network os v4.1.3c release notes v3 · policy-based routing policy-based routing (or pbr) is a...

Network OS v4.1.3c for Brocade VDX

Release Notes

Document History

Version of Document Summary of Changes Publication Date

1.0 Initial Release December 7, 2015

2.0 Updated the closed with code defect list. December 17, 2015

3.0 Updated the closed with code defect list. December 18, 2015

Network OS v4.1.3c Release Notes 2


© 2010-2015 Brocade Communications Systems, Inc. All Rights Reserved.

ADX, AnyIO, Brocade, Brocade Assurance, the B-wing symbol, DCX, Fabric OS, ICX, MLX, MyBrocade,

OpenScript, VCS, VDX, and Vyatta are registered trademarks, and HyperEdge, The Effortless Network,

and The On-Demand Data Center are trademarks of Brocade Communications Systems, Inc., in the

United States and/or in other countries. Other brands, products, or service names mentioned may be

trademarks of their respective owners.

Notice: This document is for informational purposes only and does not set forth any warranty, expressed

or implied, concerning any equipment, equipment feature, or service offered or to be offered by

Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and

assumes no responsibility for its use. This informational document describes features that may not be

currently available. Contact a Brocade sales office for information on feature and product availability.

Export of technical data contained in this document may require an export license from the United

States government. Notice: The product described by this document may contain “open source”

software covered by the GNU General Public License or other open source license agreements. To find-

out which open source software is included in Brocade products, view the licensing terms applicable to

the open source software, and obtain a copy of the programming source code, please visit

http://www.brocade.com/support/oscd

http://www.brocade.com/support/oscd


Contents

Overview ............................................................................................................................................. 9

Summary of Features and Enhancements .............................................................................................. 10

Deprecation of Old Features .............................................................................................................. 10

Descriptions of New Features ............................................................................................................ 10

Virtual Fabric ........................................................................................................................................... 10

Policy-based Routing ............................................................................................................................... 11

Inter-VRF Leaking .................................................................................................................................... 11

DHCP IP Helper ........................................................................................................................................ 11

DHCP Automatic Deployment (DAD) ...................................................................................................... 11

Logical Chassis HA ................................................................................................................................... 12

Access Gateway (VDX 6730) ................................................................................................................... 12

Auto QoS for NAS .................................................................................................................................... 12

Brocade Trunking on 40Gbe ................................................................................................................... 12

ISL on Breakout ....................................................................................................................................... 12

VRRP-E Across VCS fabric ........................................................................................................................ 13

VCS VXLAN Gateway for VMWare NSX ................................................................................................... 13

Mixed-Version ......................................................................................................................................... 13

QoS Buffering CLI Knob: .......................................................................................................................... 14

Commands introduced with this feature: ........................................................................................... 14

Supported Hardware ......................................................................................................................... 15

Supported devices................................................................................................................................... 15

Supported blades for VDX 8770: ............................................................................................................. 18

Supported power supplies ...................................................................................................................... 18

Supported Optics .................................................................................................................................... 19

Standards Compliance ....................................................................................................................... 20

Software or Image Filenames ............................................................................................................. 22

Licensing Information ........................................................................................................................ 22

Temporary License Support .................................................................................................................... 23

Brocade Network OS Compatibility ........................................................................................................ 23


Fabric OS Compatibility ........................................................................................................................... 23

Limitations and Restrictions ............................................................................................................... 24

Command Line Interface ......................................................................................................................... 24

VDX 6740/6740T ..................................................................................................................................... 25

Breakout functionality on 40Gb ports .................................................................................................... 26

Restrictions for Ports in 1G Mode and 1G Ports on VDX 6710 ............................................................... 26

Licensing .................................................................................................................................................. 26

Firmware Installation .............................................................................................................................. 27

Logical Chassis ......................................................................................................................................... 27

HA ............................................................................................................................................................ 28

Platform .................................................................................................................................................. 28

Virtual IP Address Support ...................................................................................................................... 29

Security, ACLs, Authentication, Authorization ........................................................................................ 30

Management Services ............................................................................................................................. 31

SPAN & RSPAN ........................................................................................................................................ 31

ICMPv6 RA Guard .................................................................................................................................... 31

Trunking .................................................................................................................................................. 31

VCS .......................................................................................................................................................... 32

vLAG ........................................................................................................................................................ 32

MAC Learning Considerations in VCS ...................................................................................................... 32

PVLAN ...................................................................................................................................................... 33

UDLD ....................................................................................................................................................... 33

STP/DiST .................................................................................................................................................. 33

Edge Loop Detection (ELD) ..................................................................................................................... 34

Long Distance ISL Ports ........................................................................................................................... 34

AMPP and Port-Profiles .......................................................................................................................... 35

vCenter .................................................................................................................................................... 36

QoS .......................................................................................................................................................... 36

FCoE ........................................................................................................................................................ 37

FC/Fport .................................................................................................................................................. 37

VRRP ........................................................................................................................................................ 37


OSPF ........................................................................................................................................................ 37

BGP .......................................................................................................................................................... 37

L2/L3 Multicast ....................................................................................................................................... 38

VRF .......................................................................................................................................................... 38

Interoperability ....................................................................................................................................... 39

Miscellaneous ......................................................................................................................................... 39

Virtual Fabric ........................................................................................................................................... 40

Policy-based Routing (PBR) ..................................................................................................................... 40

Inter-VRF Leaking (Static) ........................................................................................................................ 40

DHCP IP Helper ........................................................................................................................................ 41

DHCP-based Firmware download (DAD – DHCP Automatic Deployment) ............................................. 41

Logical Chassis HA ................................................................................................................................... 41

Access Gateway ...................................................................................................................................... 41

Auto QOS for NAS ................................................................................................................................... 42

Brocade ISL trunking on 40Gb ports ....................................................................................................... 42

VCS VXLAN Gateway for VMWare NSX ................................................................................................... 42

Line cards ................................................................................................................................................ 43

Upgrade and Migration Considerations .............................................................................................. 43

Recommended Migration Paths for Brocade Network OS v4.1.x ........................................................... 44

Considerations and Limitations: ............................................................................................................. 44

Upgrading from Brocade Network OS v3.x ............................................................................................. 44

Upgrading from Brocade Network OS 2.x ............................................................................................... 44

VDX 6746 ................................................................................................................................................. 45

Switch additions to cluster scenarios: .................................................................................................... 45

Adding a switch running Brocade Network OS v4.0.x to Brocade Network OS v4.1.x cluster ............... 45

Adding a switch running Brocade Network OS v4.1.x to Brocade Network OS v4.0.x cluster .............. 45

Adding a switch running Brocade Network OS 2.X to Brocade Network OS v4.1.x cluster .................... 45

Adding a switch running Brocade Network OS v3.0.x to Brocade Network OS 4.1.x cluster ................. 45

Upgrading to this Release .................................................................................................................. 46

Downgrading to a Previous Release ................................................................................................... 47

Upgrade / Downgrade Considerations for licenses ............................................................................. 47


Upgrade / Downgrade Considerations for vLAG ................................................................................. 48

Scalability .......................................................................................................................................... 52

Scalability ................................................................................................................................................ 52

Interoperability .................................................................................................................................. 60

IP Storage ................................................................................................................................................ 60

FC/FCoE Storage ...................................................................................................................................... 61

Network Adapters ................................................................................................................................... 61

SNMP Support Documentation Changes ............................................................................................ 62

Obtaining the MIBs ................................................................................................................................. 62

Changes in MIBs and objects .................................................................................................................. 62

User Guides ....................................................................................................................................... 63

List of Documents ................................................................................................................................... 63

Reporting errors in the guides ................................................................................................................ 64

Contacting Brocade ............................................................................................................................ 64

Support.................................................................................................................................................... 64

Defects .............................................................................................................................................. 65

TSBs – Critical Issues addressed in this NOS release. ......................................................................... 65

TSBs - Critical Issues to Consider Prior to Installing This NOS Release ............................................... 66

Software Fixes ................................................................................................................................... 68

Closed with Code Change in Network OS v4.1.3c ................................................................................... 68

Closed with Code Change in Network OS v4.1.3b .................................................................................. 78

Closed with Code Change in Network OS v4.1.3a .................................................................................. 88

Closed with Code Change in Network OS v4.1.3 .................................................................................... 97

Known issues ................................................................................................................................... 113

Newly Open defects in Network OS v4.1.3 ........................................................................................... 113


Overview NOTE: This document builds upon Network OS v4.1.3, 4.1.3a, and 4.1.3b. Sections with

information specific to this patch release, Network OS v4.1.3c, are so identified.

Brocade Network Operating System (NOS) v4.1.3 is an update to NOS 4.1.2 (and previous NOS

4.1.x releases). The details for all NOS 4.1.x releases are retained here as customers can upgrade

to this release from a NOS 4.0.x base. All the features described for NOS 4.1.2 are applicable to

NOS 4.1.3. The document uses NOS 4.1.x to describe the functionality with appropriate releases

called out for clarification.

Network OS v4.1.3 is a new release to provide support for mixed-version operation with NOS

5.0. Additionally, it also offers “Enhanced QoS Buffer knobs” to configure buffer limits, thus

enabling customers to adapt their networks to virtualized application needs.

Network OS v4.1.x introduces new features such as Virtual Fabric that enables customers to

design multi-tenant data centers. This feature uses TRILL Fine-grained-label based extensions to

deliver a user-friendly fabric-native functionality that overcomes restrictions on VLAN scale.

Virtual Fabric also delivers functionality unique to multi-tenant data center designs –

Overlapping VLANs, VLAN translation and Transparent VLAN services. NOS 4.1.1 enhances the

Virtual Fabric feature by adding support for classifying untagged traffic into Native VLAN.

NOS 4.1.x builds upon L3 functionality in NOS 4.0 by delivering features such as Policy-based

Routing, Inter-VRF Route leaking and DHCP IP Helper.

Additionally, NOS 4.1.x continues to enhance the VCS Fabric-based automation by incorporating

features (such as DAD) that enable customers to reduce operational costs incurred for

upgrading and maintaining the NOS firmware installed on the VDX switches.

NOS 4.1.x enhances our HA functionality to work within the context of a Logical chassis.

Finally, NOS 4.1.x delivers Access gateway functionality to enable NPIV devices to connect to a

FC fabric in an efficient manner.

NOS 4.1.x delivers the Brocade VCS VXLAN Gateway for VMWare NSX (on the VDX 6740 and

6740-T). This enables a network virtualization solution for customers who have a combination of

physical and virtual data center infrastructure and need a high-performing and resilient gateway

to bridge between the physical and virtual assets.

Brocade Network v4.1.x also introduces further new features and enhancements. The following

is a complete list of all new features and enhancements that will be part of the NOS 4.1.x

release.

The NOS 4.1.x release also delivers a new 1G (upgradable to 10G via a license) platform the

Brocade VDX 6740T-1G. In addition, the VDX 6746 embedded switch for Hitachi BS500 and

BS2000 blade server chassis is supported with NOS 4.1.2.


NOS 4.1.2 release delivers support for 3 new modules for the VDX 8770:

1) 48 x 10GbE-T line-card

2) 6 x 100GbE line-card

3) 27 x 40GbE line-card

Summary of Features and Enhancements

Network OS v4.1.3 includes the following features for Brocade VDX products:

Virtual Fabric

Policy-based Routing (PBR)

Inter-VRF Leaking (Static)

DHCP IP Helper

DHCP-based Firmware download (DAD – DHCP Automatic Deployment)

Logical Chassis HA

Access Gateway (6730)

VRRP-E across VCS fabrics

Auto QOS for NAS

Brocade trunking on 40Gbe

ISL on Breakout

VCS VXLAN Gateway for VMWare NSX.

Mixed-version

Deprecation of Old Features None

Descriptions of New Features

Virtual Fabric

The Virtual Fabric feature of Brocade VCS Fabric technology is designed to address the scalability

restrictions of traditional VLANs used for multi-tenant segmentation. It provides native secure

multi-tenant support for both physical and virtual application deployments. Managed centrally

through Brocade VCS Logical Chassis, the Virtual Fabric feature simplifies and accelerates

application deployment, and ensures policy consistency for each tenant regardless of how

application components are distributed across the data center.

The VCS Virtual Fabric feature is designed to address the scalability restrictions of traditional

VLANs that are used for multitenant segmentation. Using the 24-bit TRILL FGL header, a VCS

Virtual Fabric provides expanded VLAN space. This allows for overlapping VLANs and MAC

addresses, while maintaining tenant isolation. The VCS Virtual Fabric capability requires no

modifications to existing VLAN configurations, which simplifies implementation as well as

communication with vSwitches. The VCS Virtual Fabric ID is assigned at the edge port and is


carried transparently on transit nodes to the destination node, where it is matched with the

corresponding tenant VLAN. You can implement Layer 3 VE interfaces for inter-Virtual Fabric

routing. In summary, the VCS Virtual Fabric feature functions much like a traditional VLAN, but

without its limitations. NOS 4.1.1 adds support for processing and classifying untagged frames

into Native VLANs for both Transport as well as Service Virtual Fabric.

Policy-based Routing

Policy-based Routing (or PBR) is a technique to make routing decisions based on policies

configured by a network administrator. PBR configuration is done by using a combination of IP

ACLs and route maps. The VDX platform programs the ACLs on the interfaces and routes traffic

that matches the ACLs according to instructions in the route map entry.

PBR can be configured based on Layer 3 and Layer 4 information and the VDX platform can be

instructed to forward packets to a pre-determined next-hop gateway or drop the packet.

PBR is supported on VDX 8770 and VDX 6740x.

Inter-VRF Leaking

Virtual Routing and Forwarding (VRF) is a technology that provides you with the ability to have

multiple virtual routers on a single physical router or switch. VRFs operate without knowledge of

one another unless they are imported or exported into one another using Inter-VRF Route

Leaking. Inter-VRF route leaking allows leaking of specific route prefixes from one VRF instance

to another VRF instance on the same physical router, which eliminates the need for external

routing. This is useful in cases where multiple VRFs share the same path to reach an external

domain, while maintaining their internal routing information limited to their own VRF. This

feature enables a data center to consolidate multiple VRF services onto a single server. Current

release supports leaking of connected routes as /32 & not as subnets.

DHCP IP Helper

DHCP IP Helper (also known as DHCP Relay) allows DHCP Clients and DHCP servers on different

subnets to communicate with each other. This is particularly important in large networks. The

DHCP Relay can be configured on any L3 interface. An L3 interface can be a VE port or a physical

port.

This feature helps consolidate the number of DHCP servers that need to be configured for a

network.

DHCP Automatic Deployment (DAD)

DHCP Automatic Deployment (DAD) is a method used to download, install and bring up a VDX

device with new firmware or preset configuration automatically.


This method uses DHCP (option 66/67) to retrieve parameters such as firmware-path, VCS ID,

RBridge-ID and the preset configuration file. These parameters are used to perform the

firmware and configuration downloads.

This feature needs to be enabled via CLI. After the DAD process is completed, it is automatically

disabled.

Logical Chassis HA

NOS 4.1.0 builds upon the HA functionality in NOS 4.0.x and delivers HA support in Logical

Chassis mode. This includes system-wide HA sync and warm recovery both for ISSU as well as

non-ISSU scenarios.

Access Gateway (VDX 6730)

The Access Gateway functionality simplifies server and storage connectivity by enabling the

connection of servers to any SAN fabric. It also enhances scalability by eliminating the switch

domain identity from the VCS fabric and simplifies local switch device management. This feature

provides significant improvements in the connectivity options to a Fibre Channel SAN over the

previous method, by sending device logins directly to the FC SAN. Hence, the scalability and

management of these devices are now properties of the FC SAN, with the VCS fabric simply

providing access. This feature is supported only on the VDX 6730.

Auto QoS for NAS

NOS 4.1.0 extends storage functionality by introducing Auto QoS for NAS. This allows customers

to prioritize delay-sensitive IP Storage traffic within the VCS Fabric and help ensure consistent

performance. Auto QoS automatically classifies and prioritizes traffic based on source or

destination IPv4 address. It does so by assigning the identified traffic to separate priority

queues. This allows a minimum bandwidth guarantee to be provided to the queue.

This functionality is available on the 6740x and the 8770 platforms. Other platforms do not

support this functionality but can act as a transit switch for the prioritized traffic.

Brocade Trunking on 40Gbe

40GbE Brocade trunking will be available on the VDX 8770 12 x 40Gbe blade starting with the

NOS 4.1.2 release. In order to achieve 2 x 40Gbe Brocade trunking on the 12 x 40GbE blade the

user has to configure 40Gbe ports in breakout mode and must use breakout optics (40Gbe-SR4-

INT) with a single QSFP optical cable

ISL on Breakout

ISL on breakout capability is enabled on all 40GbE capable device including the VDX6740, VDX

6740T, VDX6740T-1G and VDX 8770 in this release. Now the user can use ISL on breakout to

form a fabric with 10Gbe capable VDX products using 40Gbe ports on VDX6740, VDX 6740T,

VDX6740T-1G and VDX 8770. This capability is useful when a user wants to form a single fabric


between VDX6740/VDX 6740T/VDX6740T-1G /VDX 8770 and VDX 6710/20/30/46 (Note : VDX

6710/20/30/46 does not have native 40Gbe ports).

VRRP-E Across VCS fabric

NOS4.1.0 and later versions support VRRP-E across the VCS to VCS.

VCS VXLAN Gateway for VMWare NSX

NOS 4.1.1 delivers the VCS VXLAN Gateway for VMWare NSX functionality that enables a

network virtualization solution. This feature enables customers to combine the virtual and

physical architecture within their data centers to allow for a seamless migration to a cloud-

based architecture. NOS 4.1.1 accomplishes this by implementing a VTEP (VXLAN Tunnel End-

point) on the VDX 6740x. This enables VMWare NSX to provision and configure the VTEPs on the

VDX H/W similar to S/W VTEP (in the hypervisor). The VXLAN gateway is based on a VDX 6740-

based VCS fabric and is able to take advantage of:

1. Performance – As the VXLAN to VLAN (and vice-versa) translation is done on custom ASIC,

the VCS VXLAN gateway is able to deliver line-rate performance for the VXLAN/VLAN traffic.

2. Resilience - The resiliency within VCS fabric allows for instantaneous failover between the

VDX switches

3. Logical chassis functionality, where the VXLAN gateway is presented to VMWare NSX as a

single logical gateway reducing the number of VTEPs that need to be configured.

4. Maximum number of MAC addresses across VxLAN tunnels per VCS cluster for VMware NSX

: 8000

5. Maximum number of MAC addresses across VxLAN tunnels per VCS cluster for Virtual-Fabric

Extension : 16000

Mixed-Version

A mixed-version Fabric Cluster is a group of fabric cluster nodes running Network OS v4.1.3 and

Network OS v5.0.x. This allows legacy hardware to continue to function running 4.1.3x image

along and co-exist with newer hardware running Network OS v5.0.x in the same cluster.

When a fabric cluster is loaded with mixed-versions, the cluster only works with the older

feature set. Any cluster-wide features that were introduced in Network OS v5.0.0 are not

supported in the mixed-version fabric cluster. Most fabric cluster features work properly in a

mixed-version cluster. You can perform cluster management normally, as in a normal fabric

cluster with all nodes running the same Network OS releases.

Mixed version between 4.1.3x & 5.0.x releases are supported only in “Fabric-Cluster” mode &

not Logical-Chassis mode.

For complete information on mixed-version support, refer to the Network OS Administrator’s

Guide.


QoS Buffering CLI Knob:

This feature is specific to VDX-6740 series & offers “Enhanced QoS Buffer knobs” to configure

buffer limits, thus enabling customers to adapt their networks to virtualized application needs.

Due to the nature of the evolving virtualized applications (eg. Global Parallel File System,

Hadoop clustering, etc..), the needs for handling high burst of traffic has significantly increased.

To handle such high bursts of traffic, there are certain CLI’s provided to offer elasticity in

buffering needs of the VDX6740 series.

With enhanced shared dynamic buffering mechanism, an interface is capable of bursting up to

recommended 2MB limit. Though a maximum of 8MB is configurable, we recommend

consulting Brocade Engineer, as it may impact the performance of the other ports that may

need to burst at the same time.

However, for traditional applications, we recommend to continue using defaults for optimum

performance of throughput.

Commands introduced with this feature:

(a) Configure Ingress buffering upper-limit for handling high ingress burst:

Sw0(config-rbridge-<>)# qos rcv-queue limit <buffering upper-limit>

(b) Configure Egress buffering upper-limit for “many-to-one” traffic pattern”:

Sw0(config-rbridge-<>)# qos tx-queue limit <buffering upper-limit>

<Buffering upper-limit in KB> indicates the burst absorption capability of the interfaces of that

Rbridge.

Default : 283KB, Recommended max : 2000KB, Max allowed : 8000KB

(c) Configure & apply RED profile for selected busting ports:

Sw0(config)# qos red-profile 0 min-threshold 25 max-threshold 90 drop-probability 1

The above RED profile may be applied on the congested Egress port as below:

Sw0(conf-if-<>)# qos random-detect tc 1 red-profile-id 0


Note : For most of the traditional deployments, it is recommended to leave the settings in

default values.

Supported Hardware

Supported devices

Brocade Network OS v4.1.0 and NOS 4.1.x support the following VDX Switches:

• Brocade VDX 6710-54





• Brocade VDX 6746 (newly supported platform)

• Brocade VDX 6740

• Brocade VDX 6740T

• Brocade VDX6740T-1G (newly supported platform)



Brocade VDX 6720-24 and VDX 6720-60 supports the following:

• VDX 6720-24 offers a base configuration with 16 ports and can be upgraded via

Brocade’s Ports on Demand license to a full 24 10GbE ports.


Brocade’s Ports on Demand license to either 50 ports or a full 60 10GbE ports.

