Cumulus RMP 2.5.6 Release Notes

Follow

Overview

These release notes support Cumulus RMP 2.5.6 and describe currently available features and known issues.

Cumulus RMP 2.5.6 supports these features and is available on the Penguin Computing Arctica 4804IP-RMP out-of-band switch.

Stay up to Date

  • Please sign in and click Follow above so you can receive a notification when we update these release notes.
  • Subscribe to our product bulletin mailing list to receive important announcements and updates about issues that arise in our products.
  • Subscribe to our security announcement mailing list to receive alerts whenever we update our software for security issues.

{{table_of_contents}}

Installing Version 2.5.6

If you are upgrading to version 2.5.6, use apt-get to update the software.

  1. Run apt-get update.
  2. Run apt-get dist-upgrade.
  3. Reboot the switch.

Caution: While this method doesn't overwrite the target image slot, it may require additional disk space in the slot.

Documentation

You can read the technical documentation here.

Issues Fixed in Cumulus RMP 2.5.6

The following is a list of issues fixed in Cumulus RMP 2.5.6 from earlier versions of Cumulus RMP.

Release Note ID Summary Description

RN-363 (CM-8660)
MAC addresses learned on blocked ports

In some instances, MAC addresses were learned on blocked ports, causing switchd to sync continuously to the kernel. The port state is now checked while reading hal_macs, and MAC addresses learned on the port that are not in the learning or forwarding state will be flushed.


RN-364 (CM-8620)
FF02::1:2 not recognized as a reserved link local multicast address

DHCPv6 solicit messages which were sent to All_DHCP_Relay_Agents_and_Servers (FF02::1:2) were not sent to the CPU, as it was not recognized as a reserved link local multicast. This has been corrected, and packets sent to FF02::1:2 are now sent to the CPU.


RN-365 (CM-8584)
ifquery -ra truncates bridge-access <vlanid> in configuration file

While ifquery -a correctly displays the configuration output, ifquery -ra truncates the bridge-access <vlanid> output. The query has been updated, and now correctly displays the configuration.


RN-367 (CM-8479)
switchd memory leaks

Two memory leaks have been discovered in switchd.

The first occurs when there are IP neighbors in the system.

The second occurs when one or more interfaces are operationally down, and if any routes or neighbors are learned on a down interface, they are kept as "dead" routes/neighbors in the kernel. When switchd syncs these dead routes/neighbors, the second leak occurs.

These leaks are fixed in Cumulus RMP 2.5.6.


RN-368 (CM-8504)
switchd memory leak in Cumulus RMP 2.5.4 and later

A memory leak in switchd has been discovered in Cumulus RMP 2.5.4 and 2.5.5, which affects all users. The leak has been fixed in Cumulus RMP 2.5.6, and all customers are encouraged to upgrade to version 2.5.6.

Known Issues in Cumulus RMP 2.5.6

Issues are categorized for easy review. Some issues are fixed but will be available in a later release.

Release Note ID Summary Description

RN-4 (FR-53)
ifup/ifdown must be used for interfaces with IPv6 addresses defined in /etc/network/interfaces, otherwise the global IPv6 address will not be restored Two scenarios are shown below; one with ifup/ifdown, the other with ifconfig down.

With ifup/ifdown:
swp1 Link encap:Ethernet HWaddr 44:38:39:00:01:81
 inet addr:11.0.0.2 Bcast:11.0.0.255 Mask:255.255.255.0
 inet6 addr: fe80::4638:39ff:fe00:181/64 Scope:Link
 inet6 addr: fec0:1000:1000:1000::2/10 Scope:Site
 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
 RX packets:4231 errors:0 dropped:0 overruns:0 frame:0
 TX packets:4342 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:500
 RX bytes:412115 (402.4 KiB) TX bytes:425688 (415.7 KiB)

cumulus@switch$ sudo ifdown swp1
cumulus@switch$ sudo ifconfig swp1
 swp1 Link encap:Ethernet HWaddr 44:38:39:00:01:81
 BROADCAST MULTICAST MTU:1500 Metric:1
 RX packets:4248 errors:0 dropped:0 overruns:0 frame:0
 TX packets:4356 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:500
 RX bytes:413990 (404.2 KiB) TX bytes:427074 (417.0 KiB)

