Overview
These release notes support Cumulus Linux 1.5.3 and describe currently available features and known issues.
Licensing
Cumulus Linux is licensed on a per-instance basis. Each network system is fully operational, enabling any capability to be utilized on the switch with the exception of forwarding on switch panel ports. Only eth0 and console ports are activated on an un-licensed instance of Cumulus Linux. Enabling front panel ports requires a license.
You should have received a license key from Cumulus Networks or an authorized reseller. To install the license, read the Cumulus Linux quick start guide.
Upgrading to Version 1.5.3
In order to upgrade to version 1.5.3, you can either do a full upgrade of the software or, if you are upgrading from 1.5.2 to 1.5.3 only, you can use apt-get
.
Warning: Save Your Configurations Before Upgrading |
This installation is destructive. Any configuration files on the switch will not be saved, so please copy them to a different server before upgrading. After you save your configurations, follow these steps to upgrade to Cumulus Linux 1.5.3: |
To do a full upgrade, follow these steps:
- Download Cumulus Linux 1.5.3 - Final Latest Version from the Downloads page of the Cumulus Networks website onto your Web server.
- Install Cumulus Linux 1.5.3, following the instructions in the quick start guide.
To use apt-get
to upgrade from 1.5.2 to 1.5.3, follow these steps:
Run apt-get update.
Run apt-get upgrade.
Run apt-get install linux-image.
- Reboot the switch.
To use apt-get
to upgrade from 1.5.1 to 1.5.3, you need to take specific steps with smux
and switchd
. Follow these steps:
- Before you run
apt-get
, you need to remove all references tosmux
. See Enabling Quagga below. - Run
apt-get update
. - Run
apt-get upgrade
. - Run
apt-get remove switchd.
- Run
apt-get install bcm-utils cl-basefiles cl-platform-config uboot-tools linux-image switchd
. - Reboot the switch.
Enabling Quagga |
There is no SNMP support for Quagga in this release (see RN 88 below). Due to this circumstance, you must remove all references to
The references to
|
What's New in 1.5.3
-
VRR is packaged as
cl-vrr
and available from the testing repo. VRR will be available in the main repo in Cumulus Linux 2.0. -
Debian 7.3 update: The latest packages and security advisory patches included.
Documentation
You can read the technical documentation here.
Features Supported
The following set of features are supported in the 1.5.3 release; they're the same features that were in the 1.5.2 release.
Networking L2/L3 Features
Features | Notes |
LLDP/CDP (both rx/tx) | Patched lldpd |
Rapid STP | Supported via mstpd |
Link Aggregation | Support provided via the Linux bonding driver |
Bridging | Supported via brctl command in Linux |
STP | Supported via brctl |
v4/v6 DHCP relay | Supported via isc-dhcp-relay |
v6 Neighbor Discovery | |
VLAN 802.1q trunk | |
ECMP | |
OSPFv2 | Part of Quagga |
OSPFv3 | Part of Quagga |
v4/v6 Static Routes | Part of Quagga |
BGP v4/v6 | Part of Quagga |
Prescriptive Topology Manager | Cumulus Linux-specific user space application that allows the fabric topology to be verified prior to configuring L3 routing protocols |
Security
Feature | Notes |
ACL (data plane and control plane) | Support provided via the Netfilter framework, iptables, ebtables, and ip6tables, with a wrapper command called cl-acltool that you use for setting iptables and ebtables commands in the kernel and in hardware |
BPDU Guard |
Management Authentication/Authorization
Features | Notes |
SSH | |
NTP | |
PTP |
Datapath-Specific Features
Feature | Notes |
Jumbo MTU | |
Egress scheduling | Deficit Weighted Round Robin (DWRR) + strict priority, which provides strict priority for some priorities and DWRR for the rest |
Traffic classes/queuing | Classification provided via ACLs, and for 802.1p currently; DSCP-based classification provided in later release |
Management Interface/Troubleshooting/Monitoring
Features | Notes |
Bash-based wrapper for Quagga's vtysh | Available in /usr/bin as cl-ospf and cl-ospfv6 |
Scripting: Bash, Perl, Python, Ruby | Debian packages in /img. |
Ping & traceroute | |
syslog, rsyslog | |
logrotate | |
auditd | |
SCP | |
SNMP v2 (via Net-SNMP) | Untested |
Monit | Monit tested & preconfigured in the image |
Issues Fixed in Cumulus Linux 1.5.3
The following is a list of issues fixed in Cumulus Linux 1.5.3 from earlier 1.5.x versions of Cumulus Linux.