• Extremely low latency for classic Ethernet networks or for scale-out of layer2 fabrics

for virtual data centers.

• Enables end-to-end convergence of Fibre Channel over Ethernet (FCoE) and iSCSI

storage traffic along with IP LAN data traffic.

• Can be deployed as a traditional stand-alone ToR (Top of Rack) switch or in an

Ethernet fabric with VCS technology.

Brocade VDX 6710-54 supports the following:

• VDX 6710-54 provides 48x1GbE ports and 6x10GbE ports.

• 1 GbE ports are intended for extending VCS technology to the access layer which

provides the benefits of both Top of the Rack (ToR) and End of the Row (EoR)

architectures.

• 6 x 10GE SFP+ ports can be used as uplink to VDX 6720/VDX 6730 switches to form a

VCS fabric or to connect to 10G servers at the access layer.


• VDX 6710-54 offers extremely low latency for classic Ethernet networks or for scale-

out of layer-2 fabrics for virtual data centers.

Brocade VDX 6730-32 and VDX 6730-76 supports the following:


Brocade’s Ports on Demand license to a full 24 10GbE ports.


Brocade’s Ports on Demand license to either 50 ports or a full 60 10GbE ports.

• VDX 6730-32 supports 24 10GbE ports and 8 8G Fibre Channel Ports. VDX 6730-76

supports 60 10GbE ports and 16 8G Fibre Channel Ports. VDX 6730 facilitates VCS

fabric to Fibre Channel SAN Connectivity.

• Enables end-to-end convergence of Fibre Channel (FC), Fibre Channel over Ethernet

(FCoE) and iSCSI storage traffic along with IP LAN data traffic.

Brocade VDX 6746 supports the following:

• Blade switch for Hitachi BS500 and BS2000 server chassis, offers 16 internal and 8

external 10GE ports.

• Extremely low latency for classic Ethernet networks or for scale-out of layer2 fabrics

for virtual data centers.

• Enables end-to-end convergence of Fibre Channel over Ethernet (FCoE) and iSCSI

storage traffic along with IP LAN data traffic.

• Can be deployed as a traditional Ethernet access switch or in an Ethernet fabric with

VCS technology.

Brocade VDX 6740

The Brocade VDX 6740 offers 48 10GbE SFP+ ports and 4 ports of 40 Gigabit quad small form-

factor pluggable plus (QSFP+), each can be broken out into four independent 10 GbE SFP+ ports,

providing an additional 16 10 GbE SFP+ ports.

It is available in as 24, 48 and 64 port SKU

850ns microsecond latency for any port to port to assure rapid response for latency-

sensitive applications.

The base SKU is available with 24 ports and can be upgraded up to 48 ports via

10Gbe DPOD license of 8 ports

It has 4 X 40Gbe QSFP ports which can be used for the uplink and VCS fabric

formation with VDX8770 /VDX6740/VDX6740T

Each 40GbE port is capable of doing a breakout of 4 X 10GbE ports

Brocade VDX 6740T

The VDX 6740T offers 48 10GbE Base-T ports and 4 ports of 40 Gigabit quad small form-factor

pluggable plus (QSFP+), each can be broken out into four independent 10GbE SFP+ ports,

providing an additional 16 10 GbE SFP+ ports.


It is available in as 24, 48 and 64 port SKU

3 microsecond latency for any port to port to assure rapid response for latency-

sensitive applications.

The base SKU is available with 24 ports and can be upgraded up to 48 ports via

10Gbe DPOD license of 8 ports

It has 4 X 40Gbe QSFP ports which can be used for the uplink and VCS fabric

formation with VDX8770/VDX6740/VDX6740T

Each 40GbE port is capable of doing a breakout of 4 X 10GbE ports. This also helps

to form fabric with VDX 6710/20/30/46

Brocade VDX 6740T-1G

The Brocade VDX 6740T-1G offers 48 1000BASE-T ports and two 40 GbE QSFP+ ports in base

version. Each 40 GbE port can be broken out into four independent 10 GbE SFP+ ports, providing

an additional eight 10 GbE SFP+ ports for uplink. All 48 1000BASE-T ports can be upgraded to 48

10GBASE-T ports via a Capacity on Demand (CoD) software license. Two 40 GbE ports are enabled

as part of the base license. The additional two 40 GbE ports can be upgraded via the Ports on

Demand (PoD) software license.

Base version is available with 48 1000BASE-T ports and two 40 GbE QSFP+ ports

3 microsecond latency for any port to port to assure rapid response for latency-sensitive

applications.

All 48 48 1000BASE-T ports can be upgraded to 10Gbase-T port with capacity on demand

license.

Additional 2X40Gbe port can be added to base version with 2X40Gbe POD license.

It has 4 X 40Gbe QSFP ports which can be used for the uplink and VCS fabric formation

with VDX8770/VDX6740/VDX6740T

Each 40GbE port is capable of doing a breakout of 4 X 10GbE ports. This also helps to

form fabric with VDX 6710/20/30/46

100 Mbit support for point to point Management server connection on VDX6740T-1G

o Full duplex speed support on Base-T ports for management server P2P

connection.

o Limited L2 configuration supported. For example Switchport, LLDP, MTU size, L2

ACL and L3 ACL

o L3 configuration, FCoE, Trill, vLAG configuration, Nhalf duplex speed

support, PFC configuration are NOT supported on 100Mbits

o No support for adding a 100Mbit shared media/hub.

Examples for 100Mbit usage are as follows.

o 100MB Host Device Requirement with Ipv4 Connectivity, PING, ICMP Traffic

over V4, V4 Neighbor Discovery

o Server with HTTP/HTTPS/FTP/SSH/TELNET Server, Filesharing and RDP Services

and application testing over the V4 connectivity


Brocade VDX 8770-4 and VDX 8770-8

The Brocade VDX 8770 is available in two form factors; a 4-I/O slot system and an 8 I/O slot

system with line-card support for 1-GbE, 10-GbE, 10GbE-T, 40GbE, and 100GbE ports. The

Brocade VDX 8770 delivers a high-performance switch to support the most demanding data

center networking needs, capable of supporting:

4 Tbps per slot line-rate design for substantial capacity and headroom.

~4-microsecond latency to assure rapid response for latency-sensitive applications.

Up to 384,000 MAC addresses per fabric for extensive virtualization scalability.

More than 8000 ports in a single VCS fabric with Brocade Fabric Multipathing

technology, enabling the switch to serve extremely large-scale deployments with

the best-possible network utilization.

Supported blades for VDX 8770:

The flexible, modular switch design offers interconnection with other Brocade VDX 8770

switches, Brocade VDX 6710, 6720, 6730, 6746, and 6740 fabric switches, traditional Ethernet

switch infrastructures, and direct server connections. Modular 4-slot and 8-slot chassis options

are available to match the switch to the needs of the organization. These include:

Brocade VDX 8770-4: Supports up to 192 1/10 GbE ports, or 108 40 GbE ports and

24 100 GbE ports, or a combination.

Brocade VDX 8770-8: Supports up to 384 1/10 GbE ports, or 216 40 GbE ports and

48 100 GbE ports, or a combination.

The switches support two Management Modules in an active standby configuration. The 4 slot

chassis can hold up to 3 Switch Fabric Modules (SFM) and 4 Power supply Units (PSU) while the

8 slot chassis can hold 6 SFMs and 8 PSUs. The switch supports a variety of wire-speed line cards

to offer maximum flexibility in terms of port bandwidth as well as cable and connector

technology:

1 GbE: LC48×1G line card provides up to 48 SFP/SFP-copper ports.

10 GbE: LC48×10G line card provides up to 48 SFP+ ports .

10 GbE-T: LC48×10GT line card provides up to 48 RJ-45 ports .

40 GbE: LC12×40G line card provides up to 12 40 GbE QSFP ports.

40 GbE: LC27×40G line card provides up to 27 40 GbE QSFP ports.

100 GbE: LC6×100G line card provides up to 6 100 GbE CFP2 ports.

Supported power supplies

The VDX-6710-54 switch ships with two internal, redundant, field-replaceable, load-sharing AC

power supplies.


The VDX-6720-24 and VDX-6720-60 switches both ship with two internal, redundant, field-

replaceable, load-sharing AC power supplies. The VDX-6730-32 and VDX-6730-76 switches both

ship with two internal, redundant, field-replaceable, load-sharing AC power supplies

The VDX 8770 switches ship with multiple, field replaceable, load-sharing AC or DC power

supplies based on the configuration selected. The PSU SKU is shared by both 4- and 8-slot

systems. The VDX8770-4 ships with a minimum of 2 AC or DC PSU. Additional 2 PSU can be

ordered for redundancy. The VDX8770-8 system ships with a minimum of 3 PSU and additional

PSU may be ordered for redundancy:

XBR-ACPWR-3000 - 3000 W power supply unit AC

XBR-DCPWR-3000 - 3000 W power supply unit DC

The VDX-6740 switches are both delivered with two internal, redundant, field-replaceable, load-

sharing AC power supplies.

XBR-250WPSAC-F - FRU 250 W AC power supply/fan, non-port-side exhaust airflow

XBR-250WPSAC-R - FRU 250 W AC power supply/fan, port-side exhaust airflow

The VDX-6740T switches ship with two internal, redundant, field-replaceable, load-sharing AC

power supplies.

XBR-500WPSAC-01-F -FRU 500 W AC power supply/fan, non-port-side exhaust airflow

XBR-500WPSAC-01-R - FRU 500 W AC power supply/fan, port-side exhaust airflow

Supported Optics

The VDX switches support following optics types listed below. The 8G FC optics are only

supported on the VDX-6730 switches. Breakout optics are supported only for 8770 (40G line-

card) and 6740/T. Optics/cables for the VDX 6746 are supplied by Hitachi.

FRU and Optics SKU Description

1GbE XBR-000190 (1-pack) 1 GbE copper

E1MG-SX-OM (1-pack)*

E1MG-SX-OM-8 (8-pack)*

1000Base-SX

E1MG-LX-OM (1-pack)*

E1MG-LX-OM-8 (8-pack)*

1000Base-LX

10GbE 10G-SFPP-SR (1-pack)

10G-SFPP-SR-8 (8-pack)

10 Gbps SR

10G-SFPP-LR (1-pack)

10G-SFPP-LR-8 (8-pack)

10 Gbps LR

10G-SFPP-ER (1-pack)

10G-SFPP-ER-8 (8-pack)

10 Gbps ER

10G-SFPP-TWX-0101 (1-

pack)

10G-SFPP-TWX-0108 (8-

pack)

1 m Twinax copper cable


10G-SFPP-TWX-0301 (1-

pack)

10G-SFPP-TWX-0308 (8-

pack)


10G-SFPP-TWX-0501 (1-

pack)

10G-SFPP-TWX-0508 (8-

pack)


10Ge-SFPP-AOC-0701 10GbE SFP+ Direct Attached Active Optical Cable, 7m, 1-pack

10Ge-SFPP-AOC-1001 10GbE SFP+ Direct Attached Active Optical Cable, 10m, 1-pack

40GbE 40G-QSFP-QSFP-C-0101 40GbE Direct Attached QSFP+ to QSFP+ Active Copper cable, 1m,

1-pack

40G-QSFP-QSFP-C-0301 40GbE Direct Attached QSFP+ to QSFP+ Active Copper cable, 3m,

1-pack

40G-QSFP-QSFP-C-0501 40GbE Direct Attached QSFP+ to QSFP+ Active Copper cable, 5m,

1-pack

40G-QSFP-4SFP-C-0101 4x10GbE Direct Attached QSFP+ to 4 SFP+ Copper Breakout

Cable, 1m, 1-pack


Cable, 3m, 1-pack


Cable, 5m, 1-pack

40G-QSFP-SR4 40 GbE SR4 optic

40G-QSFP-SR4-INT 40 GbESR4 (4×10 Gbe SFPP break-out capable) . Breakout

Optical cable is not included with this optics

40G-QSFP-LR4 40 GbE LR4 optic

40G-QSFP-eSR4 40GBASE-eSR4 QSFP+ optic (MTP 1x8 or 1x12), 300m over MMF(OM3), 1-pack. Also breakout capable

8GbE FC XBR-000163 (1-pack) XBR-000164 (8-pack)

8G FC SWL

XBR-000153 (1-pack) XBR-000172 (8-pack)

8G FC LWL – 10km

XBR-000174 (1-pack) 8G FC ELWL – 25km 100GbE 100G-CFP2-LR4-10KM 100 GbE CFP2 optic, LR4, for distances up to 10 km over

SMF 100G-CFP2-SR10 (1-pack) 100 GbE CFP2 optic, SR10, for distances up to 100 m over

MMF

*Note: Legacy Foundry Networks branded optics are not supported

Standards Compliance This software generally conforms to Ethernet standards in a manner consistent with accepted

engineering practices and procedures. In certain cases, Brocade might add proprietary


supplemental functions to those specified in the standards, or choose to implement

modifications to the standards for performance or behavioral improvements.

The VDX products conform to the following Ethernet standards:

IEEE 802.1D Spanning Tree Protocol

IEEE 802.1s Multiple Spanning Tree

IEEE 802.1w Rapid reconfiguration of Spanning Tree Protocol

IEEE 802.3ad Link Aggregation with LACP

IEEE 802.3ae 10G Ethernet

IEEE 802.1Q VLAN Tagging

IEEE 802.1p Class of Service Prioritization and Tagging

IEEE 802.1v VLAN Classification by Protocol and Port

IEEE 802.1AB Link Layer Discovery Protocol (LLDP)

IEEE 802.3x Flow Control (Pause Frames)

The following draft versions of the Data Center Bridging (DCB) and Fibre Channel over Ethernet

(FCoE) Standards are also supported on VDX products:

IEEE 802.1Qbb Priority-based Flow Control

IEEE 802.1Qaz Enhanced Transmission Selection

IEEE 802.1 DCB Capability Exchange Protocol (Proposed under the DCB

Task Group of IEEE 802.1 Working Group)

FC-BB-5 FCoE (Rev 2.0)

The VDX products conform to the following Internet IETF RFCs:

RFC 2865 Remote Authentication Dial In User Service (RADIUS)

RFC 1112 IGMP

RFC 2236 IGMPv2

RFC4601 PIM-SM

RFC2131 DHCP

RFC 2571 Architecture for Describing SNMP Framework

RFC 3176 sFlow

RFC 1157 SNMPv1/v2c

RFC4510 Lightweight Directory Access Protocol (LDAP)

RFC 3768 Virtual Router Redundancy Protocol (VRRP)

RFC 2328 OSPF Version 2

RFC 1587 OSPF NSSA Option

RFC 3101 OSPF Not-So-Stubby-Area (NSSA) Option

RFC 1765 OSPF Database Overflow

RFC 2154 OSPF with Digital Signatures (MD-5 Support)

RFC 3137 OSPF Stub Router advertisement


Software or Image Filenames

Filename Description

Network OS v4.1.2.tar.gz Network OS v4.1.2 for Unix

Network OS v4.1.2.zip Network OS v4.1.2 for Windows

Network OS v4.1.2_all_mibs.tar.gz Network OS v4.1.2 MIBs

Network OS v4.1.2.md5 Network OS v4.1.2 md5 Checksum

Licensing Information Brocade Network OS v4.1.x supports the following licensed features. NOS 4.1.0 and above incorporates the Brocade VCS License as part of the base offering. This would mean customers would have to no longer purchase a license to enable VCS fabric (for more than 2 nodes).

Brocade Ports on Demand (POD) license — Allows customers to instantly scale the fabric by provisioning additional ports via license key upgrade. (Applies to select models of switches).

Brocade FCoE license — Enables Fibre Channel over Ethernet (FCoE) supporting transport FC protocols and frames over Data Center Bridging (DCB) networks. DCB is an enhanced Ethernet network that enables convergence of several data center applications onto a single interconnect technology. FCoE provides a method of encapsulating the Fibre Channel (FC) traffic over a physical Ethernet link.

Brocade Layer 3 License: Enables support for Layer 3 features like OSPF, VRRPe and PIM. This license is required on the VDX8770 only. The VDX6710, VDX6720, VDX6730, VDX6746, VDX6740/T switches include these features in the default license.

Brocade Advanced Services license: - Provides a single upgrade option to enable Fibre Channel over Ethernet (FCoE) and Layer 3 features on a VDX8770 switch with default license.

Brocade Upgrade License: Provides a single license option to upgrade from either FCoE license or Layer 3 license to the advanced service license bundle.

Brocade 10G Port Upgrade License: Allows customers to instantly scale the fabric by provisioning additional 10G ports via license key upgrade. (Does not apply to Modular Switches).

Brocade 10G Capacity on Demand License (for 6740T-1G): Allows customers to upgrade ports from 1G speed to 10G speed. With a license instance, customer can upgrade any 16 ports of the VDX 6740T-1G. To upgrade all the 48 ports, the customer will have to purchase and install 3 license instances.

Brocade 40G Port Upgrade License: Allows customers to instantly scale the fabric by provisioning additional 40G ports via license key upgrade. (Applies to VDX6740 and VDX6740-T only).

NOTE: Layer 3 license is included in the default license on VDX67XX switches.

Some models may offer optional feature bundles that include two or more optionally licensed

features. Refer to specific product model offerings for additional details on bundled options.


Temporary License Support

Temporary Licenses are available for all of the features listed above.

Brocade Network OS Compatibility

The VDX platforms with Brocade NOS vv4.1.0 have been qualified for Ethernet or FC connectivity with

the following Brocade platforms at the minimum firmware level noted for each:

FCX/ICX 8.0.0a

BNA 12.2.0

vCenter 4.0,4.1,5.0,5.1,5.5

Brocade 8000

Fabric OS (FOS) v6.4.0b

and up to v7.1.0

Brocade 8470 Switch Module (for

IBM BladeCenter) FOS v6.3.1_cee

Brocade 6520 FOS v7.1.0 or later

Brocade 5100/VA-

40FC/5300/DCX/DCX-4S, 6510,

DCX8510-8/ DCX8510-4

FOS v7.0.1 and later

versions

Fabric OS Compatibility

A VDX 6730 running Brocade Network OS v2.1.1 or higher can form an Inter Fabric Link (IFL) by

connecting to an EX-port on most Brocade 8Gbps or 16Gbps FC platforms operate with FOS v7.0.1 or

later. In most common deployment scenarios, a VDX 6730/VCS fabric connects as an edge fabric to

an FCR “backbone” fabric (an FC fabric with a switch acting as a Fibre Channel Router, or FCR). FCoE

CNAs attached to the VCS fabric are then able to communicate with FC devices in an FC fabric, either

connected directly to the FC backbone or to another FC edge fabric connected through the FC

backbone fabric. The following table provides interoperability information and minimum firmware

versions required for Brocade Network OS and FOS platforms.

VDX Platforms/Brocade Network OS Firmware Versions

FCPlatforms2/FOS Firmware Versions

FOS Firmware Version on Switches in FC Backbone

or Edge Fabrics

VDX 6710/Brocade Network OS v2.1.1 or later VDX 6720/Brocade Network OS v2.1.1 or later VDX 6730/Brocade Network OS v2.1.1 or later 1 VDX 8770/Brocade Network OS v3.0.0a or later

Brocade DCX/DCX-4S/DCX8510-8/ DCX8510-4/6510/5300/5100/ VA-40FC support forming an IFL connection to a VCS fabric with FOS v7.0.1 or later. Brocade 6520 support forming an IFL connection to a VCS fabric with FOS v7.1.0 or later.

Please refer to FOS v7.1.0 release notes for complete interoperability matrix.


VDX 6746/Brocade Network OS v2.0.1_kat4, v3.0.0_dcb4 and v4.1.2 VDX 6740, 6740-T/Brocade Network OS v4.1.0 or later

Table Notes:

1 The VDX 6730 is the only VDX platform that supports the FC ports necessary to form an IFL connection to an FC SAN. Other

VDX platforms may participate in the VCS fabric, but cannot form the connection to the SAN. 2 There are other Brocade FC platforms that support FOS v7.0.1 and FCR/Integrated Routing functionality; however, those

platforms are not supported for interoperability with VDX platforms when using FOS v7.0.1.

While attempting VDX6730’s bridging ability to FC SAN, please use FOS version 7.0.1 at least on SAN side.

Limitations and Restrictions

Command Line Interface

Some commands will not produce paginated output.

Break command is not supported. Pl use ctrl-c as an alternative

For certain commands (including no form with some commands), “?” will show unsupported additional options.

Tab completion and <ctrl>-c (cancel) does not work for some commands.

For some commands, “switchId” and “all” options are not applicable in this Brocade Network OS release but are still shown as options. These will be applicable and supported in future Brocade Network OS releases.

Some CLI commands will generate an “Error:Access denied” message upon failure. This means the operation failed on the switch and may not be related to permissions.

The "no" command always exists for all roles even if it is not required.

Some no commands will execute without mandatory parameters that were originally used for configuration. Some needs mandatory parameters though help message does not suggest same

Some no commands may produce an incorrect error message upon error.

Incorrect range might be displayed in the help text for some of the show commands.

Interface range command is not supported on breakout ports. Range command is not supported across multiple slots of the chassis

System does not warn user on deleting the ip config when vrf is configured

show interface stats brief does not distinguish loopback interfaces across rbridges

Redistributed connected/static may be shown twice as part of config

Some unsupported debug commands may be seen in NOS 4.1.0. Brocade recommends not

to run them on switches:

Show confd-state –, for debugging purpose only. Show parser dump –, for debugging purpose only Show notification stream –, for debugging purpose only Show features – no use


Show ssm –, for debugging purpose only. Autoupgrade command in config mode

‘snmp-server context CONTEXT_NAME vrf-name VRF-NAME command During “copy running-config startup-config” or “copy support” user might see

occasional CPU spikes (to ~30-40%).

