassword After entering the enable command, you see the following prompt. Brocade# The prompt indicates that you are at the Privilege EXEC level. When you are at the Privilege EXEC level, you can enter commands that are available at that level. It is also at this level where you enter the configure terminal command to Global Configuration level. Global level The global CONFIG level allows you to globally apply or modify parameters for ports on the device.
1 CONFIG commands LAG level The LAG level allows you to change parameters for statically-configured LAG groups. You reach this level by entering a LAG command with the appropriate port parameters. Router RIP level The RIP level allows you to configure parameters for the RIP routing protocol. You reach this level by entering the router rip command at the global CONFIG level. Router OSPF level The OSPF level allows you to configure parameters for the OSPF routing protocol.
CONFIG commands 1 Route Map level The Route Map level allows you to configure parameters for a BGP4 route map. You reach this level by entering the route-map name command at the global CONFIG level. Router VRRP level The VRRP level allows you to configure parameters for the Virtual Router Redundancy Protocol (VRRP). You reach this level by entering the router vrrp command at the global CONFIG level, then entering the ip vrrp vrid num command at the interface configuration level.
1 CONFIG commands MAC port security level The MAC port security level allows you to configure the port security feature. You reach this level by entering the port security command at the at the Global or Interface levels. Accessing the CLI The CLI can be accessed through both serial and Telnet connections. For initial log on, you must use a serial connection. Once an IP address is assigned, you can access the CLI through Telnet. Once connectivity to the device is established, you will see the a prompt.
CONFIG commands 1 NOTE The CLI prompt at the interface level includes the port speed. The speed is one of the following: Brocade(config-if–e100-5/1)# – The interface is a 10/100 port. Brocade(config-if–e1000-5/1)# – The interface is a Gigabit port. For simplicity, the port speeds sometimes are not shown in example Interface level prompts in this manual.
1 CONFIG commands When a user attempts to delete a group configuration from the CLI, and another user is already within that group configuration, the user who tries to delete a group configuration in that mode will be denied and will receive the following error message. Session 1: Brocade(config)# vlan 10 Brocade(config-vlan-10)# Session 2: Brocade(config)# no vlan 10 “Error: Cannot undo the configuration as {console|telnet|SSH} session is using this mode.
CONFIG commands 1 List of available options To get a quick display of available options at a CLI level or for the next option in a command string, enter a question mark (?) at the prompt or press TAB. Example To view all available commands at the user EXEC level, enter the following or press TAB at the User EXEC CLI level.
1 CONFIG commands NOTE The vertical bar ( | ) is part of the command. Note that the regular expression specified as the search string is case sensitive. In the example above, a search string of “Internet” would match the line containing the IP address, but a search string of “internet” would not. Displaying lines that do not contain a specified string The following command filters the output of the show who command so it displays only lines that do not contain the word “closed”.
CONFIG commands 1 Example Brocade# ? append attrib boot cd chdir clear clock configure copy cp debug delete dir dm dot1x erase exit fastboot force-sync-standby Append one file to another Change file attribute Boot system from bootp/tftp server/flash image Change current working directory Change current working directory Clear table/statistics/keys Set clock Enter configuration mode Copy between flash, tftp, config/code Copy file commands Enable debugging functions (see also 'undebug') Delete file on flas
1 CONFIG commands --More--, next page: Space, next line: Return key, quit: Control-c -telnet The filtered results are displayed. filtering...
CONFIG commands TABLE 4 1 Special characters for regular expressions (Continued) Character Operation _ An underscore matches on one or more of the following: , (comma) { (left curly brace) } (right curly brace) ( (left parenthesis) ) (right parenthesis) The beginning of the input string The end of the input string A blank space For example, the following regular expression matches on “100” but not on “1002”, “2100”, and so on. _100_ [] Square brackets enclose a range of single-character patterns.
1 CONFIG commands • • • • • • • • • • • • • • • • • $ % ' _ . @ ~ ` ! ( ) { } ^ # & CLI parsing enhancement The response to an invalid keyword, the command returns to the cursor will include all valid content up to where the error was made. The prompt will only delete the invalid keyword “proc” and return to a prompt with the command “Brocade# show”. This will allow the user to continue typing from the point of failure, rather than having to type out the entire command again.
CONFIG commands 1 • Ensures that dependent or related configuration changes are all cut in at the same time. In all cases, if you want to make the changes permanent, you need to save the changes to flash using the write memory command. When you save the configuration changes to flash, this will become the configuration that is initiated and run at system boot. NOTE Most configuration changes are dynamic and thus do not require a software reload.
1 18 CONFIG commands Multi-Service IronWare Administration Guide 53-1003028-02
Chapter 2 Configuring Basic Parameters Table 5 displays the individual Brocade devices and the basic parameters they support.
2 Configuring Basic Parameters TABLE 5 20 Supported Brocade basic parameters features (Continued) Features supported Brocade NetIron XMR Series Brocade MLX Series Brocade NetIron CES 2000 Series BASE package Brocade NetIron CES 2000 Series ME_PREM package Brocade NetIron CES 2000 Series L3_PREM package Brocade NetIron CER 2000 Series Base package Brocade NetIron CER 2000 Series Advanced Services package Terminal display Yes Yes Yes Yes Yes Yes Yes Yes Modifying system parameter default
2 Enabling and disabling interactivity for scripts TABLE 5 Supported Brocade basic parameters features (Continued) Features supported Brocade NetIron XMR Series Brocade MLX Series Brocade NetIron CES 2000 Series BASE package Brocade NetIron CES 2000 Series ME_PREM package Brocade NetIron CES 2000 Series L3_PREM package Brocade NetIron CER 2000 Series Base package Brocade NetIron CER 2000 Series Advanced Services package Show Pause Frame Statistics Yes Yes Yes Yes Yes Yes Yes Real-time mo
2 Entering system administration information TABLE 6 Interactive commands Command type Command Configuration cluster-l2protocol-forward route-only rate-limit policy-map spanning-tree pms disable enable violation deny violation restrict violation shutdown Action reboot-standby reset reload switchover power-off lp all | slot power-off power-supply index | forced hitless-reload mp primary | secondary lp primary | secondary power-supply monitoring clear all| index boot system flash primary | secondary
Configuring Simple Network Management (SNMP) traps 2 Brocade(config)# hostname home home(config)# snmp-server contact Suzy Sanchez home(config)# snmp-server location Centerville home(config)# end home# write memory The system name you configure home replaces the system name Brocade. Syntax: [no] hostname string Syntax: [no] snmp-server contact string Syntax: [no] snmp-server location string The name, contact, and location each can be up to 255 alphanumeric characters. The text strings can contain blanks.
2 Configuring Simple Network Management (SNMP) traps The v1, v2c, or v3 parameter indicates which version of SNMP is used. The string parameter specifies an SNMP community string configured on the Brocade device. It is not used to authenticate access to the trap host, but it is a useful method for filtering traps on the host.
Configuring Simple Network Management (SNMP) traps 2 Syntax: [no] snmp-server trap-source loopback num | ethernet slot/port | ve num The num parameter is a loopback interface or virtual routing interface number. If you do not configure this command, the device will use the device router ID as the source IP address of the notification packet. The router ID of the device can be obtained from the “show ip” command output.
2 Configuring SNMP ifIndex • • • • • • • • • • • • • • • • Power supply failure Fan failure Cold start Link up Link down Bridge new root Bridge topology change Module insert Module remove Redundant module Metro-ring MPLS BGP4 OSPF VRRP VSRP To stop link down occurrences from being reported, enter the following command. Brocade(config)# no snmp-server enable traps link-down Syntax: [no] snmp-server enable traps trap-type A list of traps is available in the Unified IP MIB Reference.
SNMP scalability optimization 2 20 is the default. You cannot change the maximum ifIndex per module to a number less than the number of ports. After this command is issued the following are generated: • “System: IfIndex assignment was changed” is logged in the Syslog. • The snTrapIfIndexAssignmentChanged trap is generated.
2 SNMP scalability optimization Syntax: [no] snmp-server cache disable Use the no form of the command to enable SNMP value caching. To configure the maximum length of time that a cached SNMP port value will be considered valid by the MP, use the following command at the MPLS configuration level of the CLI.
Configuring optical monitoring 2 Configuring SNMP load throttling To ensure that high SNMP loads do not interfere with the performance of the device, the Brocade device limits the percentage of CPU time that can be occupied by SNMP processing. This limit is not imposed when the CPU is idle. NOTE This command tries to fix the maximum percentage of time SNMP task can run in a non-idle system environment.
2 Configuring optical monitoring You can view the XFP optical monitoring information using the show optic command as displayed in the following. Brocade#show optic 4 Port Temperature Tx Power Rx Power Tx Bias Current +----+-----------+----------+------------+-------------------+ 4/1 30.8242 C -001.8822 dBm -002.5908 dBm 41.790 mA Normal Normal Normal Normal 4/2 31.7070 C -001.4116 dBm -006.4092 dBm 41.976 mA Normal Normal Normal Normal 4/3 30.1835 C -000.5794 dBm 0.
Configuring optical monitoring Transceiver Temperature High alarm Transceiver Temperature High warning Transceiver Temperature Low warning Transceiver Temperature Low alarm VCC Voltage High alarm VCC Voltage High warning VCC Voltage Low warning VCC Voltage Low alarm SOA Bias Current High alarm SOA Bias Current High warning SOA Bias Current Low warning SOA Bias Current Low alarm Auxiliary 1 Monitor High alarm Auxiliary 1 Monitor High warning Auxiliary 1 Monitor Low warning Auxiliary 1 Monitor Low alarm Auxi
2 Displaying media information Laser Bias Current Low alarm Laser TX Power High alarm Laser TX Power High warning Laser TX Power Low warning Laser TX Power Low alarm Laser Temperature High alarm Laser Temperature High warning Laser Temperature Low warning Laser Temperature Low alarm Laser RX Power High alarm Laser RX Power High warning Laser RX Power Low warning Laser RX Power Low alarm Show optics thresholds done Brocade# 3a98 6e18 621f 1049 0e83 3700 3500 1b00 1900 6e18 621f 01f5 00fb 30.000 004.
Optics compatibility checking 2 You can display media information for all ports in an Brocade device by using the show media command without options. The ethernet slot-port parameter limits the display to a single port. The to slot-port parameter displays information for a range of ports. This results displayed from this command provide the Type, Vendor, Part number, Version and Serial number of the SFP or XFP optical device installed in the port.
2 Designating an interface as the packet source Disabling transceiver type checking When transceiver type checking is disabled, the syslog message “Incompatible optical trans-receiver detected on port n” is still displayed but the port is not shut down. You can disable transceiver type checking with the no transceiver-type-check command as shown in the following.
Designating an interface as the packet source 2 The following commands configure an IP interface on an Ethernet port and designate the address port as the source for all Telnet packets from the Brocade device. Brocade(config)# interface ethernet 1/4 Brocade(config-if-e10000-1/4)# ip address 10.157.22.
2 Designating an interface as the packet source Brocade(config)# int ve 1 Brocade(config-vif-1)# ip address 10.0.0.3/24 Brocade(config-vif-1)# exit Brocade(config)# ip tftp source-interface ve 1 The commands configure virtual routing interface 1, assign IP address 10.0.0.3/24 to it, then designate the address as the source address for all TFTP packets.
Setting the system clock 2 Setting the system clock The Brocade device allows you to manually set the system clock. Using the clock set command starts the system clock with the time and date you specify. The time counter setting is retained across power cycles. To set the system time and date to 10:15:05 on October 15, 2005, enter the following command.
2 Creating a command alias DST “change” notice for networks using US time zones The new Daylight Saving Time (DST) change that went into effect on March 11, 2007 affects networks in the US time zones. Because of this change, your network clock might not be correct. If your network uses US time zones, and it needs to maintain the correct time, you must enable the following command.
Limiting broadcast, multicast, or unknown unicast rates 2 Displaying a list of all configured alias The following command allows you to display a list of all configured alias. Brocade# alias #alias savemem shro write memory show ip routes Syntax: [no] alias Limiting broadcast, multicast, or unknown unicast rates The Brocade device can forward all traffic at wire speed. However, some third-party networking devices cannot handle high forwarding rates for broadcast, multicast, or unknown unicast packets.
2 Configuring CLI banners Limiting unknown unicasts To globally limit the number of unknown unicast packets a Brocade device forwards to 110,000 per second, enter the following command at the global CONFIG level of the CLI. Brocade(config)# unknown-unicast limit 110000 Brocade(config)# write memory Syntax: [no] unknown-unicast limit number NOTE Only the unknown-unicast limit is configured on the global level, but the value you enter applies to each interface module (slot) installed on the device.
Configuring terminal display 2 Setting a privileged EXEC CLI level banner You can configure the Brocade device to display a message when a user enters the Privileged EXEC CLI level. Example Brocade(config)# banner exec_mode # (Press Return) Enter TEXT message, End with the character '#'. You are entering Privileged EXEC level Don’t foul anything up! # As with the banner motd command, you begin and end the message with a delimiting character; in this example, the delimiting character is # (pound sign).
2 Enabling or disabling routing protocols The number-of-lines parameter indicates the maximum number of lines that will be displayed on a full screen of text during the current session. If the displayed information requires more than one page, the terminal pauses. Pressing the space bar displays the next page. The default for number-of-lines is 24.
Displaying and modifying default settings for system parameters 2 Displaying and modifying default settings for system parameters The Multi-Service IronWare has default table sizes for the following parameters. The table sizes determine the maximum number of entries the tables can hold.
2 Displaying and modifying default settings for system parameters To display the configurable tables and their defaults and maximum values, enter the following command at any level of the CLI. FIGURE 1 Output for the Brocade NetIron XMR and Brocade MLX series Brocade#show default values sys log buffers:50 mac age time:300 sec telnet sessions:5 ip arp age:10 min bootp relay max hops:4 ip ttl:64 hops ip addr per intf:24 when multicast enabled : igmp group memb.
Displaying and modifying default settings for system parameters FIGURE 2 Output for the Brocade NetIron CES Brocade#show default values sys log buffers:50 mac age time:300 sec ip arp age:10 min ip addr per intf:24 when multicast enabled : igmp group memb.:140 sec when ospf enabled : ospf dead:40 sec ospf transit delay:1 sec when bgp enabled : bgp local pref.:100 bgp metric:10 bgp ext.
2 Displaying and modifying default settings for system parameters FIGURE 3 Output for the Brocade NetIron CER device Brocade#show default values sys log buffers:50 mac age time:300 sec ip arp age:10 min ip addr per intf:24 when multicast enabled : igmp group memb.: 260 sec when ospf enabled : ospf dead:40 sec ospf transit delay:1 sec when bgp enabled : bgp local pref.:100 bgp metric:10 bgp ext.
Displaying and modifying default settings for system parameters 2 The following table describes the system-max values of the show default values command for Brocade NetIron XMR and Brocade MLX series. TABLE 8 Display of show default values for system parameters This field... Displays... Default The default value for the system-max element. This value is used in the following conditions: a) There is no system-max configured for the corresponding element.
2 Enabling or disabling layer 2 switching Example : To increase the size of the IP route table Brocade(config)# system-max ip-route 120000 Brocade(config)# write memory Brocade(config)# exit Brocade# reload NOTE If you enter a value that is not within the valid range of values, the CLI will display the valid range for you. To increase the number of IP subnet interfaces you can configure on each port on a Brocade device to 64, enter the following commands.
Configuring static MAC addresses 2 Brocade(config)# route-only This will change the route-only behavior at the global level. Are you sure? (enter ‘y’ or ‘n’): y Global ‘no route-only committed. Syntax: [no] route-only NOTE On the Brocade NetIron XMR and Brocade MLX series devices, route-only is the default condition. Because route-only is the default condition, it will not be displayed in the configuration.
2 Changing the MAC age time The ability of the CAM to store depends on the following: • The number of source MAC address being learned by the CAM. • The number of destination MAC addresses being forwarded by the CAM • The distribution of the MAC address entries across ports. For example, it one port is learning all the source MAC addresses, the available of the CAM for that port will be depleted. Example In the following example, a static MAC address of 0000.0063.
2 Configuring system max values Configuring system max values The system max values for the several system parameters of the Brocade devices are described in Table 9 TABLE 9 System max values for Brocade NetIron XMR and Brocade MLX series devices Parameter Minimum value for Brocade MLX series Maximum value for Brocade MLX series Default value for Brocade MLX series Minimum value for Brocade NetIron XMR Maximum value for Brocade NetIron XMR Default value for Brocade NetIron XMR config-file-size
2 Configuring system max values TABLE 10 System max values for Brocade NetIron CES, Brocade NetIron CER, and Brocade NetIron CER-RT devices Parameter Minimum value for Brocade NetIron CES Maximum value for Brocade NetIron CES Default value for Brocade NetIron CES Minimum value for Brocade NetIron CER Maximum value for Brocade NetIron CER Default value for Brocade NetIron CER Minimum value for Brocade NetIron CER-RT Maximum value for Brocade NetIron CER-RT Default value for Brocade NetIron CER-R
Configuring system max values 2 The config-file-size parameter sets the allowed running and startup-config file sizes. Refer to the appropriate table for your platform. For minimum, maximum and default values for this parameter refer to Table 9 and Table 10. The ifl-cam parameter sets the maximum number of Internal Forwarding Lookup Identifiers. These are used when configuring a Local VLL for Dual Tagging. The default value for the ifl-cam parameter is 8K.
2 Configuring system max values The mac parameter sets the maximum number of MAC entries. For minimum, maximum and default values for this parameter refer to Table 9 and Table 10. The mgmt-port-acl-size parameter sets the maximum size for a management port ACL. For minimum, maximum and default values for this parameter refer to Table 9 and Table 10. The subnet-broadcast-acl-cam parameter sets the maximum number of IP broadcast ACL CAM entries.
Configuring CAM size for an IPv4 multicast group TABLE 11 2 System max ifl-cam values available by CAM profile on Brocade NetIron XMR and Brocade MLX series (Continued) CAM profile Minimum value Maximum value Default value l2-metro-2 0 114688 8192 mpls-l3vpn-2 0 114688 8192 mpls-vpls-2 0 114688 8192 ipv4-ipv6 0 114688 8192 ipv4-vpls 0 114688 8192 ipv4-ipv6-2 0 81920 8192 Configuring CAM size for an IPv4 multicast group To configure the CAM size of an IPv4 multicast group, ent
2 Configuring CAM size for an IPv6 multicast group This error message is also displayed on the Brocade MLX series. After you issue the system-max command, with ipv4-mcast-cam parameter included, additional information will display on the Brocade NetIron XMR and Brocade MLX series as shown in the following example. Brocade(config)#system-max ipv4-mcast-cam 60000 Reload required. Please write memory and then reload or power cycle. Failure to reload could cause system instability on failover.
Configuring profiles with a zero-size IPv4 or IPv6 ACL 2 Brocade(config)#system-max ipv6-mcast-cam 1000 Reload required. Please write memory and then reload or power cycle. Failure to reload could cause system instability on failover. Newly configured system-max will not take effect during hitless-reload. NOTE You must write this command to memory and perform a system reload for this command to take effect.