cumulus@switch$ sudo ifconfig swp1
 swp1 Link encap:Ethernet HWaddr 44:38:39:00:01:81
 BROADCAST MULTICAST MTU:1500 Metric:1
 RX packets:4248 errors:0 dropped:0 overruns:0 frame:0
 TX packets:4356 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:500
 RX bytes:413990 (404.2 KiB) TX bytes:427074 (417.0 KiB)
 cumulus@switch$ sudo ifup swp1
 ADDRCONF(NETDEV_UP): swp1: link is not ready
 cumulus@switch$ sudo ifconfig swp1ADDRCONF(NETDEV_CHANGE): swp1: /
     link becomes ready 
 swp1 Link encap:Ethernet HWaddr 44:38:39:00:01:81 
 inet addr:11.0.0.2 Bcast:11.0.0.255 Mask:255.255.255.0
 inet6 addr: fe80::4638:39ff:fe00:181/64 Scope:Link
 inet6 addr: fec0:1000:1000:1000::2/10 Scope:Site
 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
 RX packets:4250 errors:0 dropped:0 overruns:0 frame:0
 TX packets:4362 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:500
 RX bytes:414178 (404.4 KiB) TX bytes:427610 (417.5 KiB)

cumulus@switch$ 

With ifconfig down:
cumulus@switch:~$ sudo ifconfig swp1
 swp1 Link encap:Ethernet HWaddr 44:38:39:00:01:81
 inet addr:11.0.0.2 Bcast:11.0.0.255 Mask:255.255.255.0
 inet6 addr: fe80::4638:39ff:fe00:181/64 Scope:Link 
 inet6 addr: fec0:1000:1000:1000::2/10 Scope:Site
 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
 RX packets:98 errors:0 dropped:0 overruns:0 frame:0
 TX packets:111 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:500 
 RX bytes:13310 (12.9 KiB) TX bytes:12786 (12.4 KiB)

cumulus@switch$ sudo ifconfig swp1 down
cumulus@switch$ sudo ifconfig swp1
 swp1 Link encap:Ethernet HWaddr 44:38:39:00:01:81
 inet addr:11.0.0.2 Bcast:11.0.0.255 Mask:255.255.255.0
 BROADCAST MULTICAST MTU:1500 Metric:1
 RX packets:126 errors:0 dropped:0 overruns:0 frame:0
 TX packets:138 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:500
 RX bytes:16998 (16.5 KiB) TX bytes:15998 (15.6 KiB)

cumulus switch$ sudo ifconfig swp1 up
 ADDRCONF(NETDEV_UP): swp1: link is not ready

cumulus@switch$ sudo ifconfig swp1ADDRCONF(NETDEV_CHANGE): swp1: 
    link becomes ready 
 swp1 Link encap:Ethernet HWaddr 44:38:39:00:01:81 
 inet addr:11.0.0.2 Bcast:11.0.0.255 Mask:255.255.255.0
 inet6 addr: fe80::4638:39ff:fe00:181/64 Scope:Link
 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 
 RX packets:130 errors:0 dropped:0 overruns:0 frame:0
 TX packets:149 errors:0 dropped:0 overruns:0 carrier:0
 collisions:0 txqueuelen:500
 RX bytes:17474 (17.0 KiB) TX bytes:17154 (16.7 KiB) 

RN-10 (CM-528)
cl-phy-update doesn't support aggregated ports Ports can be aggregated into a larger interface in Cumulus RMP. Unfortunately support for aggregated ports is not yet supported when running cl-phy-update.

If there are any ganged ports during a software upgrade, it is recommended to ungang these ports

RN-56 (CM-343)
IPv4/IPv6 forwarding disabled mode not recognized

If either of the following is configured:

net.ipv4.ip_forward == 0 

or:

net.ipv6.conf.all.forwarding == 0 

The hardware still forwards packets if there is a neighbor table entry pointing to the destination.