While unconfiguring non-existent configs, for some features, "Error: Access Denied" may be displayed even though it is a no-op.

Interface specific static arp entries are not shown when using show running command for an interface.

show mac-address-table command on console with include option can not be aborted with a break/ctl-C. Use a telnet session for the same.

For ip access lists, display filtering based on sequence number alone does not work as expected.

Security CLIs: In FC & MC mode: the following are under rbridge-id context unlike earlier

release

fcsp secpolicy system-monitor is move to rbridge context but system-monitor-mail is still in global

mode

DHCP/ipv6 autoconfig were moved from rbridge context in 3.x to mgmt. interface context in 4.x

Though ICMPv6 RA guard CLI is available on all platforms , it is supported only for 6710/20/30

“protocol vrrp-extended” is added to specifically enable VRRPE in 4.x which was implicitly

enabled in 3.x using command ‘protocol vrrp’

TACACS/Radius local behavior is now changed and currently reflected using ‘local backup’

Do not use CLI ‘no spanning-tree shutdown’ from the VLAN context from RSPAN-VLAN

Do not use lldp iscsi-priority’ (and a couple of other similar CLIs from the same context) needs to be blocked on destination mirror port.

“show chassis” output may show the PSU part number as “Unknown” after removal & re-insertion of the PSU

Under certain scenarios, output of “show qos rcv-queue multicast ten <>” may not show accurate count of drops

Certain oscmd commands may not work or give a different output under admin login

Netconf commands ‘debug internal rate-limit-delay’ may fail

debug ip bgp prefix-list <option> , debug ip bgp neighbor does not work

‘no’ command for ‘qos map dscp-cos’ does not work

On rare scenario, configuration may not be applied to hardware on power-cycling the chassis

Neighbor-discovery CLI ineffective after reload & needs a link-flap

VDX 6740/6740T

VDX 6740/6740T Platforms do not support IP fragmentation. MTU errors are reported in

“show interface” as “Errors” under the “Transmit Statistics”


Breakout functionality on 40Gb ports

Breakout functionality is supported on 40G ports on VDX 6740, VDX 6740T, VDX6740T-1G, and VDX 8770 only.

40G ports on the VDX8770 blades do not honor 802.3x pause frames. Thus to enable pause functionality, it is recommended to configure breakout mode, which will result into 4 x 10G interfaces that would support the pause-functionality.

Brocade Trunking is supported on Breakout Ports.

Going to and from Breakout mode requires reload for VDX 6740, VDX6740T, and VDX6740T-1G. It requires reload of the LC with the affected 40G ports for VDX 8770.

For VDX 6740, 6740T, and 6740T-1G platforms, the LED state for a breakout interface is deterministic. For all other supported platforms, the LED state for a breakout interface is not deterministic.

In breakout mode, there is only SFP and no per-breakout media information. The show media command will display the same media information for all breakout interfaces. The TX Power Field in the show media command is not supported by the 40G optics.

1G speed cannot be configured on QSFP or breakout ports.

Since ISL on breakout interface is not supported in prior releases, please note that this

configuration may be lost if downgraded.

Restrictions for Ports in 1G Mode and 1G Ports on VDX 6710

ELD not supported for 6710

RMON stats are calculated incorrectly for packet sizes 64-127 bytes.

1G port in VDX 6710 cannot form ISL links. Only 10G ports in VDX 6710 can be used to form ISL links.

Brocade Trunks cannot be formed with 1G, as all Brocade Trunks should be 10G.

A LAG cannot be created between 1G and 10G ports.

FCoE configuration is NOT supported on 1G ports.

DCBX configuration for FCoE is not supported on 1G ports.

1G portchannel between VDX 6740-T and MLX may not form

Licensing

In Brocade Network OS v2.1.0 or later, VCS mode is no longer dependent on a full POD license being installed on the switch. In Brocade Network OS v2.0.0, a full POD (one POD license installed on VDX 6720-24, two POD licenses installed on VDX 6720-60) license was required in order to enable VCS mode. This restriction no longer applies in Brocade Network OS v2.1.0 or later, thus VCS mode can be enabled without installing POD licenses.

POD and FCoE licenses are not used on the VDX 6710 platform. No POD license is required to enable any of the 48x1G ports or 6x10G CEE uplink ports on the VDX 6710.

POD licenses are not used on the VDX 6746 platform. No POD license is required to enable any of the 24x10G ports on the VDX 6746. For VDX 6730 platforms, enabling FC ports requires only the FCoE license and is not POD license controlled.

An Integrated Routing license is NOT required on FOS-based SAN platforms running FOS 7.0.1 or above for FCR interoperability connectivity with VCS fabrics and the VDX 6730. Please refer to FOS v7.0.1 Admin Guide documentation on configuring FOS platforms for connectivity to VDX 6730 switches and VCS fabrics.


The Layer 3 license is required on VDX 8770 switches to enable Layer 3 feature set including OSPF, VRRP, BGP, VRF etc. A separate Layer 3 license is not required on VDX 67XX switches as Layer 3 features are included in the default license.

After releasing a DPOD reserved interface, ‘show running-config’ may incorrectly show the interface as reserved. Please keep the unreserved interface in ‘shutdown’ to avoid undesirable behavior.

The Advanced Services License provides a single upgrade option to enable Fibre Channel over Ethernet (FCoE) and Layer 3 features on VDX 8770 switches.

Firmware Installation

In Standalone & Fabric Cluster

Only standalone firmware download is supported. You need to log onto individual nodes and run firmware download there.

Under certain stress conditions firmware download might time out on a node, e.g. due to excessive processing load on the processor, slow network, etc. The firmware download command will recover the system automatically. You need to wait for the completion of recovery before retrying the firmware download command.

While upgrading firmware on the node, it is recommended not to make any configuration changes before firmware download has been completed successfully.

In Logical Chassis

Standalone firmware download is supported. You can log onto individual nodes and run firmware download there. In such a case, please follow the notes above.

You can run the logical-chassis firmware download command to upgrade one or more nodes from the principal node.

It is recommend to keep auto-activate mode off (which is the default) when running

the logical-chassis firmware download command. After you download the new

firmware to all of the nodes in the cluster, you can run “firmware activate rbridge-id

<rbridge-ids>” to activate the nodes in the desired order.

Under certain stress conditions firmware download might time out on some nodes,

e.g. due to excessive processing load on the processor, slow network, etc. It is

recommended to re-run the logical-chassis firmware download command to

upgrade these failed nodes and bring their firmware level to be the same as the rest

of nodes first before activating any of them.

While upgrading the cluster, it is recommended not to make any configuration

changes in the cluster until all of the nodes have been upgraded to the same

firmware. Otherwise, it may cause cluster segmentation.

Logical Chassis

Number of nodes are limited to 24.

Number of nodes can be 32 for VDX 8770 and VDX 6740/T cluster.


Configurations are not auto preserved on mode transitions (between Fabric Cluster and Logical Chassis mode). Please follow the mode transition procedure as outlined. Non-default User Id/password will be lost when migrating from FC to LC

“show vcs” output displaying “Co-ordinator” OR “Coordinator” indicates “Principal” node role.

“show vcs” output may not display expected output when management IP is removed & primary node is removed from the cluster

Principal priority value ranges from 1 to 128, 1 being the highest. Recommend to set higher principle priority to VDX8770 & VDX6730 than VDX 6746, VDX6720 & VDX 6710

Shall not make configuration change during Logical Chassis firmware upgrade or ISL toggling to prevent the switch node segmenting from the cluster due to configuration mis-match

Upon Node segmentation from the cluster, user shall run “copy default start” on the segmented switch node to bring it back to the cluster.

Number of config snapshots saved on switch is limited to 4 per rbridge ID. So on 24 node cluster, a max of 24 * 4 = 96 snapshots are possible.

For netconf and snmp, user has to poll using individual node Management IP

Creating a snapshot with “\” in snapshot-id creates the snapshot file with incorrect name

There will not be any raslog to the user when replacement of a node fails

With large configs, while a switch is rejoining a fabric with default config, “%Error:Could not find Interface" may be printed temporarily. The switch will recover and join the fabric.

Under rare conditions,copy default to startup command may fail and restart VDX6740

Config changes during principle switch-overs are not supported and may segment the cluster.

HA

Full HA support is for L2, FCoE data and control protocols on VDX8770 in Fabric Cluster

mode

No HA support for IP data/control planes.

After a recent failover, “show ha” may display HA state as ’in sync ‘ even though it is not

complete. Any attempt to failover at this stage may result in cold boot.

RMON HA not supported.

vMotion during HA failover is not supported

UDLD HA is supported with higher range of udld timers ( >1 sec timer)

HA failover is not supported for L3 features. However,L3 configuration is retained across

failover

ISSU upgrade on 8770 may flap the LACP PO if configured with LACP short

Platform

After “chassis disable” please wait for 60 seconds for VDX67xx and for 300 seconds for VDX87xx before doing the next “chassis enable”.

Chassis-name is limited to 15 characters


Under certain scenario, chassis airflow direction may not change for VDX-6730 even after configuring & rebooting the switch

1G links must have auto-negotiation enabled. 1G links without auto-negotiation are not supported.

Current 1G copper SFP’s do not support exchanging flow-control settings during the auto-negotiation process. It is recommended to configure static mode of configuration of flow-control on both the ends of the desired link.

VDX-6740-T may display amber colored LED for the 40G interfaces that are up/up

Under certain conditions, the interface using 1G LX optics on VDX-6740 may show green LED even though the link is down. Occasionally, 1GE optics may display down state on one end whereas up state on the VDX-6740 end.

System verification/diagnostics performed on a switch will require a reboot.

Configuration of more than one In-band management port on a single switch is not recommended.

Under certain stress conditions ‘copy support’ command might time out for some modules. In such cases it is recommended to retry ‘copy support’ with higher timeout multiplier value.

It is highly recommended to copy configuration file to running-config and then save the running-config to startup-config, instead of directly copying the external configuration file to startup-config, especially when using fabric distributed features such as Zoning, VM Aware Network Automation and Virtual IP.

After “power-off line-card <x>” please wait for 120 seconds before doing the next “power-on line-card <x>” to avoid hitting a known defect where some interfaces might remain in administratively shut state.

Additionally, it is highly recommended to NOT remove any blades when any of the blades in the

system are running the diagnostics. The output of “show slots” can be used to ensure that none of

the blades are in state indicating the diagnostics are running before removal of the line card.

The speed on the management interface for VDX-8770 can be hardset to desired speed after configuring speed as auto. The speed on VDX-6740 is supported only in auto mode.

Multiple OIR(Online insertion and removal) of 40G LR optics interop with ICX/FCX may cause link to remain down. Workaround is to flap the link.

Virtual IP Address Support

A separate gateway cannot be configured for Virtual IP address. Default gateway will be the same as the gateway address for the management port of this switch.

There is no Virtual MAC address associated with the Virtual IP address.

For VCS Virtual IP address to work correctly, the management port’s IPv4 address should be assigned, functional and both address should be in same subnet”.

Chassis Virtual-IP is only supported on 8770


Security, ACLs, Authentication, Authorization

Netconf session may get closed for get-VLAN-brief

Slot-eth-port-cnt may not be reflected for 87xx line cards

Login authentication service (aaa authentication login cli):

o With “local” option specified as secondary authentication service, local

authentication will be tried only when the primary authentication service

(Tac+/Radius/LDAP) is either unreachable or not available.

o Behavior of “local” option in pre-4.1.0 releases is changed to the “local-auth-

fallback” option.

o When login authentication configuration is modified, the user sessions are not

logged out as in pre-4.1.0 releases. All connected user sessions can be explicitly

logged out using “clear sessions” CLI.

ACLs are not supported for egress traffic flows

Configuring TACACS+ or RADIUS without a key is not supported. If no key is configured, the switch uses a default key of “sharedsecret”.

There is a possibility that locked user accounts will get unlocked after a reboot if the running-config (before reboot) is different from startup-config of user accounts.

Encrypted text (taken from running-config of any user account password with encryption turned on) should not be used as input for clear-text password for the same user. This may result in login failure of the user subsequently.

There is no upper limit for the number of rules that can be added to a management access-list. But when the ACL is applied to a management interface, only the top 256 rules will be applied if the ACL contains more than 256 rules.

Access to ONLY the following Active Directory (AD) servers is supported by Brocade LDAP client:

o Windows 2000

o Windows 2003

o Windows 2008 AD

The DNS configuration is primarily used for LDAP. It should be noted that DNS look-up will not be used by PING, Traceroute or any other services. These services will still require specifying the actual IP address.

When more than 250 rules ACL’s are configured (over supported scale), they may be partially installed & effective

A hard-drop ACL rule on VDX-6740 may not drop UDLD packets

Counter for hard-drop ACL may not count accurately

Even though IGMP snooping feature is supported over vLAG, all the multicast data traffic will be forwarded only over the primary.

When a MAC ACL with several clauses is applied to a port-channel which is a member of 750 or more VLANs, the MAC ACL counters may take several minutes to be enabled due to processing load associated with such configurations.

Deny / Harddrop ACL on VE does not work when pkt ingresses from TRILL port


Management Services

While upgrading to NOS4.0.0 or higher, existing SNMP users may experience loss of access due to introduction of default password encryption for SNMP in NOS4.0.0 and higher. This is also applicable for SNMP v3 hosts where a particular user may be mapped.

SNMP is not cluster aware. Hence, SNMP queries provide response with information for local node only.

The command ‘clear counters all’ zeros the rmon counter(s) values reported but then requires an additional command ‘clear counters rmon’. The ‘clear counters rmon’ command is needed if the rmon counter(s) values are to operate and report properly.

SPAN & RSPAN

CPU-originated packets cannot be output spanned.

SPAN is supported only within a port-group on the VDX 6720 and 6746.

If SPAN has to be supported to multiple locations, please use RSPAN on VLAN.

On VDX 6720 and 6746, only one port per port group can be configured as destination port for

ingress spanning.

On 6720 and 6746, only one port per port group can be configured as destination port for egress

spanning.

On 6720 and 6746, ISL port cannot be source or a destination SPAN port. On 8770 and SPAN in

VCS feature, ISL can be source port, but the destination has to be on the same rbridge.

On 6720, Inter-chip port spanning is not allowed.

Spanning of LAG port is not supported. To span a LAG, user should individually enable spanning on all the member ports of the LAG.

A profiled port cannot be a SPAN destination.

RSPAN may not mirror traffic from VDX 6740-T to the port on VDX-6740

ICMPv6 RA Guard

This feature is only supported by Brocade Fixed Port Switches VDX 6710, VDX 6720 and VDX 6730.

Trunking

For the VDX 6740 and VDX 6740T Brocade trunk (BTRUNK) has a maximum throughput of 160G using 16 10G ports in the same trunk group. On these platforms traffic may not be distributed evenly across all member of a trunk at lower traffic rates.

For the rest of the VDX platforms, Brocade trunk (BTRUNK) has a maximum throughput of 80G. Full link utilization of 8 ports in a trunk group is achievable with larger packet size (>128 Bytes).

40G BTRUNK is supported between VDX 6740/VDX 6740-T (2-port trunk)

During ISL flap, for a brief period when TRILL is not activated on that ISL link, some packets may not be source-suppressed & may egress out of that port.


VCS

VCS supports traffic traversing through maximum 9 hops of VDX Switches. Thus VCS can have

maximum of 9 nodes in a ring topology.

Loopback connection is not supported in VCS mode. If a loopback connection is done, those

interfaces become ISL interfaces.

Fabric Cluster Mode:

o When a new switch is added to an existing VCS fabric and if the new switch takes

the role of principal node, the other switches in the fabric will receive the

configuration of the distributed features such as Virtual IP and VM-Aware Network

Automation from the newly added switch. This will cause the existing distributed

configuration to be overwritten by the newly added switch in the principal role. This

can be avoided by following the new switch addition procedures in the Admin

Guide.

o After a cluster reboot, Brocade recommends to do both “show fabric all” and “show

vcs” to ensure that cluster is entirely formed without any issue. User might see that

‘show vcs’ takes an additional 2-3 minutes to show all participating switches. This is

an existing behavior and doesn’t affect data path functionality in most cases.

“show fabric isl” & “show fabric trunk” may show the interfaces in random order without sorting

vLAG

LAGs are created with default speed of 10G. Therefore Brocade recommends end user to set required speed manually based on member speed using “speed” command.

When configuring LACP LAG between VDX & non-Brocade switches it is highly recommended to enable the vLAG ignore-split on the VDX. Ignore split option is enabled by default in Brocade Network OS v4.1.0.

MAC Learning Considerations in VCS

The CLI command “clear mac-address-table” has been enhanced to support clearing the mac-addresses associated with vLAGs. This command can be used to sync mac-address-tables of the VCS member switches.

Post 3.x releases, FPMA mac addresses are not shown in “show mac-address-table dynamic”. User can use ‘show fcoe login’ and ‘ show mac-address-table count’ together to get this output

Post 3.x releases, Internal Mac-addresses are shown in “show mac-address-table” output to support L3 use cases. The sync across the VCS has to be observed using “show mac-address-table dynamic”.

Under rare circumstances, end user might see mac address sync up issues on few nodes of a cluster (where 1 or more MAC addresses might be missing in some nodes). Brocade recommends to do “clear mac-address-table dynamic” in such cases.

Static mac addresses will be displayed even when interfaces are down. This may cause blackholing of the traffic.


There are 3 operational enhancements w.r.t VLAN Interfaces o Removal of shutdown/ no shutdown at VLAN interface level. o Removal of VLANs information entirely from ‘show ip interface brief’ cmd o Output of ‘show VLAN brief’ reflects the the ‘State’ of VLAN as ACTIVE/INACTIVE

(along with inactive reason – ‘member port down’) based on member ports’ state.

Under certain conditions, MAC addresses may not be learnt even though ARP’s may be learnt for those same MAC addresses.

PVLAN

Following PVLAN features are not supported in this release:

o IGMP on PVLANs but there is no error message displayed if operator configures

IGMP snooping on PVLAN

o ARP & Routing in PVLAN domain

o Enabling Routing in Primary and Secondary Vlans

o CLI to Enable Local Proxy ARP on primary VLAN

o IP Configuration on PVLANs

o Ve Configuration on Secondary Vlans

o AMPP on PVLANs

o In case of MSTP if a primary VLAN is added to the instance automatically secondary

VLAN also added to the instance.

o When the operator wants to delete the host association on a host port

recommended to use “no switchport” rather than “no switchport private-VLAN

host-association”. This is applicable only when the host port is untagged. When the

host port is tagged both the commands can be used.

o Primary VLAN ID needs to be lower than the secondary VLAN IDs. If primary VLAN ID

is greater than secondary there is an issue with config replay

UDLD

The UDLD protocol is not supported on the members of a Brocade trunk.

The UDLD protocol is not compatible with Cisco’s proprietary UDLD protocol.

UDLD needs to use the higher timer in Scale and Stress envrioment. UDLD may flap during HA failover and ISSU

STP/DiST

VDX does not support tunneling non-standard BPDUs and thus IEEE BPDUs (0180:C200:0000) generated as tagged packets in STP/RSTP/MSTP modes may not be tunneled successfully across VCS fabric. However, VDX supports tunneling standards’ based BPDUs such as untagged IEEE BPDUs and tagged or untagged PVST BPDUs (0100:0CCC:CCCD). Post 3.0.1, the tagged IEEE BPDU can be tunneled across VCS fabric using command: “tunnel tagged-ieee-bpdu” under interface configuration.

In Fabric Cluster mode, global spanning-tree configurations (STP enable, STP Vlan configurations, STP over vLAG configurations) have to be performed in all the switches in VCS at the same time. For example, to run spanning-tree, it has to be enabled on all the switches including switches that don’t have any edge ports.


By default global spanning-tree and interface level spanning-tree will be disabled, user has to

explicitly enable on the desired ports. VLAN spanning-tree state is default enabled

BPDU tunnel configurations are permitted only when spanning-tree is disabled in VCS.

For cisco proprietary Per Vlan Spanning Tree protocols (PVST and RPVST) user needs to

configure Brocade switch to send BPDU on Cisco multicast destination mac address

“0100.0ccc.cccd” for non-native VLANs. By default, NOS 4.1.0 software use's brocade

"0304.0800.0700" multicast mac to send BPDU's on non-native VLANs.

Since Cisco boxes use Cisco multicast mac address to send spanning tree BPDU on non-

native VLANs, this configuration is needed in VDX switches to interoperate. This is an

interface specific configuration

Below is the example to configure Cisco BPDU mac for PVST and RPVST under interface

mode, VDX 6740-VCS1# conf t

VDX 6740-VCS1(config)# protocol spanning-tree rpvst

VDX 6740-VCS1(config-rpvst)# exit

VDX 6740-VCS1(config)# interface Port-channel 100

VDX 6740-VCS1(config-Port-channel-100)# spanning-tree bpdu-mac ?

Possible completions:

0100.0ccc.cccd Cisco Control Mac

0304.0800.0700 Brocade Control Mac

VDX 6740-VCS1(config-Port-channel-100)# spanning-tree bpdu-mac 0100.0ccc.cccd

VDX 6740-VCS1(config-Port-channel-100)# exit

VDX 6740-VCS1(config)#

Edge Loop Detection (ELD)

ELD is supported on the edge ports that are connected either by end-hosts OR another switch OR another VCS.

To limit the number of instances utilized, it is recommended to enable ELD on only 1 VLAN per interface.

ELD is also supported for edge interfaces connected to hosts.

For 4.1.0 release, ELD cannot be enabled for multiple VLANs for an interface

ELD may not be enabled after line-card powercycle

Long Distance ISL Ports

Standard ISL is supported on 10G/40G interfaces up to a distance of 1000m without any special commands. "long-distance-isl" command is not required to form an ISL up to a distance of 1000m.

Long distance ISL is only supported on 10G interfaces.