2 Configuration time Configuration time When system-max values are configured, the Management Module calculates the memory required to accept the value. The resulting value is checked against the Known-Available-Memory value, and calculated against the Highest Required Memory value for both the Management Module and the Interface Module. The Known-Available-Memory is a value with the Lowest Supported Available Memory on a node.
Bootup time 2 A syslog message showing the required memory versus the available memory is generated, and a similar warning message is displayed on the Management Module and Interface Module as shown in the following example.
2 Bootup time NOTE Notifications and traps are sent with the same message. The following tables show which elements are revertible (Yes or No) in each element category.
Monitoring dynamic memory allocation 2 Miscellaneous elements TABLE 15 Miscellaneous elements Miscellaneous elements Revertible: yes or no session-limit yes ip-filter-sys no mgmt-port-acl-size no l2-acl-table-entries no ipv6-cache yes ipv6-route yes IPVRF MAX ROUTES yes mgmt-port-acl-size no receive-cam no IPGRE no LSP_ACL no SERVICE_LOOKUP no IP_SRC_GUARD_CAM no IPv4 MCAST CAM no IPv6 MCAST CAM no SERVER_TRUNKS no CONFIG_FILE_SIZE no Monitoring dynamic memory allocat
2 Switch fabric fault monitoring When the memory allocation fails, an alert message is logged immediately. The alert message is displayed at a frequency of 1 log per 5 minutes. The following example below displays an alert message on the Management Module and the Interface Module. Brocade# show log … Jan 17 22:55:55:A: ALERT: Failed to allocate memory on MP … Jan 17 23:52:55:A: ALERT: Failed to allocate memory on LP 8 … The NULL value is returned to the calling routine.
Switch fabric fault monitoring 2 Brocade#show sfm-links all SFM#/FE# | FE link# | LP#/TM# | TM link# | link state ----------+-----------+---------+-----------+--------2 / 1 | 32 | 3 / 1 | 13 | UP 2 / 1 | 31 | 3 / 2 | 01 | UP 2 / 1 | 11 | 3 / 1 | 01 | UP 2 / 1 | 12 | 3 / 2 | 13 | UP 2 2 2 2 / / / / 3 3 3 3 | | | | 32 31 11 12 | | | | 3 3 3 3 / / / / 1 2 1 2 | | | | 19 07 07 19 | | | | UP UP UP UP 3 3 3 3 / / / / 1 1 1 1 | | | | 32 31 11 12 | | | | 3 3 3 3 / / / / 1 2 1 2 | | | | 16 0
2 Switch fabric fault monitoring TABLE 16 CLI display of SFM link information (Continued) This field... Displays... TM link# The link number on the traffic manager. link state The link state is either: UP – In an operating condition DOWN – In a non-operational condition Displaying switch fabric module information To display the state of all switch fabric modules in the chassis, enter the following command at any level of the CLI.
Switch fabric fault monitoring 2 NOTE You must restart the device for automatic SFM shutdown to take effect. Once you have configured automatic SFM shutdown on the device and restarted it, the management module will automatically detect access failure (see “Access failure messages” on page 66) and shut down the unresponsive SFM.
2 Switch fabric fault monitoring Link up/down messages The Switch Fabric modules (SFM) in a Brocade chassis send a log message when they first become operational or when they change state between “UP” and “DOWN”. The following is an example of the message sent when a link first becomes operational (UP) or when it changes state from non-operational (DOWN) to operational (UP).
Switch fabric utilization monitoring 2 If the device has been configured to shut down a switch fabric module when failure is detected (see“Powering a switch fabric module off automatically on failure” on page 64), the management module will shut down the failed switch fabric module, then send a log message similar to the following: Oct 4 20:33:57:A:System: Health Monitoring: Switch fabric 2 powered off due to failure detection The message above indicates that a failure was detected in attempting to acces
2 Displaying information for an interface for an Ethernet port To check a monitor image, use the following command. Brocade# image-checksum monitor OK Syntax: [no] image-checksum file-name The file-name variable specifies the image file that you want to verify the checksum for. The following output can be generated by this command TABLE 17 Output from image-checksum command Output Description File not found The device failed to locate the specified file.
Displaying information for an interface for an Ethernet port 2 796106728 packets output, 366570033985 bytes, 0 underruns Transmitted 2045784 broadcasts, 32330616 multicasts, 761730328 unicasts 0 output errors, 0 collisions NP transmitted 796106833 packets, Received from TM 796534170 packets Syntax: show interface [ ethernet slot-port [ to slot-port ] ] You can display information for all ports in a device by using the show interface command without options, or use the ethernet slot-port option to limit t
2 Displaying information for an interface for an Ethernet port TABLE 18 Display of show interface ethernet port This field... Displays... Module type port# is state The module type variable specifies a type of interface module, such as 10GigabitEthernet. The port# variable specifies the port number for the interface module. The state variable if the interface module is up or down. Line protocol is status The status variable specifies if the line protocol is up or down.
Displaying information for an interface for an Ethernet port TABLE 18 2 Display of show interface ethernet port (Continued) This field... Displays... Trunk membership The Trunk membership variable identifies the interface module as a member of a primary or secondary port. This specifies members of an active port or not a member of an active port.
2 Displaying information for an interface for an Ethernet port TABLE 18 72 Display of show interface ethernet port (Continued) This field... Displays... Transmitted value broadcasts, value multicasts, value unicasts The value variable specifies the amount of traffic the interface module transmitted on broadcasts, multicasts, and unicast traffic. value output errors, value collisions • The value variable specifies the number of transmitted packets with errors.
Displaying statistics information for an Ethernet port 2 Displaying statistics information for an Ethernet port You can view statistical information about the traffic passing through a specified Ethernet port in one of two ways. The monitor commands allow you to monitor traffic statistics in real time, while the show statistics command provides a snapshot of the most recent traffic statistics.
2 Displaying statistics information for an Ethernet port Real-time monitoring of traffic statistics for a specific Ethernet port To monitor traffic statistics for a specific Ethernet port, enter the following command at the Privileged EXEC level of the CLI. Brocade# monitor statistics ethernet 1/2 Syntax: monitor statistics ethernet slot/port The slot/port variable specifies the port for which you want to display statistics.
2 Displaying statistics information for an Ethernet port Brocade NetIron XMR and Brocade MLX series example Brocade# monitor statistics ethernet 4/1 Seconds: 8 Page 1 of 2 Interface Tx Statistics Ethernet 4/1 Tx interface statistics Traffic statistics: Out Packets Out Octets Out Unicast Packets Out Multicast Packets Out Broadcast Packets poll: 8 Time: Aug 19 16:10:59 Current Delta 17083660926 1093354299264 17083660926 0 0 533508 34144512 533508 0 0 0 0 0 0 Error statistics: Out Errors Out Discard
2 Displaying statistics information for an Ethernet port Brocade NetIron CES and Brocade NetIron CER example Brocade# monitor statistics ethernet 1/2 Seconds: 26 Ethernet 1/2 Tx interface statistics Traffic statistics: In Packets In Octets In Unicast Packets In Multicast Packets In Broadcast Packets poll: 2 Time: Aug 19 16:01:41 Current Delta 24847720 1590253440 24847720 0 0 7738201 495244864 7738201 0 0 0 0 0 0 Error statistics: In Errors In Discards Tx/Rx=t/r, Next/Prev=n/p, Clear=c :Freeze=f
Displaying statistics information for an Ethernet port 2 Brocade# monitor interface traffic Seconds: 248 Interface traffic statistics: InPackets Delta e1/1 24615 4004 e1/2 0 0 e1/3 0 0 e1/4 0 0 e1/5 0 0 e1/6 0 0 e1/7 0 0 e1/8 0 0 e1/9 0 0 e1/10 0 0 e1/11 0 0 e1/12 0 0 e1/13 0 0 e1/14 0 0 e1/15 0 0 e1/16 0 0 Time: Mar 11 20:12:08 OutPackets 24308 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 Delta 3986 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 Packets=p or Bytes=b, Delta=d or Rate=r, Clear=c, Next=n :Freeze=f/s Quit=q Syntax: mon
2 Displaying statistics information for an Ethernet port TABLE 20 Footer commands for monitor interface traffic display F Decreases the polling interval (monitor refresh interval) by one second and continues the execution of the original command with the new refresh interval. This option will decrease the refresh interval until it is equal to 2 seconds, the minimum supported refresh interval value. The default value is 2 seconds. This command is not displayed in the footer of the statistics screen.
Configuring SNMP to revert ifType to legacy values 2 This field... Displays... InUnicastPkts The total number of good unicast packets received. OutUnicastPkts The total number of good unicast packets transmitted. InDiscards The total number of packets that were received and then dropped due to a lack of receive buffers. OutDiscards The total number of packets that were transmitted and then dropped due to a lack of transmit buffers.
2 Configuring snAgentConfigModuleType to return original values Brocade(config)# snmp-server legacy iftype Syntax: [no] snmp-server legacy iftype When this command is configured, the values gigabitEthernet (117) or fastEther(62) are returned for ifType. If you issue a no snmp-server legacy iftype, ifType returns ethernetCsmacd(6) for Ethernet interfaces.
Disabling CAM table entry aging 2 NOTE Statistics for an interface will be different between the CLI and SNMP if snmp-server preserve-statistics is configured and the clear commands listed above are executed. Disabling CAM table entry aging By default if no traffic hits a programmed flow-based content addressable memory (CAM) table entry, the CAM entry is removed from the system’s CAM table.
2 Data integrity protection Event Threshold Configuration The data integrity protection implements configurable thresholds for generating a syslog and trap. There is one threshold for ingress buffer events and one threshold for egress buffer events. Once crossed, a syslog and trap will be generated. To prevent excessive log and traps there is a 10 minute period before another syslog or trap is generated. Setting a threshold to zero disables error detection for the monitor point on all network processors.
Commands 2 Commands The following commands support the features described in this chapter: • show statistics ethernet • sysmon fe link auto-tune • sysmon tm link auto-tune Multi-Service IronWare Administration Guide 53-1003028-02 83
2 show statistics ethernet show statistics ethernet Displays statistics for an ethernet port. Syntax Parameters Command Modes show statistics ethernet slot/port slot/port Specifies the port that you want to display statistics for. User EXEC mode Privileged EXEC mode Global configuration mode Usage Guidelines Command Output 84 The show statistics ethernet command displays the following information: Output field Description InOctets The total number of good octets and bad octets received.
show statistics ethernet Output field Description InFlowCtrlPkts The total number of ingress flow control packets. “N/A” indicates that the interface module does not support flow control statistics. OutFlowCtrlPkts The total number of egress flow control packets. “N/A” indicates that interface module does not support flow control statistics. GiantPkts The total number of packets for which all of the following was true: The data length was longer than the maximum allowable frame size.
2 sysmon fe link auto-tune sysmon fe link auto-tune Enables auto tuning on the fabric element (FE). The no form of this command disables auto tuning on the FE. Syntax sysmon fe link auto-tune no sysmon fe link auto-tune Command Default Parameters Command Modes This command is enabled by default. None. Global configuration mode Usage Guidelines Examples The following example disables auto-tuning on the FE.
sysmon tm link auto-tune 2 sysmon tm link auto-tune Enables auto tuning on the traffic manager (TM). The no form of this command disables auto tuning on the TM. Syntax sysmon tm link auto-tune no sysmon tm link auto-tune Command Default Parameters Command Modes This command is enabled by default. None. Global configuration mode Usage Guidelines Examples The following example disables auto-tuning on the TM.
2 88 sysmon tm link auto-tune Multi-Service IronWare Administration Guide 53-1003028-02
Chapter 3 Telemetry Solutions Table 21 displays the individual Brocade devices and the Interface Parameters features they support.
3 Configuration examples Configuration examples NOTE Telemetry can also be configured from SNMP. Refer to the Unified IP MIB Reference guide for more information.
Configuration examples 3 allow-all-vlan pbr interface ethernet 10/2 ip policy route-map xGW_map allow-all-vlan pbr Egress Port Definition vlan 2 untag ethernet 8/1 to 8/3 lag iris_view ports ethernet 15/1 to 15/3 primary port 15/1 deploy Configuration example 2 FIGURE 5 Configuration example 2 Define Test ACL configurations ip access-list extended Test_filter1 permit vlan 112 ip host 10.100.50.
3 Configuration examples ip access-list extended Test_filter2 deny vlan 2405 ip host 10.33.44.
Configuration examples 3 Configuration example 3 FIGURE 6 Configuration example 3 Define ACL configurations ipv6 access-list S2A_traffic permit vlan 2011 ipv6 2001:db8:200:1001:194:200::/96 permit vlan 2012 ipv6 2001:db8:200:1001:194:200::/96 permit vlan 2015 ipv6 2001:db8:200:1001:194:200::/96 permit vlan 2016 ipv6 2001:db8:200:1001:194:200::/96 permit vlan 2405 ipv6 2001:db8:200:1001:194:200::/96 permit vlan 2435 ipv6 2001:db8:200:1001:194:200::/96 any any any any any any ipv6 access-list Non_S2A_Tr
3 Configuration examples Apply S2A map to source ports interface ethernet 5/1 ip policy route-map S2A ipv6 policy route-map S2A allow-all-vlan pbr interface ethernet 5/8 ip policy route-map S2A ipv6 policy route-map S2A allow-all-vlan pbr Configure destination ports vlan 2 untag ethernet 8/7 ethernet 15/2 With this construct, S2A traffic is explicitly allowed to 8/7 and all other traffic is also sent to 8/7 and 15/2.
Configuration examples 3 NOTE If both IPv4 and IPv6 traffic need to be subjected to PBR, the IPv4 and IPv6 access lists need to be created separately. In addition, both ip policy route-map xGW_map and ipv6 policy route-map xGW_map need to be configured on the interface.
3 96 Configuration examples Multi-Service IronWare Administration Guide 53-1003028-02
Chapter 4 Remote Network Monitoring Table 22 displays the individual Brocade devices and the Remote Network Monitoring features they support.
4 Basic management Viewing configuration information You can view a variety of configuration details and statistics with the show option. The show option provides a convenient way to check configuration changes before saving them to flash. The show options available will vary for the device and by configuration level. To determine the available show commands for the system or a specific level of the CLI, enter the following command.
Basic management 4 Compiled on Sep 19 2013 at 00:02:52 labeled as xmlprm05600b1 (423520 bytes) from boot flash Monitor : Version 5.6.0T175 Copyright (c) 1996-2013 Brocade Communications Systems, Inc. Compiled on Sep 18 2013 at 23:34:48 labeled as xmlb05600b1 (539062 bytes) from code flash IronWare : Version 5.6.0T177 Copyright (c) 1996-2013 Brocade Communications Systems, Inc. Compiled on Aug 28 2013 at 13:59:54 labeled as xmlp05600b327 (7477033 bytes) from Primary FPGA versions: Valid XPP Version = 6.
4 RMON support RMON support The RMON agent supports the following groups. The group numbers come from the RMON specification (RFC 1757): • • • • Statistics (RMON Group 1) History (RMON Group 2) Alarms (RMON Group 3) Events (RMON Group 9) The CLI allows you to make configuration changes to the control data for these groups, but you need a separate RMON application to view and display the data graphically.
RMON support 4 This command shows the following information. TABLE 23 Export configuration and statistics This line... Displays... Octets The total number of octets of data received on the network. This number includes octets in bad packets. This number does not include framing bits but does include Frame Check Sequence (FCS) octets. Drop events Indicates an overrun at the port. The port logic could not receive the traffic at full line rate and had to drop some packets as a result.
4 RMON support TABLE 23 Export configuration and statistics (Continued) This line... Displays... 65 to 127 octets pkts The total number of packets received that were 65 – 127 octets long. This number includes bad packets. This number does not include framing bits but does include FCS octets. 128 to 255 octets pkts The total number of packets received that were 128 – 255 octets long. This number includes bad packets. This number does not include framing bits but does include FCS octets.
RMON support 4 Alarm (RMON group 3) Alarm is designed to monitor configured thresholds for any SNMP integer, time tick, gauge or counter MIB object. Using the CLI, you can define what MIB objects are monitored, the type of thresholds that are monitored (falling, rising or both), the value of those thresholds, and the sample type (absolute or delta). An alarm event is reported each time that a threshold is exceeded. The alarm entry also indicates the action (event) to be taken if the threshold be exceeded.
4 104 RMON support Multi-Service IronWare Administration Guide 53-1003028-02
Chapter 5 Continuous System Monitor Table 24 displays the individual devices and the Continuous System Monitor features they support.
5 Continuous system monitor overview Continuous system monitor overview Continuous system monitoring (Sysmon) is implemented to monitor the overall system’s health. Sysmon is a system-wide, modular monitoring service. It monitors different system components of a device to determine if those components are operating correctly. Sysmon periodically monitors the system for defined event types such as errors on TM and FE links. Sysmon runs as a background process.
Event monitoring 5 • SNMP trap: Generates an SNMP trap By default, SYSMON is enabled to monitor and detect all the defined event types. The following Sysmon event types are defined and implemented: • • • • TM_LINK - Monitoring TM serdes links. FE_LINK - Monitoring FE serdes links. NP memory errors - Monitoring memory errors on interface modules. Port CRC errors Event types TM_LINK TM link is the link between the line card and the switch fabric module.
5 Histogram information Syntax: show sysmon logs NOTE The size of the internal log table is 10,000 logs. Clearing internal logs To clear the internal logs, enter the following command. Brocade# clear sysmon logs Syntax: clear sysmon logs Displaying current SYSMON configuration Enter the show sysmon configuration command to view the current configuration for system monitoring services.
Histogram information 5 NOTE Histogram information is not maintained accross reboot Displaying CPU histogram information The CPU histogram provides information about task CPU usage. The CPU histogram is viewed in the form of buckets i.e., task usage is divided into different interval levels called buckets. For example, the task run time is divided into buckets – bucket 1(0-50ms), bucket2 (50-100ms), bucket3 (100-150ms) etc. The CPU histogram collects the task CPU usage in each bucket.
5 Histogram information Syntax: show cpu histogram { hold | wait | interrupt | timer } [ taskname name | above threshold-value| noclear ] The hold parameter displays the task hold time histogram. The wait parameter displays the task wait time histogram. The interrupt parameter displays the task user-interrupt usage histogram. The timer parameter displays the task sys-timer time usage histogram.
Histogram information 5 The sequence parameter displays sequential task execution information. Sequential execution of task information is recorded when a task’s hold time is greater than the specified threshold value. The task sequence is maintained for a specific period of time and stored in a cyclic buffer, so the oldest record is overwritten by a new record. When the taskname name variable is specified, the histogram information for the specified task only, is displayed.
5 Histogram information Brocade# show bm histogram HISTOGRAM BUFFER SEQUENCE INFO -----------------------------DURATION : 60 s SEQ IDX : 1 TIME : 2012.07.10-09:46:59.
Histogram information 5 To display the buffer allocation stack for the top three tasks (in terms of buffer ownership), enter the following command: Brocade(config)# show bm histogram trace 3 HISTOGRAM BUFFER SEQUENCE INFO -----------------------------DURATION : 60 s SEQ IDX : 1 TIME : 2013.02.07-10:39:34.
