Cumulus VX is a community-supported virtual environment for cloud and network administrators to test the latest technology from Cumulus Networks, removing all organizational and economic barriers to getting started with open networking in your own time, at your own pace, and within your own environment.
The environment can be used to learn about, and evaluate, Cumulus Linux, anytime and anywhere, producing sandbox environments for prototype assessment, pre-production rollouts, and script development.
These release notes support Cumulus VX 3.2.0 and describe its features and known issues.
Stay up to date: Click Follow above so you can receive a notification when we update these release notes.
Cumulus Linux 3.2.0 includes the following features and a number of improvements:
- Full support for previously early access features:
Cumulus VX 3.y.z is a significant departure from 2.y.z releases. See the user guide for details on new behaviors and functionality.
Downloading Cumulus VX
You can download any of the of the four Cumulus VX images:
- An OVA disk image for use with VirtualBox.
- A VMware-specific OVA disk image.
- A qcow2 disk image for use with KVM.
- A Box image for use with Vagrant.
Keep in mind the following issues when you are running your Cumulus VX virtual machine.
SNMP Not Supported in Quagga
There is no SNMP support for Quagga in Cumulus VX. However, it's possible to get it via SNMP by:
- Using Nagios.
- Writing a pass persist script in Perl or Python by filling in the OSPF or BGP (rfc) MIBs manually.
- Creating your own private MIB for the information you need.
Due to this circumstance, you must remove all references to
smux in each of the following configuration files. If the
smux entries are present in the configuration files, the daemons in the 2.5 packaged version of Quagga will not start.
grep smux *
- Delete all lines in the config files containing the smux keyword.
The references to
smux that must be removed are:
bgpd.conf, remove this line:
smux peer 220.127.116.11.4.1.3318.104.22.168 quagga_bgpd
ospf6d.conf, remove this line:
smux peer 22.214.171.124.4.1.33126.96.36.199 quagga_ospf6d
ospfd.conf, remove this line:
smux peer 188.8.131.52.4.1.33184.108.40.206 quagga_ospfd
zebra.conf, remove this line:
smux peer 220.127.116.11.4.1.3318.104.22.168 quagga_zebra
Perl, Python and BDB Modules
Any Perl scripts that use the
DB_File module or Python scripts that use the
bsddb module won't run under Cumulus VX.
You can read the technical documentation here.
If you have any questions or feedback about Cumulus VX, visit the Cumulus VX community for further support.
Issues Fixed in Cumulus VX 3.2.0
The following is a list of issues fixed in Cumulus VX 3.2.0 from earlier versions of Cumulus VX.
|Release Note ID||Summary||Description|
|ifupdown2: adjust VLAN subinterface MTU based on MTU settings specified under lowerdev by the user||
The following kernel error occurs when the MTU is specified under a subinterface rather than under the VLAN interface:
root@dell-s3000-04:~# ifreload -a -X eth0 warning: failed to execute cmd 'ip -force -batch - [addr add 22.214.171.124/24 dev swp52.100 link set dev swp52.100 mtu 9000 ]'(RTNETLINK answers: Numerical result out of range Command failed -:2)
|An interface cannot have both inet and inet6 DHCP configurations||
If you configure an interface so it can to obtain both IPv4 and IPv6 IP addresses via DHCP,
In the following example configuration,
auto swp1 iface swp1 inet dhcp link-speed 10000 link-duplex full link-autoneg off auto swp1 iface swp1 inet6 dhcp
|"portwd: invalid SFF identifier: 0x0c" messages appear continuously in syslog||
The following SFF message appears every 5 seconds in syslog:
cumulus@switch:~$ tail -f /var/log/syslog 2016-08-06T12:18:56.095606-04:00 cumulus portwd: invalid SFF identifier: 0x0c 2016-08-06T12:19:01.113397-04:00 cumulus portwd: invalid SFF identifier: 0x0c 2016-08-06T12:19:01.121068-04:00 cumulus portwd: invalid SFF identifier: 0x0c 2016-08-06T12:19:01.121698-04:00 cumulus portwd: invalid SFF identifier: 0x0c 2016-08-06T12:19:06.139373-04:00 cumulus portwd: invalid SFF identifier: 0x0c 2016-08-06T12:19:06.147045-04:00 cumulus portwd: invalid SFF identifier: 0x0c 2016-08-06T12:19:06.147677-04:00 cumulus portwd: invalid SFF identifier: 0x0c 2016-08-06T12:19:11.165355-04:00 cumulus portwd: invalid SFF identifier: 0x0c 2016-08-06T12:19:11.173134-04:00 cumulus portwd: invalid SFF identifier: 0x0c 2016-08-06T12:19:11.173747-04:00 cumulus portwd: invalid SFF identifier: 0x0c 2016-08-06T12:19:16.191418-04:00 cumulus portwd: invalid SFF identifier: 0x0c 2016-08-06T12:19:16.199154-04:00 cumulus portwd: invalid SFF identifier: 0x0c 2016-08-06T12:19:16.199805-04:00 cumulus portwd: invalid SFF identifier: 0x0c
|In traditional bridge mode, clagd syncs MAC addresses in the wrong VLAN when the peerlink is tagged and the bond is native||
When a traditional mode bridge is configured and the peerlink is tagged but the
This causes the MAC address not to be synced correctly on the peer.
|Default routes learned via DHCP are moved to the management VRF even if they are not in the management VRF||
|When VRF is enabled, the ICMP "need to fragment" is not respected||
Cumulus Linux defaults to using PMTU to discover if a path has a lower MTU than what is set on its local interfaces. If an ICMP - Fragmentation Needed packet is received on an interface associated with a VRF, the MTU change for the remote address is not properly handled. The end result is that packets exceeding the MTU going through that network segment are dropped.
To work around this issue until it is resolved, do one of the following:
|IGMP snooping doesn't prevent flooding of unregistered multicast data packets||
When broadcast video is sent over multicast with a number of senders running, the flooding approaches caused major issues, as the maximum available bandwidth was saturated on an individual port, and started dropping.
|hsflowd - packet samples missing and default nflog group not set since 3.x||
An issue occurrs where only counter samples are generated when
cumulus@switch:~$ cat /proc/bcm/knet/sample_groups Sample NFLOG group (unit 0): rx=1 tx=0
|CVE-2016-7042: /proc/keys stack corruption kernel security bug||
A Linux kernel vulnerability was found that when the GNU Compiler Collection (gcc) stack protector is enabled, it uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the
This issue is fixed in Cumulus Linux 3.2.0.
|dnsmasq port 53 was enabled, causing potential security vulnerability||
If your system uses
cumulus@switch:~$ sudo systemctl enable dnsmasq
|TACACS+ client users can't login with eth0 in management VRF||An issue occurred when process context was not causing the socket to the server to be bound to the management VRF. This resulted in the TACACS+ client user failing to login with eth0. The issue has now been resolved.|
|Memory leak caused by duplicate MAC address entries||A memory leak was seen when users manually configured a VLAN-aware bridge along with a controller/vtepd provisioned traditional bridge. This was caused by the same MAC address on different VLANs being seen as duplicates in the bridge MAC entries list. This memory leak has now been corrected.|
Known Issues in Cumulus VX 3.2.0
Issues are categorized for easy review. Some issues are fixed but will be available in a later release.