Long distance ISL configuration is not allowed if CEE Map/fcoeport is configured on any edge ports in the same port group.

CEE Map modification is not allowed when long distance ISL is configured.

A maximum of three PFCs can be supported on a long distance ISL configured platform.

When long distance ISL is configured on the switches, all ports in the port group will be bounced.

Both side of long distance link should have long-distance-isl configuration. Otherwise end to end PFC might not work appropriately.


For 10Km/Extended Range long distance configuration all other ISLs in the port group will be disabled.

For 2Km/5 Km long distance configuration, one other ISL will be allowed to come online in the port group.

For 2 km, 5 km and 10 km long-distance, use Brocade supported Long Range (LR) optics for direct connectivity.

For 30 km long-distance, use Brocade-supported Extended Range (ER) optics for direct connectivity.

AMPP and Port-Profiles

Port-profile status does not reflect the remote interface info in VCS fabric mode.

Native VLAN support inside AMPP does not honor the global enable/disable flag .

SPAN destination port cannot be a profiled port .

All AMPP features that were supported only on a physical interface on Brocade Network OS v2.0 are now supported on a vLAG in Brocade Network OS v2.1 and higher with an exception of FCoE sub-profile which is not supported in vLAG mode.

Brocade recommends deleting all manually created port-profiles when migrating from a legacy AMPP environment to VM Aware Network Automation.

Vmkernel related port-profiles may unapply/reapply during HA resulting in vmotion failures.

Default port-profile configuration is not the same as prior version. The “switch port trunk allow VLAN all” that was present in prior version is removed. Other configuration stays the same.

User defined port-profile-domain is introduced to control the VM mobility. Port-profile created must be explicitly associated with a profile domain.

After upgrade, a new port-profile named UpgradedVlanProfile is auto-created. This profile has the single VLAN profile that contains the “switch port trunk allow VLAN all”. This is the configuration that is present in the default port-profile of prior version

After upgrade, a default port-profile-domain is created. This default domain contains all the existing user created port-profile and vCenter created auto-profiles prior to the upgrade plus the UpgradedVlanProfile

Mac-based classification allowed only on access port-profile and C-tag classification allowed only on trunk port-profile

When a port becomes a profiled-port, all SERVICE VFs in that domain are provisioned on this

port.

“Switch trunk allow VLAN all” can only be present in one domain, It cannot co-exist with other c-tag based classifications in that domain.

user is not allowed to edit/delete the the default-profile-domain when Service VF is disabled

New port-profile is not auto added to the default domain when Service VF is enabled. It can only be explicitly added to or removed from the default profile-domain.

On disabling Service VF UpgradedVlanProfile should be re-configured with “switchport trunk allowed VLAN all” in Default-profile-domain if it is removed /modified


Newly created port-profiles which is not part of any domain should be added to the default-profile-domain explicitly while disabling the Service VF

SERVICE VF classification cannot overlap across port-profiles in the same domain, but it can overlap across PP in different domains

vCenter

VM-Aware Network Automation is supported only with VMware vSphere version 4.0, 4.1, 5.0, 5.1, and 5.5.

Receiving more than five vCenter events within a span of 30 seconds, results in asset discovery getting initiated. Post discovery cluster configuration will be in sync with vCenter.

vCenter auto-profile is automatically added/deleted to the default profile-domain in Service VF enabled/disabled mode

Modifying/editing the auto port-profiles in the default-domain is not recommended, which may cause auto-pp application failure during vCenter operation and end up in traffic failure

Adding/removing the auto-port-profile to the user-created domain when Service VF is enabled is not recommended which may cause auto-pp application failure during vCenter operation and end up in traffic failure

In Network OS v4.1.x, vCenter auto-profile does not support SERVICE VF classification.

For switches running NOS4.1.0 or NOS4.0.1b or lower with vCenter enabled, ensure that there are no ESXi5.5 hosts with "NSX vSwitch" configuration attached to the vCenter server. There is no such restrictions on NOS4.0.1c and above, or NOS4.1.1 and above.

QoS

It is recommended to use the same CoS Tail drop threshold on all members of a port-channel to avoid unpredictable behavior.

In a hybrid logical-chassis, if a user configures a platform specific feature, it will be configured only on the rbridges which support that feature.

Asymetric pause is supported on 1G ports on 6710 and other 1G port interfaces

VDX 6740 supports 3 PFC queues

Flow control is disabled by default on all interfaces.

Trust- support only standalone mode, no VCS mode

DSCP to CoS Mutation- all platforms (VDX8770, VDX 67xx)

DSCP to Traffic Class Mutation -all platforms (VDX8770, VDX 67xx)

DSCP to DSCP Mutation (VDX 8770 and 6740/T only)

Random Early Discard (RED) (VDX 8770 and 6740/T only)

Priority 7 is reserved for control traffic on VDX switches. User data traffic should use priorities

0 through 6.

Brocade VDX architecture prioritizes Unicast traffic over Broadcast or Multicast traffic under

port congestion.

The interface queues operate in Strict Priority mode when there are no ISLs online on the switch. This could result in potential starvation of the CPU queue if line-rate traffic flows through an interface.


FCoE

Brocade recommends not having FCoE ports and Long Distance ISL ports in the same port-groups. This configuration will NOT be prevented by the CLI; however it can result in unpredictable behavior for FCoE traffic.

Brocade recommends that for all LAGs with FSB, the fcoeport config must be applied on the LAG itself and for all LAGs with directly attached CNAs, the fcoeport config must be applied on the member ports.

If FCoE priority is changed from default to non-default, user might see that FCoE login may not happen. Please toggle the interface using “shutdown” followed by “no shutdown” to work this around.

Binding an enode mac to FCoE interface is not allowed in range context, as only one enode mac can be bound to one FCoE interface

While providing range for FCoE interfaces, it’s recommended to provide the range only in ascending order. For ex: interface fcoe 1/48/11-38 is recommended, interface fcoe 1/48/38-11 is not recommended

FCoE traffic may not be mirrored using RSPAN. Workaround is to use SPAN

In use cases with FSB, it is noticed that after converting dynamic port-channel to static, hosts and targets don’t see each other.

After non ISSU upgrade from NOS4.0.1 to NOS 4.1.0 sometimes plogi failures are observed. Work around is unknown.

Some FCoE related commands take longer than 5 seconds to respond. “show fcoe fab default” takes 11 seconds “bind TenGigabitEthernet 3/0/42” takes 60 seconds

FC/Fport

F port can support only 63 NPIV devices

Loop devices are not supported.

No long distance support for F-Ports.

Proprietary features such as trunking, QOS, D-Port, FAPWWN, Credit Recovery and FEC are not supported on FC F-Ports.

VRRP

VRRP and VRRP-E cannot be enabled together on VDX 6740 and 6740T platforms. Command

“protocol vrrp-extended” is added to specifically enable VRRPE.

VRRP/VRRPE undergoes disruption during ISSU or HA failover.

VRRP-E global sessions may get disabled after firmware upgrade

Large VRRP config may increase config download time

‘no preempt-mode’ is not honored on physical interfaces of 87xx

OSPF

Graceful restart is not supported

BGP

Following BGP features are not supported in this release:

o VRF-Lite support


o Graceful Restart

o AS Confederation

o Outbound Route Filtering capability

o Extended Community Filter support

BGP Aggregate route is preferred over direct network

Standard and Extended community may be allowed to be configured on same interface

L2/L3 Multicast

The following PIM features are not supported in this release: o Non-Stop Routing (NSR)

o IP version 6

o VRF

o Prefix list

o Configuring the switch as the BSR (Bootstrap Router) candidate.

o Configuring the switch as the Rendezvous Point or Rendezvous Point candidate

The Rendezvous Point (RP) must be configured outside the VCS cluster.

All PIM enabled routers should be directly connected to RP

IGMP Snooping must be enabled in all the switches in the VCS cluster.

IGMP timers configured on PIM enabled L3 interface are not considered over the timers on VLAN

CLI incorrectly allows same interface to be selected as incoming and outgoing interface for PIM-DR

IGMP leave from one receiver will affect other receivers if connected through a vLAG

IGMP join does not get forwarded via vLAG on shutting the primary port until general query is received

PIM OIF list may not be updated when static IGMP group from VE is removed

PIM TTL threshold is not supported even though the CLI would be accepted.

PIM is not supported on VE interfaces with multiple IP addresses.

VRF

Management VRF is not supported

VRF lite supports OSPF and static routing but not BGP

On configure VRF on an interfaces, all previous IP config would be lost

IP Services like telnet are not supported on non-default VRF

User will not be able to access VDX switches through interfaces belonging to non-default

VRF

Static route leak is supported across VRFs. Connected routes cannot be leaked using

subnets, but only as /32 addresses.

Modifying VRF address family will lose all IPv4 configuration related to that VRF including

router ospf instance on that VRF

User should delete all route leak configuration on a VRF before deleting that VRF

VRF functionality is not supported on the VDX 6746


Interoperability

In a VPC environment where the Brocade VDX side has the active LACP settings and the Cisco side has the passive settings on the vLAG, the port-channel takes over 30 seconds to come up. Workaround: Reverse the settings and have the Brocade VDX LACP settings passive and the Cisco side set as active. The port channel will then restore after about 10 seconds.

There is a compatibility issue between Brocade and Cisco chassis that can cause an LACP protocol timeout. If you have a Brocade VDX 6710 and a C24 VDX cluster and two Cisco Nexus 5k chassis configured in a VPC cluster using a combination of 1G fiber copper links, after shutting down links on the Cisco side, about 10 seconds of traffic loss can occur. The shutdown operation of the Nexus 1G port does not shut down the transmitter, so the Brocade VDX 6710 port is not able to detect link down. This leads to LACP protocol timeout.

When interoperating with Brocade 8000, it is recommended to set the mac-aging time to 0 on the VDX switch to prevent any adverse impact caused by certain errors generated by the Brocade 8000.

PVST-RPVST interop may not work between VDX and FCX/ICX

ADX HA Sync packets use UDLD PDU’s which may be dropped by VDX. To enable forwarding, we recommend configuring dot1q tagging to treat UDLD packets as data-packets to be forwarded across VCS.

Certain non-Brocade devices require unicast ARP request to be supported. In such scenarios, we

recommend enabling “(config-rbridge)# arp unicast-request receive ve [all | <number1>, <number2>..]” command on 8770 switches. VDX 6740 support unicast arp request by default.

Miscellaneous

Brocade VDX switches load balance internal and external traffic based on hash functions using standard network headers as keys. Due to this implementation, users may experience traffic imbalance depending upon application flow definition.

Packet drops will be seen for a short duration due to routing changes with link flaps and/or node failovers.

On both ISL and Edge ports, sFlow sampling is supported only in inbound direction.

Sflow collectors are not queried in snmp v1, v2 & v3 versions

L2 packets may not be sampled on line-card power OFF & ON

If multiple VLANs are configured on a switch, then in order to enable certain features such as IGMP or PVST it is recommended that specific features be enabled on a per-VLAN basis instead of enabling them globally.

“Clear ip route all” need to be issued once the maximum number of routes supported by a router is exceeded.

SNMPset operation is not fully supported

Under rare conditions, the switch may bootup with default configuration on power-cycling the switch

Firmware downgrade is not blocked if the scale configured would not be supported in the downgraded release


Under rare conditions, after disabling keepalive timeout followed by shut & no shut of the port-channel link may prevent FCoE logins through that port-channel

On rare instances of HA failover, SFM may turn faulty. Workaround is to manually reseat the card

On rare instances of ISSU, HA failover, line-card may turn faulty. Workaround is to reset the line-card

PCAP utility may not work correctly after HA failover operation. Workaround is to reload the chassis system.

Please make sure to not have large no of unreachable tacacs+ accounting server configured, else it might cause unit to reboot. This issue is hit only with large config (4K VLAN etc and 20K lines or config)

The access-lists on Mgmt interfaces may not be effective during the bootup after the upgrade

The load-balancing scheme for traffic egressing out of the ISL trunk on VDX 6740 series of switches will follow “fill & spill” method. i.e. The next link is used only after the first link is fully utilized.

Virtual Fabric

This feature is NOT supported on VDX6710/20/30 or VDX6746.

PIM-SM is not supported on Virtual Fabric.

Virtual Fabric & Transport Fabrics do not support Native VLAN configuration. While the CLI

does not restrict, we strongly recommend not using this feature.

For frames forward on a transport fabric, ingress CTAG tagging is preserved at the egress port regardless of the egress tagging classification. Default-VLAN can only be configured using TRANSPORT VF IDs

Policy-based Routing (PBR)

This feature is NOT supported on VDX6710/20/30 or VDX6746.

If a PBR route-map is applied to an interface that is actively participating in a control

protocol and the ACL specified in the route-map also matches the control protocol traffic

the control protocol traffic will be trapped to the local processor and not be forwarded

according to the route-map.

Inter-VRF Leaking (Static)

S+ symbol routes indicated leaked routes

There is no CLI check for Route leak configuration in source VRF colliding with route/interface configuration in target VRF – User has to take care of this

VRF route leak cascading is not supported

User should avoid making Static, dynamic and connected route conflict with routes in target VRF when configuring route leak

Static route leak with interface as next hop is not supported

Before deleting a VRF, user should delete all route leaks configured under that VRF

For bidirectional traffic with router leak, user needs to configure route leak in both direction separately


Route leak configuration to next hop IP on the same box on different is not a valid configuration, but CLI will be accepted

Ongoing Switch generated traffic like ping through leaked routes will continue flow even after deleting VRF route leak

Precaution needs to be taken when leaking default routes - this can result in routing loops

Switch management from non-default VRF by leaking route from non-default VRF to default VRF is not supported

Connected routes can be leaked as /32 addresses only & not as subnets.

Inter-VRF leaking is not applicable to the VDX 6746 as VRF is not supported.

DHCP IP Helper

o DHCP Relay Agent Information Option (option-82) is not supported in this Release o There is no HA support for dhcp relay statistics. When a switchover happens, the statistics will

not be replicated to the new active MM.

DHCP-based Firmware download (DAD – DHCP Automatic Deployment)

DAD is dependent on DHCP, if DHCP is not enabled on management interface, DAD cannot function.

In order for successful version upgrade using DAD method, switch should undergo 2 reloads.

Config only download is not supported using DAD

For dual MM chassis, dual MM must be in sync for DAD to function

DAD is a disruptive. ISSU is not supported

In FIPS mode, DAD is not supported.

Logical Chassis HA

Logical Chassis HA is supported only on VDX8770 with dual Management Modules (MM).

Full HA sync is supported.

As long as the system has HA “In-Sync” state, warm recovery is supported for both planned as well as unplanned MM failover.

There will be no overall configuration replay after warm recovery, except for Layer 3 protocol configurations which do not support HA. If the switch undergoing MM failover is the VCS cluster principal switch, it will continue to remain as the principal switch after the MM failover. All the secondary nodes will first disconnect from it when the MM failover starts and then rejoin as the VCS cluster is reformed. The Fabric Cluster will remain intact and there will be no traffic disruption.

If the switch undergoing MM failover is a secondary switch, the switch will disconnect and

rejoin the VCS cluster after reestablishing connection with the principal switch and the rest of

the cluster will stay intact. The Fabric Cluster will remain intact and there will be no traffic

disruption

Access Gateway

Access Gateway (AG) functionality can be enabled only on VDX6730.

Enabling AG requires FCoE license.


In Logical Chassis mode, AG is enabled on the local node and AG configurations will not be

distributed.

The switch will be reloaded on enabling Access Gateway.

AG does not bridge the VCS and SAN fabrics because hosts connected to the AG switch are

registered in the SAN name-server only. Therefore, all zoning operations for AG are done on

the SAN fabric.

At least one N-port must be up in order for FCoE devices to log in.

In FC mode, if user enables Access Gateway mode, changes configuration, commits it to the startup config and disables Access Gateway mode, the user will need to perform a copy running to start-up once before enabling again Access Gateway mode if he wishes to get default Access Gateway configuration. Please note that otherwise, user will get the previous Access Gateway configuration which was present the last time when he performed running to start-up with Access Gateway enabled

Auto QOS for NAS

All auto-nas config should be removed before downgrading board from NOS4.1.0 to prior releases. Downgrade without first removing the related autonas configs will result in running-config

still displaying the configs.

Brocade ISL trunking on 40Gb ports

Brocade trunking is supported on 40G ports of VDX6740, VDX6740T, VDX6740T-1G and VDX8770

40G ports can form a Brocade trunk only if they are from same port-group.

In order that the 40G ports on VDX8770 form Brocade trunk, it is required that the ports be in breakout mode. There is no such requirement for VDX6740, VDX6740T and VDX6740T-1G.

Two 40G breakout ports in the same port-group of VDX8770 can form 80G trunk consisting of 8 10G ISL ports. Breakout optics with a single QSFP optical cable must be used.

Prior to NOSv4.1.0, “fabric trunk enable” configuration on the 40G interfaces on VDX8770 is allowed, however it does not provide non-breakout mode trunk capability to the ISLs.

Upgrading from any previous version to NOS4.1.x will change the default configuration on 40G interfaces on VDX8770 from “fabric trunk enable” to “no fabric trunk enable” to accurately indicate the capability. Configuring “fabric trunk enable” directly on the 40G interfaces is accordingly blocked.

VCS VXLAN Gateway for VMWare NSX

VCS VXLAN Gateway for NSX is supported only on VDX6740, VDX6740T and VDX6740T-1G.

VCS VXLAN Gateway for NSX is supported only in the VCS Logical Chassis mode.

A maximum of 2 RBridges are supported in a VXLAN enabled VCS Cluster.

Only 1 VTEP Gateway is supported in a VXLAN enabled VCS Cluster.

VMware NSX vSwitch with vSphere version 5.5 (ESXi 5.5), XenServer 6.2, and KVM on Ubuntu 12.04 are supported as hypervisors.

Only one-to-one VLAN to VNI mapping is supported.

Only Default VRF is supported for VCS VXLAN Gateway configuration.


Tunnel interfaces cannot be used as SPAN (Switch port Analyzer) destination.

Ingress/Egress ACLs cannot be applied to tunnels

Ingress/Egress QoS policies cannot be applied to tunnels

Unicast/Multicast routing between VXLAN and VLAN/VXLAN is not supported.

After removing the transport node from the NSX, the switch is disconnected from the NSX controller. After multiple retries to reconnect, the switch eventually declares the connection as dead. The connection status can be checked using “show nsx-controller brief”. If the connection status is declared dead before the transport node is added back, the commands “nsx-controller name <name> reconnect” or “nsx-controller <name> no activate/activate” need to be performed on the switch to reconnect to the NSX controller.

When using the command “show overlay-gateway name <name> VLAN statistics” for debugging overlay-gateway VLANs, it should be noted that the statistics information is limited to 256 VLANs for RX and 116 VLANs for TX.

Line cards

The VDX8770 supports following line-cards on NOSv3.x and above: o LC48×10G o LC12×40G

The VDX8770 supports following line-cards on NOSv4.1.2 and above: o LC48×10GT o LC27×40G o LC6x100G

It is required to upgrade the chassis to the line-card’s supported NOS version before plugging the line-card into the chassis.

If there exists a configuration for a line-card on the slot of VDX 8770, before inserting a new line-card of other type in the same slot, it is required to remove the configuration of the old line-card from that slot. The “no line-card” command should be used to remove the old line-card configuration from the slot where the new line-card is to be inserted. The new line card may be faulted with appropriate code if the new line-card is plugged into the slot which has configuration of a line card of other type.

Upgrade and Migration Considerations General information on installing Brocade Network OS can be found in the Brocade Network OS

Admin Guide. This section includes special considerations and caveats to be aware of when

upgrading to or from this version of Brocade Network OS, as well as recommended migration

paths to use to reach this version of Brocade Network OS.

Note: Installing Brocade Network OS is service disruptive and any un-saved running configuration

will be lost during the installation.

This table summarizes the upgrade/downgrade scenarios between NOS 4.0.x and NOS 4.1.x.

Details for the scenarios and other versions are provided after the table.

The following table applies to both Fabric Cluster and Logical Chassis modes.


Recommended Migration Paths for Brocade Network OS v4.1.x

Switches operating with earlier versions of Brocade Network OS, including Brocade Network OS

v2.1.X, should first be upgraded to Brocade Network OS v3.0.1b, then to 4.0.1 and then to

Brocade Network OS v4.1.x.

Considerations and Limitations:

Upgrading from Brocade Network OS v3.x

Firmware upgrade is supported for all VDX6730/VDX6720/VDX6710 TOR and VDX8770 chassis platforms.

Switches operating with earlier versions of Brocade Network OS, including Brocade Network OS v3.x, should first be upgraded to 4.0.1 and then to Brocade Network OS v4.1.x

This upgrade doesn’t apply to VDX6740 TOR based platform, as VDX6740 does not support versions below NOS4.0.0

Upgrading from Brocade Network OS 2.x

Switches operating with earlier versions of Brocade Network OS, including Brocade Network OS v2.1.1, should first be upgraded to Brocade Network OS v3.0.1b, then to 4.0.1 and then to Brocade Network OS v4.1.x. If the switches are running a NOS version prior to 2.1.1, then the switches need to be upgraded to NOS 2.1.1.

Firmware upgrade is only supported on all VDX67XX platforms.

This upgrade doesn’t apply to VDX87XX chassis based platform, as by default it comes with Brocade Network OS 3.0.1x.