5 Histogram information Clearing buffer historgram data To clear the buffer histogram data, enter the following command: Brocade(config)# clear bm histogram Syntax: clear bm histogram Low buffer syslogs Syslog messages are generated when when available buffers fall below the 20, 10 and 5 percent buffer thresholds.
Histogram information 5 To display memory histogram information, enter the following command: Brocade# show memory histogram HISTOGRAM MEMORY SEQUENCE INFO -----------------------------DURATION : 60 s SEQ IDX : 1 TIME : 2012.07.10-11:14:08.
5 NP memory error monitoring SYSLOG: <12>Feb 7 10:50:12 Ni-MLX-Sys-6 System: Low physical memory, Pool(2-Global) below 10%, available pool memory (118108160), physical memory (118108160) on MP SYSLOG: <9>Feb 7 10:50:12 Ni-MLX-Sys-6 System: Low physical memory, Pool(2-Global) below 5%, available pool memory (64421888), physical memory (64421888) on MP SYSLOG: <10>Feb 7 10:50:12 Ni-MLX-Sys-6 System: Low pool memory, Pool(2-Global) below 1%, available pool memory (28532736), physical memory (28532736) on MP
NP memory error monitoring 5 Brocade(config)# sysmon np memory-errors polling-period 10 To configure NP memory error monitoring to generate syslog messages, use the following command: Brocade(config)# sysmon np memory-errors action syslog You may want to disable error reporting if, for example, a hardware fault exists and is generating a lot of errors.
5 Port CRC error monitoring test Port CRC error monitoring test This section discusses the following topics: • Port CRC error monitoring overview • Port CRC error monitoring: basic configuration Port CRC error monitoring overview The port CRC error monitoring test is a background diagnostic test which monitors each port and checks if the number of packets with CRC errors (MAC CRC error eounter) exceeds a pre-configured limit.
Port CRC error monitoring test 5 The variable crc-count specifies the port CRC error count limit for the configured polling period. The range of values is 0 through 65535. The default value is 20. To configure the port CRC error monitoring test to run every 60 seconds, enter the following command: Brocade(config)# sysmon port port-crc-test polling-period 60 Syntax: sysmon port port-crc-test polling-period secs The variable secs specifies the polling period in seconds.
5 Commands Table 26 lists the commands to transition between port CRC error monitoring test diagnostic action states.
Commands 5 • show sysmon config • sysmon np memory-errors • sysmon port port-crc-test action • sysmon port port-crc-test counter • sysmon port port-crc-test log-backoff • sysmon port port-crc-test polling-period • sysmon port port-crc-test threshold Multi-Service IronWare Administration Guide 53-1003028-02 121
5 clear bm histogram clear bm histogram Clears buffer histogram data. Syntax clear bm histogram Command default Parameters Command Modes None Privileged EXEC mode Global configuration mode Usage Guidelines Examples The following example clears buffer histogram data. Brocade(config)# clear bm histogram History Release Command History Multi-Service IronWare R05.5.
clear cpu histogram sequence 5 clear cpu histogram sequence Clears CPU histogram sequential execution of task data. Syntax clear cpu histogram sequence Command default Parameters Command Modes None Privileged EXEC mode Global configuration mode Usage Guidelines Examples The following example clears the CPU histogram sequential execution of task information. Brocade(config)# clear cpu histogram sequence History Release Command History Multi-Service IronWare R05.5.
5 clear memory histogram clear memory histogram Clears memory histogram data Syntax clear memory histogram Command default Parameters Command Modes None Privileged EXEC mode Global configuration mode Usage Guidelines Examples The following example clears memory histogram data. Brocade(config)# clear memory histogram History Release Command History Multi-Service IronWare R05.5.
show bm histogram 5 show bm histogram Displays task buffer usage information. Syntax Parameters show bm histogram [ priority threshold-value | trace ] priority threshold-value Specifies the display of histogram information for a specific buffer priority level. The valid range is 0 - 5 (0 = Critical, 1 = Hi Tx, 2 = Hi IPC Rx, 3 = Hi Data Rx, 4 = Low IPC Rx, 5 = Low Data Rx). trace Command Modes Specifies the display of the buffer allocation stack of the top three tasks.
5 show bm histogram Examples The following example displays buffer histogram information: Brocade# show bm histogram HISTOGRAM BUFFER SEQUENCE INFO -----------------------------DURATION : 60 s SEQ IDX : 1 TIME : 2012.07.10-09:46:59.
show cpu histogram 5 show cpu histogram Displays task CPU usage information. Syntax show cpu histogram { hold | wait | interrupt | timer } [ taskname name | above threshold-value| noclear ] Parameters hold Specifies the display of task hold time information. wait Specifies the display of task wait time information. interrupt Specifies the display of task user-interrupt usage information. timer Specifies the display of task sys-timer time usage information.
5 show cpu histogram Output field Description WaitTime Total(s) WaitTime Max (ms) Time Examples The following example displays task hold time information: Brocade# show cpu histogram hold HISTOGRAM CPU HISTOGRAM INFO ---------------------------No of Bucket : 51 Bucket Granularity : 10 ms Last cleared at : 2012.07.10-07:29:20.
show cpu histogram sequence 5 show cpu histogram sequence Displays sequential execution of task information. Syntax Parameters show cpu histogram sequence [ taskname name | above threshold-value | trace ] sequence Specifies the display of sequential execution of task information. taskname name Specifies the display of histogram information for a specific task. above threshold-value Specifies the display of histogram information for tasks whose maximum hold time is above the specified value.
5 show cpu histogram sequence Examples The follow example displays sequential execution of task information: Brocade# show cpu histogram sequence HISTOGRAM TASK SEQUENCE INFO ---------------------------THRESHOLD : 10 ms DURATION : 30 s ---------------------------Seq No Task Name Context HoldTime Start Time End Time Date Max (ms) -------------------------------------------------------------------------------1 snms TASK 16 07:33:08.790 07:33:08.806 2012.07.10 2 snms TASK 16 07:33:08.772 07:33:08.789 2012.
show memory histogram 5 show memory histogram Displays task memory usage information. Syntax Parameters show memory histogram [ pool pool-id | below threshold-value | trace taskname] pool pool-id Specifies the display of memory histogram information for a specific memory pool. The valid range is 0-3, where “0” = OS, “1” = Shared, “2” = Global and “3” = User Private.
5 show memory histogram Examples The following example displays memory histogram information: Brocade# show memory histogram HISTOGRAM MEMORY SEQUENCE INFO -----------------------------DURATION : 60 s SEQ IDX : 1 TIME : 2012.07.10-11:14:08.
show sysmon config 5 show sysmon config Displays the system monitoring configuration. Syntax Parameters Command Modes show sysmon config None. User EXEC mode Privileged EXEC mode Global configuration mode Usage Guidelines Command Output Examples The show sysmon config command displays the following information: Output field Description EVENT Error event that is monitored ACTION Action taken when the error event is detected. POLL PERIOD (SEC) Frequency of polling for the error event.
5 sysmon np memory-errors sysmon np memory-errors Configures memory error monitoring and reporting on interface modules. The no form of this command disables memory error monitoring on interface modules. Syntax sysmon np memory-errors { poll-interval secs | action {syslog-and-trap | syslog | trap | none }} no sysmon np memory-errors { poll-interval secs | action {syslog-and-trap | syslog | trap | none }} Command Default Parameters Monitoring of NP memory-errors is enabled by default.
sysmon np memory-errors 5 The no form of the command specifying the action as syslog-and-trap, syslog, or trap removes the specified action. The following command removes the syslog action. Brocade(config)# no sysmon np memory-errors action syslog .The no form of the command specifying the action as none restores the default action (syslog-and-trap). For example: Brocade(config)# no sysmon np memory-errors action none History Release Command History Multi-Service IronWare R05.6.
5 sysmon port port-crc-test sysmon port port-crc-test Enables the port CRC error monitoring test. The no form of this command disables the port CRC error monitoring test. Syntax sysmon port port-crc-test no sysmon port port-crc-test Command Default Parameters Command Modes The port CRC error monitoring test is enabled by default. None. Global configuration mode Usage Guidelines Examples The following example disables the port CRC error monitoring test.
sysmon port port-crc-test action 5 sysmon port port-crc-test action Configures the diagnostic action for the port CRC error monitoring test. Syntax Command Default Parameters Command Modes sysmon port port-crc-test action {none|syslog|port-disable} The default action for the port CRC error monitoring test is syslog. none No action. port-disable Disable port. syslog Generate a syslog message.
5 sysmon port port-crc-test counter sysmon port port-crc-test counter Configures the port CRC error count limit for the configured polling period for the port CRC error monitoring test. Syntax sysmon port port-crc-test counter port-crc-counter less-than crc-count Command Default Parameters Command Modes crc-count Specifies the port CRC error count limit for the configured polling period. The range of values is 0 through 65535. The default value is 20. Global configuration mode.
sysmon port port-crc-test log-backoff 5 sysmon port port-crc-test log-backoff Disables syslog messages for a specified number of events, before they are logged again for the port CRC error monitoring test. Syntax sysmon port port-crc-test log-backoff num Command Default Parameters Command Modes num Specifies the number of events to skip before logging syslog messages again. The range of values is 1 through 14,400. Global configuration mode.
5 sysmon port port-crc-test polling-period sysmon port port-crc-test polling-period Configures the polling period for the port CRC error monitoring test. Syntax sysmon port port-crc-test polling-period secs Command Default Parameters Command Modes secs Specifies the polling period in seconds. The range of values is 0 through 65535. The default value is 60 seconds. Global configuration mode.
sysmon port port-crc-test threshold 5 sysmon port port-crc-test threshold Configures the threshold for diagnostic action for the port CRC error monitoring test. Syntax Command default Parameters Command Modes sysmon port port-crc-test threshold num-failures num-polls The default threshold is 3 failed test runs out of 5 polls. num-failures Specifies the number of failed test runs. The range of values is 1 through 31. num-polls Specifies the number of polls (tests). The range of values is 2 through 31.
5 142 sysmon port port-crc-test threshold Multi-Service IronWare Administration Guide 53-1003028-02
Chapter 6 Operations, Administration, and Maintenance (OAM) Table 27 displays the individual Brocade devices and the OAM features they support.
6 Operations, Administration, and Maintenance (OAM) TABLE 27 Supported Brocade OAM features (Continued) Features supported Brocade NetIron XMR Series Brocade MLX Series Brocade NetIron CES 2000 Series BASE package Brocade NetIron CES 2000 Series ME_PREM package Brocade NetIron CES 2000 Series L3_PREM package Brocade NetIron CER 2000 Series Base package Brocade NetIron CER 2000 Series Advanced Services package Delay measurement for ISID Yes Yes No No Yes No Yes MPLS OAM – LSP traceroute
IEEE 802.1ag Connectivity Fault Management (CFM) 6 IEEE 802.1ag Connectivity Fault Management (CFM) IEEE 802.1ag Connectivity Fault Management (CFM) refers to the ability of a network to monitor the health of a service delivered to customers as opposed to just links or individual bridges. The IEEE 802.1ag CFM standard specifies protocols, procedures, and managed objects to support transport fault management.
6 146 IEEE 802.
Mechanisms of Ethernet IEEE 802.1ag OAM 6 IEEE 802.1ag provides hierarchical network management Maintenance Domain (MD) A Maintenance domain is part of a network controlled by a single operator. In Figure 7, we have customer domain, provider domain and operator domain. Maintenance Domain level (MD level) The MD levels are carried on all CFM frames to identify different domains.For example, in Figure 7, some bridges belong to multiple domains. Each domain associates a MD level.
6 Mechanisms of Ethernet IEEE 802.1ag OAM As a result, MEPs also receive CCMs periodically from other MEPs. If a MEP on local Bridge stops receiving the periodic CCMs from peer MEP on a remote Bridge, it can assume that either the remote Bridge has failed or failure in the continuity of the path has occurred. The Bridge can subsequently notify the network management application about the failure and initiate the fault verification and fault isolation steps either automatically or through operator command.
Configuring IEEE 802.1ag CFM 6 Each MP along the path returns a unicast Linktrace Reply back to the originating MEP. The MEP sends a single LTM to the next hop along the trace path; however, it can receive many Linktrace Responses from different MPs along the trace path and the destination MEP as the result of the message traversing hop by hop. As mentioned previously, the age-out of MAC addresses can lead to erasure of information at MIPs, where this information is used for the Linktrace mechanism.
6 Setting Maintenance Domain parameters Brocade(config-cfm)#domain-name VPLS-SP level 4 Brocade(config-cfm-md-VPLS-SP)# Syntax: [no] domain-name name [id md-id] [level level] The domain-name name parameter specifies the domain name. The name attribute is case-sensitive. The id md-id is the Maintenance Domain Index. It is an optional parameter. The range is 1 - 4090. The level parameter sets the domain level in the range 0 – 7. When the domain already exists, the level argument is optional.
Setting Maintenance Domain parameters 6 Tag-type configuration For the NetIron CES, the following two VLAN tag-types are allowed that can be configured globally: • tag1 applies to customer edge ports (CVLAN) by default. • tag2 applies to provider-network, backbone-edge, and backbone-network port types (SVLAN and BVLAN) by default. NOTE The tag1 and tag2 are independent of port-types, so the system can be configured to use tag1 for SVLAN, BVLAN and tag2 for CVLAN.
6 Setting Maintenance Domain parameters Brocade(config-cfm)#domain name VPLS-SP level 4 Brocade(config-cfm-md-VPLS-SP)#ma-name ma_1 vlan-id 30 priority 3 Brocade(config-cfm-md-VPLS-SP-ma-ma_1)#ccm-interval 10-second Brocade(config-cfm-md-VPLS-SP-ma-ma_1)# Syntax: [no] ccm-interval [1-second | 1-minute | 10-second | 10-minute|3.3-ms | 10-ms | 100-ms ] The 1 second parameter sets the time interval between two successive CCM packets to 1 second.
Setting Maintenance Domain parameters 6 The mep-id parameter specifies the maintenance end point ID (mandatory) in the range 1-8191. The up parameter sets the MEP direction away from the monitored VLAN. The down parameter sets the MEP direction towards the monitored VLAN. The vlan-id parameter specifies the VLAN end-points. It is configured only for MAs associated with VPLS and not configured for MAs with a VLAN. The port-id parameter specifies the target interface on which it is used.
6 Y.1731 performance management Brocade(config-cfm)#domain name VPLS-SP level 4 Brocade(config-cfm-md-VPLS-SP)#ma-name ma_1 vlan-id 30 Brocade(config-cfm-md-VPLS-SP-ma_1)#mip-policy explicit Brocade(config-cfm-md-VPLS-SP-ma_1)# Syntax: [no] mip-policy [explicit |default] Use the explicit parameter to specify that explicit MIPs are configured only if a MEP exists on a lower MD Level. Use the default parameter to specify that MIPs will always be created.
Y.1731 performance management 6 Frame Delay = (RxTimeb – TxTimeStampf) – (TxTimeStampb – RxTimeStampf) This release provides Y.1731 support for the following: • VLANs • VPLS • Both VC-mode tagged and raw • VLL • Both tagged and raw modes • Up and Down MEPs for VLANs, VPLS, and VLL • Over LAG ports • The active primary port of the trunk would be used to transmit ETH-DM frames in case of down MEP • Through 802.
6 Y.1731 performance management ======================================================================================= Round Trip Frame Delay Time : min = 31.501 us avg = 32.586 us max = 34.052 us Round Trip Frame Delay Variation : min = 45 ns avg = 839 ns max = 1.
Y.1731 performance management 6 Sample configuration 1. MEP configuration (prerequisite for ETH-DM to work).
6 CFM monitoring and show commands CFM monitoring and show commands Sending linktrace messages The cfm linktrace domain command sends a linktrace message to a specified MEP in the domain. Enter a command such as the following to send a linktrace message to a specified MEP in the domain. Brocade# cfm linktrace domain VPLS-SP ma ma_1 src-mep 21 target-mep 1 timeout 10 t Linktrace to 0000.00fb.
CFM monitoring and show commands 6 Reply from 0000.00fb.5378: time<1ms Reply from 0000.00fb.5378: time<1ms Reply from 0000.00fb.5378: time<1ms Reply from 0000.00fb.5378: time<1ms A total of 10 loopback replies received. Success rate is 100 percent (10/10), round-trip min/avg/max=0/0/1 ms.
6 CFM monitoring and show commands Displaying CFM configurations The show cfm command, displays the current configuration and status of CFM. For the show cfm command to take effect, CFM should first be enabled in Protocol Configuration mode. Brocade#show cfm Domain: md2 Index: 1 Level: 6 Maintenance association: ma2 Ma Index: 1 CCM interval: 10000 ms VLAN ID: 2 Priority: 6 MEP Direction MAC ==== ========= ========= 3 DOWN 0000.00f7.
CFM monitoring and show commands TABLE 28 6 Show CFM output descriptions This field... Displays... MIP DIsplays the associated MIP VLAN DIsplays the associated VLAN. The show cfm brief show a summary of the configured MEPs and RMEPs.
6 CFM monitoring and show commands Displaying connectivity statistics The show cfm connectivity command, displays connectivity statistics for the remote database. For the show cfm connectivity command to take effect, CFM should first be enabled in the Protocol Configuration mode. Brocade#show cfm connectivity Domain: md2 Index: 1 Level: 6 Maintenance association: ma2 MA Index: 1 CCM interval: 10000 ms VLAN ID: 2 Priority: 6 RMEP MAC VLAN/PEER ==== ===== =============== 2 0000.00f7.
CFM monitoring and show commands 6 Configuring Router A CFM configuration steps for Router A are listed below. 1. To enable CFM, enter the following command. RouterA(config)#cfm-enable 2. Create a maintenance domain with a specified name CUST_1 and level 7. RouterA(config-cfm)#domain-name CUST_1 level 7 3. Create a maintenance association within a specified domain of vlan-id 30 with a priority 3. RouterA(config-cfm-md-CUST_1)#ma-name ma_5 vlan-id 30 priority 3 4.
6 CFM monitoring and show commands RouterB(config-cfm-md-CUST_1-ma-ma_5)#mep 2 down vlan 30 port ethe 1/1 Configuring Router C CFM configuration steps for Router C are listed below. 1. To enable CFM for VPLS, enter the following command. RouterC(config)#cfm-enable 2. Create a maintenance domain with a specified name CUST_1 and level 7. RouterC(config-cfm)#domain-name CUST_1 level 7 3. Create a maintenance association within a specified domain of vlan-id 30 with a priority 4.
CFM monitoring and show commands 6 6. Configuring a MED for each of the Domain Service Access Points of a service instance creates a MA to monitor the connectivity. Add ethernet port 1/1 to a specified maintenance association. RouterA(config-cfm-md-CUST_1-ma-ma_5)#mep 2 down port ethe 1/1 7. To configure the hostnameas RouterA, enter a command such as the following. RouterA(config)#hostname RouterA 8. Configure interface ethernet 1/1 as the custom-edge by entering the following commands.
6 CFM monitoring and show commands 1. Create the port-based VLAN that contains the tagged interface that you want to use by entering the following commands. RouterC(config)# vlan30 RouterC(config-vlan-30)# tagged ethe 1/1 2. To enable CFM, enter the following command. RouterC(config)#cfm-enable 3. Create a maintenance domain with a specified name CUST_1 and level 7. RouterC(config-cfm)#domain-name CUST_1 level 7 4.
