These release notes support Cumulus Linux 2.1.1 and describe currently available features and known issues.
Cumulus Linux is licensed on a per-instance basis. Each network system is fully operational, enabling any capability to be utilized on the switch with the exception of forwarding on switch panel ports. Only eth0 and console ports are activated on an un-licensed instance of Cumulus Linux. Enabling front panel ports requires a license.
You should have received a license key from Cumulus Networks or an authorized reseller. To install the license, read the Cumulus Linux quick start guide.
Package Updates for Cumulus Linux 2.1.1
Three new packages have been uploaded to the Cumulus Linux 2.1.1 repository. Cumulus Networks strongly encourages you to update them.
|Package||Version||x86 Platform Package Name||PowerPC Platform Package Name||Notes|
||Prescriptive Topology Manager (PTM) daemon|
||Implementation of IEEE 802.1ab (LLDP)|
||Collection of Cumulus Linux
apt-get to update the software:
A reboot is not necessary, as the
lldpd processes restart automatically.
There is no SNMP support for Quagga in this release (see RN 88 below). Due to this circumstance, you must remove all references to
smux in each of the following configuration files. You must also remove these references before upgrading Cumulus Linux using
apt-get. If the
smux entries are present in the configuration files, the daemons in the 2.1.1 packaged version of Quagga will not start.
grep smux *
- Delete all lines in the config files containing the smux keyword.
The references to
smux that must be removed are:
bgpd.conf, remove this line:
smux peer 126.96.36.199.4.1.33188.8.131.52 quagga_bgpd
ospf6d.conf, remove this line:
smux peer 184.108.40.206.4.1.33220.127.116.11 quagga_ospf6d
ospfd.conf, remove this line:
smux peer 18.104.22.168.4.1.3322.214.171.124 quagga_ospfd
zebra.conf, remove this line:
smux peer 126.96.36.199.4.1.33188.8.131.52 quagga_zebra
What's New in Cumulus Linux 2.1.1
Cumulus Linux 2.1.1 supports these new hardware platforms and features:
- sFlow support package (hsflowd) was moved from the testing repo to addons.
For a presentation highlighting the major changes, see Cumulus Linux 2:1 What's New and Different.
The following experimental features are included in Cumulus Linux 2.1.1:
- Management namespaces
- Redistribute neighbor
You can read the technical documentation here.
Issues Fixed in Cumulus Linux 2.1.1
The following is a list of issues fixed in Cumulus Linux 2.1.1 from earlier versions of Cumulus Linux.
|Release Note ID||Summary|
|Enabling Puppet Labs components|
|On Dell S6000 switches, cl-sfputil works but returns: "Error reading eeprom <type 'exceptions.IndexError'>"|
|On an Arctica 3200XL switch with IPv6 ACLs, switchd restarts multiple times, then dumps core|
|Kernel panic: Oops: Kernel access of bad area, sig: 11 [#1] - NULL pointer dereference in br_deliver|
|MAC learning is stopped on bridges|
|When x86 platform experiences a kernel panic, the switch must be power cycled|
|On Arctica 4804X, the sensors tool reports incorrect max temperature|
|Bond peer missing|
|ifupdown2 fails to remove last slave after reconfiguring bond|
|RN-233||A code error may crash the
|RN-237||PTM doesn't handle multiple LLDP neighbors on a single interface|
|RN-241||When multiple BFD sessions on a port are reported to
Known Issues in Cumulus Linux 2.1.1
Issues are categorized for easy review. Some issues are fixed but will be available in a later release.
|Release Note ID||Summary||Description|
|RN-52||Parameters like the router ID and DR priority cannot be changed while OSPFv2/v3 is running||Router ID and DR priority can only be changed by shutting down OSPFv2/v3, changing the ID, and restarting the OSPF process.
A change to the DR priority may not properly be reflected in the LSAs that are still aging out.
|RN-88||SNMP support for Quagga is NOT provided in Cumulus Linux||Cumulus Linux 2.1.1 does not provide SNMP support for Quagga.|
|RN-112||Enabling LACP support for non-L3/L4 modes||Issue:
The current LACP implementation only supports srcdestip (0x6) mode.