To From

4.0.x GA (4.0.0a, 4.0.0b)

NOS 4.0.x patch (4.0.1x)

NOS 4.1.0 NOS 4.1.x

4.0.x GA (4.0.0a, 4.0.0b)

NA ISSU Upgrade (Config Preserved)

Non-ISSU Upgrade (Config Preserved)


NOS 4.0.x patch (4.0.1 )

ISSU Downgrade (Config preserved)

NA Non-ISSU Upgrade (Config Preserved)


NOS 4.1.0 Non-ISSU Downgrade (Config Loss, switch goes to default-config)

Non-ISSU Downgrade Config Preserved (without new feature enabled/configured)

NA ISSU Upgrade (Config Preserved)

NOS 4.1.x Non-ISSU Downgrade (Config Loss, switch goes to default-config)

Non-ISSU Downgrade Config Preserved (without new feature enabled/configured)

ISSU Downgrade (Config preserved)

NA


VDX 6746

VDX 6746 may be upgraded to Network OS v4.1.2 only from Network OS v3.0.0_dcb4 or v4.1.1. The downgrade from v4.1.2 can also be done only to v3.0.0_dcb4 or v4.1.1

During the downgrade from 4.1.2 (or 4.1.1) to 3.0.0dcb4 o If the VDX 6746 switch is in Logical Chassis mode, it must be convert to Fabric

Cluster mode before starting the downgrade. o Issue a “firmware download default-config” command from the command-line.

Switch additions to cluster scenarios:

Adding a switch running Brocade Network OS v4.0.x to Brocade Network OS v4.1.x

cluster

When a switch with Brocade Network OS v4.0.x is added to Brocade Network OS v4.1.x it will form a mixed cluster and Fabric distribution service will be disabled. Some of the services that will not be supported and utilizes “FDS cluster” are 1) Zoning 2) vCenter 3) “show vcs” CLI 4) Virtual IP. Limited support for all other services is available in mixed image environment.

Adding a switch running Brocade Network OS v4.1.x to Brocade Network OS v4.0.x

cluster

When a switch with Brocade Network OS v4.1.x is added to Brocade Network OS v4.0.x it will form a mixed cluster and Fabric distribution service will be disabled. Some of the services that will not be supported and utilizes “ FDS cluster” are 1) Zoning 2) vCenter 3) “show vcs” CLI 4) Virtual IP. Limited support for all other services is available in mixed image environment.

Adding a switch running Brocade Network OS 2.X to Brocade Network OS v4.1.x

cluster

Brocade Network OS 2.x switch would not interoperate with Brocade Network OS 4.1.x.

ISLs will be segmented with a reason of FDS mode mismatch.

Adding a switch running Brocade Network OS v3.0.x to Brocade Network OS 4.1.x

cluster

Brocade Network OS 3.0.x switch would not interoperate with Brocade Network OS 4.1.x.

ISLs will be segmented with a reason of FDS mode mismatch.


Upgrading to this Release Upgrading Best Practices (Applies for all VDX Platforms)

In Logical Chassis mode it is required to upgrade Principal switch at the end if Option (B) or (C) is opted.

A. Upgrade all nodes in the cluster at same time -- Service Disruptive Cluster Wide

Download the firmware (Brocade Network OS v4.1.x) in all the switch nodes running

Brocade Network OS v3.x without reboot. In case of VDX8770 chassis systems with dual

MM, user needs to individually download the firmware (Brocade Network OS v4.1.x) to both

the MMs without reboot.

After all switches complete the firmware download, reboot all nodes at the same time.

After all switches boot-up, they shall form one Brocade Network OS v4.1.x cluster.

This is Service Disruptive Cluster Wide regardless of Cluster topology.

Brocade Network OS 2.x.x cannot be directly upgraded to Brocade Network OS 4.1.x.

B. Upgrade Odd/Even Nodes (one segment at a time)—Lossless Upgrade: (Mixed version fabric is supported during upgrade maintenance window)

This is the most recommended procedure for lossless upgrade. This requires servers to be

dual homed.

Download the firmware (Brocade Network OS v4.1.x) in all the switch nodes running

Brocade Network OS v4.0.x without reboot. In case of VDX8770 chassis systems with dual

MM, user needs to individually download the firmware (Brocade Network OS v4.1.x) to both

the MMs without reboot.

After all switches complete the firmware download, reboot all the odd nodes. Half of the

cluster is now on the latest version. Traffic resumes and passes through other half of the

cluster

Now reboot all even nodes. At this point, entire cluster is loaded with latest image and up

and running

C. Upgrade one node at a time -- Service Disruptive at Node level in the Cluster

Download the firmware Brocade Network OS v4.1.x on a one node at a time in cluster

running Brocade Network OS v3.x and reboot. Principal node in a cluster should be last to be

upgraded.

After a node is upgrade to Brocade Network OS v4.1.x, it will join the existing NOS v3.x

Cluster but with no FDS services. Eventually, when all the nodes are upgraded, they will

form one NOS v4.1.x VCS Cluster. [Note no configuration changes are allowed at this time.]


Downgrading to a Previous Release Downgrading Best Practices for VDX 67XX and VDX 87XX

The downgrade process is service disruptive.

Before downgrading to NOS 4.0.x, backup the running configuration of NOS v4.1.x

o To external FTP server as well as

o To startup-config.

In-Service Software Upgrade (ISSU) is not supported while downgrading from NOS4.1.x to

4.0.x and prior versions on VDX8770.

In-Service Software Upgrade (ISSU) is supported while downgrading to/from NOS4.1.x for

different versions of “x” on VDX8770.

When downgrading to 4.0.1 please use ‘coldboot’ option along with ‘firmware download’

command. Configuration will be preserved in this process.

When downgrading to 4.0.0, the configuration will not be preserved and hence we

recommend to use the ‘default-config’ and ‘manual, noreboot’ options. Please ensure that

both management modules are reloaded at the same time.

If there are new features or new scale enhancements specific to NOS v4.1.x, we recommend

to remove them before downgrade. As an alternative, user may use ‘default-config’ option

and use the backed up configuration to restore after downgrade.

If a certificate was generated on the switch for NSX-controller (show nsx-controller client-

cert), it is required to delete the certificate before downgrading below NOS v4.1.1. Use

command “nsx-controller client-cert delete” to delete the certificate before downgrading.

Before downgrading to NOS4.1.0 or NOS4.0.1b or lower with vCenter enabled on the switch, ensure that there are no ESXi5.5 hosts with "NSX vSwitch" configuration attached to the vCenter server. Downgrading with ESXi5.5 hosts with vSwtich and dvSwitch configuration has no such restrictions.

Before downgrading to 4.0.1b1 ( OR earlier version) it is recommended to: a) Change the encryption level from 7 to 0

b) Change the key from encrypted to ‘sharedsecret’

Upgrade / Downgrade Considerations for licenses

The default number of FCoE interfaces has been reduced from 256 (NOS4.0.x) to 64 (NOS4.1.x) in order

optimize running-configuration size. Two new CLIs have been introduced to support back-ward

compatibility; “fcoe-enodes” and “enode-config” under “rbridge-id fabric-map”. Please note the

following.

Upgrade from NOS4.0.x to NOS4.1.1 on nodes with FCoE License

If number of static FCoE bindings is between 0 to 64

o The parameter “fcoe-enodes” will be defaulted to 64. o Any extra fcoe interfaces (“max-enodes – fcoe-enodes”) will be deleted


If number of static FCoE bindings is more than 64 o The parameter “fcoe-enodes” will be set to the same value as number of static

bindings.

Upgrade from NOS4.0.x to NOS4.1.1 on nodes without FCoE license

The parameter “fcoe-enodes” will be set to 0

All fcoe interfaces will be deleted

Upgrade of 2-node VCS from NOS4.0.1a or lower to NOS4.0.1b, 4.0.1c.

As per new policy introduced after nos4.0.1b onwards, VCS license is included in the base offering. Thus in releases 4.0.1b, 4.0.1c, a “Spoofed” license was enabled.

2-node VCS did not require a VCS license.

Thus when 2-node VCS is upgraded to above versions, then VCS may get segmented.

The solution is to install VCS license that can be obtained from the Support team before the upgrade.

Defect reference : 480431 & 488513.

Downgrade from NOS4.1.1 to NOS4.0.x

The parameter “enode-config” under fabric-map is newly added in NOS4.1.0 and will be set to value

“local” after upgrade from NOS4.0.x to NOS4.1.x. Before downgrade from NOS4.1.0 to NOS4.0.x the

“enode-config” needs to be set to “global”. This will ensure that atleast 256 interfaces are present.

Upgrade / Downgrade Considerations for vLAG Upgrade Scenario for vLAG (Not applicable for VDX87XX)

vLAG supports Firmware Upgrade from NOS v4.0.x to Network OS v4.1.x on VDX67XX platforms.

vLAG Feature doesn’t have any restriction or add new limitation for the Firmware Upgrade scenario

from NOS v4.0x to Network OS v4.1.x

In all there are 2 approaches with which vLAG nodes can be upgrade to NOSv4.1.x from NOS v4.0.x

Please refer to above topology for below 2 approaches.

Approach 1 - Involves graceful shutdown of vLAG ports on one of the nodes at a given time:

Below are the steps to upgrade nodes running NOS v4.0.x to Network OS v4.1.x in a VCS cluster. Say

there are 2 nodes R1 and R2 with are part of one vLAG

Pick a node (say R1) with vLAG ports, Admin shut all the vLAGs (shut under int port-channel x)

on the node. Save running configuration to startup-configuration. This should basically reduce

the vLAG into a single node vLAG/port-channel.


If the vLAG is in static mode, all members of the port-channel should be shutdown. This is due to

Static LAG behavior where it may bring UP the member link even if the port-channel is admin

shut.

Upgrade R1 with Network OS v4.x and reboot R1.

After R1 is operational up running Network OS v4.1.x software, perform admin shut of local

vLAGs (shut under int port-channel x) on the other NOS v4.0.x node (R2). There will be a

complete data path impact on the vLAG at this given time.

Immediately perform admin no shut on the vLAG on R1 running Network OS v4.0.x. This will

help you to avoid a longer delay here, so please perform this step efficiently and optimally.

Upgrade/Reboot R2 with Network OS v4.1.x. This time no need to save running configuration to

startup on the second node (R2).

After R2 reboots and operationally up, it will re-join the vLAG and we should now have the vLAG

spanning two nodes running Network OS v software.

After all vLAG nodes are upgraded, save running configuration back to startup on R1.

Advantages

Clean upgrade

No duplicate primary port issues

Works well for both Static and Dynamic vLAGs

Disadvantages

Involves some work for the administrator to perform shut/no-shut on vLAGs, particularly when in large numbers.

Need precise and efficient execution of the plan.

There will be a data-path impact for a very small period (when vLAG is shut on the second node, until a no shut is executed on the first node).

Approach 2 - Applicable for Static vLAGs and Dynamic vLAGs without configuration changes

Below are the steps to upgrade nodes running NOS v4.0.x to Network OS v4.1.x in a VCS cluster. For

example there are 2 nodes R1 and R2 with are part of one vLAG.

Step 1: Pick a node (say R1) with vLAG ports, Upgrade with Network OS v4.1.x and Reboot R1. There are

2 possibilities as follows:

o Possibility 1: No impact/reconvergence to Static or Dynamic (with Ignore-Split ON)

vLAGs. Minimal data path impact observed.

o Possibility 2: For Dynamic vLAGs with ignore-split OFF (Applies if someone has explicitly

made ignore-split OFF).

If R1 was a lower rbridge-id, there will be minimal data path impact but no vLAG

reconvergence.


If R1 was a higher rbridge-id, you’ll notice vLAG flap and observe few seconds of

data path impact.

Step 2: After R1 is operational up running Network OS v4.1.x software, it will re-join the vLAG. There

will be 3 possibilities.

o Possibility 1: For Static vLAG, the new node will not pick itself as primary RBridge. The

NOS v3.x node will retain the Primary role.

o Possibility 2: For Dynamic vLAG, with ignore-split ON, will result in the NOS v4.1.x node

retaining the primary role

o Possibility 3: For Dynamic vLAGs with ignore-split OFF (Applies if someone has explicitly

made ignore-split OFF)

If R1 was a lower Rbridge-id, it will not pick itself as primary. The NOS 3.X node will retain the Primary role.

If R1 was a higher Rbridge-id, due a LACP SID mismatch the local ports will be logically offline.

Step 3: Upgrade R2 to Network OS v4.1.x and reboot it. After this there are 3 possibilities

o Possibility 1: No impact to Static vLAGs. The Minimal data path impact is less than 1 Sec.

o Possibility 2: No impact to Dynamic vLAGs with ignore-split ON. The Minimal impact to

data path is less than 1 Sec.

o Possibility 3: For Dynamic vLAGs with ignore-split OFF, If R1 was higher rbridge-id, LACP

will re-converge on R1 and vLAG will be re-formed. This will result in a data path loss for

few seconds.

Step 4: After R2 boots up, it’ll re-join the vLAG and we’ll now have vLAG spanning two nodes and actively running Network OS v4.1.x firmware. Advantages:

1. No additional administration or configuration changes. 2. It is a straightforward upgrade process, no special handling for vLAGs.

Disadvantages:

1. There will be a data-path impact as detailed above.

Downgrade Consideration for vLAG

There is no downgrade consideration for vLAG. First the rbridge has to be downgraded like a normal

downgrade procedure mentioned below. Once it is successfully downgraded to NOS 4.0.x, vLAG should

function normally.

Copy the running configuration of NOS 4.0.x to FTP before you upgrade it to Network OS v4.1.x.


Copy the default configuration to the startup configuration.

Reboot the Rbridge.

Downgrade the Rbridge to NOS 4.0.x.

Copy the default configuration to the startup configuration.

Reboot the Rbridge. It will have the 4.0.x configuration as default.

Copy the configuration file of NOS 4.0.x from FTP server to the running configuration.

Save the configuration.

Changing Management Gateway IP for Network OS 4.0.1 and above

VDX67xx

In Network OS 4.0.1 and above, VDX67xx (Standalone, VCS fabric cluster mode and VCS logical chassis

mode) admin has to use "ip route 0.0.0.0/0 <gateway ip>" command to configure the gateway.

Prior to 4.0.0, there was an option to configure the gateway under the interface management. However

this would error out on configuration. In 4.0 this option itself is not supported.

In FC and LC mode this command is available under RB context, whereas in SA mode the same is

available in configuration mode

Please note the following:

L3 license is enabled by default on VDX67xx.

After upgrading to NOS 4.0 remove the old gateway using “no ip route” command

and configure the new route with high metric, otherwise both of the gateways (old and new)

will form ECMP.

VDX8770 (No L3 license/with L3 license)

In Network OS 4.0.1 and above, VDX87xx (VCS fabric cluster mode and VCS logical chassis mode) admin

has to use "ip route 0.0.0.0/0 <gateway ip>" command to configure the gateway.

Prior to 4.0.0, there were two ways to configure the gateway based on the availability of L3 license in

the device

L3 license available: admin has to use the command "ip route 0.0.0.0/0 <gateway ip>". Other

command "ip gateway-address" under the management interface used to display an error.

L3 license not available: admin has to use the "ip gateway-address" under the management

interface.

In 4.0 there is only one option to configure the gateway that is "ip route 0.0.0.0/0 <gateway ip>".

Please note the following:


After upgrading to NOS 4.0.1 remove the old gateway using “no ip route” command

and configure the new route with high metric, otherwise both of the gateways (old and new)

will form ECMP.

In 3.x without L3 License the user had the option to configure gateway in both the MMs, which

is not the case in 4.x

Scalability

Scalability

All scalability limits are subject to change. Limits may be increased once further testing has been completed, even after the release of a particular Brocade Network OS version. The limits noted in this table apply to all the VDX platforms unless otherwise specified.

Network OS

v4.1.1 Scalability

Numbers

VDX

6710/20/30/46

Standalone Mode

VDX

6710/20/30/46

VCS Mode

VDX 6740 VCS

Mode

VDX 8770 VCS

Mode

Maximum # of

VLANs

3,500 3,500 3,500 4,000

Maximum # of

MAC addresses

30,000 30,000 120,000 128,000

Maximum # of

port

profiles(AMPP)

750 750 1000 1000

Maximum # of

VLANs in port

profiles

3,500 3,500 3,500 4,000

Maximum # of

MAC Associations

for AMPP

16,000 16,000 16,000 24,000

Maximum # of per

priority pause

levels

2 2 3 8

Maximum # of

IGMP Snooping

Interfaces

supported

NA 128 256 256


Learning rate for

IGMP snooping

(groups/second)

NA 256 512 512

Maximum # of L2

(IGMP Snooping)

multicast groups

NA 2,000 6,000 6,000

# of L3 (S,G)

forwarding Entries

NA NA 2,000 2,000

# of L3 (*,G)

forwarding Entries

NA NA 256 256

# of L2/L3

Multicast Flows

NA NA 10,000 10,000

PIM Interfaces

Supported

NA NA 32 32

IGMP interfaces

supported

NA NA 32 32

Learning Rate for

PIM-SM

(flows/second)

N/A N/A 32 32

Maximum # VLAN

per Edge Port in

Trunk Mode

Port***

3,500 3,500 4,000 4,000

Maximum # of VF

Ports (Per switch)

NA 1,000 1,000 1,000

Maximum # of

NPIV per Port

NA 64 64 64

Maximum # of

Enodes per Fabric

NA 2,000 2,000 2,000

Maximum # of

FCoE interfaces

(Per switch)

NA 1,000 1,000 1,000


Maximum # of

FCoE Devices per

Fabric

N/A 2,000 2,000 2,000

Maximum # of

SAN Devices (FC +

FCoE) per Fabric

N/A 3,000 3,000 3,000

Maximum # of

FCoE Logins (Per

switch)

N/A 1,000 1,000 1,000

Number of active

STP nodes (Per

cluster)

8 8 8 8

No. of ports per

node (phy)

participating in

xSTP

60 60 60 60

No. of ports per

Cluster in xSTP

480 480 480 480

No. of vLAGs

assuming 2-4

nodes in vLAG

64(512* if

bpdu

guard

enabled)

64(512

* if

bpdu

guard

enable

d)

64(512* if

bpdu

guard

enabled)

64(512*

if bpdu

guard

enabled)

No. of vLAGs

(participating

xSTP) assuming 2-

4 nodes in vLAG

64 64 64 64

No. of vLAGs

(participating

xSTP)assuming 8

nodes in vLAG

32 32 32 32

No. of PVST

instances

128 128 128 128


No. of RPVST

instances

128 128 128 128

Maximum # of

MSTP instance

32 32 32 32

Maximum #

VLANS per MSTP

instance

50 50 50 50

Maximum # of

VLAN in PVST

128 128 128 128

Maximum # of

LAG groups

60 60 60 384

Maximum # of

members in a

standard LAG

16 16 16 16

Maximum # of

members in a

Brocade LAG

8 8 16 8

Maximum number

of ELD instances

per fabric

(Instance is

measured per

interface per

VLAN)

NA 256 1000 1000

Maximum # of

switches in a

Fabric cluster

mode

NA 32 32 32

Maximum # of

switches in Logical

cluster

NA 24 32 32

Maximum # of L2

ECMP Paths

NA 8 8 8


Maximum # of

trunk members

for fabric ports

NA 8 16 8

Maximum # of

vLAG groups

NA 512 512 512

Maximum # of

member ports in a

vLAG

NA 64 64 64

Maximum # of

nodes in a vLAG

NA 8 8 8

Maximum # of

member ports per

vLAG per Node

NA 16 16 16

Maximum # of

Management ACL

256 256 256 256

Maximum # of

VMs supported in

VM Aware

Network

Automation

8,000 8,000 8,000 8,000

Maximum # of

ARP Entries

NA 8,000 12,000 50,000

Maximum # of

Unicast IPv4

routes in the

hardware

N/A 1,500 4,000 32,000

Maximum # of

OSPF areas

N/A 16 20 64

Maximum # of

OSPF routers in a

single area

NA 12 64 200

Maximum # of

OSPF adjacencies

NA 12 100 200


Maximum # of

OSPF routes

NA 1,500 4,000 32,000

# of OSPF

Interfaces

NA 64 100 1,000

# of OSPF enabled

subnets

NA 64 100 600

# of local subnets

in a single area

NA 64 100 600

Maximum # of

routes in SW

NA 1,500 4,000 32,000

Maximum # of

static routes

NA 500 1,000 5,000

Maximum # of

dynamic routes

NA 1,500 4,000 32,000

Maximum # of

VRRP instances

per system

N/A 64 256 1,024

Maximum # of

VRRP instances

per interface

N/A 8 8 16

Maximum # of

routers

participating in a

VRRP-E session

N/A 4 4 4

Maximum # of

routes with ECMP

supported

NA 1500 4,000 32,000

Maximum # of IP

interfaces per

system

NA 128 256 1,000

Maximum # of

VRF per node

NA NA 32 128


Maximum # of I-

BGP peers

NA 20 50 100

Maximum # of E-

BGP peers

NA 20 50 100

Maximum # of

BGP routes in HW

NA 1,500 4,000 32,000

Maximum # of RIB

IN Routes

NA 2,000 50,000 100,000

Maximum # of RIB

OUT Routes

NA 10,000 100,000 250,000

Maximum # BGP

Peer Group

NA 10 50 50

Maximum # of

UDLD enabled

interfaces

60 60 64 384

Maximum # of

PVLAN domain

supported

NA 31 1,000 1,000

Maximum # of

Secondary VLANs

per PVLAN

supported

NA 24 24 24

Maximum # of

primary VLANs per

PVLAN supported

in promiscuous

mode

NA 24 24 24

Sum total of all

the rules across L2

Ingresss ACLs

1300/204

8 *

1300/2

044*

508 16380

Sum total of all

the rules across L2

Egress ACLs

NA NA 124 6144


Sum total of all

the rules across L3

Ingress ACLs

768 744 508 16352

Sum total of all

the rules across L3

Egress ACLs

NA NA 511 8190

Maximum # of

primary VLANs per

PVLAN supported

in promiscuous

mode

NA 24 24 24

DHCP IP Helper

Addresses per

interface

NA 4 4 4

DHCP IP Helper Ve

interfaces

NA 128 256 1,000

DHCP IP Helper

physical ports

NA 60 60 384

Maximum number

of VLANs in a

Virtual-Fabric

enabled VCS

cluster

NA NA 8,000 8,000

Maximum number

of Transport-

services in a

Virtual-Fabric

enabled VCS

cluster

NA NA 1,000 1,000

Maximum number

of RBridges in a

VXLAN gateway

VCS Fabric

NA NA 2 NA

Maximum number

of VTEP gateways

NA NA 1 NA


***

Enabling 3500 VLANs in trunk mode on all the ports of the system might lead to system instability.