RN-58 (CM-747)
IPv6 route is installed and active in the routing table when the associated interface is down If an IPv6 address is assigned to a "down" interface, the associated route is still installed into the route table.

Also, the type of IPv6 address doesn't matter. Link local, site local, and global all exhibit the same problem.

If the interface is bounced up and down, then the routes are no longer in the route table.

RN-120 (CM-477)
ethtool LED blinking does not work with switch ports Linux uses ethtool -p to identify the physical port backing an interface, or to identify the switch itself. Usually this identification is by blinking the port LED until ethtool -p is stopped.

This feature does not apply to switch ports (swpX) in Cumulus RMP.

RN-121 (CM-2123)
PTMD: When a physical interface is in a PTM FAIL state, its subinterface still exchanges information Issue:
When PTMD is incorrectly in a failure state and the Zebra interface is enabled, PIF BGP sessions are not establishing the route, but the subinterface on top of it does establish routes.

If the subinterface is configured on the physical interface and the physical interface is incorrectly marked as being in a PTM FAIL state, routes on the physical interface are not processed in Quagga, but the subinterface is working.

Steps to reproduce:
cumulus@switch:$ sudo vtysh -c 'show int swp8' 
Interface swp8 is up, line protocol is up 
PTM status: fail
index 10 metric 1 mtu 1500 
 flags: <UP,BROADCAST,RUNNING,MULTICAST>
 HWaddr: 44:38:39:00:03:88 
 inet 12.0.0.225/30 broadcast 12.0.0.227 
 inet6 2001:cafe:0:38::1/64 
 inet6 fe80::4638:39ff:fe00:388/64 
cumulus@switch:$ ip addr show | grep swp8 
 10: swp8: <BROADCAST,MULTICAST,UP,LOWER_UP> 
  mtu 1500 qdisc pfifo_fast state UP qlen 500 
  inet 12.0.0.225/30 brd 12.0.0.227 scope global swp8 
 104: swp8.2049@swp8: <BROADCAST,MULTICAST,UP,LOWER_UP> 
  mtu 1500 qdisc noqueue state UP 
  inet 12.0.0.229/30 brd 12.0.0.231 scope global swp8.2049 
 105: swp8.2050@swp8: <BROADCAST,MULTICAST,UP,LOWER_UP> 
  mtu 1500 qdisc noqueue state UP 
  inet 12.0.0.233/30 brd 12.0.0.235 scope global swp8.2050 
 106: swp8.2051@swp8: <BROADCAST,MULTICAST,UP,LOWER_UP> 
  mtu 1500 qdisc noqueue state UP 
  inet 12.0.0.237/30 brd 12.0.0.239 scope global swp8.2051 
 107: swp8.2052@swp8: <BROADCAST,MULTICAST,UP,LOWER_UP> 
  mtu 1500 qdisc noqueue state UP 
  inet 12.0.0.241/30 brd 12.0.0.243 scope global swp8.2052 
 108: swp8.2053@swp8: <BROADCAST,MULTICAST,UP,LOWER_UP>
  mtu 1500 qdisc noqueue state UP 
  inet 12.0.0.245/30 brd 12.0.0.247 scope global swp8.2053 
 109: swp8.2054@swp8: <BROADCAST,MULTICAST,UP,LOWER_UP> 
  mtu 1500 qdisc noqueue state UP 
  inet 12.0.0.249/30 brd 12.0.0.251 scope global swp8.2054
 110: swp8.2055@swp8: <BROADCAST,MULTICAST,UP,LOWER_UP>
  mtu 1500 qdisc noqueue state UP 
  inet 12.0.0.253/30 brd 12.0.0.255 scope global swp8.2055
cumulus@switch:$ bgp sessions: 
 12.0.0.226 ,4 ,64057 , 958 , 1036 , 0 , 0 , 0 ,15:55:42, 0, 10472 
 12.0.0.230 ,4 ,64058 , 958 , 1016 , 0 , 0 , 0 ,15:55:46, 187, 10285
 12.0.0.234 ,4 ,64059 , 958 , 1049 , 0 , 0 , 0 ,15:55:40, 187, 10285 
 12.0.0.238 ,4 ,64060 , 958 , 1039 , 0 , 0 , 0 ,15:55:45, 187, 10285 
 12.0.0.242 ,4 ,64061 , 958 , 1014 , 0 , 0 , 0 ,15:55:46, 187, 10285 
 12.0.0.246 ,4 ,64062 , 958 , 1016 , 0 , 0 , 0 ,15:55:46, 187, 10285 
 12.0.0.250 ,4 ,64063 , 958 , 1029 , 0 , 0 , 0 ,15:55:43, 187, 10285 
 12.0.0.254 ,4 ,64064 , 958 , 1036 , 0 , 0 , 0 ,15:55:44, 187, 10285 