CFM monitoring and show commands 6 Brocade1(config-cfm)#domain-name CUST_1 level 5 6. Create a maintenance association within a specified ESI Site1vlan30, and a vlan-id 30 with a priority 3. Brocade1(config-cfm-md-CUST_1)#ma-name ma_5 esi Site1vlan30 vlan-id 30 priority 3 7. Set the time interval between successive Continuity Check Messages to 10-seconds. Brocade1(config-cfm-md-CUST_1-ma-ma_5)#ccm-interval 10-second 8.
6 CFM monitoring and show commands Brocade2(config-cfm-md-CUST_1-ma-ma_5)#ccm-interval 10-second 6. Configuring a MED for each of the Domain Service Access Points of a service instance creates a MA to monitor the connectivity. Add ethernet port 1/2 as MEP to a specified maintenance association. Brocade2(config-cfm-md-CUST_1-ma-ma_5)#mep 5 up port ethe 1/2 7. To configure the hostname as Brocade1, enter a command such as the following. Brocade2(config)#hostname Brocade1 8.
CFM monitoring and show commands 7. 6 Set the time interval between successive Continuity Check Messages to 10-seconds. Brocade3(config-cfm-md-CUST_1-ma-ma_5)#ccm-interval 10-second 8. Configuring a MED for each of the Domain Service Access Points of a service instance creates a MA to monitor the connectivity. Add ethernet port 1/2 as MEP to a specified maintenance association. Brocade3(config-cfm-md-CUST_1-ma-ma_5)#mep 6 up port ethe 1/2 9.
6 CFM monitoring and show commands RouterB#show cfm connectivity Domain: CUST_1 Level: 7 Maintenance association: ma_5 CCM interval: 10000 ms VLAN ID: 30 Priority: 5 RMEP MAC VLAN/PEER AGE ==== ===== =============== ==== 400 0000.00e2.8a00 30 898 100 0000.00e2.b400 30 1569 PORT SLOTS ======== ==== 1/3 1, 1/3 1, RouterC#show cfm connectivity Domain: CUST_1 Level: 7 Maintenance association: ma_5 CCM interval: 10000 ms VLAN ID: 30 Priority: 4 RMEP MAC VLAN/PEER AGE ==== ===== =============== ==== 200 0000.
CFM monitoring and show commands 6 Achieving end-to-end connectivity between CE1 and CE2 To achieve end-to-end connectivity between CE1 and CE2, configure DOWN MEP on 1/1 and 2/1.PE1 and PE2 acts as MIP. The configuration for this is as follows. Configuring CE1 1. To enable CFM, enter the following command. CE1(config)#cfm-enable 2. Create a maintenance domain with a specified name CUST_1 and level 7. CE1(config-cfm)#domain-name CUST_1 level 7 3.
6 CFM monitoring and show commands Enter the following commands to configure VLL peers from PE1 to PE 2. 1. To create a VLL instance, enter commands such as the following. PE1(config)#router mpls PE1(config-mpls)vll pe1-to-pe2 30 2. To specify a VLL peer, enter a command such as the following. PE1(config-mpls-vll)vll-peer 10.1.1.2 3. To specify an un-tagged endpoint for a VLL instance, enter the following commands. PE1(config-mpls-vll)untagged ethe 1/1 Tagged ports are configured under a VLAN ID. 4.
CFM monitoring and show commands 6 2. To specify a VPLS peer enter a command such as the following. PE2(config-mpls-vll)vpls-peer 10.1.1.1 3. To specify an un-tagged endpoint for a VLL instance, enter the following commands. PE2(config-mpls-vll)untagged ethe 2/1 Tagged ports are configured under a VLAN ID. 4. To specify a tagged endpoint for a VLL instance, enter the following commands. PE2(config-mpls-vll)vlan 30 PE2(config-mpls-vll-vlan)tagged ethe 2/1 IEEE 802.
6 CFM monitoring and show commands Maintenance association: ma_5 VLAN ID: 30 Priority: 3 CCM interval: 10 RMEP MAC PORT Oper Age CCM RDI Port Intf Intvl Seq State Val Cnt Status Status Error Error ==== =============== === === ===== === === ==== ====== ====== ==== 2 0000.00e2.8a00 1/1 OK 26000 2600 N 0 0 N N= Syntax: show cfm connectivity [domain name] [ma ma-name] The [domain name] parameter displays the specific domain information. By default, all defined domains are shown.
CFM monitoring and show commands 6 CE1#cfm loopback domain CUST_1 ma ma_5 src-mep 1 target-mep 2 DOT1AG: Sending 10 Loopback to 0000.00e2.8a00, timeout 10000 msec Type Control-c to abort Reply from 0000.00e2.8a00: time=3ms Reply from 0000.00e2.8a00: time<1ms Reply from 0000.00e2.8a00: time<1ms Reply from 0000.00e2.8a00: time<1ms Reply from 0000.00e2.8a00: time=38ms Reply from 0000.00e2.8a00: time<1ms Reply from 0000.00e2.8a00: time<1ms Reply from 0000.00e2.8a00: time<1ms Reply from 0000.00e2.
6 CFM monitoring and show commands If the linktrace and loopback to target-mep 2 fails, then the linktrace can be done on the MIPs on PE1 and PE2 to know the exact failure. Deployment scenario with PEs functioning as DOWN MEP It is also possible to configure DOWN MEP on VLL end-points. For example, in Figure 10, the DOWN MEP can be configured to monitor the connectivity between CE1 and PE1 or to monitor the connectivity between CE2 and PE2. Configuring CE1 1. To enable CFM, enter the following command.
CFM monitoring and show commands 6 To monitor the connectivity between CE-1 and PE-1, you can use the show cfm connectivity commands as mentioned in the previous scenario. You can also use the loopback or linktrace commands on CE-1 or PE-1. Deployment scenario with PEs functioning as UP MEP UP MEPs can also be configured on PEs. This monitors connectivity of VLL end points. Configuring PE1 The MPLS-VLL configuration is the same as shown in the previous deployment scenario.
6 CFM monitoring and show commands Configuring PE2 1. To enable CFM, enter the following command. PE2(config)#cfm-enable 2. Create a maintenance domain with a specified name PROVIDER_1 and level 4. PE2config-cfm)#domain-name PROVIDER_1 level 4 3. Create a maintenance association within a specified domain of vll-id 30 with a priority 3. PE1(config-cfm-md-PROVIDER_1)#ma-name ma_8 vll-id 30 priority 3 4. Set the time interval between successive Continuity Check Messages.The default is 10-seconds.
CFM monitoring and show commands 6 Tagged ports are configured under a VLAN ID. 3. To specify a tagged endpoint for a VLL instance, enter the following commands. PE1(config-mpls-vll-test1)vlan 30 PE1(config-mpls-vll-vlan)tagged ethe 1/1 As in the previous case, to monitor the connectivity between CE1 and CE2, you can use “show cfm connectivity” commands as mentioned in the previous scenario. Also we could use either loopback or linktrace on CE1 or CE2. LAG-support for IEEE 802.
6 Monitoring the status of devices in a VPLS network in a Provider’s Maintenance Domain Hitless upgrade support Hitless upgrade support for IEEE 802.1ag over VLL is similar to IEEE 802.1ag hitless upgrade support for VLAN or VPLS. Monitoring the status of devices in a VPLS network in a Provider’s Maintenance Domain CFM provides capabilities to detect, verify, and isolate connectivity failures. NOTE When configuring 802.
Monitoring the status of devices in a VPLS network in a Provider’s Maintenance Domain 6 Configuring PE 1 1. To enable CFM for VPLS, enter the following command. PE1(config)#cfm-enable 2. Create a maintenance domain with a specified name VPLS-SP and level 4. PE1(config-cfm)#domain-name VPLS-SP level 4 3. Create a maintenance association within a specified domain of vpls-id 1 with a priority 3. PE1(config-cfm-md-VPLS-SP)#ma-name ma_1 vpls-id 1 priority 3 4.
6 Monitoring the status of devices in a VPLS network in a Provider’s Maintenance Domain MPLS configurations Enter the following commands to configure VPLS peers from PE1 toPE 3. 1. To create a VPLS instance, enter commands such as the following. PE2(config)#router mpls PE2(config-mpls)vpls 1 1 2. To specify two remote VPLS peers within a VPLS instance, enter a command such as the following. PE2(config-mpls-vpls-1)vpls-peer 10.1.1.1 PE2(config-mpls-vpls-1)vpls-peer 10.1.1.
Monitoring the status of devices in a VPLS network in a Provider’s Maintenance Domain 6 Verifying connectivity in a VPLS network using IEEE 802.1ag To display VPLS IEEE 802.1ag connectivity, enter the following commands. Brocade#sh cfm domain VPLS-SP Domain: VPLS-SP Level: 4 Maintenance association: ma_1 CCM interval: 10 VPLS ID: 1 Priority: 3 MEP Direction MAC ==== ========= ========= 1 UP 0000.00e3.
6 Monitoring the status of devices in a VPLS network in a Provider’s Maintenance Domain The show cfm connectivity command, displays connectivity statistics for the remote database. For the show cfm connectivity command to take effect, CFM should first be enabled in the Protocol Configuration mode. Brocade#show cfm connectivity Domain: VPLS-SP Level: 4 Maintenance association: ma_1 CCM interval: 10 VPLS ID: 1 Priority: 3 RMEP MAC VLAN/VC ==== ===== ======= 4 0000.00e2.d80a 00f00a1 2 0000.00e2.
Monitoring the status of devices in a VPLS network in a Provider’s Maintenance Domain TABLE 33 6 Output for show CFM connectivity command This field... Displays... CCM Count Displays the total number of Continuity Check messages (CCMs) that are sent. RDI Remote Defect Indicator Port Status The status of a port Intf Status The status of the interface Intvl Error Displays Y if there has been an interval error and N if no interval errors have been detected.
6 Monitoring the status of devices in a VPLS network in a Provider’s Maintenance Domain Brocade#cfm loopback domain VPLS-SP ma ma_1 src-mep 1 target-mep 4 DOT1AG: Sending 10 Loopback to 0000.00e2.d80a, timeout 10000 msec Type Control-c to abort Reply from 0000.00e2.d80a: time=3ms Reply from 0000.00e2.d80a: time<1ms Reply from 0000.00e2.d80a: time<1ms Reply from 0000.00e2.d80a: time<1ms Reply from 0000.00e2.d80a: time=38ms Reply from 0000.00e2.d80a: time<1ms Reply from 0000.00e2.
Monitoring the status of devices in a VPLS network in a Provider’s Maintenance Domain 6 Support for IEEE 802.
6 IEEE 802.
IEEE 802.3ah EFM-OAM 6 The IEEE 802.3ah EFM standard offers an opportunity to create the operations, OAM sub-layer within the data-link layer of the OSI protocol stack. The data-link layer provides utilities for monitoring and troubleshooting Ethernet links. Possible applications The data-link layer OAM is targeted at last-mile applications and service providers can use it for demarcation point OAM services. Ethernet Last Mile applications require robust infrastructure that is both passive and active.
6 IEEE 802.3ah EFM-OAM Timers • Two configurable timers control the protocol, one determining the rate at which OAMPDUs are to be sent, and the second controlling the rate at which OAMPDUs are to be received to maintain the adjacency between devices. • An additional 1-second non-configurable timer is used for error aggregation, which is necessary for the Link Monitoring Process to generate link quality events. • The timer should generate PDUs in the range of 1s - 10sec. The default value is 1sec.
IEEE 802.3ah EFM-OAM 6 Rules for passive mode A DTE in Passive mode: • • • • • • Waits for the remote device to initiate the Discovery process Sends Information PDUs May send Event Notification PDUs May respond to Variable Request PDUs May react to received Loopback Control PDUs Is not permitted to send Variable Request or Loopback Control OAMPDUs Link monitoring process The Link Monitoring Process is used for detecting and indicating link faults under a variety of circumstances.
6 IEEE 802.3ah EFM-OAM • Critical Event: When a critical event occurs, the device is unavailable as a result of malfunction, and it is to be restarted by the user. The critical events can be sent immediately and continually. When the dying gasp or critical event occurs, the device driver will call a special API in the EFMOAM implementation. The link fault applies only when the physical sublayer is capable of independent transmission and reception.
IEEE 802.3ah EFM-OAM 6 Specifying the PDU rate To set the number of PDUs to be transmitted per second, use the pdu-rate command. The default value is 1. Brocade(config-link-oam) #pdu-rate 10 Syntax: [no] pdu-rate value The value parameter specifies the number of PDUs in the range of 1-10. The no form of the command restores the default value of 1.
6 IEEE 802.3ah EFM-OAM Defining remote failure actions By default, on receipt of a remote failure message, the device will only log the event. This can be changed to block an interface on receipt of a remote failure message. The commands below display the three events that the protocol supports.
IEEE 802.
6 IEEE 802.
IEEE 802.
6 Ping To show detailed OAM statistics, enter a command such as the following: Brocade#show link-oam statistics detail ports ethernet OAM statistics for Ethernet port: 1/1 Tx statistics information OAMPDUs: loopback control OAMPDUs: variable request OAMPDUs: variable response OAMPDUs: unique event notification OAMPDUs: duplicate event notification OAMPDUs: oranization specific OAMPDUs: link-fault records: critical-event records: dying-gasp records: Rx statistics information OAMPDUs: loopback control OAMPD
Ping 6 Executing ping The ping command, in the (Enable) mode, pings another device from the device. The device supports IP ping, which you can use to test connectivity to remote hosts. Ping sends an echo request packet to an address and waits for a reply. The device can execute multiple ping commands at the same time. If you can connect to the device via the console, or through an inbound telnet or SSH session, it should be possible to initiate a ping.
6 Ping The brief keyword causes ping test characters to be displayed. The following ping test characters are supported: ! Indicates that a reply was received. . Indicates that the network server timed out while waiting for a reply. U Indicates that a destination unreachable error PDU was received. I Indicates that the user interrupted ping. Executing ping VRF NOTE The Ping utilities have been enhanced by adding the ping vrf command in release 02.1.00 to help with management of Layer 3 VPNs.
Ping 6 The source ipv6-address parameter specifies an IPv6 address to be used as the origin of the ping packets. The count number parameter specifies how many ping packets the sends. You can specify from 1 4294967296. The default is 1. The timeout milliseconds parameter specifies how many milliseconds the waits for a reply from the pinged device. You can specify a timeout from 1 - 4294967296 milliseconds. The default is 5000 (5 seconds). The ttl number parameter specifies the maximum number of hops.
6 Trace route Trace route The trace route tool works by sending ICMP echo packets with varying IP Time-to-Live (TTL) values to the destination. You can use IP traceroute to identify the path that packets take through the network on a hop-by-hop basis. The command output displays all network layer devices, such as routers, through which the traffic passes on its way to the destination. The device can execute simultaneous traceroute commands from multiple inbound telnet or SSH sessions.
Trace-l2 protocol 6 Example Brocade# traceroute vrf blue 10.10.10.10 Syntax: traceroute vrf vrf-name ip-address The vrf vrf-name parameter is the name of the VRF for you want are running the traceroute. The vrf ip-address parameter is the IP address containing the VRF that you want to conduct a traceroute to. Executing traceroute IPv6 NOTE An IPv6 traceroute to an IPv6 local link address is not supported. The traceroute ipv6 command traces a path from a device that supports IPv6 to an IPv6 host.
6 Trace-l2 protocol For each hop in the path, trace-l2 displays its input/output port, L2 protocols of the input port, and the microsecond travel time between hop and hop. It also prints out the hops which form a loop, if any. Displaying L2 topology lets a user easily obtain information of all hops. Configuration considerations The configuration considerations are as follows: • Trace-l2 is enabled on the Brocade devices. It can be used to trace traffic only to devices.
IPv6 Traceroute over an MPLS network 6 The microsec column is the round trip time (sum of the time) to and from the previous hop. For example, 316 microsec for hop 1 is the time from the source to hop 1 and from hop 1 to the source. One way time is not available because the tracel2 protocol does not synchronize the clocks between hops. The comment column shows the Layer 2 protocol used on the input port. It could be the following: • • • • • • • • STP – spanning tree protocol RSTP – Rapid STP, 802.
6 IPv6 Traceroute over an MPLS network IPv6 traceroute behavior is similar to IPv4 traceroute. However, unlike IPv4 traceroute, IPv6 traceroute has a new 6PE label added during each hop across the MPLS cloud. Based on the IP header value, the node devices differentiate if the Internet Control Message Protocol version 6 (ICMPv6) echo request is from an IPv6 or IPv4 source device.
IPv6 Traceroute over an MPLS network 1 2 <1 ms <1 ms MPLS MPLS <1 ms MPLS MPLS <1 ms <1 ms 3 4 5 6 <1 ms <1 ms 2001:DB8:1::2 <1 ms <1 ms 2001:DC8:200::3 Label=1026 Exp=0 TTL=1 S=0 Label=794624 Exp=0 TTL=1 S=1 <1 ms <1 ms 2001:DD8:300::2 Label=1029 Exp=0 TTL=1 S=0 Label=794624 Exp=0 TTL=2 S=1 <1 ms <1 ms 2001:DE8:300::2 <1 ms <1 ms 2001:DB8:2::2 NOTE The traceroute output reports information on a traceroute packet only when its TTL equals 1.
6 IPv6 Traceroute over an MPLS network 3 <1 ms <1 ms <1 ms 2001:DD8:300::2 MPLS Label=1029 Exp=0 TTL=1 S=0 MPLS Label=794624 Exp=0 TTL=2 S=1 4. The fourth traceroute probe (TTL=4) is forwarded until it expires at the egress provider edge device PE2. PE2 drops the packet and generates a ttl-exceeded ICMPv6 message without label stack extension since there is no label stack to report. Traceroute reports only the IP address of PE2.
IPv6 Traceroute over an MPLS network 6 Syntax: [no] ipv6 icmp mpls-response [use-lsp] [no-label-extension] The mpls-response parameter enables the ICMPv6 traceroute response in default mode. The feature is enabled by default and configured to use IP routing to forward ICMP messages. The use-lsp parameter enables forwarding of ICMPv6 error messages along the LSPs configured for the MPLS domain. By default, using configured LSPs use is disabled.
6 LSP ping and traceroute LSP ping and traceroute Overview The LSP Ping and Traceroute feature provides Operation, Administration, and Maintenance (OAM) functionality for MPLS networks based up RFC 4379 (Detecting Multi-Protocol Label Switched (MPLS) Data Plane Failures). The LSP ping and traceroute functions provide a mechanism to detect MPLS data plane failure. LSP ping is used to detect data plane failure and to check the consistency between the data plane and the control plane.
LSP ping and traceroute 6 • Router Alert option is set. By default, the reply mode is set to 2 (reply by way of an IPv4 UDP packet), and you can set it to 1 (no reply) or 3 (reply by way of an IPv4 UDP packet with Router Alert option). The sender handle is set to an internally-generated, 32-bit number that is assigned to each ping or traceroute session when the ping or traceroute operation begins.