Brocade recommends that “trunk mode VLAN all” should be restricted to a handful uplink ports or a set

of selected ports where it is desirable to carry all the VLAN trunks.

In Hybrid cluster environment (a cluster involving VDX87xx and VDX67xx), the scalability limits of the cluster is determined by the scalability limits of VDX6710/20/30/46. For instance, in such a fabric, the MAC scalability limit will be 30,000 in spite of VDX87xx’s capability to do 128,000 MAC addresses.

VDX 6710/6720/6730/6746 ACL Limitations:

If mac-addresses are unique, 1300 L2 ACL rules can be applied, else 2048/2044 L2 ACL rules can be applied.

Only 54 AppType L2/L3 ACL rules (Ether-type, TCP/UDP Port numbers) can be applied at any instance.

These numbers are the aggregate count across the entire switch. The table assumes no other configurations, AMPP ACLs, L2 macs (for VDX 6710/6720/6730/6746).

The numbers are quoted for best case scenarios. Actual number of ACL rules may vary depending

upon the complexity of the ACL rules & number of forwarding ASICs in the platform.

Interoperability

The following tables list the interoperability support for IP storage, FC/FCoE storage and host adapters

for VDX as of Network OS 4.1.x.

IP Storage

per VXLAN VCS

Fabric

Maximum number

of VLANs attached

to VTEP gateway

NA NA 2000 NA

Maximum number

of VLANs

(attached to VTEP

gateway)

configured for

SPAN (Switched

Port ANalyzer)

NA NA 128 NA

Vendor Storage Array Model

Protocol Switch Model

Initiator

EMC VNX-5500 iSCSI 6720, 6740, 8770

RedHat 6.5, Windows 2012


FC/FCoE Storage

Vendor Storage Array Model

Protocol Switch Model

Initiator

EMC CX4-480 Firmware version 3.2.4

FC, FCoE 6730, 6740 (FCoE only)

RHEL 5.6, 6.3, Solaris 10 U9, Windows 2008 R2, Windows 2012 R2

VNX-5500 Firmware version 3.2.4


RHEL 5.6, 6.1, 6.3, Solaris 10 U9, Windows 2008 R2, Windows 2012 R2

VMAX 40K Firmware version 3.2.4


RHEL 5.6, 6.1, 6.3, Solaris 10 U9, Windows 2008 R2, Windows 2012 R2

HP P6300 FC 6720, 6730 RHEL 6.5, Windows 2012

P10000 FC 6720, 6730 RHEL 6.5, Windows 2012

MSA2040 FC 6720, 6730 RHEL 6.5, Windows 2012

XP9500 FC 6720, 6730 RHEL 6.5, Windows 2012

Netapp FAS3240-cdot FC, FCoE 6730, 6740 (FCoE only)

ESX 5.5, RHEL 6.4, Windows 2012

FAS3270 FC, FCoE 6730, 6740 (FCoE only)

ESX 5.1, 5.5, RHEL 5.10, 6.4, Windows 2008 R2, Windows 2012

HDS VSP FCoE 6730, 6740 ESX 5.5, RHEL 5.10, 6.5, SLES 10sp4, 11sp3, Windows 2008 R2 SP1, Windows 2012 R2

DF800 FC 6730 ESX 5.5, RHEL 5.10, 6.5, SLES 10sp4, 11sp3, Windows 2008 R2 SP1, Windows 2012 R2

Network Adapters

Vendor Model Protocol Switch Model OS

HP 526FLR FCoE 6730 Windows 2012

CN1000E FCoE 6730 RHEL 6.5

CN1100R FCoE 6730 Windows 2012

HDS HNAS 4060 NFS, CIFS 6730, 6740, 8770

RHEL 6.3, 6.5, Windows 2008 R2 SP1, Windows 2012

NetApp FAS 3170 NFS, CIFS 6730, 6740 RHEL 6.3, 6.5, Windows 2008 R2 SP1, Windows 2012

Tegile HA2100EP Zebi iSCSI, NFS, CIFS

6730, 6740 RedHat 6.5, SLES 11.3, Windows 2012, Windows 2012R2, ESXi 5.5

Nimble CS220G-X2 iSCSI 6730, 6740 RedHat 6.5, SLES 11.3, Windows 2012, Windows 2012R2, ESXi 5.5

Pure Storage

FA-420 iSCSI 6730, 6740 RedHat 6.5, SLES 11.3, Windows 2012, Windows 2012R2, ESXi 5.5

Violin Memory

6232 iSCSI 6730, 6740 RedHat 6.5, SLES 11.3, Windows 2012, Windows 2012R2, ESXi 5.5


Emulex 16002 FC 6730 RHEL 6.4, Windows 2012

OCE11002-FM

FCoE 6730, 6740 RHEL 6.4, Windows 2008 R2

OCE14102 FCoE 6730, 6740 RHEL 6.5

Qlogic 2672 FC 6730 RHEL 5.10, 6.4, Windows 2012

8152 FCoE 6730, 6740 ESX 5.1, RHEL 5.10, Windows 2008 R2

1020 FCoE 6720, 6730, 6740 ESX 5.5, RHEL 5.6, 5.10, 6.5, Solaris 10 U9, SLES 10sp4, 11sp3, Windows 2008 R2, Windows 2012 R2

1860 FC, FCoE 6720 (FCoE only), 6730, 6740 (FCoE only)

ESX 5.5, RHEL 5.10, 6.1, 6.3, 6.5, SLES 10sp4, Windows 2008 R2 SP1, Windows 2012 R2

SNMP Support Documentation Changes Starting with the NOS 4.0.0 release, the Network OS MIB Reference document is not updated. You can

obtain the latest MIBs from the downloads area of MyBrocade site after logging in.

For information about SNMP support in Network Operating System (NOS) and how to use MIBs, refer to

the Network OS Administrator’s Guide.

Obtaining the MIBs

You can download the Brocade-specific MIB files required for this release from the Downloads area of

the MyBrocade site. To download the Brocade-specific MIBs from the Brocade Technical Support

website, you must have a user name and password.

1. On your web browser, go to http://my.brocade.com.

2. Login with your user name and password.

3. Click the downloads tab.

4. On the downloads tab, under Product Downloads, select All Operating Systems from the Download by list.

5. Select Network Operating System (NOS), and then navigate to the release.

6. Navigate to the link for the MIBs package and either open the file or save it to disk.

NOTE: Distribution of standard MIBs has been stopped. Download the required standard MIBs from the

http://www.oidview.com or http://www.ietf.org websites.

Changes in MIBs and objects

This release introduces the following changes in MIBs and objects:

New MIBs

SNMP-MPD-MIB: This standard MIB defines the objects for message processing and dispatching.

http://my.brocade.com/

http://www.oidview.com/

http://www.ietf.org/


SNMP-TARGET-MIB: This standard MIB defines MIB objects which provide mechanisms to remotely configure the parameters used by an SNMP entity for the generation of SNMP messages.

SNMP-VIEW-BASED-ACM-MIB: This standard MIB defines the management information definitions for the View-based access control model for SNMP.

Updated MIBs

Updated the BROCADE-PRODUCTS-MIB.mib with the following object identifier for vdx6740 switches. o vdx6740T1G OBJECT IDENTIFIER ::= { brocadeProducts 151 }

New Traps

connUnitPortStatusChange

The SNMP trap that is generated when the GBIC is pulled in/out from the FC port slot in vdx6730

switches.

SERVICE VF support for SNMP

SNMP does not support VLAN ID greater than 4K.

For VLAN ID less than 4k, only the provisioned VLANs will be displayed

User Guides

List of Documents

Refer to www.brocade.com or my.brocade.com for the latest versions of the

Brocade VDX 8770-8 Four-Post Flush and Recessed Mount Rack Kit Installation Procedure

VDX8770_8_FourPostFlushRecessRailKit.pdf

Brocade VDX 8770-8 Two-Post Flush and Mid-Mount Rack Kit Installation Procedure

VDX8770_8_TwoPostMidMountRackKit.pdf

Brocade VDX 8770-4 Four-Post Flush Mount Rack Kit Installation Procedure

VDX8770_4_FourPostFlushMountRackKit.pdf

Brocade VDX 8770-4 Two-Post Flush and Mid-Mount Rack Kit Installation Procedure

VDX8770_4_TwoPostMidMountRackKit.pdf

Brocade VDX 8770-4 Four-Post Flush and Recessed Mount Intake Air Duct Rack Kit Installation Procedure

VDX8770_4_IntakeDuctRackKit.pdf

Brocade VDX 8770-4 Hardware Reference Manual

VDX8770_4_HardwareManual.pdf

http://www.brocade.com/


Brocade VDX 8770-8 Hardware Reference Manual

VDX8770_8_HardwareManual.pdf

Network OS YANG Reference Manual, 4.1.1 NOS_YangRef_v411.pdf

Brocade VDX 6740 and VDX 6740T Hardware Reference Manual

VDX6740_VDX6740T_HardwareManual.pdf

Network OS Administrator's Guide 4.1.1 NOS_AdminGuide_v411.pdf

Network OS Command Reference 4.1.1 NOS_CommandRef_v411.pdf

Network OS Message Reference 4.1.1 NOS_MessageRef_v411.pdf

Network OS Software Licensing Guide 4.1.0 NOS_LicenseGuide_v410.pdf

NOS NETCONF Operations Guide 4.1.1 NOS_NetconfOpsGuide_v411.pdf

Universal Two Post Rack Kit Installation Procedure

Universal2PostRackKit.pdf

Universal Four Post Rack Kit Installation Procedure

Universal4PostRackKit.pdf

Mid-Mount Rack Kit (Switch) Installation Procedure

MidMountRackKit.pdf

Flush Mount Rack Kit Installation Procedure FlushRackMountKit.pdf

Reporting errors in the guides

Send an email to [email protected] to report errors in the user guides.

Contacting Brocade

Support

Contact your switch supplier for hardware, firmware, and software support, including

product repairs and part ordering. To expedite your call, have the following information

immediately available:

Technical Support contract number, if applicable

Switch model

Switch operating system version

Error numbers and messages received

Detailed description of the problem, including the switch or network behavior

immediately following the problem, and specific questions

Description of any troubleshooting steps already performed and the results

Switch Serial Number

To contact Brocade, go to http://www.brocade.com/services-support/index.page for

the latest e-mail and telephone contact information.

1. General Information


Switch model

Switch operating system version

Error numbers and messages received

Provide support data collection output with the ‘copy support’ command

Detailed description of the problem, including the switch or fabric behavior immediately following the problem, and specific questions

Description of any troubleshooting steps already performed and the results

Serial console and Telnet session logs

Syslog message logs

2. Switch Serial Number

The switch serial number and corresponding bar code are provided on the serial number label as

illustrated below:

The serial number and barcode label is located on the switch ID pull-out tab located on the

bottom of the port side of the switch.

3. License Identifier (License ID)

There is only one License Identifier associated with a physical switch. This License

Identifier is required as part of the ordering process for new NOS licenses.

Use the show license id command to display the License Identifier.

If you cannot use the show license id command because the switch is inoperable, you

can get the WWN from the same place as the serial number.

Defects

TSBs – Critical Issues addressed in this NOS release.

TSB Summary

2014-194-A A security vulnerability has been reported in OpenSSL, CVE-2014-0224, making

products vulnerable to Man-in-the-Middle attacks. VDX switches running the

listed versions utilize the affected versions of OpenSSL and running in an

http://www.kb.cert.org/vuls/id/978508


OpenSSL client mode using RADIUS and LDAP for authentication may be

vulnerable.

TSBs - Critical Issues to Consider Prior to Installing This NOS Release

Technical Support Bulletins (TSBs) are produced to provide detailed information about high

priority defects or issues present in NOS releases. The following sections specify all current TSBs

that have been identified as being a risk to or resolved with this specific version of Brocade

Network OS. Please review carefully and refer to the complete TSB for relevant issues prior to

migrating to this version of code. TSBs can be found at http://my.brocade.com under the

“Technical Documentation” section of the “documentation” tab (note that TSBs are generated

for all Brocade platforms and products, so not all TSBs apply to NOS-based platforms).

http://my.brocade.com/


TSB Issues Outstanding in Network OS v4.1.3c

Issues in the following list of TSBs are known to be potential risks to using Network OS v4.1.0 ,

v4.1.1, v4.1.2, and v4.1.3 and should be considered carefully prior to using this release of code:

TSB Summary

2014-209-A Switch loses in-band management connectivity after firmware upgrade to

5.x

2015-226-A In Fabric Cluster [FC] mode, configuration of “vcs virtual ip address <IP> inband

interface ve <ve number>” can impact the switch stability during the firmware

download operation. Thus it is recommended to remove the VCS VIP and save

the configuration before firmware download to avoid these issues.

The issue occurs only when VCS VIP is configured for inband management. It

does not occur when VCS VIP is configured for outofband management.

TSB Issues Outstanding in Network OS v4.1.3b

Issues in the following list of TSBs are known to be potential risks to using Network OS v4.1.0 ,

v4.1.1, v4.1.2, and v4.1.3 and should be considered carefully prior to using this release of code:

TSB Summary

2015-222-A When triggers such as VDX reload or a cable/SFP pull/push create link down events on a VDX, those links connecting to certain NICs may not come up online.


Software Fixes

Closed with Code Change in Network OS v4.1.3c

This section lists the defects with Critical, High, and Medium Technical Severity closed

with a code change as of November 30, 2015 in Network OS v4.1.3c.

Defect ID: DEFECT000492193

Technical Severity: High Probability: Low

Product: Brocade Network OS Technology

Group:

Management

Reported In Release: NOS5.0.0 Technology: Configuration Fundamentals

Symptom: Switch may encounter an unexpected reload.

Condition: Configuring the speed on multiple interfaces through range CLI.


Technical Severity: Medium Probability: Medium


Group:

Data Center Fabric

Reported In Release: NOS4.1.1 Technology: VCS Fabric

Symptom: bandwidth value is shown incorrectly in the output of the command "show fabric

route topology" under certain conditions.

Condition: The issue is seen after physically removing one of the ISL links between two VDX

switches in the cluster. User may wrongly interpret the output as more bandwidth is

available than what is existing between two VDX switches in the cluster.




Group:

Layer 2 Switching

Reported In Release: NOS5.0.0 Technology: FCoE - Fibre Channel over

Ethernet

Symptom: FCoE logins may be lost on a 6740 when ISL port is shutdown.

Condition: The issue is seen when ISL port on a 6740 is manually shutdown.

Recovery: Shutdown/no-shutdown the port where the FCoE logins are occurring.


Technical Severity: Medium Probability: High


Group:

Monitoring

Reported In Release: NOS5.0.0 Technology: Syslog

Symptom: The message "/usr/bin/memoryusage.sh: [: too many arguments " may be displayed

on the console.

Condition: On insertion of the SFP optics.



Technical Severity: High Probability: Medium


Group:

Layer 2 Switching

Reported In Release: NOS5.0.0 Technology: VLAN - Virtual LAN

Symptom: Mac learning stops and flooding happens.

Condition: Deleting Primary PVLAN and its associated secondary VLANs.

Workaround: Removing and configuring back the PVLAN config.

Recovery: Clear the mac-address-table.




Group:

VCS

Reported In Release: NOS5.0.1 Technology: TRILL - Transparent

Interconnection of Lots of Links

Symptom: The "FCS Transaction Hung" RAS log messages are continuously printed on the

console of the 6740 & 8770 VDX switch.

Condition: There is no known trigger that can cause these messages to show up on the console.

But, they are only seen on very large VCS clusters.

Recovery: Reboot the affected RBridge.


Technical Severity: High Probability: High


Group:

Monitoring

Reported In Release: NOS4.1.2 Technology: Hardware Monitoring

Symptom: Link between VDX and Linksys is unable to come online.

Condition: Connecting VDX link to Cisco SF 102-24 unmanaged switch will end up in link

down state.


Technical Severity: Low Probability: Low


Group:

Management

Reported In Release: NOS5.0.1 Technology: VMWare

Symptom: Username is currently allowed up to 16 characters. But it is required to have more

than that for FQDN support introduced in vCenter. Thus the request to support 255

characters length.

Condition: When vCenter uses FQDN based usernames.




Group:

Monitoring

Reported In Release: NOS4.1.2 Technology: Hardware

Monitoring

Symptom: Incorrect air flow direction for VDX 6720-24-R

Condition: Fan mismatch direction detected





Group:

Management


Symptom: Under very rare conditions, unexpected reload may occur indicating

mlt_garbage_collector inconsistency

Condition: In steady state when Memory tracking tool (MLT) encounters corruption.


Technical Severity: Medium Probability: Low


Group:

Layer 2 Switching

Reported In Release: NOS5.0.1 Technology: VLAN - Virtual LAN

Symptom: "show interface description" and "show interface trunk" do not display all port-

channels

Condition: Multi-node cluster with Port channels configured and most of the port-channels have

ports from non-principal nodes.

Workaround: "show interface status " shows all the port-channel details.




Group:

Layer 3 Routing/Network

Layer

Reported In Release: NOS4.1.3 Technology: VRRPv2 - Virtual Router

Redundancy Protocol Version

2

Symptom: Ping to VRRP VIP will fail in some corner conditions

Condition: This can happen after the VRRP master failover. After failover, the VRRP master

node may learn an ARP with its own IP, but the MAC of VRRP backup node. This

results in ping failures.

Recovery: "clear arp ip <ip address> no-refresh"




Group:

Layer 2 Switching

Reported In Release: NOS4.1.3 Technology: xSTP - Spanning Tree Protocols

Symptom: STP root port may not be correctly designated thus causing unexpected STP states.

Additionally, PVST may go into FWDing state on vlag when principal fail-over

occurs on uncontrolled failover

Condition: After reload of principle node



Technical Severity: Critical Probability: Medium


Group:

Layer 2 Switching

Reported In Release: NOS5.0.1 Technology: xSTP - Spanning Tree Protocols

Symptom: The switch may encounter traffic loss when configuring "no spanning-tree

shutdown" on a port-channel to rectify configuration across PO members

Condition: When certain member switches of PO are not configured with the same

configuration.

Recovery: Flapping the port-channel interface on both the switches would recover the traffic

losses.




Group:

Monitoring


Symptom: VDX 10gT port (possibly 40gT) may result in the port stuck in offline state.

Condition: Repeated cable pull/re-insert on VDX 10gT port (possibly 40gT) may result in the

port stuck in offline state. Higher probability of hitting this when cabled to HP server

with the Intel NIC x520.

Recovery: Shut/no-shut recovers it.




Group:

Monitoring


Symptom: VDX 10gb port LED lights up green when only TX strand is inserted.

Condition: This issue is seen when only TX strand of the fiber cable is inserted into the link

partner's RX SFP side.

Workaround: Make sure both TX and RX strands of the fiber are clean and connected.




Group:

Management

Reported In Release: NOS6.0.1 Technology: Virtual Fabrics

Symptom: CPU gets interrupts because of a port ASIC I/O read DMA channel is stuck and

consequently it's usage becomes high.

Condition: Occurence is unexpected hence our software is made robust to handle such scenarios.

Workaround: Power cycle the affected line card.




Group:

Management

Reported In Release: NOS6.0.1 Technology: Virtual Fabrics

Symptom: Ping response may be slow because, interrupt handling is done by OS kernel.

Condition: The issue is seen under rare corner case conditions and no known sequence of

triggers are identified.

Workaround: Flap the interfaces on which the ping delay is seen or reload the switch.





Group:

Layer 2

Switching

Reported In Release: NOS4.1.3 Technology: FCoE - Fibre Channel over

Ethernet

Symptom: When VDX 6730 platform encounters a specific set of traffic conditions, FCoE hosts

may not be able to login via FCoE on dual fabrics

Condition: FCoE hosts connected to VDX running in AG mode where CRC Errors are injected

into the VDX Switch

Workaround: Ensure no CRC errors are injected into the switch

Recovery: Reload of the switch




Group:

Monitoring

Reported In Release: NOS4.1.3 Technology: Hardware

Monitoring

Symptom: VDX ports connecting to certain Intel NIC cards, temporarily flap under certain

corner case conditions.

Condition: Repeated cable pull/re-insert of VDX port 10gT connected to Intel NIC may result in

temporary port flapping.

Workaround: No human intervention is needed to workaround this issue. The port will come

online after a few seconds.

Recovery: Wait several seconds for port to stop flapping, and port will come online.




Group:

Management


Symptom: Show interface shows media as not present even when media is connected and traffic

is flowing.

Condition: 6740 and 8770 running 4.1.3b1 CCE patch.




Group:

Layer 2 Switching

Reported In Release: NOS4.0.1 Technology: LAG - Link Aggregation Group

Symptom: Primary port of a VLAG may send back the BUM traffic to same VLAG member.

Condition: When the “no channel-group” command is issued to the VLAG member that is the

last port in a port-group

Workaround: Re-configuring the port-channel on all member ports of a VLAG





Group:

VCS

Reported In Release: NOS6.0.1 Technology: Logical Chassis

Symptom: In a very rare case, packet drops and RTWR RASLOGs are seen.

Condition: In a scaled environment with breakout config on 27x40G LC, the issue is seen when

ISSU upgrade is attempted.