RN-132 (CM-2272)
You must run "apt-get update" before running any apt-get commands or after changing sources.list

Before running any apt-get commands or after changing the source.list file in /etc/apt, you need to run apt-get update.


RN-133 (CM-2273)
Interface names in Cumulus RMP cannot exceed 15 characters

Device names, including interface names, in Cumulus RMP cannot exceed 16 characters – including the terminator. Cumulus RMP truncates longer interface names.

To avoid this issue, do not assign long names to your interfaces.

The following example configuration reproduces this issue:

cumulus@switch:/sys/class/net$ grep 'iface br' /etc/network/interfaces 
iface br2-pubmgmt inet static
iface br3-prvmgmt inet manual
iface br400-quarantine inet manual
iface br401-peering-1k5 inet manual
iface br402-peering-9k inet manual
iface br500-pi-exa inet manual
iface br501-akamai-exa inet manual
iface br502-exa-internetfactory inet manual
cumulus@switch:/sys/class/net$ brctl show | grep br
bridge name	bridge id	 STP enabled	interfaces
br2-pubmgmt	 8000.089e01cebe37	no	 bond0.2
br3-prvmgmt	 8000.089e01cebe3a	no	 bond0.3
br400-quarantin	 8000.089e01cebe37	no	 bond0.400
br401-peering-1	 8000.089e01cebe3a	no	 bond0.401 <<<

RN-192 (CM-3340)

PTM may crash when a large topology file has a syntax error

If there is a syntax error in a large (~ 4000 entries) topology.dot file, PTM may crash while reading/parsing this file. This can occur because the libcgraph API that PTM uses for parsing the file cannot handle the error. You should check topology.dot for syntax errors using a Graphviz tool like dot or dotty that can identify the syntax error.


RN-228 (CM-4384)
ifupdown2 doesn't bring up loopback interface (lo) by default

ifupdown2 doesn't bring up loopback interface (lo) by default.

One effect is that since monit uses loopback interfaces, if you delete the lo interface in /etc/network/interfaces, monit commands will not work.


RN-229 (CM-4433)
When a bond subinterface that is part of a traditional bridge is brought down, it flaps that bridge This issue has been encountered in environments where both VLAN-aware and traditional bridges are in use, where a traditional bridge has a subinterface of a bond that is present as a normal interface in a VLAN-aware bridge.

RN-230 (CM-4327)
bond-min-links defaults to 0, which causes the bond carrier to be incorrectly up when no slaves are active Even though bond-min-links defaults to 0, Cumulus Networks recommends a minimum link setting of 1 or higher for bonds. Cumulus RMP issues a warning when the setting is 0 or not specified.

RN-268 (CM-5296)
bridge fdb add command IP address type options inconsistent with Debian

The bridge fdb add command handles the IP address type in a non-standard way:

  • bridge fdb add [MAC address] dev [INTERFACE] master defaults to a static address
  • bridge fdb add [MAC address] dev [INTERFACE] master temp maps to dynamic address
  • bridge fdb add [MAC address] dev [INTERFACE] master local maps to permanent address

This issue should be fixed in a future version of Cumulus RMP.


RN-281 (CM-5118)
Default route not removed on ifup after removing gateway statement from eth0 configuration

If you try to remove the default route from eth0 (either by commenting out or removing the gateway statement in the eth0 configuration), the route remains after running ifup.

To work around this issue, first run ifdown, then ifup on the interface via the console. After this, the route disappears.