Future fixed issues are noted in the Fixed Versions column with the branch name indicating when the fix will be available. If the fixed version is "mainline", this means the fix is in Cumulus Linux's internal mainline branch, but not yet allocated to a customer branch/release.
Release Note ID | Summary | Description | Affected Versions | Feature Category |
RN-105 | Identical SSH host key in Cumulus Linux | Identical default SSH host keys have been seen on Cumulus Linux instances. With the 1.5.3 release, a unique key is generated on the first boot of the switch. | CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2 | |
RN-69 | Statistics for ACL rules are reset to zero whenever the ACL rules are installed | The installation of ACL rules in hardware (using cl-acltool) is done atomically using a ping pong buffer scheme. Thus, old counters are lost any time a rule changes (is added or deleted). Thus, ACL stats for all the rules get zeroed out, irrespective of whether the rules file installation succeeds or fails. root@switch:~# iptables -L -v root@switch:~# cl-acltool -i -p 00control_plane.rules root@switch:~# iptables -L -v |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2 | Security |
RN-41 | Route summarization acts differently in OSPFv3 vs. OSPFv2 |
In OSPFv2, regardless of the order of the routes, the longer prefix is always chosen: This has been fixed with this release. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2 | Layer 3 (Routing) |
RN-71 | SPAN: Cannot match an output L3 sub-interface | Mirroring packets from one switch port to another works: -A FORWARD --out-interface swp1 -j SPAN --dport swp5 As does mirroring inbound packets on a VLAN to a switch port: -A FORWARD --in-interface swp1.100 -j SPAN --dport swp5 However, mirroring outbound packets from a VLAN to a switch port does not work: -A FORWARD --out-interface swp1.100 -j SPAN --dport swp5
This has been fixed with this release. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2 | Layer 2 (Segmentation) |
RN-106 | STP interoperability | Cumulus Linux supports RSTP/PVRST/PVST modes of STP natively. Cumulus Linux can interoperate with Common Spanning Tree/Multiple Spanning Tree Protocol implementations in other vendors. | CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2 | Layer 2 (Segmentation) |
RN-12 | The switch's forwarding of VLAN-tagged packets is different from Linux |
In Cumulus Linux, tagged packets sent to an untagged port get dropped. This is similar to general switch functionality from most vendors. However, in Linux, if a tagged packet is sent to an untagged port, it gets forwarded. This has been fixed with this release. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2 | Layer 2 (Segmentation) |
RN-53 | In OSPFv3, a new router LSA may not be generated if the neighbor advertises a router LSA with a different interface ID |
If the neighboring router has the interface ID change in the Hello message, Quagga will not generate an update LSA. This has been fixed with this release. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2 | Layer 3 (Routing) |
RN-110 | SNMP ifIndex is Cumulus OID instead of Linux OID |
SNMP ifIndex is Cumulus OID instead of Linux OID. This has been fixed with this release. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2 | Monitoring |
RN-81 | Hardware enforcement for bridging packets that match both ebtables and iptables/ip6tables rules have different behavior from Linux kernel enforcement |
iptables Issue: These issues have been fixed with this release. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2 | Security |
Known Issues in Cumulus Linux 1.5.3
Issues are categorized for easy review. Some issues are fixed but will be available in a later release.