6 LSP ping and traceroute LSP ping TLVs Table 34 lists the TLVs defined in RFC 3479 that are included in an echo request and reply. TABLE 34 Show Cfm output descriptions TLV type TLV name TX in echo request TX in echo reply 1 Target FEC stack Yes No 2 Downstream mapping Yes if the dsmap option is set Yes for transit LSRs only if downstream mapping TLV is included in the MPLS Echo request.
LSP ping and traceroute 6 One-to-one Fast ReRoute (FRR) LSPs Similar to the redundant LSPs, a ping or traceroute on a one-to-one FRR LSP is performed on the active path. If a path switchover occurs while a ping or traceroute is in-progress, the echo request continues to be sent out on the old active path. This implies that the echo request sent after path switchover will time out.
6 LSP ping and traceroute PHP behavior Ping is transparent to the penultimate LSR. MPLS and IP TTL operations performed on a ping packet are the same as tor a regular data packet. In the default case where the MPLS TTL is copied into the IP TTL, the echo request packet can arrive at the egress LSR with an IP TTL value greater than 1. Consequently, in this situation, the IP Router Alert option is used to direct the echo request packet to the control plane for ping processing.
LSP ping and traceroute 6 Executing LDP LSP ping The LDP LSP ping command, sends an MPLS echo request from the ingress to the egress LSR. To perform the LDP LSP ping operation, use the following command. Brocade)# ping mpls ldp 10.22.22.22 Send 5 80-byte MPLS Echo Requests for LDP FEC 10.22.22.22/32, timeout 5000 msec Type Control-c to abort !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max=0/1/1 ms.
6 LSP ping and traceroute Executing RSVP LSP ping The RSVP ping command in the (enable) mode, sends an MPLS echo request from the ingress to the egress LSR. To perform the RSVP LSP ping operation, use the following command. Brocade# ping mpls rsvp lsp toxmr2frr-18 Send 5 92-byte MPLS Echo Requests over RSVP LSP toxmr2frr-18, timeout 5000 msec Type Control-c to abort !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max=0/1/5 ms.
LSP ping and traceroute 6 The standby option directs the ping operation to the secondary path of a redundant LSP that is operationally up. The timeout option specifies an interval in milliseconds for the echo request message. The default timeout is 5 seconds. The maximum timeout value is 5 minutes. Executing LDP LSP traceroute The LDP LSP traceroute command in the (enable) mode, sends and MPLS echo request from the ingress to the egress LSR.
6 LSP ping and traceroute The timeout option specifies an interval in milliseconds for the echo request message. The default timeout is 5 seconds. The maximum timeout value is 5 minutes. The nexthop specifies the nexthop IPv4 address to send the OAM request to. If an address that does not match the outgoing path for the tunnel is given, following error message appears as response: Traceroute fails: LDP next-hop does not exist.
LSP ping and traceroute 6 The source option specifies the IP address of any interface. This address is used as the destination address for the echo reply address. The default address is the LSR ID. The standby option directs the traceroute operation to the secondary path of a redundant LSP that is operationally up. The timeout option specifies an interval in milliseconds for the echo request message. The default timeout is 5 seconds. The maximum timeout value is 5 minutes.
6 LSP ping and traceroute Brocade # clear mpls statistics oam Syntax: clear mpls statistics oam 220 Multi-Service IronWare Administration Guide 53-1003028-02
CFM monitoring for ISID 6 CFM monitoring for ISID • ISID is configured in edge devices (BEB) of a PBB network. • CFM is configured for ISID in a BEB and is monitored between BEBs. • The CCM interval for the sub-second timer is supported for CER with PBIF version 0x56 and greater. • Loopback, Link trace, and delay measurement messages are supported for ISID. • MIP functionality is not applicable for ISID.
6 CFM monitoring for ISID Brocade_BEB_2(config)#interface ethernet 1/2 Brocade_BEB_2(config-if-e1000-1/2)#enable Brocade_BEB_2(config-if-e1000-1/2)#port-type backbone-network Brocade_BEB_2(config)#esi isid_1 encapsulation isid Brocade_BEB_2(config-esi-isid_esi_1)#isid 2000 Brocade_BEB_2(config)# esi bvlan_1 encapsulation bvlan Brocade_BEB_2(config-esi-bvlan_1)#vlan 200 Brocade_BEB_2(config-esi-bvlan_1-vlan-200)#tagged ethernet 1/2 Brocade_BEB_2(config-esi-bvlan_1)#esi-client isid_esi_1 Brocade_BCB(config
CFM monitoring for ISID ETH-AIS RX: DISABLED ETH-AIS Interval: 10 sec MEP Direction MAC ==== ========= ============ 1 DOWN 0000.0011.86d1 Brocade_BEB_2#show cfm Domain: ISID_domain Index: 1 Level: 3 Maintenance association: ISID_2000 Ma Index: 1 CCM interval: 1000 ms ESI isid_1 ISID : 2000 Priority: 7 ETH-AIS TX: DISABLED ETH-AIS RX: DISABLED ETH-AIS Interval: 10 sec MEP Direction MAC ==== ========= ============ 2 DOWN 0000.00ef.
6 CFM monitoring for ISID Loopback Messages CFM loopback Use the cfm loopback command to display loopback messages. Syntax: cfm loopback domain domain-name ma ma-name src-mep ID target-mep ID The following output shows the Loopback messages. Brocade_BEB_1#cfm loopback domain ISID_domain ma ISID_2000 src-mep 1 target-mep 2 DOT1AG: Sending 10 Loopback to 0000.00ef.2a0b, timeout 10000 msec Type Control-c to abort Reply from 0000.00ef.2a0b: time=1ms Reply from 0000.00ef.2a0b: time<1ms Reply from 0000.00ef.
CFM monitoring for ISID 6 Reply from 0000.00ef.2a0b: time= 35.400 us Reply from 0000.00ef.2a0b: time= 35.115 us Reply from 0000.00ef.2a0b: time= 35.265 us Reply from 0000.00ef.2a0b: time= 35.040 us Reply from 0000.00ef.2a0b: time= 35.265 us Reply from 0000.00ef.2a0b: time= 35.190 us Reply from 0000.00ef.2a0b: time= 35.325 us Reply from 0000.00ef.2a0b: time= 35.280 us Reply from 0000.00ef.2a0b: time= 35.205 us sent = 10 number = 10 A total of 10 delay measurement replies received.
6 CFM monitoring for ISID Sample Link MA configuration The following sample configuration shows the Link Monitoring between DUT1 and DUT2. It also shows the Link Monitoring between DUT2 and DUT3.
CFM monitoring for ISID ETH-AIS RX: DISABLED ETH-AIS Interval: 10 sec MEP Direction MAC PORT ==== ========= ========= ======== 3 DOWN 0000.0011.6351 ethe 1/1 4 DOWN 0000.0011.634b ethe 1/2 Brocade_DUT_3#show cfm Domain: d7 Index: 1 Level: 7 Maintenance association: link Ma Index: 1 CCM interval: 1000 ms LINK MA ID: N/A Priority: 7 ETH-AIS TX: DISABLED ETH-AIS RX: DISABLED ETH-AIS Interval: 10 sec MEP Direction MAC PORT === ========= ========= ==== 1 DOWN 0000.00ef.
6 CFM monitoring for ISID 1 2 0000.00ef.2a0b 0000.0011.86d1 N/A N/A 799 796 1/1 1/2 1 1 OK OK None None Brocade_DUT_3#show cfm connectivity Domain: d7 Index: 1 Level: 7 Maintenance association: link MA Index: 1 CCM interval: 1000 ms LINK MA ID: N/A Priority: 7 ETH-AIS TX: DISABLED ETH-AIS RX: DISABLED ETH-AIS Interval: 10 sec RMEP MAC VLAN/PEER AGE PORT SLOTS STATE AIS_STATE ==== ===== ======== ========== ==== ======== ========= ======== ========= 4 0000.0011.
CFM monitoring for ISID 6 Port status TLV • Port status TLV is carried in every CCM message and it carries the state of transmitting port • The state can be either 1 or 2 • 2 – Port state is Forwarding • 1 - Port state other than Forwarding • Port status TLV is supported for sub-second timers from PBIF version 0x56 onwards • Port status TLV is supported for all type of VLANs • CVLAN, SVAN, ISID and BVLAN • Port status TLV is not applicable for Link MA Configuring Port Status TLV Port status TLV is option
6 CFM monitoring for ISID Brocade_DUT_1#show cfm Domain: customer Index: 1 Level: 7 Maintenance association: admin Ma Index: 1 CCM interval: 1000 ms VLAN ID: 100 Priority: 7 MEP Direction MAC === ========= ========= 1 DOWN 0000.0011.86d1 PORT ======== ethe 1/1 PORT-STATUS-TLV =============== Y Brocade_DUT_3#show cfm Domain: customer Index: 1 Level: 7 Maintenance association: admin Ma Index: 1 CCM interval: 1000 ms VLAN ID: 100 Priority: 7 MEP Direction MAC ==== ========= ========= 2 DOWN 0000.00ef.
CFM monitoring for ISID 6 Remote Defect Indication Remote Defect Indication (RDI) is a single bit, is carried by CCM to convey the MEPs in MA about reception of CCM messages by receiving MEPs (RMEP) • The absence of RDI in a CCM indicates that the transmitting MEP is receiving CCMs from all remote MEPs • The presence of RDI indicates that transmitting MEP is not receiving CCM from one or more RMEPs (one or more RMEP failed is in state) attached to the MEP.
6 CFM monitoring for ISID Show commands The following show commands provide output for each component of the sample configuration. Show cfm connectivity Assume link between DUT 2 and 4 goes down. RMEP(DUT4‘s MEP) will get failed in DUT1 and DUT3. At this time DUT1 and 2 will start transmitting CCM with RDI bit set since RMEP has failed.
Frame Loss Measurement 6 Frame Loss Measurement The Frame Loss Measurement feature (ETH-LM) maintains counters of received and transmitted data frames between a pair of MEPs. These counters are used to calculate the frame loss ratio. Only single-ended ETH-LM, which is used for on-demand OAM, is supported. An MEP sends frames with an ETH-LM request information to its peer MEP and receives frames with ETH-LM reply information from its peer MEP to perform loss measurement.
6 Frame Loss Measurement • As the measurement is performed in the LP, LMM functionality is not supported over LAG, if member ports are from multiple slots. Loss will be measured only the ports on the same slot. • If any ACLS are dropped on the same port or vport, the packets matching those ACLs will not be counted or taken into account as the LMM ACLs will be listed below the layer 2 ACLs. • Protocol packets or packets trapped to CPU are not counted.
Frame Loss Measurement 6 Monitor LMM daily for fixed interval of time The LMM can be configured to start daily at any fixed time and stop after some period of time (more than the start time). The frame loss ratio will be calculated after every measurement interval configured and can be viewed whenever required. This use case will be useful whenever the administrator wants to measure daily at particular time interval.
6 Frame Loss Measurement 6. LMM session threshold configuration Brocade(config-cfm-loss-measurement-lmm-initiator-1)#threshold forward average 5000 maximum 10000 Brocade(config-cfm-loss-measurement-lmm-initiator-1)#threshold backward average 5000 maximum 10000 Syntax: threshold forward | backward average value maximum value LMM responder session configuration Use the following procedure to configure the LMM responder session. 1. LMM responder session creation.
Frame Loss Measurement 6 HH:MM:SS starts the session at the indicated time. HH:MM:SS daily starts the session at the indicated time every day. No configuration changes are supported once the session is started or triggered. Only the "Stop now" configuration is allowed which stops the session. Session will not start if the target MEP not available. Session will be started, only if the target MEP is in FAILED state or OK state.
6 Frame Loss Measurement BrocadeCE-2(config-cfm-loss-measurement-lmm-responder-1)#domain md1 ma ma1 src-mep 4 target-mep 3 BrocadeCE-2(config-cfm-loss-measurement-lmm-responder-1)#Cos 2 Configuration example for VPLS tagged endpoints PE-1 Configuration (Initiator) BrocadePE-1(config-cfm)# loss-measurement lmm initiator 1 BrocadePE-1(config-cfm-loss-measurement-lmm-initiator-1)#domain md1 ma ma1 src-mep 3 target-mep 4 BrocadePE-1(config-cfm-loss-measurement-lmm-initiator-1)#Cos 2 BrocadePE-1(config-cfm-lo
Frame Loss Measurement 6 Starting LMM Sessions Start the responder before starting the initiator. CE-2 Configuration BrocadeCE-2(config)# cfm BrocadeCE-2(config-cfm)# loss-measurement lmm responder 1 BrocadeCE-2(config-cfm-loss-measurement-lmm-responder-1)#start now CE-1 Configuration BrocadeCE-1(config)# cfm BrocadeCE-1(config-cfm)# loss-measurement lmm initiator 1 BrocadeCE-1(config-cfm-loss-measurement-lmm-initiator-1)#start now Stopping LMM Sessions Stop the initiator before stopping the responder.
6 One-way Delay Measurement : Y.1731: The LMM session started for MA index 1, MD index 1, MEP id 2 Session index 1 When the LMM session stopped : Y.1731: The LMM session started for MA index 1, MD index 1, MEP id 2 Session index 1 When the Average Frame Loss Ratio greater than Threshold Average Frame Loss Ratio : Y.1731: The LMM session for MA index 1, MD index 1, MEP id 2 Session index 1 has crossed the forward average threshold value, with value 35000.
One-way Delay Measurement 6 • There can be maximum 16 one-way delay measurement sessions (8 Initiator sessions and 8 Receiver sessions) which can be active per MEP. • The one-way delay measurement receiver session should be started before starting the initiator session. Otherwise, the one-way delay measurement packets will be dropped at the receiver, which may lead to inaccurate results.
6 One-way Delay Measurement One-way Delay Measurement over VPLS One-way delay measurement can be done over VPLS where CFM is configured. In this use case, CFM should be enabled and the up MEP should be configured on the VPLS end-points which should be monitored. One-way delay measurement can be configured on the end-points for periodic measurements irrespective of the CFM connectivity. Ensure CFM connectivity is up and running before the one-way delay measurement session is actually started.
One-way Delay Measurement 6 Monitor one-way delay daily for fixed interval of time In this case, the one-way delay measurement can be configured to start daily at any fixed time and stop after some period of time. The one-way delay will be calculated after receiving each one-way delay measurement packet and delay statistics will be calculated for every measurement interval configured. It can be viewed whenever required.
6 One-way Delay Measurement Syntax: vpls vpls-name id Syntax: vlan vlan-id Syntax: tagged ethernet slot/port CFM Configuration 1. Enable CFM. Brocade(config)#cfm-enable Brocade(config-cfm)# Syntax: cfm-enable 2. Configure the domain. Brocade(config)#cfm-enable Brocade(config-cfm)#domain-name md1 level 7 Brocade(config-cfm-md-md1)# Syntax: domain-name md_name id id level level 3. Configure MA.
One-way Delay Measurement 6 Ma_name - Maintenance Association Name Src-Mep ID - Source MEP Target-MEP ID - Destination MEP 2. One-way delay measurement initiator session configuration Brocade (config-cfm-oneway-dm-initiator-1)# cos 4 Brocade (config-cfm-oneway-dm-initiator-1)# tx-interval 10 Syntax: cos value Syntax: tx-interval sec Cos (value) - Priority Value (1-7) (optional - Default value 7) Tx-interval - Interval value in seconds (1, 10, 60, 600) (optional - Default value 1 second).
6 One-way Delay Measurement The example above will be started exactly at 09:30 AM. c. Start 1DM Receiver Session daily at given time. DUT (config-cfm-oneway-dm-receiver-1)# start 09:30:00 daily The example above will be started daily exactly at 09:30 AM. Starting the one-way delay measurement session initiator A session can be started immediately, after a specified amount of time, once at a specific time, or a specific time daily.
One-way Delay Measurement 6 CE-2 configuration CE-2(config)# interface ethernet 1/1 CE-2(config-if-e10000-1/1)# enable CE-2(config-if-e10000-1/1)# exit CE-2(config)# vlan 10 CE-2(config-vlan-10)# tagged ethernet 1/1 CFM configurations: CE-1 configuration CE-1(config)# cfm-enable CE-1(config-cfm)# domain md1 level 7 CE-1(config-cfm-md-md1)# ma ma1 vlan 10 priority 4 CE-1(config-cfm-md-md1-ma-ma1)# mep 1 down port ethernet 1/1 CE-2 configuration CE-1(config)# cfm-enable CE-1(config-cfm)# domain md1 level
6 One-way Delay Measurement Sample Configuration one-way delay measurement over VPLS VPLS Configurations: PE-1 Configuration PE-1(config)# interface ethernet 1/1 PE-1(config-if-e10000-1/1)# enable PE-1(config-if-e10000-1/1)# exit PE-1(config)# router mpls PE-1(config-mpls)# vpls vpls100 100 PE-1(config-mpls-vpls-vpls100)# vlan 10 PE-1(config-mpls-vpls-vpls100-vlan-10)# tagged ethernet 1/1 PE-1(config-mpls-vpls-vpls100-vlan-10)# end PE-2 Configuration PE-2(config)# interface ethernet 1/1 PE-2(config-if-e1
One-way Delay Measurement 6 CE-2(config-cfm)# oneway-dm receiver 2 CE-2 (config-cfm-oneway-dm-receiver-2)# domain md1 ma ma1 src-mep 2 target-mep 1 CE-2 (config-cfm-oneway-dm-receiver-2)# measurement-interval 10 Starting one-way delay measurement sessions: CE-2 Configuration CE-2 (config-cfm-oneway-dm-receiver-2)# start now CE-1 Configuration CE-1(config-cfm-oneway-dm-initiator-1)# start now Stopping one-way delay measurement sessions: CE-2 Configuration CE-2 (config-cfm-oneway-dm-receiver-2)# stop now
6 One-way Delay Measurement NOTE The statistics command is valid only for receiver session Indices. An error will occur for initiator session indices. The following information will be displayed in the show command output: Brocade# show cfm oneway-dm statistics HISTORY TABLE : Flag - S:Suspect, All measurements are in us unit.
Synthetic loss measurement 6 SYSLOG:
6 Synthetic loss measurement • Synthetic loss measurement should not be configured over VLAN untagged ports in the case of a regular VLAN. • When COS 8 is used on an initiator and responder, a cos value is randomly chosen between 0-7 before transmission of an Synthetic loss measurement (SLM) packet. On the responder side, all SLM packets for the target MEP are accounted for session 8 by ignoring the COS. Similar handling is present for Synthetic Loss Reply (SLR) processing.
Synthetic loss measurement 6 DUT(config-cfm-loss-measurement-slm-initiator-1)# tx-interval 1 Syntax: measurement-interval interval Interval - is used to configure SLM Measurement interval (default- 15min).
6 Synthetic loss measurement DUT2 Configuration DUT2(config)# cfm DUT2(config-cfm)# loss-measurement slm responder 1 DUT2(config-cfm-loss-measurement-slm-responder-1)#domain md1 ma ma1 src-mep 4 target-mep 3 DUT2(config-cfm-loss-measurement-slm-responder-1)#cos 2 Starting synthetic loss measurement sessions: NOTE Start the synthetic loss measurement (SLM) session on the responder side before the initiator.