RN-326 (CM-7030)
Cumulus RMP/Hurricane2 CPU: ACL rule fails silently if it cannot be installed in hardware

The Hurricane2 chipset used on Cumulus RMP switches does not support ACL rules that specify ICMP type or code. These rules are ignored and are not installed in hardware without providing any feedback to the user.

Cumulus Networks is aware of this issue but there is no known workaround at this time.


RN-331 (CM-7711)
Do not use the reboot -f command except in extreme circumstances

When performing a fast reboot (using the reboot -f command), the switch ports remain up and only the control plane goes down.

You should only use this command under abnormal circumstances, because it bypasses normal shutdown.


RN-338 (CM-7917)
Purging existing addresses for an interface with multiple iface stanzas is not supported

Cumulus RMP does not support the purging existing addresses on interfaces with multiple iface stanzas. Doing so can result in the configuration of multiple addresses for an interface after you change an interface address and reload the configuration with ifreload -a. If this happens, you must shut down and restart the interface with ifup and if down, or manually delete superfluous addresses with ip address delete specify.ip.address.here/mask dev DEVICE.

This behavior is documented in the Cumulus RMP user guide.


RN-341 (CM-5568)
switchd and ptmd log file changes

Starting with Cumulus RMP 2.5.4, the switchd and ptmd log files now use syslog instead of the Cumulus RMP log library. The log file names have not changed. Other changes include:

  • High precision timestamps have been enabled for all rsyslog log files. These changes only have a direct effect on customers who parse the log file with scripts or other programs, because the timestamp format has changed. Here is an example of the new format:
    2015-08-14T18:21:43.337804+00:00 cumulus switchd[3629]: 
     switchd.c:1409 switchd version 1.0-cl2.5+5
  • Cumulus RMP logging rules have been moved from /etc/rsyslog.conf to files in /etc/rsyslog.d
  • logrotate rules in /etc/logrotate.d have been updated to signal rsyslog instead of switchd
  • switchd.log now has timestamps for all lines logged, whereas the log library format did not have timestamps for messages with embedded newlines, such as some of the startup messages. You can change the switchd logging to use the log library; see man switchd for details.

RN-372 (CM-9360)
Security Update for CVE-2015-7547: glibc getaddrinfo Stack-based Buffer Overflow Vulnerability For details on this issue and how to upgrade, read this article.

RN-377 (CM-8927)
apt-cache files on 1G platforms installed into / directory, results in full hard disk 

The apt-cache files, which are normally found in /var/cache/apt/, are being installed in the / directory on the file system instead. The install does not remove these files, which can result in the hard disk filling up, especially on 1G platforms with little storage. 

Affected hardware platforms include:

  • Edge-Core AS4600-54T
  • Penguin Arctica 4804i
  • Penguin Arctica 4804X
  • Penguin Arctica 3200XL

To work around this issue, manually remove the cached files and the relevant apt configuration file in /etc/apt/apt.conf.d/.

cumulus@switch$ sudo rm /*.deb /pkgcache.bin /srcpkgcache.bin /etc/apt/apt.conf.d/30nocach*
 

RN-378 (CM-9178)
Link speed in the Cumulus RMP kernel is not synced to the Broadcom ASIC after restarting switchd, resulting in link down   

To work around this issue, set the link speed directly by running:

cumulus@switch:!$ sudo ethtool -s swpX speed 1000

For example: 

cumulus@switch:~ $ sudo ethtool -s swp51 speed 1000
 
cumulus@switch:~ $ sudo ip -o link show swp51
54: swp51: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 500\  /
    link/ether 64:00:6a:c6:8a:d3 brd ff:ff:ff:ff:ff:ff

An alternate workaround is to manually edit the link speed in /etc/networks/interfaces, then flapping the interface, bringing it down then up again:

  1. Edit /etc/network/interfaces and change the link speed for the switch port, say swp51.
  2. Run ifdown then ifup on swp51.
    cumulus@switch:~ $ sudo ifdown swp51
    cumulus@switch:~ $ sudo ifup swp51

 

Have more questions? Submit a request

Comments

Powered by Zendesk