Release Note ID | Summary | Description | Affected Versions | Feature Category |
RN-1 | Restarting switchd flaps all switch ports | switchd is a user-level process created by Cumulus Networks to provide an abstraction of the physical ports and the functionality provided by the switching ASIC SDK. switchd maps physical ports on the switching ASIC to logical ports (tap ports) in the kernel and ensures that CPU-bound packets are properly exposed on the proper logical objects to user level processes. These exposed tap ports in the kernel are considered "running" if their file descriptors are open. If switchd exists, it closes the tap FDS, hence resulting in all links going down. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Hardware Abstraction Layer |
RN-4 | ifup/ifdown must be used for interfaces with IPv6 addresses defined in /etc/network/interfaces, otherwise the interfaces will be missing their IPv6 addresses |
Two scenarios are shown below; one with ifup/ifdown, the other with ifconfig down. With ifup/ifdown: swp1 Link encap:Ethernet HWaddr 44:38:39:00:01:81 inet addr:11.0.0.2 Bcast:11.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::4638:39ff:fe00:181/64 Scope:Link inet6 addr: fec0:1000:1000:1000::2/10 Scope:Site UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:4231 errors:0 dropped:0 overruns:0 frame:0 TX packets:4342 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:412115 (402.4 KiB) TX bytes:425688 (415.7 KiB) root@switch$ ifdown swp1 root@switch$ ifconfig swp1 swp1 Link encap:Ethernet HWaddr 44:38:39:00:01:81 BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:4248 errors:0 dropped:0 overruns:0 frame:0 TX packets:4356 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:413990 (404.2 KiB) TX bytes:427074 (417.0 KiB) root@switch$ ifconfig swp1 swp1 Link encap:Ethernet HWaddr 44:38:39:00:01:81 BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:4248 errors:0 dropped:0 overruns:0 frame:0 TX packets:4356 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:413990 (404.2 KiB) TX bytes:427074 (417.0 KiB) root@switch$ ifup swp1 ADDRCONF(NETDEV_UP): swp1: link is not ready root@switch$ ifconfig swp1ADDRCONF(NETDEV_CHANGE): swp1: link / With ifconfig down: ifconfig swp1 swp1 Link encap:Ethernet HWaddr 44:38:39:00:01:81 inet addr:11.0.0.2 Bcast:11.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::4638:39ff:fe00:181/64 Scope:Link inet6 addr: fec0:1000:1000:1000::2/10 Scope:Site UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:98 errors:0 dropped:0 overruns:0 frame:0 TX packets:111 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:13310 (12.9 KiB) TX bytes:12786 (12.4 KiB) root@switch$ ifconfig swp1 down root@switch$ ifconfig swp1 swp1 Link encap:Ethernet HWaddr 44:38:39:00:01:81 inet addr:11.0.0.2 Bcast:11.0.0.255 Mask:255.255.255.0 BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:126 errors:0 dropped:0 overruns:0 frame:0 TX packets:138 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:16998 (16.5 KiB) TX bytes:15998 (15.6 KiB) root@switch$ ifconfig swp1 up ADDRCONF(NETDEV_UP): swp1: link is not ready root@switch$ ifconfig swp1ADDRCONF(NETDEV_CHANGE): swp1: link / |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Management Interface |
RN-10 | cl-phy-update doesn't support aggregated ports | Ports can be aggregated into a larger interface in Cumulus Linux. Unfortunately support for aggregated ports is not yet supported when running cl-phy-update. If there are any ganged ports during a software upgrade, it is recommended to ungang these ports. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Tools |
RN-32 | Adding bridges increases bootup time | If the bridge_maxwait parameter is not set, the system will take approximately twice as long to come up. You should set bridge_maxwait to 1. Example config: auto br1004 |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Layer 2 (Control Protocols) |
RN-48 | Agema 48x10GE switch eth0 driver reports eth0 as running even when PHY link is down | The Agema 48x10GE eth0 driver reports eth0 as running even when the PHY link is down. This can be really misleading in trying to diagnose a link-down situation on eth0. ethtool eth0 shows the correct PHY link status, but ifconfig shows eth0 as running, regardless of the PHY link status. A fix will be released after Cumulus Linux 1.5. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Management Interface |
RN-52 | Parameters like the router ID and DR priority cannot be changed while OSPFv2/v3 is running | Router ID and DR priority can only be changed by shutting down OSPFv2/v3, changing the ID, and restarting the OSPF process. A change to the DR priority may not properly be reflected in the LSAs that are still aging out. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Layer 3 (Routing) |
RN-56 | ipv4/ipv6 forwarding disabled mode not recognized | If either of the following is configured: net.ipv4.ip_forward == 0 or: net.ipv6.conf.all.forwarding == 0 The hardware still forwards packets if there is a neighbor table entry pointing to the destination. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Layer 3 (Forwarding) |