Synthetic loss measurement 6 Sample configuration - synthetic loss measurement over VPLS VPLS Configurations: LER1 Configuration LER1(config)# router mpls LER1(config-mpls)# vpls vpls100 100 LER1(config-mpls-vpls-vpls100)# vlan 10 LER1(config-mpls-vpls-vpls100-vlan-10)# tagged ethernet 1/1 LER1(config-mpls-vpls-vpls100-vlan-10)# end LER2 Configuration LER2(config)# router mpls LER2(config-mpls)# vpls vpls100 100 LER2(config-mpls-vpls-vpls100)# vlan 10 LER2(config-mpls-vpls-vpls100-vlan-10)# tagged ethern
6 Synthetic loss measurement Starting synthetic loss measurement sessions: LER2 Configuration (Responder) LER2(config)# cfm LER2(config-cfm)# cfm loss-measurement slm responder 1 LER2(config-cfm-loss-measurement-slm-responder-1)#start now LER1 Configuration (Initiator) LER1(config)# cfm LER1(config-cfm)# cfm loss-measurement slm initiator 1 LER1(config-cfm-loss-measurement-slm-initiator-1)#start now Stopping synthetic loss measurement sessions: NOTE Stop the initiator before stopping the responder.
Synthetic loss measurement 6 LER1 Configuration (Initiator) LER1(config)# cfm LER1(config-cfm)# cfm loss-measurement slm initiator 1 LER1(config-cfm-loss-measurement-slm-initiator-1)#start now Stopping synthetic loss measurement sessions: NOTE Stop the initiator before stopping the responder.
6 Synthetic loss measurement TABLE 35 show cfm loss-measurement slm output Row Definition Session Type initiator or responder Domain domain name MA ma name Source MEP source mep id Target MEP target mep id or RMEP COS data priority loss in which needs to be monitored Start time Configured start time Start time type Immediate, relative, fixed, periodic Stop time configured stop time Stop time type Immediate, relative, fixed, periodic Tx interval (sec) transmission interval in sec,
Synthetic loss measurement 6 FLR(ratio) Min : 0.00000 FLR(ratio) Avg : 0.00000 BLR(ratio) Max : 0.00000 BLR(ratio) Min : 0.00000 BLR(ratio) Avg : 0.
6 Synthetic loss measurement Syslog messages Syslogs will be raised for the following cases: When the SLM session started : SLM Session started for Session Index When the SLM session stopped : SLM Session stopped for Session Index When the Average Frame Loss Ratio greater than Threshold Average Frame Loss Ratio for both forward and backward case. : SLM Average FLR greater than Threshold Average FLR .
Chapter 7 Network Time Protocol TABLE 36 Supported platforms for NTPs Features supported Brocade NetIron XMR Brocade MLX Series Brocade NetIron CES 2000 Series BASE package Brocade NetIron CES 2000 Series ME_PREM package Brocade NetIron CES 2000 Series L3_PREM package Brocade NetIron CER 2000 Series Base package Brocade NetIron CER 2000 Series Advanced Services package Network Time Protocol Yes Yes Yes Yes Yes Yes Yes Network Time Protocol (NTP) overview Network Time Protocol (NTP) main
7 Network Time Protocol (NTP) overview FIGURE 15 NTP sample network configuration Stratum 1 Network Device Stratum 4 Network Device GPS Clocking Source Time Source (Stratum 0) Stratum 5 BR NI MLX Stratum 7 Network Device Stratum 6 BR NI CER Stratum 7 BR NI CER Server Linux PC Stratum 7 BR NI XMR Server-client association Linux PC Peer association Connection over the network 262 Multi-Service IronWare Administration Guide 53-1003028-02
How NTP works 7 How NTP works NTP server A NTP server will provide the correct network time on your device using the Network time protocol (NTP). Network Time Protocol can be used to synchronize the time on devices across a network. A NTP time server is used to obtain the correct time from a time source and adjust the local time in each connecting device. The NTP server can operate in master mode to serve time using the local clock, when it has lost synchronization.
7 How NTP works NTP broadcast client An NTP broadcast or multicast client listens for NTP packets on a broadcast or multicast address. When the first packet is received, it attempts to quantify the delay to the server in order to better quantify the correct time from later broadcasts. This is accomplished by a series of brief interchanges where the client and server act as a regular (non-broadcast) NTP client and server.
Configuring NTP 7 Synchronizing time After the system peer is chosen, the system time is synchronized using one of the following ways based on the time difference with system peer: < 128 msec - The system clock is adjusted slowly towards the system peer time reference time. > 128 msec and < 1000 sec - The system clock is stepped to the system peer reference time and the NTP state information is cleared. > 1000 sec - NTP is operationally disabled. The admin should set the time to the current UTC time.
7 Configuring NTP Enabling NTP authentication To enable Network Time Protocol (NTP) strict authentication, use the authenticate command. To disable the function, use the no form of this command. Brocade(config-ntp)# authenticate Syntax: [no] authenticate Defining an authentication key To define an authentication key for Network Time Protocol (NTP), use the authentication-key command. To remove the authentication key for NTP, use the no form of this command.
Configuring NTP 7 Enable or disable the VLAN containment for NTP To enable or disable the VLAN containment for NTP, use the access-control vlan command. To remove the specified NTP VLAN configuration, use the no form of this command. NOTE The management interface is not part of any VLAN. When configuring the VLAN containment for NTP, it will not use the management interface to send or receive the NTP packets.
7 Configuring NTP Configuring the NTP peer To configure the software clock to synchronize a peer or to be synchronized by a peer, use the peer command. A maximum of 8 NTP peers can be configured. To disable this capability, use the no form of this command. Brocade(config-ntp)# peer 10.2.3.
Configuring NTP 7 Configuring the broadcast client To configure a device to receive Network Time Protocol (NTP) broadcast messages on a specified interface, use the broadcast client command. NTP broadcast client can be enabled on maximum of 16 ethernet interfaces. If the interface is operationally down or NTP is disabled, then NTP broadcast server packets are not received. To disable this capability, use the no form of this command.
7 Show commands Configuring the master To configure the Multi-Service IronWare as a Network Time Protocol (NTP) master clock to which peers synchronize themselves when an external NTP source is not available, use the master command. The master clock is disabled by default. To disable the master clock function, use the no form of this command. NOTE This command is not effective, if the NTP is enabled in client-only mode.
Show commands TABLE 37 7 show ntp status command output descriptions Field..... Description..... synchronized Indicates the system clock is synchronized to NTP server or peer. stratum Indicates the stratum number that this system is operating. Range 2..15. reference IPv4 address or first 32 bits of the MD5 hash of the IPv6 address of the peer to which clock is synchronized. precision Precision of the clock of this system in Hz. reference time Reference time stamp.
7 Show commands TABLE 38 show ntp associations command output descriptions Field..... Description..... * The peer has been declared the system peer and lends its variables to the system variables. # This peer is a survivor in the selection algorithm. + This peer is a candidate in the combine algorithm. - This peer is discarded as outlier in the clustering algorithm. x This peer is discarded as falseticker in the selection algorithm. ~ The server or peer is statically configured.
Show commands 7 ref ID 10.45.57.38, time d288de7d.690ca5c7 (10:33:33.1762436551 Pacific Tue Dec 06 2011) our mode client, peer mode server, our poll intvl 10, peer poll intvl 10, root delay 0.02618408 msec, root disp 0.10108947, reach 3, root dist 0.23610585 delay 0.92163588 msec, offset 60.77749188 msec, dispersion 70.33842156, precision 2**-16, version 4 org time d288defa.b260a71f (10:35:38.2992678687 Pacific Tue Dec 06 2011) rcv time d288defa.a2efbd41 (10:35:38.
7 Show commands TABLE 39 show ntp associations detail command output descriptions Field..... Description..... version Peer NTP version number org time Originate time stamp of the last packet. rcv time Receive time stamp of the last packet. xmt time Transmit time stamp of the last packet. filter delay Round-trip delay in milliseconds of last 8 samples. filter offset Clock offset in milliseconds of last 8 samples.
Show commands 7 NTP interface context for broadcast server or client mode Sample CLI command enter the NTP interface context. Brocade(config)#int management 1 Brocade(config-if-mgmt-1)#ip address 10.20.99.173/24 Brocade(config-if-mgmt-1)#ntp Brocade(config-ntp)# ntp-interface management 1 Brocade(config-ntp-mgmt-1)# broadcast destination 10.23.45.128 Brocade(config-ntp)# ntp-interface ethernet 1/3 Brocade(config-ntp-if-e1000-1/3)# broadcast destination 10.1.1.
7 276 Show commands Multi-Service IronWare Administration Guide 53-1003028-02
Chapter 8 Network Configuration Protocol Table 40 displays the individual Brocade devices and the NETCONF features they support.
8 NETCONF in client/server architecture NETCONF can be conceptually partitioned into four layers, as shown in Figure 16. FIGURE 16 Four layers of NETCONF Platforms NETCONF is supported on the Brocade MLX series, Brocade NetIron XMR, Brocade NetIron CER, and Brocade NetIron CES devices. Related documentation For detailed information about NETCONF, refer to RFC 4741. For detailed information about using the NETCONF protocol over the Secure Shell (SSH), refer to RFC 4742.
NETCONF in client/server architecture FIGURE 17 8 NETCONF communication The communication between the client and server consists of a series of alternating request and reply messages. The NETCONF peers use and elements to provide transport protocol-independent framing of NETCONF requests and responses. The NETCONF server processes the RPC requests sequentially in the order in which they are received.
8 NETCONF in client/server architecture RPC and error handling If the RPC request fails, an element, the first detected error, is encoded inside the element and sent to the client. The server is not required to detect or report multiple errors. If the server detects multiple errors then the order of the error detection and reporting is at the discretion of the server.
Basic NETCONF operations TABLE 42 8 NETCONF operations and privilege levels Operations NETCONF_PRIVILEGE_LEVEL_0 NETCONF_PRIVILEGE_LEVEL_5 Yes No Yes Yes Recommendations for NETCONF • Use an authentication method to secure the underlying SSH session and to prevent any unauthorized access. • Use a NETCONF client to generate the RPCs. If you have manually written the XML requests, recycling the XML from a successful request is recommended.
8 Basic NETCONF operations After sending the hello message, the server starts the hello timer (default is 600 seconds) and waits for the hello message from the client. If no hello message is received by the server before the hello timer expires, the server aborts the NETCONF session by closing the underlying SSH session. The NETCONF server must include the element, which contains the unique session value for the NETCONF session, in the element.
Basic NETCONF operations 8 NOTE Other capabilities, including Candidate Configuration Capability, Confirmed Commit Capability, and Validate Capability, are not supported. operation The NETCONF operation retrieves the devices and the state data, or a filtered subset of the data. If the device can satisfy the request, the server sends an element containing a element with the results of the query.
8 Basic NETCONF operations ]]>]]> scriptlsp1001 10.0.0.
Basic NETCONF operations 8 ]]>]]> PAGE 3048 Basic NETCONF operations ethernet 1/20 ]]>]]> PAGE 305Basic NETCONF operations 8 Parameters The parameters used for are as follows: • source: Name of the configuration data store being queried, such as . Only running configuration data store is supported. • filter: Specifies the portions of the device configuration to retrieve. If this parameter is not present, no configuration is returned. The filter parameter must contain a type attribute. This attribute indicates the type of filtering syntax used within the filter parameter.
8 Basic NETCONF operations 3600 43200 44736 6312 1544 example2 examplelsp2 10.99.10.
Basic NETCONF operations 8 ]]>]]> PAGE 3088 Basic NETCONF operations ]]>]]> management 1 10.20.99.
Basic NETCONF operations 8 ethernet 1/5 auto ethernet 1/6
8 Basic NETCONF operations ethernet 1/11 auto ethernet 1/12
Basic NETCONF operations 8 ethernet 1/17 auto ethernet 1/18
8 Basic NETCONF operations ethernet 1/23 auto ethernet 1/24
Basic NETCONF operations 8 operation The NETCONF operation loads all the configurations into the specified target configuration. Elements in the subtree may contain an operation attribute. The attribute identifies the point in the configuration to perform the operation and might appear on multiple elements throughout the subtree. The operation attribute contains any one of the following values: merge, replace, create, delete.
8 Basic NETCONF operations ]]>]]> The following is an example for an operation for VLAN configuration. PAGE 315Basic NETCONF operations 8 ]]>]]> Error handling The error-option element contains the stop-on-error value. The stop-on-error value aborts the edit-config operation on the first error. All the configuration items before the error are already applied on the system. This is the default error option. After receiving the complete edit-config RPC, the configuration items specified in the XML are applied sequentially as per the order specified in the YANG.
8 Basic NETCONF operations Configuring session hello-timeout A NETCONF session hello-timeout indicates the number of seconds a session waits before the hello message is received from the NETCONF client. A session is dropped if no hello message is received before the specified number of seconds elapses. If this parameter is set to zero, the server never drops a session. NOTE Setting the NETCONF session hello-timeout value to zero permits denial of service attacks.
Basic NETCONF operations TABLE 43 8 NETCONF server parameters Field Description server status The admin status (enabled or disabled) of the NETCONF server. Also displays the SSH status, when SSH is not enabled. Port The NETCONF server port number. Transport The NETCONF transport (currently only SSH is supported). Start Time The time at which the NETCONF subsystem is started. Max allowed sessions The maximum number of simultaneous NETCONF sessions supported by the server.
8 Basic NETCONF operations TABLE 44 NETCONF session parameters Field Description Session Id The unique identification value for the NETCONF session. SSH session Id The unique identification value for the SSH session. Username The authenticated SSH user name. The value is for public key authentication. Login time The time at which the session is established. Client Ip Address The IP address of the NETCONF client.
Data models and mapping 8 System limitations for NETCONF The following are the system limitations for NETCONF. • Only one NETCONF session is supported at a time. Any new NETCONF connection requests are rejected after the first session is established. • Only the configuration data store is supported. • The configuration data store displays the commands that are currently supported by NETCONF. • • • • The NETCONF notifications are not supported.
8 Data models and mapping The following code example shows the structure of a header statement, along with linkage and meta information, which contains contact information and a high-level description of the module. module netiron-config { namespace "http://brocade.com/ns/netconf/config/netiron-config/"; prefix "brcd"; include include include include common-defs; vlan-config; interface-config; mpls-config; organization "Brocade Communications Inc.
Chapter 9 Foundry Direct Routing and CAM Partition Profiles for the NetIron XMR and the Brocade MLX Series Table 46 displays the individual devices and the Foundry Direct Routing (FDR) and CAM Partition features they support.
9 CAM partition profiles The CAM mode for IPv6 routes can be configured to host. You can set the CAM mode to host by using the following command. Brocade(config)# cam-mode ipv6 host You must reload the device for this command to take effect. Syntax: [no] cam-mode ipv6 host The host parameter programs the complete 128 bit IPv6 address into the CAM. Configuring IPv6 host drop CAM limit To limit the usage of CAM by IPV6 hosts with unresolved ND, enter the ipv6 max-host-drop-cam command.
CAM partition profiles 9 The l2-metro parameter adjusts the CAM partitions, as described in Table 47 for Brocade NetIron XMR and Table 48 for Brocade MLX series routers, to optimize the device for Layer 2 Metro applications. The l2-metro-2 parameter provides another alternative to l2-metro to optimize the device for Layer 2 Metro applications. It adjusts the CAM partitions, as described in Table 47 for Brocade NetIron XMR and Table 48 for Brocade MLX series routers.
9 CAM partition profiles TABLE 47 306 CAM partitioning profiles available for Brocade NetIron XMR routers Profile IPv4 IPv6 MAC or VPLS MAC IPv4 VPN IPv6 VPN IPv4 or L2 Inbound ACL IPv6 Inbound ACL IPv4 or L2 Outbound ACL IPv6 Outbound ACL Default Profile Logical size: 512K Logical size: 64K Logical size: 128K Logical size: 128K 0 Logical size: 48K Logical size: 4K Logical size: 48K Logical size: 4K ipv4 Profile Logical size: 1M 0 Logical size: 32K 0 0 Logical size: 112K 0 L
CAM partition profiles TABLE 47 9 CAM partitioning profiles available for Brocade NetIron XMR routers (Continued) Profile IPv4 IPv6 MAC or VPLS MAC IPv4 VPN IPv6 VPN IPv4 or L2 Inbound ACL IPv6 Inbound ACL IPv4 or L2 Outbound ACL IPv6 Outbound ACL ipv4-ipv6 Profile Logical size: 320K Logical size: 160K Logical size: 32K 0 0 Logical size: 48K Logical size: 20K Logical size: 32K Logical size: 8K ipv4-vpls Profile Logical size: 320K 0 Logical size: 480K 0 0 Logical size: 64K 0 L
9 CAM partition profiles TABLE 48 CAM partitioning profiles available for Brocade MLX Series routers Profile IPv4 IPv6 MAC or VPLS MAC IPv4 VPN IPv6 VPN IPv4 or L2 Inbound ACL IPv6 Inbound ACL IPv4 or L2 Outbound ACL IPv6 Outbound ACL mpls-vpnvpls Profile Logical size: 64K 0 Logical size: 112K Logical size: 192K 0 Logical size: 24K 0 Logical size: 64K 0 ipv4-vpn Profile Logical size: 160K 0 16K Logical size: 224K 0 Logical size: 32K 0 Logical size: 64K 0 l2-metro2 Profile
CAM partition profiles Profile IPv4 IPv6 MAC or VPLS MAC IPv4 VPN IPv6 VPN IPv4 or L2 Inbound ACL IPv6 Inbound ACL IPv4 or L2 Outbound ACL IPv6 Outbound ACL multiservice Profile 64K 8K 80K 64K 0 16K 4K 32K 8K multiservice-2 Profile 192K 16K 32K 32K 0 24K 2K 48K 4K multiservice-3 Profile 64K 8K 32K 48K 32K 16K 4K 32K 8K multiservice-4 Profile 198K 8K 32K 48K 32K 16K 4K 32K 8K mpls-vpnvpls Profile 64K 0 80K 96K 0 24K 0 64K 0 ipv4-vpn Profile 96K 0
9 CAM partition profiles TABLE 50 CAM partitioning profiles available for the BR-MLX-100Gx2-X modules Profile IPv4 Note: All IPv4 values listed are when operating in double density mode IPv6 MAC or VPLS MAC IPv4 VPN IPv6 VPN L2 Inbound ACL IPv4 Inbound ACL IPv6 Inbound ACL IPv4 or L2 Outbound ACL IPv6 Outbound ACL Default Profile 512K 64K 160K 256K 0 16K 96K 16K 48K 8K ipv4 Profile 1024K 0 160K 0 0 16K 128K 0 64K 0 ipv6 Profile 64K 240K 160K 0 0 16K 32K 48K 16K
CAM partition profiles TABLE 51 9 CAM partitioning profiles available for the BR-MLX-10GX24-DM modules Profile IPv4 IPv6 MAC IPv4 VPN IPv4 IPv6 ACL/ VPN MCAST VPLS IPv6 DAVC IPv6 ACL OUT ACL OUT_ IPv6 ACL Src_ Ingrs Chk MCAST VPLS OUT_ LBL ACL SRVC LKUP L2 ACL Default Profile 128K 16K 128K 32K 48K 0 0 16K 48K 8K 0 NA NA 64K 16K ipv4 Profile 256K 0 128K 0 80K 0 0 0 64K 0 0 NA NA 64K 16K ipv6 Profile 32K 56K 128K 0 16K 0 0 32K 16K 24K 0 NA NA 64
9 CAM partition profiles Supernet CAM partition sharing As of 3.2.00 code and later, TCAM sharing within a particular CAM Section is now supported. For example: In Multi-Service IronWare software prior to version 03.2.00, the TCAM resources could not be shared between the 32 levels of the IP Forwarding Information Base (FIB). Beginning with version 03.2.00, TCAM allocation is optimized to allow dynamic allocation of resources to each level within a particular resource pool.