Group:

Management

Reported In Release: NOS5.0.2 Technology: SNMP - Simple Network

Management Protocol

Symptom: Introducing support 3-tuple interface for ifDescr and ifname object of IF MIB.

Rbridge ID is now part of the interface name.

Condition: ifDescr and ifname object of IF MIB will have the 3-tuples.




Group:

Security

Reported In Release: NOS6.0.1 Technology: ACLs - Access Control Lists

Symptom: User will not be able to remove IP ACL policy configuration from the management

interfaces of the switch under certain conditions. User sees a "Generic Error"

message on the screen.

Condition: When a VDX switch running NOS 5.0.2 or NOS 6.0.1 with ACL configuration on

it's management interface, this issue is seen by the user.

The issue also happens when HA failover is performed on the VDX switches running

the above two versions.




Group:

Management


Symptom: High CPU usage is seen on 6730 platform.

Condition: High memory usage due to memory leak which eventually result in CPU stuck at

100%.

Recovery: 1. Login into Switch as root

2. Capture the “top” output

3. Run: echo 10240 > /proc/sys/vm/min_free_kbytes

4. Issue command: sysctl -q -p /etc/sysctl.conf





Group:

Management


Symptom: We will observe unexpected reload of VDX 6720 platform switch.

Condition: In 6720 platform switch, when packet size greater than 1536 is received on the

management port, then we will observe this issue.

Workaround: Setting MTU size of eth0 as 9512 will avoid this issue. But it should be set after

every reload of switch, as MTU change is not persisted after reload.




Group:

Monitoring

Reported In Release: NOS4.1.3 Technology: Port Mirroring

Symptom: "show interface status" command shows incorrect status for internal VDX ports in

the switch.

Condition: If we have internal embedded ports in the VDX switch, then we will observe this

issue.




Group:

Monitoring

Reported In Release: NOS5.0.1 Technology: sFlow

Symptom: In rare cases, a VDX switch may experience an unexpected failover, especially when

sFlow is enabled.

Condition: This could happen after months or years after enabling sFlow.

Workaround: Disable sFlow or lower the SFlow sample rate.




Group:

Layer 2 Switching

Reported In Release: NOS4.0.1 Technology: LAG - Link Aggregation Group

Symptom: Discrepancy in Port-channel programming causes links within the port-channels to

be seen as individual link instead of one link.

Condition: Linecard that contains all of the ISL’s connecting from that switch to the fabrics

multicast root must be reloaded.

When this situation occurs all PO’s that are residing on that switch that contain PO

members on other linecards other than the linecard that reloaded will experience

improper flooding of BUM

Recovery: Bounce any affected port-channel member interfaces one by one.





Group:

Layer 3 Routing/Network

Layer

Reported In Release NOS4.1.3 Technology: VRRPv3 - Virtual Router

Redundancy Protocol Version 3

Symptom: Under rare conditions, certain hosts lose IP connectivity with selected few devices

when hosts connected on VDX6710/20/30 configured as Layer-3 gateways for the

host.

Condition: Usually when the set of MAC addresses are toggled between one interface to another

on the switch.

Recovery: Clearing the ARP on the VDX switches restores the connectivity.



Product: Brocade Network OS Technology Group: VCS

Reported In Release: NOS6.0.1 Technology: Logical Chassis

Symptom: In a very rare case, packet drops and RTWR RASLOGs are seen.

Condition: In a scaled environment with breakout config on 27x40G LC, theissue is seen when

ISSU upgrade is attempted.



Product: Brocade Network OS Technology Group: Management

Reported In Release: NOS5.0.2 Technology: SNMP - Simple Network

Management Protocol

Symptom: Introducing support 3-tuple interface for ifDescr and ifname object of IF MIB. Rbridge

ID is now part of the interface name.

Condition: ifDescr and ifname object of IF MIB will have the 3-tuples.



Product: Brocade Network OS Technology Group: Security

Reported In Release: NOS6.0.1 Technology: ACLs - Access Control Lists

Symptom: User will not be able to remove IP ACL policy configuration from the management

interfaces of the switch under certain conditions. User sees a "Generic Error" message on

the screen.

Condition: When a VDX switch running NOS 5.0.2 or NOS 6.0.1 with ACL configuration on it's

management interface, this issue is seen by the user.

The issue also happens when HA failover is performed on the VDX switches running the

above two versions.





Symptom: High CPU usage is seen on 6730 platform.

Condition: High memory usage due to memory leak which eventually result in CPU stuck at 100%.

Recovery: 1. Login into Switch as root

2. Capture the “top” output

3. Run: echo 10240 > /proc/sys/vm/min_free_kbytes

4. Issue command: sysctl -q -p /etc/sysctl.conf






Symptom: We will observe unexpected reload of VDX 6720 platform switch.

Condition: In 6720 platform switch, when packet size greater than 1536 is received on the

management port, then we will observe this issue.

Workaround: Setting MTU size of eth0 as 9512 will avoid this issue. But it should be set after every

reload of switch, as MTU change is not persisted after reload.



Product: Brocade Network OS Technology Group: Monitoring

Reported In Release: NOS4.1.3 Technology: Port Mirroring

Symptom: "show interface status" command shows incorrect status for internal VDX ports in the

switch.

Condition: If we have internal embedded ports in the VDX switch, then we will observe this issue.



Product: Brocade Network OS Technology Group: Monitoring

Reported In Release: NOS5.0.1 Technology: sFlow

Symptom: In rare cases, a VDX switch may experience an unexpected failover, especially when

sFlow is enabled.

Condition: This could happen after months or years after enabling sFlow.

Workaround: Disable sFlow or lower the SFlow sample rate.



Product: Brocade Network OS Technology Group: Layer 2 Switching

Reported In Release: NOS4.0.1 Technology: LAG - Link Aggregation

Group

Symptom: Discrepancy in Port-channel programming causes links within the port-channels to be

seen as individual link instead of one link.

Condition: Linecard that contains all of the ISL’s connecting from that switch to the fabrics

multicast root must be reloaded.

When this situation occurs all PO’s that are residing on that switch that contain PO

members on other linecards other than the linecard that reloaded will experience

improper flooding of BUM

Recovery: Bounce any affected port-channel member interfaces one by one.




Product: Brocade Network OS Technology Group: Layer 3 Routing/Network

Layer

Reported In Release: NOS4.1.3 Technology: VRRPv3 - Virtual Router

Redundancy Protocol Version

3

Symptom: Under rare conditions, certain hosts lose IP connectivity with selected few devices when

hosts connected on VDX6710/20/30 configured as Layer-3 gateways for the host.

Condition: Usually when the set of MAC addresses are toggled between one interface and another

on the switch.

Recovery: Clearing the ARP on the VDX switches restores the connectivity.


Closed with Code Change in Network OS v4.1.3b

This section lists the defects with Critical, High, and Medium Technical Severity closed with a

code change as of April 23, 2015 in Network OS v4.1.3b.



Product: NOS Technology: Layer 2

Reported In Release: NOS4.0.1 Technology Area: VLAG

Symptom: Flapping of some member ports of a VLAG between two VCS clusters triggered primary link

member change and a short duration traffic loss

Condition: When the member port(s) of a VLAG is flapped multiple times.




Reported In Release: NOS5.0.0 Technology Area: VLAN

Symptom: Unexpected reload can happen with CLI “no interface vlan”

Condition: If any physical/port-channel is configured with below two configurations, deletion of any VLAN will

trigger the issue

Switchport mode trunk-no-default-native

Switchport trunk allowed vlan all

Workaround: Remove the below configurations on an interface at the same time, before the deletion of a VLAN.

Switchport mode trunk-no-default-native

Switchport trunk allowed vlan all



Product: NOS Technology: System

Reported In Release: NOS4.1.2 Technology Area: Optics

Symptom: 'show media' command does not show the output if the port is shutdown.

Condition: When a port is administratively shutdown, the show media command does not display any output

even though the SFP is present in the port.





Symptom: Code upgrade may fail to complete on VDX switches when invalid DNS is configured in the

switches.

Condition: When DNS is directly configured OR is supplied via DHCP.

Recovery: Configure a bogus dns server in rbridge mode and delete it. This will remove any stale dns config in

the system acquired via DHCP / NOS CLI.

conf t

# rbridge 101

sw0(config-rbridge-id-101)# ip dns domain-name test123

Warning : Name Server also needs to be configured for successful operation

sw0(config-rbridge-id-101)# no ip dns domain-name test123





Reported In Release: NOS4.1.2 Technology Area: IEEE 802.1s MSTP

Symptom: We may see unexpected results for "show spanning-tree mst-config" command after VLAN

configuration for MSTP instance.

Condition: Issue will be hit when the length of VLAN configuration for MSTP instance exceeded the limit of

500 characters



Product: NOS Technology: Management

Reported In Release: NOS4.1.2 Technology Area: SNMPv2, SNMPv3 & MIBs

Symptom: After reload of a VDX 8770 switch, SNMP request for OID 1.0.8802.1.1.2.1.3.2.0 will return

incorrect response.

Condition: Issue is observed after VDX 8770 switch is reloaded

Recovery: Resart of SNMP daemon will recover from this issue





Symptom: portloopbacktest lbmode 1 test fails intermittenly on some of the ports after chassis is disabled.

Condition: When portloopbacktest lbmode 1 test is run.



Product: NOS Technology: Security

Reported In Release: NOS5.0.0 Technology Area: Fabric Authentication

Symptom: Logging into the switch through non-default user accounts with admin privileges might fail, if the

admin account is disabled.

Condition: Issue may be seen when default account such as admin is disabled.

Recovery: Enable the admin account so that other user accounts with admin privileges can access the switch.



Product: NOS Technology: Other

Reported In Release: NOS4.0.1 Technology Area: Other

Symptom: Applying access lists causing rules to fail after a few successful passthroughs.

Condition: Applying access lists




Reported In Release: NOS4.1.2 Technology Area: Switch Management

Symptom: When a user adds description to a destination mirror port for the VDX siwtch, an error message is

displayed indicating the command is not allowed. However, in the output of "show interface status",

the description is shown.

Condition: When the interface is a destination mirror/session port and user add description for same.






Symptom: The effect of a "clear counters" CLI command on SNMP interface MIB statistics may vary from one

vendor to another. The VDX product line "clear counters" CLI command should not affect SNMP

Interface MIB statistics. The VDX "clear counters all" CLI command is clearing the SNMP interface

MIB statistics.

Condition: This is fixed in NOS 6.0.0.

Workaround: Instead of executing the "clear counters all" CLI command to clear the statistics for all interfaces,

the statistics for each interface will have to be cleared by executing the "clear counters <interface

name>" command for each interface.




Reported In Release: NOS4.1.2 Technology Area: IEEE 802.1d STP

Symptom: Running config shows invalid line "bpdu-drop all" for physical interfaces and port channels.

Configuring "no" of the command would not delete it from the running-config.

Condition: Enable bpdu-drop with direction for a physical interface or port channel. Later make that interface

non-switchport ("no switchport" command).

Recovery: Make the interface switchport and remove bpdu-drop configuration using "no" command.





Symptom: Unexpected output for the CLI show interface status by displaying "SFP Absent" instead of

displaying "connnected/Not connected".

Condition: This can hit when the copper ports for VDX 6710/VDX 6740T are used.




Reported In Release: NOS5.0.0 Technology Area: IP Route Management

Symptom: DHCP packets may be dropped if burst limit is exceeded

Condition: Running DHCP relay

Workaround: NA





Symptom: No functional impact. Unexpected FFDC after running Diag.

Condition: DIAG run.






Symptom: When VDX 8770 generates a WLV-1003 raslog, Line card number is not part of the string. BNA

consumes only the string and is unable to discern the line card number.

Condition: When 8770 port goes faulty, a WLV-1003 message is generated.



Product: NOS Technology: Traffic Management

Reported In Release: NOS4.1.2 Technology Area: QoS - Quality of Service

Symptom: Discrepancy may occur in the below CLI output.

show qos rcv-queue interface

Condition: This may hit when PFC is enabled for an interface.



Product: NOS Technology: VCS

Reported In Release: NOS6.0.0 Technology Area: Fabric Build

Symptom: ISL between ports may not come online

Condition: After reload of switch, some ports may encounter CRC erors and results in ISL not forming

successfully.





Symptom: Under certain conditions, insertion of a new SFM / linecard may fail & linecard would remain in

faulty state.

Condition: When SFM or line cards are hot-plugged in and plugged out repeatedly when Diag POST is running

on that slot.

Recovery: Reboot the chassis


Technical Severity: Low Probability: Medium


Reported In Release: NOS6.0.0 Technology Area: Component

Symptom: Brocade 4G USB mount failure.

Condition: "usb on" command for 4G Brocade USB may fail in previous NOS releases.




Reported In Release: NOS4.1.3 Technology Area: Other IPv4

Symptom: User currently not allowed to manually configure multiple DHCP Relay IP addresses and select the

desired Gateway IP address.

Condition: When clients are to be assigned IP addresses from a specific range and the user wants a Gateway IP

address other than the lowest IP address configured on the DHCP relay interface.






Symptom: Certain incoming TCP/UDP traffic will be dropped when transiting VCS fabric

Condition: When incoming traffic with DSCP value is set as 63 & traversing VDX 6740

Workaround: Use DSCP value other than 63.



Product: NOS Technology: Monitoring/RAS

Reported In Release: NOS4.1.3 Technology Area: Syslog

Symptom: When ACLs are configured to restrict access to a switch from outside, then following raslog messages

may be seen repeatedly on the console:

" <snip>unauthorized host with ip address <> tries to establish connection using UDP breach at port

<>"

Condition: This occurs when the ACLs that are configured to restrict access to a switch from the outside are

violated.

Workaround: Configure like the example below for any <message>.

" logging raslog message SEC-3039 suppress".

Even so, sometimes these messages could be seen for the Standby OS.




Reported In Release: NOS4.1.3 Technology Area: CLI

Symptom: Switch is not using the configured DHCP Gateway IP Address

Condition: When multiple IP addresses are configured on a VE interface, DHCP gateway IP address does not use

the newly configured DHCP IP address.




Reported In Release: NOS4.1.3 Technology Area: DHCP (IPv4)

Symptom: "show ip dhcp relay gateway" does not display configured gateway address after reload.

Condition: This issue is seen when user executes CLI command to display DHCP relay gateway information





Symptom: "show ip dhcp relay gateway" and show ip dhcp relay gateway interface ve <>" output should be

consistent - should show active gateway IP.

Condition: This issue is seen while performing show commands "show ip dhcp relay gateway" and show ip dhcp

relay gateway interface ve <>" .






Symptom: CLI "ip dhcp relay gateway <IPv4 address>" does not throw error in case CLI executed more than

once with different address. This should throw error by saying that gateway address is already

configured if CLI is executed more than once.

Condition: This scenario occur in case when user executes CLI "ip dhcp relay gateway <IPv4 address>" more

than once.

Workaround: No work around is required as it does not overwrite the gateway address configured first time.

This is just as cosmetic issue.


Technical Severity: Low Probability: High



Symptom: The ping generated from a partner device will range between 1.5-2 ms or higher on VDX VE

interfaces.

Condition: When pinging VE interface of a VDX




Reported In Release: NOS4.1.3 Technology Area: VRRP & VRRP-E (IPv4)

Symptom: Ping to VRRP virtual-IP address of session configured on physical interface fails and traffic loss

occurs when VRRP virtual-IP address is used as Gateway IP address.

Condition: Issue is seen when Virtual-IP address is configured on a VRRP session over physical interface.




Reported In Release: NOS5.0.1 Technology Area: IP Route Policy

Symptom: On firmware upgrade, chassis reload, or power-cycle of a linecard, error messages indicating FFDC

& Software Verify errors may be seen without any functional impact.

Condition: While doing a firmware upgrade, chassis reload, or power-cycle of a linecard




Reported In Release: NOS4.1.2 Technology Area: Firmware Upgrade/ Downgrade

Symptom: The Standby MM for VDX 8770 would undergo an unexpected reload when the command "show

running-config" is issued.

Condition: When a Standby MM running 3.x image is inserted into a VDX8770 running 4.0.x image or higher.

Recovery: It is recommended to issue "firmware sync" on Active MM, once the standby MM bootup has

completed




Product: NOS Technology: IP Multicast

Reported In Release: NOS4.1.2 Technology Area: IPv4 Multicast Switching

Symptom: Multicast packets with source IP as 0.0.0.0 is not forwarded by VDX. If any application is sending

multicast packets with source IP as 0.0.0.0, then this packet drop may cause application failure.

Condition: Any multicast packet carrying source IP 0.0.0.0 will face this issue.





Symptom: During an extended power cycle test overnight on a 6740, one of the 40-gig port would stay admin

down.

Condition: The 6740 is connected with external loop back cables and is power-cycled for extended periods.

Workaround: If admin down is seen, cable + SFP pull [followed by push] would bring up the link after issuing a

'no shut' on the down port.





Symptom: Even though DHCP Relay and Gateway addresses are not configured, the show command output will

display the gateway address being used on that interface.

Condition: Entering the "show ip dhcp relay gateway interface" command before configuring relay address.





Symptom: In an extended power cycle test, 40-gig port on a 6740 may become administratively down.

Condition: In a single 6740 connected with external loop back links, an extended power-cycle test was run.

Workaround: Execute 'no shut' and pull out and push-in the QSFP from the offending port to bring up the port.




Reported In Release: NOS4.1.2 Technology Area: FCoE

Symptom: FCoE devices with established sessions over VDX 6740 may abruptly lose connectivity to the Storage

devices.

Condition: The issue may occur when a new FCoE device logs in to the same VDX6740 switch as the

established session and when the PID provided has certain overlapping bits.





Symptom: Some 40G Interfaces may fail to link up.

Condition: This condition can be observed after multiple consecutive power cycles.

Recovery: shut/no shut interface on both local and remote sides






Symptom: Some Forty Gig Interfaces may take time to come online

Condition: If a device is undergoing Multiple power cycles this condition may appear

Recovery: shut/no shut interface on local and remote sides




Reported In Release: NOS4.1.3 Technology Area: User Accounts

Symptom: In Logical Chassis environment, login authentication on secondary nodes fails with external AAA

servers

(RADIUS/Tacacs/LDAP).

Condition: The issue is observed in the following scenario:

1. Any one of the default account(admin or user) is disabled.

2. RADIUS/Tacacs/LDAP is configured as the primary login authentication method.

3. Secondary node's configuration is defaulted before cluster rejoin

Recovery: Follow the below steps to recover:

1. Configure login authentication mode to local (e.g. “aaa authentication login radius “local-auth-

fallback” to “aaa authentication login local”)

2. Remove the external AAA server configuration from cluster (e.g. “no radius server <ip>”)

3. Configure the external AAA server (revert of step 2)

4. Configure back the authentication login mode to AAA server (e.g. “aaa authentication login local”

to “aaa authentication login radius “local-auth-fallback”)





Symptom: 40G interface goes admin down state due to I2C error.

Condition: Several (likely more than 50 times) chassis power cycle. Retry mechanism added to make I2C

operation more robust.




Reported In Release: NOS4.1.1 Technology Area: Port Security

Symptom: Switch may become unresponsive during heavy CPU usage

Error on console message:

1. Network OS is not ready

2. nf_conntrack table full : dropping packet

3. nf_conntrack: expectation table full

4. nf_ct_tftp: dropping packetIN= OUT=vlan...

Condition: There are certain conditions like Dest ARPs not resolved that causes the heavy CPU usage.

Workaround: Identify the traffic flows coming to the CPU and try to see if we can avoid those flows by

topology change or ARP resolve to identify issues in the network.






Symptom: Enhance sysDescr OID to display switch name + model name + version.

Condition: Enhance sysDescr OID to display switch name + model name + version.




Reported In Release: NOS5.0.1 Technology Area: Receive ACLs

Symptom: Applying ACL on Ethernet management interface fails with “% Error: Internal Error” error message

Condition: The issue is observed when an attempt is made to apply ACL policy on Ethernet management

interface with the following conditions:

a. An ACL policy is already enforced on the Ethernet management interface.

b. The new ACL policy and enforced policy names differ only in letter cases (e.g. "TEST001" vs

"Test001").

Workaround: Create ACLs with distinctive policy names (e.g. with different letters, numbers etc.).

Recovery: On Ethernet management interface:

a. Remove the enforced (active) ACL with "no ip access-group <ACL_name>" CLI.

b. Enforce the new ACL policy (unique policy names) using "ip access-group <ACL_name> in".





Symptom: Before release 6.0.0, if switch is configured with chassis virtual ipv6 address, after "ha failover"

operation, connection to chassis virtual ipv6 address fails.

This issue has been fixed in release 6.0.0

Condition: Switch is configured with chassis virtual ipv6 address, and "ha failover" is issued.

Workaround: When the issue happens after "ha failover", remove and reconfigure chassis virtual ipv6 address.





Symptom: The following error message may be seen on VDX-6710, 6720, 6730 series of switches when an

standard access-list is applied on the management port.

sw0(config)# interface Management 120/0

sw0(config-Management-120/0)# ip access-group 10 in

ERROR: Failed to enforce new iptables rules

iptables-restore: line 57 failed

Condition: The error message is seen only in NOS 4.1.3a1 release.

Workaround: The message is cosmetic and can be ignored.





Symptom: Incorrect flash partition in VDX6740-1G-T. "df -h" output showing each partition 3.6GB instead of

1.8GB

Condition: Net-install switch






Symptom: The customer gets an error when trying to configure any IP in 10.0.0.0/24 range on 8770 management

interface

VDX8770-2(config-Management-3/1)# ip add 10.0.0.31/24

Cannot set IPv4 Address

Likewise, "chassis virtual-ip" cannot be set in this range.

Condition: This issue can be seen in any affected release.