RN-58 | IPv6 route is installed and active in the routing table when the associated interface is down | If an IPv6 address is assigned to a "down" interface, the associated route is still installed into the route table. Also, the type of IPv6 address doesn't matter. Link local, site local, and global all exhibit the same problem. If the interface is bounced up and down, then the routes are no longer in the route table. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Layer 3 (Forwarding) |
RN-61 | BGP4 notifications missing for several conditions | In certain conditions, Quagga bgpd silently closes the peering without sending a notification. For example, if BGP receives a message with an invalid message type or invalid message length. Ideally on any one of these cases, bgpd should send out a notification message to the peer. General functionality of BGP4 is not affected. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Layer 3 (Routing) |
RN-62 | Attributes of a BGP aggregate route may not be RFC-compliant | When BGP is configured with an aggregate route and there are more specific routes of that aggregate, the BGP speaker needs to analyze the attributes of those specific routes while forming the attributes of the aggregate route. The corresponding rules are defined in RFC 4271, Sect. 9.2.2.2. In certain cases, the user may observe non-compliant attribute formation for the aggregate route: for example, incorrect MED and ORIGIN attributes. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Layer 3 (Routing) |
RN-63 | BGP4 recursive route not supported |
Quagga's bpgd does not support recursive routing when it's resolving BGP routes. It does work with respect to IGP routes. A BGP route of the form: (and N2 gets resolved through IGP or directly connected) - will not get resolved. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Layer 3 (Routing) |
RN-64 | Configuring route-reflector-client requires specific order | In configuring a route to be a route reflector client, the Quagga configuration must be specified in a specific order; otherwise, the router will not be a route reflector client. The "neighbor <IPv4/IPV6> route-reflector-client" command must be done after the "neighbor <IPV4/IPV6> Activate" command; otherwise, the route-reflector-client command is ignored. Sample configuration: router bgp 65000 At runtime: sp1# show ip bgp neighbor 14.0.0.1 Workaround: Define in following order |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Layer 3 (Routing) |
RN-65 | Virtual links in Quagga's OSPFv2 are non-operational | Cumulus Networks testing has identified too many issues with virtual link support in Quagga's OSPFv2. The feature is unsupported. | CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Layer 3 (Routing) |
RN-68 | Blackhole/Unreachable/Prohibit route addition in IPv6 returns corresponding error codes | IPv6 route operations indicate the destination action via returned error codes. In the example shown below where an unreachable route is being added, the return code is: #define ENETUNREACH 101 /* Network is unreachable */ |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Layer 3 (Forwarding) |
RN-70 | ACL: Bridge traffic that matches a LOG ACTION rule is not logged in syslog | For example, a bridge with switch ports swp1, swp2, swp3 as bridge members is configured. ACL rules to LOG and DROP for icmp traffic are configured. Ping requests are sent from host1 on swp1 to host3 on swp3, and the following was observed: * Counters for both LOG and DROP ACL rules are incrementing properly, but the packets are not showing up on /var/log/syslog. * Packets that are copied to the CPU from hardware for the LOG rule are dropped due to the check in kernel to disable software bridging for hardware bridged packets. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Security |
RN-74 | BGP: TTL security hops requires ACL per peer to drop expired TTL BGP packers | When configuring TTL security, rules must be put in to drop packets with exceeded TTL on BGL peers. This ensures that when the peers are taken down, the packets are properly discarded. Here is an example of a rule to put in iptables: root@switch:~# cat /etc/cumulus/acl/policy.d/bgp.rules |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Layer 3 (Routing) |
RN-77 | New routes/ECMPs can evict existing/installed | Cumulus Linux syncs routes between the kernel and the switching silicon. If the required resource pools in hardware fill up, new kernel routes can cause existing routes to move from being fully allocated to being partially allocated. In order to avoid this, routes in the hardware should be monitored and kept below the ASIC limits. For example, on systems with Trident+, the limits are as follows: routes: 16384 <<<< if all routes are ipv4 long mask routes 256 <<<< i.e., routes with a mask longer than the route mask limit route mask limit 64 host_routes: 8192 ecmp_nhs: 4044 ecmp_nhs_per_route: 52 That translates to about 77 routes with ECMP NHs, if every route has the maximum ECMP NHs. Monitoring this in Cumulus Linux is performed via the cl-resource-query command: root@switch:~# cl-resource-queryThe resource to monitor is the ecmp_nexthops. If this count is close to 4044, new ECMPs may evict existing routes. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Layer 3 (Forwarding) |