CAM partition profiles 9 Out IPv6 Session: Raw Size 65536, User Size 8192(4096 reserved) Slot 1 XPP20SP 0: IP Section(Left): 0(000000) - 262143(03ffff) IP Section(Right: 0 (000000) - 262143 (03ffff) IP SNet 0:(Left): 0(000000) - 12287(002fff) IP SNet 1:(Left): 12288(003000) - 262143(03ffff) IP SNet 1:(Right): 0 (000000) - 218250 (03548a) IP SNet 2:(Right): 218251 (03548b) - 255585 (03e661) IP SNet 3:(Right): 255586 (03e662) - 260725 (03fa75) IP SNet 4:(Right): 260726 (03fa76) - 261503 (03fd7f) IP SNet 5:(
9 CAM partition profiles IP VPN SNet 11: IP VPN SNet 12: IP VPN SNet 13: IP VPN SNet 14: IP VPN SNet 15: IP VPN SNet 16: IP VPN SNet 17: IP VPN SNet 18: IP VPN SNet 19: IP VPN SNet 20: IP VPN SNet 21: IP VPN SNet 22: IP VPN SNet 23: IP VPN SNet 24: IP VPN SNet 25: IP VPN SNet 26: IP VPN SNet 27: IP VPN SNet 28: IP VPN SNet 29: IP VPN SNet 30: IP VPN SNet 31: MAC Section : MAC Forwarding: MAC Flooding : Misc Protocol : Session Section : IP Multicast : Broadcast ACL : Receive ACL : Rule-based ACL: IPv6 Sess
CAM partition profiles TABLE 52 9 Output parameters of the show cam-partition command (Continued) Field Description Raw Size Shows the value double that of the CAM partition standard entry count. A standard entry contains 64 bits for the data and 64 bits for the mask. The raw size may cover invalid entries. User Size Shows the actual number of entries that the application can use. For a 128-bit application, such as Layer 4 ACL and IPV6, two standard entries equal one user entry.
9 CAM partition profiles Displaying CAM Partition for IPv6 VPN The IPv6 VPN CAM partition is created when multi-service-3 or multi-service-4 CAM profile is configured. The IPv6 VPN CAM partition contains 10 sub partitions.The sub-partition is allocated with a fixed size, but can be dynamically changed. If the size of sub-partition is dynamically changed, the output from the show cam-partition command is affected.
CAM partition profiles :SNet :SNet :SNet :SNet :SNet :SNet :SNet :SNet :SNet :SNet :SNet :SNet :SNet :SNet :SNet :SNet :SNet :SNet :SNet :SNet :SNet :SNet 10: 11: 12: 13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30: 31: 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 16(free), 16(free), 16(free), 16(free), 16(fr
9 CAM partition profiles :SNet :SNet :SNet :SNet :SNet :SNet :SNet 25: 26: 27: 28: 29: 30: 31: 16(size), 16(size), 16(size), 16(size), 16(size), 16(size), 512(size), 16(free), 16(free), 16(free), 16(free), 16(free), 16(free), 512(free), 00.00%(used) 00.00%(used) 00.00%(used) 00.00%(used) 00.00%(used) 00.00%(used) 00.00%(used) [MAC]131072(size), 131061(free), 00.00%(used) :Protocol: 10(size), 6(free), 40.00%(used) :Forwarding:131054(size), 131047(free), 00.00%(used) :Flooding: 8(size), 8(free), 00.
CAM partition profiles 9 Displaying CAM information The following commands display CAM information. Show cam l2vpn To display all VLL or VPLS MAC entries, including local entries (Port or VLAN or MAC from end points) and remote entries (VC or MAC from VLL or VPLS peers) enter the following command. Brocade# show cam l2vpn 2/1 Slot Index MAC (Hex) 2 9fff6 0000.0034.5678 2 9fff7 0000.0034.
9 CAM partition profiles Syntax: show cam l4 slot/port The slot/port parameter specifies the port for which you want to display the CAM entries. Table 53 describes the output parameters of the show cam l4 slot/port command. TABLE 53 Output parameters of the show cam l4 command Field Description LP Shows the number of the interface module. Index (Hex) Shows the row number of this entry in the IP route table. Src IP Dest IP Shows the source IP address and the destination IP address.
CAM partition profiles 9 Show CAM IP To display IP CAM information, enter the following command. Brocade# show cam ip 3/1 LP Index IP Address (Hex) 3 02fef(L) 10.33.32.0/32 3 02ff0(L) 10.33.32.255/32 3 02ff1(L) 10.33.32.1/32 3 02ff2(L) 10.11.11.0/32 3 02ff3(L) 10.11.11.255/32 3 02ff4(L) 10.11.11.3/32 3 02ff5(L) 10.5.5.5/32 3 02ff6(L) 224.0.0.22/32 3 02ff7(L) 224.0.0.18/32 3 02ff8(L) 224.0.0.13/32 3 02ff9(L) 224.0.0.9/32 3 02ffa(L) 224.0.0.6/32 3 02ffb(L) 224.0.0.5/32 3 02ffc(L) 224.0.0.
9 CAM partition profiles Show CAM IPv6 To display IPv6 CAM information, enter the following command Brocade# show cam ipv6 3/20 LP Index IPV6 Address (Hex) 3 22ffc 2001:db8::/128 3 22ffe 2001:db8::1/128 3 2e8a6 2001:db8::/64 3 2ffde fe80::/10 3 2fffe ::/0 MAC Age IFL/ VLAN Dis N/A Dis N/A Dis N/A Dis N/A Dis N/A N/A N/A N/A N/A N/A Out IF PRAM (Hex) Mgmt 000dc Mgmt 000db CPU 000dd CPU 00086 Drop 00085 Syntax: show cam ipv6 slot/port The slot/port parameter specifies the port for which you want to dis
9 CAM partition profiles Show cam v6acl The show cam v6acl command displays IPv6 ACL CAM sessions configured on the device.
9 Configuring CAM partition size Show IFL CAM ISID partition To display information about 802.1AH for ISID, enter the following command: Brocade#show Slot Index (Hex) 1 0085fe8 1 0085fe9 1 0085fea 1 0085feb cam ifl-isid 1/1 Port Outer VLAN Itag ISID 1/14 1/13 1/16 1/15 27 26 25 24 37 36 35 34 PRAM IFL ID (Hex) 185fe8 1 185fe9 1 185fea 1 185feb 1 IPV4/V6 Routing 0/0 0/1 1/0 1/1 Syntax: show cam ifl-isid slot/port This output includes an IPv4/ IPv6 Routing column.
CAM overflow logging 9 CAM overflow logging At system initialization, a threshold value is calculated for each sub-partition. If a partition does not have any sub-partitions, the value is based on the entire partition size. If a partition has movable sub-partition boundaries, the threshold value is also based on the entire partition size. By default, the threshold value is 5% of the total entry count. A minimum logging interval (default of 5 minutes) is also set for each partition to check usage.
9 326 CAM overflow logging Multi-Service IronWare Administration Guide 53-1003028-02
Appendix A Using Syslog Table 56 displays the individual Brocade devices and the Syslog features they support.
A Using Syslog TABLE 56 Supported Brocade Syslog features Features supported Brocade NetIron XMR Series Brocade MLX Series Brocade NetIron CES 2000 Series BASE package Brocade NetIron CES 2000 Series ME_PREM package Brocade NetIron CES 2000 Series L3_PREM package Brocade NetIron CER 2000 Series Base package Brocade NetIron CER 2000 Series Advanced Services package Number of Entries the Local Buffer Can Hold 1-5000 1-5000 1-5000 1-5000 1-5000 1-5000 1-5000 Disabing Syslog for an event Ye
Displaying Syslog messages A Displaying Syslog messages To display the Syslog messages in the device’s local buffer, enter the following command at any level of the CLI.
A Configuring the Syslog service telnet@Brocade# terminal monitor Syslog trace was turned OFF Here is an example of how the Syslog messages are displayed.
Configuring the Syslog service A The Syslog display shows the following configuration information, in the rows above the log entries themselves. TABLE 57 CLI Display of Syslog buffer configuration This field... Displays... Syslog logging The state (enabled or disabled) of the Syslog buffer. messages dropped The number of Syslog messages dropped due to user-configured filters. By default, the software logs messages for all Syslog levels.
A Configuring the Syslog service Brocade(config)# show logging Syslog logging: enabled (0 messages dropped, 0 flushes, 0 overruns) Buffer logging: level ACDMEINW, 3 messages logged level code: A=alert C=critical D=debugging M=emergency E=error I=informational N=notification W=warning Static Log Buffer: Dec 15 19:04:14:A:Fan 1, fan on right connector, failed Dec 15 19:00:14:A:Fan 2, fan on left connector, failed Dynamic Log Buffer (50 entries): Dec 15 18:46:17:I:Interface ethernet 1/4, state up Dec 15 18:4
Configuring the Syslog service A • If you have not set the time and date on the onboard system clock, the time stamp shows the amount of time that has passed since the device was booted, in the following format: numdnumhnummnums where: • • • • numd – day numh – hours numm – minutes nums – seconds For example, “188d1h01m00s” means the device had been running for 188 days, 11 hours, one minute, and zero seconds when the Syslog entry with this time stamp was generated.
A Configuring the Syslog service Brocade(config)# show log Syslog logging: enabled (0 messages dropped, 0 flushes, 0 overruns) Buffer logging: level ACDMEINW, 38 messages logged level code: A=alert C=critical D=debugging M=emergency E=error I=informational N=notification W=warning Static Log Buffer: Dynamic Log Buffer (50 entries): 21d07h02m40s:warning:list 101 denied 0000.001f.77ed) -> 10.99.4.69(http), 19d07h03m30s:warning:list 101 denied 0000.001f.77ed) -> 10.99.4.
Configuring the Syslog service A Syntax: copy tftp flash client-certificate and Syntax: copy tftp flash client-private-key The remote_ip keyword specifies the IP address of the remote host where the SSL Client certificate and private key are present. The cert_file keyword specifies the filename of the SSL Client Certificate, and the priv_key_file keyword specifies the filename of the private key. Using SCP 1.
A Configuring the Syslog service Buffer logging: level ACDMEINW, 27 messages logged level code: A=alert C=critical D=debugging M=emergency E=error I=informational N=notification W=warning Current active SSL syslog server: 10.25.105.201:60514 Ascending or descending option for show log command A new option was added to the show log command that allows you to display the log in either ascending or descending order based on time.
Configuring the Syslog service A The fan-speed-change option defines the log of changes in the speed of the fan. The fan-state-change option defines the log of changes in the state of the fan. The link-state-change option defines the log of changes in the state of the link. The mgmt-mod-redun-state-change option defines the log of changes in the redundant state of the management module. The module-hotswap option defines the log of insertion and removal of modules.
A Configuring the Syslog service Brocade(config)# no logging buffered informational Syntax: [no] logging buffered level | num-entries The level parameter can have one of the following values: • • • • • • • • alerts critical debugging emergencies errors informational notifications warnings The commands in the example above change the log level to notification messages or higher. The software will not log informational or debugging messages. The changed message level also applies to the Syslog servers.
Configuring the Syslog service • • • • • • • • • • • • • • • • • • • • • • • A user – random user-level messages mail – mail system daemon – system daemons auth – security or authorization messages syslog – messages generated internally by Syslog lpr – line printer subsystem news – netnews subsystem uucp – uucp subsystem sys9 – cron or at subsystem sys10 – reserved for system use sys11 – reserved for system use sys12 – reserved for system use sys13 – reserved for system use sys14 – reserved for system us
A Syslog messages Dynamic Log Buffer (50 entries): Dec 15 18:46:17:I:Interface ethernet Lab2, state up Dec 15 18:45:15:I:Warm start Clearing the Syslog messages from the local buffer To clear the Syslog messages stored in the device’s local buffer, use the following command. Brocade# clear logging Syntax: clear logging Logging all CLI commands to Syslog This feature allows you to log all valid CLI command from each user session into the system log.
Syslog messages • • • • • • • A Alerts Critical Errors Warnings Notifications Informational Debugging TABLE 58 Syslog messages system Message level Message Explanation Alert ISIS Memory Limit Exceeded IS-IS is requesting more memory than is available. Alert System Power supply num, location, failed A power supply has failed. The num is the power supply number. The location describes where the failed power supply is in the chassis.
A Syslog messages TABLE 58 342 Syslog messages system (Continued) Message level Message Explanation Alert System Management module at slot slot-num state changed from module-state to module-state due to reason. Indicates a state change in a management module. The slot-num indicates the chassis slot containing the module. The module-state can be one of the following: • active • standby • crashed • coming-up • unknown A due to clause has been added to this message.
Syslog messages TABLE 58 A Syslog messages system (Continued) Message level Message Explanation Error Error Module down in slot 3, reason CARD_DOWN_REASON_BOOT_FAILED.Err or Code (1). • The error message displayed on the Management Module console when the Interface Module fails to boot up. The message will display the error code reason. • When the Interface Module is in DOWN state, the error code is included in the dynamic buffer.
A Syslog messages TABLE 58 344 Syslog messages system (Continued) Message level Message Explanation Notification System Module was inserted to slot slot-num Indicates that a module was inserted into a chassis slot. The slot-num is the number of the chassis slot into which the module was inserted. Notification System Module was removed from slot slot-num Indicates that a module was removed from a chassis slot. The slot-num is the number of the chassis slot from which the module was removed.
Syslog messages TABLE 58 A Syslog messages system (Continued) Message level Message Explanation Informational System Power Supply PS-Num will be shutdown due to flapping next time it becomes available. (Brocade NetIronXMR and Brocade MLX only). A power supply will shutdown because of flapping the next time it is available. The PS-Num is the power supply number. Informational System Power Supply PS-Num is shutdown due to flapping.(Brocade XMR and Brocade MLX only).
A Syslog messages TABLE 59 Message Explanation Informational Security outbound telnet session number logout from server IP ip from SSH session session number A user has terminated an outbound Telnet session initiated from an inbound SSH session. The first session number is the number of the outbound Telnet session. The ip is the IP address from which the Telnet session has disconnected. The second sessions number is the number of the inbound SSH session.
Syslog messages TABLE 61 A Syslog messages STP Message level Message Explanation Informational STP VLAN id - New RootBridge string RootPort portnum (reason) A Spanning Tree Protocol (STP) topology change has occurred. The id is the ID of the VLAN in which the STP topology change occurred. The portnum is the number of the port connected to the new root bridge.
A Syslog messages TABLE 62 Message Explanation Informational RSTP VLAN id - Bridge is RootBridge string (reason) 802.1W changed the current bridge to be the root bridge of the given topology due to administrative change in bridge priority. Informational vlan vlan-id Bridge is RootBridge mac-address (MsgAgeExpiry) The message age expired on the Root port so 802.1W changed the current bridge to be the root bridge of the topology.
Syslog messages TABLE 67 A Syslog messages VRRP Message level Message Explanation Notification VRRP intf state changed, intf portnum, vrid virtual-router-id, state vrrp-state A state change has occurred in a Virtual Router Redundancy Protocol (VRRP) interface. The portnum is the port. The virtual-router-id is the virtual router ID (VRID) configured on the interface.
A Syslog messages TABLE 70 350 Syslog messages ACL Message level Message Explanation Warning ACL list acl-num denied ip-proto src-ip-addr (src-tcp/udp-port) (Ethernet portnum mac-addr) -> dst-ip-addr (dst-tcp/udp-port), 1 events Indicates that an Access Control List (ACL) denied (dropped) packets. The acl-num indicates the ACL number. Numbers 1 – 99 indicate standard ACLs. Numbers 100 – 199 indicate extended ACLs. The ip-proto indicates the IP protocol of the denied packets.
Syslog messages TABLE 70 A Syslog messages ACL (Continued) Message level Message Explanation Notification AC port fragment packet inspect rate rate exceeded on port portnum The fragment rate allowed on an individual interface has been exceeded. The rate indicates the maximum rate allowed. The portnum indicates the port. This message can occur if fragment throttling is enabled.
A Syslog messages TABLE 72 352 Syslog messages OSPF Message level Message Explanation Alert OSPF Memory Overflow OSPF has run out of memory. Alert OSPF LSA Overflow, LSA Type = lsa-type Indicates an LSA database overflow. The lsa-type parameter indicates the type of LSA that experienced the overflow condition.
Syslog messages TABLE 72 A Syslog messages OSPF (Continued) Message level Message Explanation Notification OSPF nbr state changed, rid router-id, nbr addr ip-addr, nbr rid nbr-router-Id, state ospf-state Indicates that the state of an OSPF neighbor has changed. The router-id is the router ID of the device. The ip-addr is the IP address of the neighbor. The nbr-router-id is the router ID of the neighbor.
A Syslog messages TABLE 72 354 Syslog messages OSPF (Continued) Message level Message Explanation Notification OSPF intf config error, rid router-id, intf addr ip-addr, pkt src addr src-ip-addr, error type error-type, pkt type pkt-type Indicates that an OSPF interface configuration error has occurred. The router-id is the router ID of the device. The ip-addr is the IP address of the interface on the device.
Syslog messages TABLE 72 A Syslog messages OSPF (Continued) Message level Message Explanation Notification OSPF virtual intf config error, rid router-id, intf addr ip-addr, pkt src addr src-ip-addr, error type error-type, pkt type pkt-type Indicates that an OSPF virtual routing interface configuration error has occurred. The router-id is the router ID of the device. The ip-addr is the IP address of the interface on the device.
A Syslog messages TABLE 72 356 Syslog messages OSPF (Continued) Message level Message Explanation Notification OSPF intf authen failure, rid router-id, intf addr ip-addr, pkt src addr src-ip-addr, error type error-type, pkt type pkt-type Indicates that an OSPF interface authentication failure has occurred. The router-id is the router ID of the device. The ip-addr is the IP address of the interface on the device.
Syslog messages TABLE 72 A Syslog messages OSPF (Continued) Message level Message Explanation Notification OSPF virtual intf authen failure, rid router-id, intf addr ip-addr, pkt src addr src-ip-addr, error type error-type, pkt type pkt-type Indicates that an OSPF virtual routing interface authentication failure has occurred. The router-id is the router ID of the device. The ip-addr is the IP address of the interface on the device.