In order to use srcdestmac mode, use the following commands:
First, find the bond name to hardware ID mapping:
cumulus@switch:/var/log# sudo kill -SIGRTMIN+5 `pidof switchd`
Based on the mapping, run the following command, where psc id is the HAL:x:
cumulus@switch:$ sudo /usr/lib/cumulus/bcmcmd trunk psc id=1 rtag=0x3
1. The HAL ID is a non-persistent ID.
2. If the bond interface goes down or up, you need to do this again.
Verify the commands:
srcdestmac mode 0x3== platform dni-7448-05
|RN-116||Bridge driver issues affecting IGMP snooping behavior on STP topology change||Issue:
The Cumulus Linux bridge driver does not adhere to the IETF standard for IGMP snooping during an STP topology change.
On an STP topology change, RFC 4541, section 2.1.1, point 4 (https://tools.ietf.org/html/rfc4541, copied below) suggests what an IGMP snooping switch should do to reduce network convergence; this is not present in the bridge driver.
In addition, the bridge driver does not send a general query on receiving a global leave.
4) An IGMP snooping switch should be aware of link layer topology changes
|RN-120||ethtool LED blinking does not work with switch ports||Linux uses ethtool -p to identify the physical port backing an interface, or to identify the switch itself. Usually this identification is by blinking the port LED until ethtool -p is stopped.
This feature does not apply to switch ports (swpX) in Cumulus Linux.
|RN-121||PTMD: When a physical interface is in a PTM FAIL state, its subinterface still exchanges information||Issue:
When PTMD is incorrectly in a failure state and the Zebra interface is enabled, PIF BGP sessions are not establishing the route, but the subinterface on top of it does establish routes.
If the subinterface is configured on the physical interface and the physical interface is incorrectly marked as being in a PTM FAIL state, routes on the physical interface are not processed in Quagga, but the subinterface is working.
Steps to reproduce:
cumulus@switch:$ sudo vtysh -c 'show int swp8'
|RN-125||Network LSA with an old router ID isn't flushed out by the originator||Issue:
When the router ID is changed, the router should remove the previous network LSA (link-state advertisement) that it generated based on the IP address on the interface in the Network LSA.
Cumulus Networks isn't removing this LSA, so it will be naturally aged out.
Creating an OVS bridge with the VXLAN option will cause switchd to crash
|A core dump can occur if VXLAN is run on a non-supported platform, like a Trident+. VXLAN is supported only on switches using the Trident II chipset.|
|RN-150||Tagged packets have their 802.1p value set to 0||
All the tagged packets get their 802.1p priority value set to 0.
This is a known issue that should be fixed in a future release.
|RN-161||Packets on local ports get dropped on admin state change of VXLAN instance attached to bridge||
Packets between local ports of a bridge will get dropped momentarily when user changes the admin state of a VXLAN instance attached to the bridge (as in, when running "ip link set up/down"). Bridge attributes in the hardware are modified on the state change, which causes packets between member ports of the bridge to get dropped.
There is no workaround at this time; traffic should be stopped before changing the admin state of an attached VXLAN instance.
|RN-162||Priority Flow Control doesn't work on Trident II switches||
Priority Flow Control (PFC) configuration is not correct for switches on the Trident II platform. As a result, PFC doesn't work.
There is no workaround at this time.
|RN-163||VXLAN: ovsdb-server cannot select loopback interface as source IP address, causing TOR registration to the controller to fail||
In a VXLAN using VMware NSX, ovsdb-server cannot select the loopback interface as the source IP address. This causes TOR registration to the controller to fail.
To work around this issue, run:
cl-bgp redistribute add connected
|RN-164||IFLA_VXLAN_SERVICE_NODE incompatible with upstream kernel||
This issue will be fixed in a future release of Cumulus Linux.
|RN-166||VXLAN error after quickly deleting then creating a bridge with the same ports: "ERR Cannot find vxlan port <> vpn <>"||
On back-to-back deletion and creation of a VXLAN, bridge and member ports, the state sync to hardware can happen in reverse order, where the VXLAN ports are created first and deleted second. This results in a missing member port in the hardware and this error message: "ERR Cannot find vxlan port <> vpn <>".
This error occurs when using scripts to configure the VXLAN.
|RN-176||ipv6route only shows 2K routes; causes cl-route-check to fail incorrectly||
Security Update for apt and bash packages: Shellshock bug fix
For information on updating Cumulus Linux to address this issue, read this article.
Cumulus Networks has created a patch for
|RN-313||High memory utilization by
When performing an MIB walk on Cumulus Linux running the standard NET-SNMP 5.4.3 package, memory is consumed and not returned. Over time, this can lead to sub-optimal performance and ultimately can cause the system to hang and require a reboot.
|Security Update for CVE-2015-7547: glibc getaddrinfo Stack-based Buffer Overflow Vulnerability||For details on this issue and how to upgrade, read this article.|