RN-80 | Old link local IPv6 and MAC address are still used after the MAC address for a bridge changes | Old MAC addresses for a bridge using the associated link local IPv6 address are used in the L2 and L3 headers in a router advertisement after the port is removed from the bridge. To reproduce this: 1. Configure a bridge, br0, with swp1-4 in it. 2. Remove swp1 from br0 with the command "brctl delif br0 swp1" 3. Run a TCPDump session on swp2. The TCPDump session reveals that the old MAC address, swp1's MAC address, and link local address are still being advertised. Here is a packet from the capture: 19:41:15.041412 44:38:39:00:01:81 > 33:33:00:00:00:01, 44:38:39:00:01:81 was the old MAC address for bridge br0 that was associated with swp1. fe80::4638:39ff:fe00:181 is the link local address for swp1. |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Layer 2 (Segmentation) |
RN-85 | Error log messages displayed with cl-resource-query when following a switchd restart | If you use cl-resource-query following a switchd restart, a transient hardware error may occur and trigger several error messages. Based on current analysis, the error is harmless, and Cumulus Networks will work to remove it in a future release. | CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Tools |
RN-88 | SNMP Support for Quagga Is NOT Provided in Cumulus Linux | Cumulus Linux 1.5.3 does not provide SNMP support for Quagga. | CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Monitoring |
RN-91 | sfputil Outputs Garbled Data for Optical QSFP on a Penguin 48x10GE | The following example shows the garbled output from sfputil for a 10GE port:
root@switch:/sys/class/eeprom_dev/eeprom54/device# cl-sfputil / |
CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | |
RN-92 | Quagga Does not Send Open Message when Passively Accepting an Open Connection Request | As per RFC4271, an open request must be initiated back to the initiating (active) side of the connection request. Quagga does not send an open request upon receiving an active open request. The work around is to set the timers connect to "1". Here is an example: router1 <-------------------> router2 |
CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | |
RN-99 | cl-img-clear-overlay Is Disabled if Kernel Is Upgraded Using apt-get | If you upgraded the kernel to version 1.5.3 using apt-get update, then cl-img-clear-overlay will be disabled. To ensure Cumulus Linux and all its contained packages are in sync, and to be able to use cl-img-clear-overlay, perform a full install of Cumulus Linux using cl-img-install. | CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | |
RN-102 | Error when Configuring VXLAN Network ID 0 | Problem: vni0 is allowed but an error occurs. Steps to reproduce:
|
mainline | |
RN-103 | In a VRR environment, the server that is bonded to the VRR switches could lose packets destined to the VRR's IP addresses for up to 15 seconds. | For the following configuration:
The hosts have bond interfaces where one sub-interface goes to switch vrr1, and the other goes to the other switch, vrr2. If the link between the host and one of the VRR switches goes down, it can take up to 15 seconds of the VRR switches to send out an ARP to clear the ARP cache on the host for the IP address on the bridge interface. This is because the host might not clear the ARP cache since the bond doesn't go down. Only a sub-interface in the bond goes down. Steps to reproduce:
|
CumulusLinux-1.5.3 | Layer 2 (Control Protocols) |
RN-104 | Bond slave dynamic updates are not working in bridge bond case. | You should update /etc/network/interfaces and restart network services in order to add/remove slave interface from bond. Using other methods such as editing /sys/class/net/bondX/bonding will result in the added or removed slave interface to not forward traffic correctly. Initial condition: root@dni-7448-05:~# brctl show |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Layer 2 (Segmentation) |
RN-108 | When interoperating with Cisco Rapid-PVST, use trunk VLAN ID 1 only | This problem occurs during IOP environment where a peer like Cisco or Arista is connected and Rapid PVST mode is enabled. In such an environment, if you connect a VLAN trunk link to a Cumulus Linux switch that has a native VLAN ID other than 1, IOP fails. Cisco implemented SSTP packets to perform the handshake between IEEE-802.1w or standard RSTP. This is the packet format: 22:10:35.929814 44:38:39:00:03:85 (oui Unknown) > In the TLV shown above, V indicate the VLAN ID.
|
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Layer 2 (Segmentation) |
RN-109 | switchd restarts in rare cases when missing heartbeat | Under a rare and unusual condition, when a switch experiences a parity error, switchd will restart. To work around this issue, add the following option to /etc/default/switchd and to /mnt/persist/etc/default/switchd : DAEMON_OPT_ARGS="$DAEMON_OPT_ARGS -g" |
CumulusLinux-1.5.0-Final, CumulusLinux-1.5.1, CumulusLinux-1.5.2, CumulusLinux-1.5.3 | Hardware Abstraction Layer |
RN-313 ![]() |
High memory utilization by snmpd following MIB walks |
When performing an MIB walk on Cumulus Linux running the standard NET-SNMP 5.4.3 package, memory is consumed and not returned. Over time, this can lead to sub-optimal performance and ultimately can cause the system to hang and require a reboot. Monitor |
||
![]() RN-372 (CM-9360) |
Security Update for CVE-2015-7547: glibc getaddrinfo Stack-based Buffer Overflow Vulnerability | For details on this issue and how to upgrade, read this article. |
Comments