A Syslog messages TABLE 72 Syslog messages OSPF (Continued) Message level Message Explanation Notification OSPF intf rcvd bad pkt, rid router-id, intf addr ip-addr, pkt src addr src-ip-addr, pkt type pkt-type Indicates that an OSPF interface received a bad packet. The router-id is the router ID of the device. The ip-addr is the IP address of the interface on the device. The src-ip-addr is the IP address of the interface from which the device received the authentication failure.
Syslog messages TABLE 72 A Syslog messages OSPF (Continued) Message level Message Explanation Notification OSPF intf retransmit, rid router-id, intf addr ip-addr, nbr rid nbr-router-id, pkt type is pkt-type, LSA type lsa-type, LSA id lsa-id, LSA rid lsa-router-id An OSPF interface on the device has retransmitted a Link State Advertisement (LSA). The router-id is the router ID of the device. The ip-addr is the IP address of the interface on the device.
A Syslog messages TABLE 72 360 Syslog messages OSPF (Continued) Message level Message Explanation Notification OSPF LSDB overflow, rid router-id, limit num A Link State Database Overflow (LSDB) condition has occurred. The router-id is the router ID of the device. The num is the number of LSAs. Notification OSPF LSDB approaching overflow, rid router-id, limit num The software is close to an LSDB condition. The router-id is the router ID of the device. The num is the number of LSAs.
Syslog messages TABLE 73 A Syslog messages OSPFv3 Message level Message Explanation Alert OSPFv3 Memory Overflow OSPF has run out of memory. Alert OSPFv3 LSA Overflow, LSA Type = lsa-type Indicates an LSA database overflow. The lsa-type parameter indicates the type of LSA that experienced the overflow condition.
A Syslog messages TABLE 73 362 Syslog messages OSPFv3 Message level Message Explanation Notification OSPFv3 nbr state changed, rid router-id, nbr addr ip-addr, nbr rid nbr-router-Id, state ospf-state Indicates that the state of an OSPF neighbor has changed. The router-id is the router ID of the device. The ip-addr is the IP address of the neighbor. The nbr-router-id is the router ID of the neighbor.
Syslog messages TABLE 73 A Syslog messages OSPFv3 Message level Message Explanation Notification OSPFv3 intf config error, rid router-id, intf addr ip-addr, pkt src addr src-ip-addr, error type error-type, pkt type pkt-type Indicates that an OSPF interface configuration error has occurred. The router-id is the router ID of the device. The ip-addr is the IP address of the interface on the device. The src-ip-addr is the IP address of the interface from which the device received the error packet.
A Syslog messages TABLE 73 364 Syslog messages OSPFv3 Message level Message Explanation Notification OSPFv3 intf authen failure, rid router-id, intf addr ip-addr, pkt src addr src-ip-addr, error type error-type, pkt type pkt-type Indicates that an OSPF interface authentication failure has occurred. The router-id is the router ID of the device. The ip-addr is the IP address of the interface on the device.
Syslog messages TABLE 73 A Syslog messages OSPFv3 Message level Message Explanation Notification OSPFv3 intf rcvd bad pkt, rid router-id, intf addr ip-addr, pkt src addr src-ip-addr, pkt type pkt-type Indicates that an OSPF interface received a bad packet. The router-id is the router ID of the device. The ip-addr is the IP address of the interface on the device. The src-ip-addr is the IP address of the interface from which the device received the authentication failure.
A Syslog messages TABLE 73 366 Syslog messages OSPFv3 Message level Message Explanation Notification OSPFv3 virtual intf retransmit, rid router-id, intf addr ip-addr, nbr rid nbr-router-id, pkt type is pkt-type, LSA type lsa-type, LSA id lsa-id, LSA rid lsa-router-id An OSPF interface on the device has retransmitted a Link State Advertisement (LSA). The router-id is the router ID of the device. The ip-addr is the IP address of the interface on the device.
Syslog messages TABLE 73 A Syslog messages OSPFv3 Message level Message Explanation Notification OSPFv3 intf rcvd bad pkt Bad Checksum, rid ip-addr, intf addr ip-addr, pkt size num, checksum num, pkt src addr ip-addr, pkt type type The device received an OSPF packet that had an invalid checksum. The rid ip-addr is device’s device ID. The intf addr ip-addr is the IP address of the interface that received the packet. The pkt size num is the number of bytes in the packet.
A Syslog messages TABLE 74 368 Syslog messages IS-IS (Continued) Message level Message Explanation Notification ISIS Entered Overload State Due to overload-reason The device has set the overload bit to on (1), indicating that the device’s IS-IS resources are Overloaded.
Syslog messages TABLE 74 A Syslog messages IS-IS (Continued) Message level Message Explanation Notification ISIS LSP-type LSP LSP-ID Seq sequence-number Len length LifeTime lifetime on interface-name dropped due to LSP-drop-reason The device has dropped the received LSP. The LSP-Type can be one of the following: • L1 • L2 The LSP-ID variable is in the 8 byte LSP ID value. The sequence-number is a 4 byte value that is associated with each LSP ID. The length is the length of the LSP PDU.
A Syslog messages TABLE 74 Message Notification ISIS NbrType neighbor The device’s Neighbor has come up. Hostname/systemID UP on interface-name The NbrType can be one of the following: • L1 • L2 • PTPT The interface-name is the name of the interface and is displayed in the following form “Ethernet 1/1”.
Syslog messages TABLE 75 Variable LSP-drop-reason A Definition of IS-IS variables (Continued) Value Definition LSP Fragmentation Count Exceeded The Overload condition was entered because of IS-IS trying to generate the 256th LSP fragment. LSP Sequence Number Wrap Around The Overload condition was entered because the LSP numbers reached the maximum value. LSP Option Allocation Failure Self LSP building failed due to an internal buffer allocation failure.
A Syslog messages TABLE 76 Message Explanation Error BGP received invalid AS4_PATH attribute flag (0x40) - entire AS4_PATH ignored If the flag that describes the attribute has unacceptable values then this error is displayed. Error BGP received invalid Confed info in AS4_PATH (@byte 43) - entire AS4_PATH ignored Confederation segments(AS_CONFED_SEQ/SET) must precede the (AS_SEQ/SET), if not, this error is displayed.
Syslog messages TABLE 78 A Syslog messages TCP Message level Message Explanation Notification TCP Local TCP exceeds burst-max burst packets, stopping for lockup seconds! The number of TCP SYN packets exceeds the burst-max threshold set by the ip tcp burst command. The device may be the victim of a TCP SYN DoS attack. All TCP SYN packets will be dropped for the number of seconds specified by the lockup value. When the lockup period expires, the packet counter is reset and measurement is restarted.
A Syslog messages TABLE 79 Message Explanation Informational DOT1X Port portnum currently used vlan-id changes to vlan-id due to dot1x-RADIUS vlan assignment A user has completed 802.1X authentication. The profile received from the RADIUS server specifies a VLAN ID for the user. The port to which the user is connected has been moved to the VLAN indicated by vlan-id.
Syslog messages TABLE 81 A Syslog messages MPLS (Continued) Message level Message Explanation Informational MPLS Deleting VLL vll-name (ID vll-id) at {tagged | untagged} port slot/port Sent when the specified VLL with the at the specified tagged or untagged port is being deleted. Informational MPLS Deleting VLL vll-name (ID vll-id) with peer IPv4 address ip Sent when the specified VLL with the specified IPv4 peer is being deleted.
A Syslog messages TABLE 81 Message Explanation Notification MPLS VPLS for instance indices list n through m are up Sent when multiple VPLS instances are transitioning to an up state. Notification MPLS VPLS for instance indices list n through m are down Sent when multiple VPLS instances are transitioning to a down state. Notification MPLS VPLS peer ip associated with VC ID n is up Sent when a single VPLS peer is transitioning to an up state.
Syslog messages TABLE 82 A Syslog messages VRF (Continued) Message level Message Explanation Informational VRF vrf_name has been configured as management VRF. Indicates that the specified VRF has been configured as a management VRF. Informational VRF vrf_name has been unconfigured as management VRF. Indicates that the specified VRF has been removed as a management VRF.
A Syslog messages TABLE 85 378 Syslog messages Optics (Continued) Message level Message Explanation Notification Session DOWN for RSVP session session-id Reason Administratively Down The BFD session for the RSVP session specified by the session-id is Down for Administrative reasons. The form of the session-id displayed is IPv4 tunnel endpoint or tunnel ID or extended tunnel ID. For example 10.22.22.
Syslog messages TABLE 86 A Syslog messages LDP Message level Message Explanation Notification MPLS LDP path vector limit mismatch for session lsrId labelSpaceId (value local vector limit) with peer lsrId labelSpaceId (value peer vector limit) This notification is generated when the value of the LDP path vector limit value from the peer does not match that of the entity.
A 380 Syslog messages Multi-Service IronWare Administration Guide 53-1003028-02
Appendix B Global and Address Family Configuration Levels Table 90 displays the individual devices and the Global and Address Family Configuration Level features they support.
B Global and Address Family Configuration Levels To configure BGP4 and IPv4 MBGP, enter the router bgp command, which takes you to the BGP router configuration level. At this level, you can access commands to configure all aspects of BGP4 and IPv4 MBGP, including commands that configure the protocol, and commands that configure unicast routes and multicast routes. (To configure aspects of multicast routes, specify the nlri keyword with a command.
Accessing the address family configuration level B Accessing the address family configuration level For example, to access the BGP4 multicast address family configuration level, enter the following command while at the global BGP configuration level. Brocade(config-bgp)# address-family ipv4 multicast Brocade(config-bgp-ipv4m)# Syntax: address-family ipv4 unicast | ipv4 multicast | ipv6 unicast The (config-bgp-ipv4m)# prompt indicates that you are at the IPv4 multicast address family configuration level.
B Backward compatibility for existing BGP4 and IPv4 IS-IS configurations When you enter the exit-address-family command at an address family configuration level you return to the global IS-IS configuration level, or the BGP4 unicast address family configuration level, (the default BGP4 level). For backward compatibility, you can currently access commands related to BGP4 unicast routes at both global BGP4 configuration and BGP4 unicast address family configuration levels.
Global BGP4 commands and BGP4 unicast route commands • • • • • • • • • • • • • B cluster-id community-filter compare-routerid confederation identifier confederation peers default-local-preference distance enforce-first-as fast-external-fallover ignore-invalid-confed-as-path local-as med-missing-as-worst timers The following global BGP commands are used to configure peer groups and neighbors: • • • • • • • • • • • • • • • • • neighbor ipv4-address | ipv6-address | peer-group-name description neighbor i
B Global BGP4 commands and BGP4 unicast route commands • neighbor ipv4-address | ipv6-address | peer-group-name filter-list in (applies to the IPv4 unicast address family only) • • • • • • • network next-hop-enable-default next-hop-recursion (applies to the IPv4 unicast address family only) readvertise (applies to the IPv4 unicast address family only) redistribute table-map update-time The following commands configure policies for neighbors or peer groups for a specific address family: • • • • • • • •
Appendix C Commands That Require a Reload Table 91 displays the individual Brocade devices and the commands that require a reload features they support.
C Commands That Require a Reload TABLE 92 388 Commands that require a software reload (Continued) Command See ...
Appendix D NIAP-CCEVS Some devices have passed the Common Criteria (CC) certification testing. This testing is sponsored by the National Information Assurance Partnership (NIAP) - Common Criteria Evaluation and Validation Scheme (CCEVS). For more information regarding the NIAP-CCEVS certification process refer to the following link: http://www.niap-ccevs.org/.
D Web management access to NIAP-CCEVS certified Brocade equipment TABLE 93 NIAP-CCEVS certified equipment and IronWare software releases Brocade product Brocade IronWare software version Discussed in ServerIron JetCore Family 11.0.
Warning: local user password changes D Warning: local user password changes Please note that if existing usernames and passwords have been configured on a device with specific privilege levels (super-user, read-only, port-config) and if you attempt to change a user's password by executing the following command. Brocade(config)# user fdryreadonly password The privilege level of this particular user will be changed from its current value to “super-user”.
D 392 Warning: local user password changes Multi-Service IronWare Administration Guide 53-1003028-02
Appendix Acknowledgements E This appendix presents the acknowledgements for portions of code from various vendors that are included in the Brocade devices covered in this manual. Cryptographic software MPL 1.1 The contents of this file are subject to the Mozilla Public License Version 1.1 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.mozilla.org/MPL/.
E Cryptographic software 6. Products derived from this software may not be called “OpenSSL” nor may “OpenSSL” appear in their names without prior written permission of the OpenSSL Project. 7. Redistributions of any form whatsoever must retain the following acknowledgment: “This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.
Cryptographic software E 5. If you include any Windows specific code (or a derivative thereof) from the apps directory (application code) you must include an acknowledgement: “This product includes software written by Tim Hudson (tjh@cryptsoft.com)” THIS SOFTWARE IS PROVIDED BY ERIC YOUNG “AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
E 396 Cryptographic software Multi-Service IronWare Administration Guide 53-1003028-02
Appendix F NP Memory Errors The Sysmon NP Memory Error Monitoring event monitors memory errors on interface modules. This appendix lists the interface cards that support NP memory error monitoring. It also details the different NP memory errors supported on each interface card. The following interface cards support NP memory error monitoring: • • • • BR-MLX-40Gx4-X BR-MLX-10Gx24 BR-MLX-100Gx2-X(100G) Gen-1 • NI-XMR-10Gx4 • NI-MLX-10Gx4) • Gen-1.
F NP Memory Errors TABLE 94 398 NP memory errors supported on BR-MLX-40Gx4-X interface cards 5 Tx Deframer MVLAN sop FIFO Parity 6 Tx Deframer MVLAN payload Data FIFO Parity 7 Tx Packet Edit Data FIFO Parity 8 Tx Packet Edit Next Hop Table Parity 9 ACL PRAM Results FIFO Parity 10 ACL Data FIFO Parity 11 ACL Control FIFO Parity 12 ACL QoS Done FIFO Parity 13 ACL Port Number FIFO Parity 14 ACL Priet Table Parity 15 ACL Tx VLAN Table Parity 16 Tx Priet Lookup Result Parity 17 MAC0
NP Memory Errors TABLE 94 F NP memory errors supported on BR-MLX-40Gx4-X interface cards 42 CAM2 Lookup FIFO1 Overflow 43 Rx Port Pipeline HQoS Data Parity 44 Rx Port Pipeline Rx Data-in Parity 45 Rx Port Pipeline Rxctrl FIFO Read Data Parity 46 Rx Port Pipeline Read Rx QoS Id FIFO Parity 47 Rx Port Pipeline Rx portnum FIFO Parity 48 Rx Port Pipeline Rx QoS Done FIFO Parity 49 Rx Port Pipeline Rx Flag FIFO Parity 50 Rx Port Pipeline Rx Header FIFO Parity 51 Rx Port Pipeline PRAM Packe
F NP Memory Errors TABLE 94 400 NP memory errors supported on BR-MLX-40Gx4-X interface cards 79 CAM2 Asc FIFO 80 LBLram srvt Lookup FIFO Underflow 81 LBLram extd Service rd Data Parity 82 LBLram LBL Lookup FIFO Underflow 83 LBLram srvp Lookup FIFO Overflow 84 LBLram srvp Lookup FIFO Underflow 85 LBLram rdrequest FIFO Overflow 86 LBLram rdrequest FIFO Underflow 87 LBLram extd Service Read FIFO Overflow 88 LBLram extd Service Read FIFO Underflow 89 srvt Lookup FIFO rd Data Parity 90
NP Memory Errors TABLE 94 F NP memory errors supported on BR-MLX-40Gx4-X interface cards 116 Stats Block1 tx FIFO Underflow 117 Stats Block1 Rx FIFO Overflow 118 Stats Block2 Rx FIFO Underflow 119 Stats Block2 tx FIFO Overflow 120 Stats Block2 tx FIFO Underflow 121 Stats Block2 Rx FIFO Overflow 122 Stats Block3 Rx FIFO Underflow 123 Stats Block3 tx FIFO Overflow 124 Stats Block3 tx FIFO Underflow 125 Stats Block3 Rx FIFO Overflow 126 Stats Block4 Rx FIFO Underflow 127 Stats Block4
F NP Memory Errors TABLE 94 402 NP memory errors supported on BR-MLX-40Gx4-X interface cards 153 PRAM CAM Interface Data FIFO Overflow 2 154 PRAM CAM Interface Data FIFO Underflow 3 155 PRAM CAM Interface Data FIFO Overflow 3 156 PRAM Channel0 rdParity Flag 157 PRAM Channel1 rdParity Flag 158 PRAM Channel2 rdParity Flag 159 PRAM Channel3 rdParity Flag 160 CAM2Age L2 Underflow 0 161 CAM2Age L2 Underflow 1 162 CAM2Age ACL Underflow 0 163 CAM2Age ACL Underflow 1 164 CAM2Age L3 Under
NP Memory Errors TABLE 94 F NP memory errors supported on BR-MLX-40Gx4-X interface cards 190 CAM2Age L2 Overflow 1 191 CAM2Age ACL Overflow 0 192 CAM2Age ACL Overflow 1 193 CAM2PRAM Data FIFO Overflow 194 CAM2PRAM Count FIFO Overflow 195 CAM1 Lookup FIFO1 Underflow 196 CAM1 Lookup FIFO2 Underflow 197 CAM1 Lookup FIFO3 Underflow 198 CAM2 Lookup FIFO1 Underflow 199 CAM2 Lookup FIFO2 Underflow 200 CAM2 Lookup FIFO3 Underflow 201 CAM1 Asc FIFO Underflow 202 CAM1 Asc FIFO Overflow 2
F NP Memory Errors TABLE 94 NP memory errors supported on BR-MLX-40Gx4-X interface cards 227 Service CAM Result FIFO Underflow 228 eACL CAM Result FIFO Overflow 229 eACL CAM Result FIFO Underflow 230 eACL CAM Block Mux FIFO2 Parity 231 eACL CAM Block Mux FIFO1 Parity 232 Service CAM Block Mux FIFO Parity 233 CAM3 Service Result FIFO Parity 234 CAM3 eACL Result FIFO Parity TABLE 95 NP memory errors supported on BR-MLX-10Gx24 interface cards.
NP Memory Errors TABLE 95 F NP memory errors supported on BR-MLX-10Gx24 interface cards.
F NP Memory Errors TABLE 95 NP memory errors supported on BR-MLX-10Gx24 interface cards.
NP Memory Errors TABLE 95 F NP memory errors supported on BR-MLX-10Gx24 interface cards.
F NP Memory Errors TABLE 96 NP memory errors supported on BR-MLX-100Gx2-X(100G) interface cards.
NP Memory Errors TABLE 96 F NP memory errors supported on BR-MLX-100Gx2-X(100G) interface cards.
F NP Memory Errors TABLE 96 410 NP memory errors supported on BR-MLX-100Gx2-X(100G) interface cards.
NP Memory Errors TABLE 96 NP memory errors supported on BR-MLX-100Gx2-X(100G) interface cards.
F NP Memory Errors TABLE 98 412 NP memory errors supported on Gen-2 interface cards.
NP Memory Errors TABLE 98 F NP memory errors supported on Gen-2 interface cards.
F NP Memory Errors TABLE 98 414 NP memory errors supported on Gen-2 interface cards.