Workaround: Not use 10.0.0.x/24 on management port





Symptom: An 8770 rbridge may reload unexpectedly while copying a configuration file from flash to running

Condition: This is in seen in affected releases when port-group <ifname>

mode performance

command is used

Workaround: Avoid the port-group <ifname> command





Symptom: switch might experience an unexpected reload during boot process, if inband virtual-ip is configured.

Condition: The switch is in the fabric cluster mode and inband virtual-ip is configured.


Closed with Code Change in Network OS v4.1.3a


code change as of December 19, 2014, in Network OS v4.1.3a.





Symptom: After couple of times LACP system priority change, few members part of brocade and standard PO

are out of sync

Condition: Changing priority for a LAG or a vLAG.





Symptom: Excessive port level interrupts might disable the port.

Condition: Excessive port level interrupts might disable the port.





Symptom: FCoE login may fail after node reload.

Condition: Port-profile-port configuration on an interface having FCoE default configuration leads to this issue.

Recovery: Execution of "no fcoe default", "port-profile-port" and "fcoe default" in that order resolves the issue.




Reported In Release: NOS5.0.0 Technology Area: Logical Chassis

Symptom: Changing VCS id could result in switch reload.

Condition: Changing VCS id could result in switch reload.




Reported In Release: NOS4.1.2 Technology Area: AMPP

Symptom: Switch might reload while enabling "VCS Auto-shut lag" from principal node for secondary node.

Condition: "VCS Auto-shut lag" might cause switch to reload.





Symptom: l2traceroute not working with L4 option.

Condition: Issue is observer when port numbers are provided in l2traceroute





Reported In Release: NOS5.0.0 Technology Area: Port Mirroring and Monitoring

Symptom: Proactive memory leak fix.

Condition: Proactive memory leak fix.





Symptom: Under certain configuration combinations involving vLAG, IGMP snooping etc, two primary

members may be selected for a vLAG.

Condition: Under certain config combinations, this issue may occur.





Symptom: MAC may not be consistently learned with scaled PVLAN configuration & negative tests.

Condition: This may be seen when more than 2000 VLANs are configured on a port-channel and rebooted

multiple times with shutdown. Should not be seen under normal circumstances.





Symptom: PBR does not work when next hop is available via Port-channel or VLAG.

Condition: The next hop is available via Port-channel or VLAG.





Symptom: In rare circumstances , switch may crash while taking support save

Condition: switch hung after dcmd crash

Workaround: Reload




Reported In Release: NOS4.1.2 Technology Area: OSPF (IPv4)

Symptom: Hello packets shown with debug ip ospf packet gives fake DR/BDR IP address

Condition: OSPF is running with DR and BDR on the fabric.





Symptom: Applying access lists causing rules to fail after a few successful passthroughs.

Condition: Applying access lists






Symptom: If Port Link State bounces many thousands of times, it can trigger a termination of the fab_vcsd

daemon due to increased memory usage.

Condition: Problem only occurs if some external condition causes link to continuously bounce for a long time.

Workaround: Ensure that the ports are not in an unstable state that will trigger continuous link state changes.

Recovery: Failover or restart will recover.





Symptom: SNMP MIB support for eSR4 optics.

Condition: SNMP MIB support for eSR4 optics.





Symptom: When host accesses a FCoE storage device through a VDX, in certain scenarios VDX receives the

frame from the storage device but sends back to the received port again

Condition: The issue is seen only when VDXs run logical-chassis over VDX6740. If VDXs runs fabric-cluster

instead logical-chassis or VDX6740 is swapped with VDX6730, the issue is not observed.





Symptom: Static routes may not appear correctly on a switch reboot or flap of a VE interface. Route is present in

running config but not appearing in routing table.

Condition: Switch reboot or flapping of a VE interface with static route configuration





Symptom: Customer will not be able to get the traps after configuring inband ipaddr (without chassis ipaddress)

and do reload.

Condition: As inband management ipaddress comes up after snmpd is started, there is no ipaddress to bind with

trap fd. Hence, it has initialized the trap file descriptor to chassis ipaddr by default which ends up not

sending any traps to management applications.

Workaround: Trap attributes should be reconfigured again after reload.

Recovery: The default management file descriptor is properly updated and handled the failure cases.






Symptom: For certain OID's, SNMP may intermittently return "NoSuchObject" response.

Condition: When polling aggressively (less than 120 seconds).





Symptom: Snmp query is displaying temperature, RX & TX power and current values for the offline/admin

down interface with low warning.

Condition: Snmp query is displaying temperature, RX & TX power and current values for the offline/admin

down interface with low warning.





Symptom: Snmp query for breakout ports displays each lane's information(Rx & TX power, temperature and

current values) 4 times instead of one time.

Condition: Snmp query for breakout ports displays each lane's information(Rx & TX power, temperature and

current values) 4 times instead of one time.





Symptom: If PBR is configured and next-hop is connected over a port-channel, VDX does not forward packets

to next hop.

Condition: PBR is configured and next-hop is connected over a port-channel.

Workaround: Do not configure PBR next-hop reachable over a port-channel.





Symptom: DHCP packets may be dropped if burst limit is exceeded

Condition: Running DHCP relay

Workaround: NA





Symptom: Storage becomes inaccessible when a port-profile-domain , which has access and trunk profiles, gets

applied on a port-profile-port enabled interface

Condition: Storage becomes inaccessible when a port-profile-domain , which has access and trunk profiles, gets

applied on a port-profile-port enabled interface






Symptom: Switch may encounter a reload while upgrading using ISSU and at the same time administrator tries

to add new nodes to the cluster.

Condition: Switch may encounter a reload while upgrading using ISSU and at the same time administrator tries

to add new nodes to the cluster.





Symptom: Unexpected results for the command "show access-list interface Management <> in"

Condition: Issue will be hit when the command "show access-list interface Management <> in" is run for remote

node in Logical Chassis Mode

Workaround: Command "show access-list interface Management <> in" can be run on its own node





Symptom: When a huge number of DHCP request hits the switch and the followed by 10 packets per second the

switch gets into a state where the reading of the DHCP packet is impacted

Condition: Running DHCP Relay in an unrealistic test scenario (bombarding with DHCP packets at a very high

rate)




Reported In Release: NOS4.1.1 Technology Area: Syslog

Symptom: High Disk Space is being consumed by syslog-ng which results in Out of disk space.

Condition: when syslog-server host is configured for which no route exists in switch, issue will be hit.

Workaround: Configure syslog-server host only if it has route in switch to reach it.

Recovery: Remove the syslog file from the switch.





Symptom: DHCP packets when received over ISL links are dropped.

Condition: DHCP packets when received over ISL links are dropped.





Symptom: ALL switches in fabric are stuck in high CPU state within the last 24 hours.

Slow response to CLI.

Intermittent ping loss to VE interfaces.

Condition: If CPU 100% due to low memory for few seconds and then come back to Normal.

Workaround: Please contact Engineering.






Symptom: The response to DHCP REBIND request gets dropped at the VRRP backup rbridge. Due to which

DHCP clients/hosts connecting through the VRRP backup rbridge do not obtain IP address.

Condition: DHCP Clients can not obtain IP address through the DHCP Relay configured on the switch.

Workaround: NA





Symptom: Partially failed Standby MM may cause switch to reload.

Condition: Partially failed Standby MM may cause switch to reload.





Symptom: Customer encountered performance degradation for FC traffic between FC ports of 6730 & FCR, due

to unrecoverable credit loss. This RFE is to request automatic recovery from the "stuck" credits &

enable resume of the traffic.

Condition: Trasmisson loss due to credit loss which is recovered thru thie RFE





Symptom: The VDX switch may undergo an unexpected reload when polled for a certain invalid Ifindex range.

Condition: Certain range of invalid ifindex that are not allocated.

Workaround: Poll the Interfaces with known valid ifIndex.





Symptom: Unexpected results may occur with the below configuration for the interface.

switchport private-vlan trunk native vlan

switchport private-vlan association trunk

Condition: This may hit after reload.

Workaround: Re-configuring the below configuration on the interface after reload will resolve the issue.

switchport private-vlan trunk native vlan

switchport private-vlan association trunk





Reported In Release: NOS4.1.3 Technology Area: ARP

Symptom: When a VE is configured with 2 subnets, routing between hosts on these two subnets fails when the

ARP to destination host is cleared.

Condition: ARP to destination is not resolved after it is cleared using 'clear arp ip <ip-addr>' command.





Symptom: Shell shock issue with BASH shell.

Condition: Shell shock issue with BASH shell.


Technical Severity: Critical Probability: High


Reported In Release: NOS4.1.2 Technology Area: Static Routing (IPv4)

Symptom: Switch stops forwarding data traffic to the default gateway.

Condition: Once the default route is reprogrammed (statically or dynamically through routing protocol), this case

arises.





Symptom: Discrepancy may occur in the below CLI output.

show qos rcv-queue interface

Condition: This may hit when PFC is enabled for an interface.





Symptom: After snmpd dies, Ras logs says HA State out of sync but “show ha” still says “HA enabled,

Heartbeat Up, HA State synchronized”

Condition: Display Issue after SNMP dies

Workaround: To workaround this problem, ha disable, ha enable





Symptom: Configuring 'bpdu-drop enable all' on an interface might reload a switch.

Condition: Configuring 'bpdu-drop enable all' on an interface might reload a switch.





Reported In Release: NOS5.0.1 Technology Area: BGP4 (IPv4)

Symptom: With large BGP configurations, switch might run out of memory resulting in unexpected reload.

Condition: Large BGP configuration may lead to this condition.





Symptom: Power cycle testing on the VD6740 switch resulted in FLASH Monitor reporting Marginal status after

70 reboots.

Condition: Continuous Power cycling is causing the issue

Workaround: After rolling reboot detection, cleanup cfg and reboot switch.





Symptom: L2traceroute can sometimes show a wrong ECMP path, when there are more than one ISL in the path.

Condition: When we have 2 or more ACL L2 trace route is shown wrong path

Workaround: NA





Symptom: Configuring same ACL entry with different sequence numbers manifest different results.

Condition: Ping fails when ACL is applied on interface.

Workaround: NA





Symptom: VDX 6740 Detected termination of DCMD process due to out of memory condition triggered by

continuous Vcenter "Bad Credentials"

Condition: Memory leak due to continuous login process for vcenter

Workaround: NA






Symptom: [IP Dhcp relay gateway RFE] - Switch is not using the configured DHCP Gateway IP Address

Condition: Issue on DHCP gateway Ip address





Symptom: "show ip dhcp relay gateway" does not display configured gateway address after reload.

Condition: user executes CLI command to display dhcp relay gateway information

Workaround: Problem has been fixed in 4.1.3





Symptom: [IP Dhcp relay gateway RFE] "show ip dhcp relay gateway" and show ip dhcp relay gateway

interface ve <>" output should be consistent - should show active gateway IP.

Condition: Inconsistency in behavior of similar CLi's





Symptom: [Ip Dhcp relay gateway RFE] Need to block & error message should be thrown - while trying to

remove the Last relay address from an interface if gateway is configured.

Condition: Error message is throwing while trying to remove the Last relay address from an interface if gateway

is configured.


Closed with Code Change in Network OS v4.1.3


code change as of October 24, 2014, 2014 in Network OS v4.1.3.




Reported In Release: NOS2.1.1 Technology Area: Trunking

Symptom: The "Rate info" does not work under interface stats correctly, it shows as "(interval 299 seconds)"

Condition: While showing interface statistics.





Symptom: Under certain conditions, after a management module failover, user can no longer reach inband

management address

Condition: When the same subnets are used between Chassis VIP and VE interfaces

Workaround: Configure different subnets for Chassis VIP & VE interfaces.





Symptom: Request to integrate detection & logging capability for MAC addresses flapping between multiple

ports of the same VCS on the same VLAN. This is an early indicator for a Layer 2 loop & would help

customers to narrow down the issue to specific ports.

Condition: MAC addresses flapping between multiple ports of the same VCS on the same VLAN




Reported In Release: NOS4.0.0 Technology Area: Routing

Symptom: Configured MTU not reflected correctly in 'show interface' output

Condition: MTU modification





Symptom: While doing snmpwalk for ipAddrEntTable, eth1, eth2 network interfaces are get skipped from the

results due to they have higher ip address asigned than VLAN (which interfaces we already skipping

to avoid duplicate entries from result ).

Condition: snmpwalk for ipAddrEntTable.



Technical Severity: Medium


Reported In Release: NOS4.0.0 Technology Area: Port Mirroring and Monitoring

Symptom: CLI displays incorrect possible option for command completion during SPAN configuration.

Condition: attempting to view options for 'destination' field will result in incorrect 'direction' option being listed.




Reported In Release: NOS4.0.0 Technology Area: Static Routing (IPv4)

Symptom: If Layer 3 ECMP is configured along with LAG/Port Channels and if the number of ECMP Paths

equals the number of links in each LAG then all the traffic going to that LAG will hash to a subset of

links in the LAG. Hence the LAG Bandwidth will not be completely utilized. In other words,

polarization effect would be seen.

Condition: When L3-ECMP and LAG Hashing uses the same hash flavor (by default) and when the number of

member interfaces are even.

Workaround: Increase OR decrease the PO member links to keep the count different from number of ECMP

routes. For example if there are 2 ECMP Paths via 2 LAG through a particular switch then make

sure the number of links in the LAG is not 2, so use 3 links instead.





Symptom: Layer 3 interface may use the same layer 2 address as management interface.

Condition: Comparing VE and eth0 interface MAC addresses on VDX 6740.

Workaround: Use front panel port for management





Symptom: When VCS Virtual IP address is configured same as the IP address configured on one of the VE or

Router interfaces, OSPF adjacency does not get established

Condition: IP address configured on VE or router interfaces same as VCS Virtual IP address.

Workaround: Do not use same IP address for configuring VCS Virtual IP address and L3 interfaces.





Symptom: Configuration of field 'description' is lost for an interface if user has configured something for this

field.

Condition: At a node in a cluster if default configuration is copied to running-config (using copy default-config

startup-config command) then this problem occurs. User will see the issue when this node re-joins the

cluster.






Symptom: The CLI "clear counters all" is not clearing the counters for shut-down interfaces

Condition: Issue is intermittently reported with no clear pattern on conditions





Symptom: Number of FCoE interfaces in plugin do not match the fcoe-enodes config and number of interfaces

in FCoE backend

Condition: This is seen in a specific scenario

1. In Logical Chassis mode, fcoe-enodes is configured to a non-default value

2. A node is segmented and joins back with default config

3. The configuration mismatch is seen on the node which joined back

Recovery: Configure fcoe-enodes to 1000 and then back to 64. This resolves the issue.





Symptom: Duplicate Port-Profile ID after upgrade from NOS4.0.1 to NOS4.1.0a

Condition: Upgrade from NOS4.0.1 to NOS4.1.0a





Symptom: Under rare timing conditions on HA fail-over, the Active MM may encounter an unexpected reload.

Condition: During an HA fail-over.





Symptom: Change of Management IP address is not reflected in RASlog VCS-100X messages

Condition: Changing management IP address





Symptom: When a node tries to join the cluster with TACACS+ pre-configured. It will be rejected from joining

the cluster.

Condition: Removing and adding a node already in the cluster having TACACS+ config.






Symptom: This is a request for support for NTP authentication key encryption

Condition: When NTP is configured in secure environments.





Symptom: PFC pause frames are received on PFC disabled priority on 100G line card.

Condition: Ports on the 100-gig line cards are showing this behaviour.


Technical Severity: Low



Symptom: Tuning values for BI links were updated in NOS Diags

Condition: Change the tuning values of BI links to be more accurate.





Symptom: There was a cleanup issue when the PVLAN mode is changed from one mode to another on a port-

channel, causing switch fail over.

Condition: Changing the PVLAN mode from promiscuous OR trunk to host on a port channel having normal and

private VLANs as a member of port channel and flapping the port channel member link state.





Symptom: The command "show fabric route linkinfo" would show wrong breakout index values for remote node

ports connected to a qsfp index supported port also not on local node.

Condition: This scenario can come only when a link is there between two remote node and at least one node is

supporting qsfp index on the connected port.

Workaround: The user can execute the command "show fabric route linkinfo" on the node itself for which it

require the information instead of retrieving data remotely.





Symptom: "ip ospf md5-authentication" is not being copied to running configuration when it's configured on

FortyGigabitEthernet interfaces

Condition: Configuring "ip ospf md5-authentication"





Reported In Release: NOS4.1.0 Technology Area: BUM

Symptom: Monitor and shutdown options do not work when storm-control is configured on a switch on a large

number of ports. Rate limiting is still working.

Condition: When more than 48 BUM storm control entries were configured.





Symptom: Erroneous management configuration may trigger a delayed system reset

Condition: Configuring dhcp on an inactive/non-functional out of band management interface





Symptom: Management interface line-speed actual is not getting updated

Condition: This issue is specific to 6740 platform




Reported In Release: NOS4.1.2 Technology Area: IGMP

Symptom: Multicast receiver stops receiving the traffic from the source.

Condition: When a vLAG member is shutdown where the vLAG is created between 3rd party stack & VCS.





Symptom: Host name config does not show up correctly when cluster is split into 2 halves

Condition: Splitting a cluster.




Reported In Release: NOS4.1.1 Technology Area: BUM

Symptom: Storm-control cannot be set in after setting "speed 100", but "speed 100" can be after storm-control

Condition: Any time change is attempted





Symptom: Packets egressing out of the port-profile interface is tagged with incorrect VLAN id.

Condition: Specific to access port-profile ports.






Symptom: When PCAP is enabled on an interface flash will run out of memory.

Condition: Enable PCAP on any interface and leave it running for some time.

Recovery: Manually delete file descriptors from directory /proc/<pcap-pid>/fd




Reported In Release: NOS4.1.2 Technology Area: NetCONF

Symptom: Netconf RPC get-vnetwork-hosts not displaying switch-interface details

Condition: Calling get-network-hosts RPC did not show the associated interface





Symptom: ARP entries does not update correctly in VCS

Condition: Depending on which rbridge passing traffic and ping test has an RTT of > 2000 ms





Symptom: If linecard goes to faulty state due to Diag failures, it should auto recover

Condition: Linecards going faulty due to Diag failures.





Symptom: Removal of an unused VLAN ("no interface vlan X") stops all traffic flows in a VCS both for Layer 2

and routed traffic

Condition: All traffic stops when removing an unused VLAN





Symptom: No ip proxy-arp" can't be restored to running configuration under 40GE interface from TFTP s

Condition: "ip proxy-arp" configuration under 40GE interface from TFTP s





Symptom: The port is removed from access VLAN when virtual fabric is disabled.

Condition: VF disable.

Workaround: Reconfigure VLANs






Symptom: FCoE devices not logging in after removing and reinstalling the CNA driver

Condition: Re-install CNA driver




Reported In Release: NOS4.0.1 Technology Area: High Availability

Symptom: The fabric watch module did not provide correct data in the raslog message related to MM .

Condition: A raslog message from Fabric watch module was showing 'faulty' for MM when it was healthy during

switch bringup.





Symptom: When a VE is configured with 2 subnets, transit packets from one subnet to another do not pass until

a ping is initiated

Condition: Multi-subnet routing




Reported In Release: NOS5.0.0 Technology Area: ICMP (IPv4)

Symptom: l2traceroute fails on port-channel.

Condition: Under rare conditions





Symptom: Deleting VLANs causes an unexpected igmpd reset.

Condition: Deleting VLAN





Symptom: Viewing packets via "show access-list-log buffer" when "debug access-list-log buffer" is configured,

these two fields are shown incorrectly

Ethtype : 0x8100

Vlan tag type : 0x800

In reality, Ethtype is 0x800

Condition: Executing "show access-list-log buffer" command

Workaround: Use this to interpret the above fields correctly

Tag Protocol ID : 0x8100

Ethtype : 0x800






Symptom: 10G cable's speed is displayed as 1G in "show media" Output.

Condition: Insertion of certain 10G Twinax Cables and run "show media"





Symptom: Under certain conditions, the output of "show media interface <>" disaplys "Pluggable media not

present" error, whereas "show interface status" shows the interface.

Condition: This condition is manifested after HA failover.

Workaround: shut / no shut of the interface.





Symptom: Without any known user intervention, FCoE logins to VDX were removed and failed to log back in.

Condition: This issue will be seen when system gets reloaded with FCoE enabled port-profile applied on the

interface.





Symptom: High latency and timeout when pinging VRRP VIP address affecting monitoring alerts.

Condition: When the backup node changes state to SPF/Master, this may happen.




Reported In Release: NOS4.1.0 Technology Area: LLDP & LLDP-Med

Symptom: When LLDP has been configured to include the 802.1 TLVs in the LLDP PDUs transmitted on the

member ports of a port-channel, the VLAN name TLVs are not being included in the transmitted

LLDP PDU.

Condition: The VLAN name TLVs are missing in the transmitted LLDP PDU only if the interface is a member

of a port-channel.





Symptom: Shutdown all the edge ports if the node is segmented from the fabric so that there is no traffic drop for

the host connected to the edge port

Condition: This happens only during reboot of a node and end up in DB conflict or VF mode conflict.






Symptom: Switch ports bounce down and back up in under one second.

Condition: Connection between VDX2746 and third party switch.





Symptom: Unexpected flapping of VLAG in any of the RBridge for LACP based VLAGs, when active VLAG is

flapped in any one of the RBridges.

Condition: This issue can happen only when the VLAG is not yet actively formed, i.e., its MUX machine state is

not in COLLECTING-DISTRIBUTING state and link is in SELECTED state.





Symptom: Enhancement request for "auto-shut-edge-port enable" cli.

Condition: Trying to use new CLI





Symptom: Under certain conditions, the switch might encounter an unexpected SFM reload when collecting

copy-support.

Condition: When collecting copy-support ASICDB module.





Symptom: Cannot remove VRRP 'track' command under GigabitEthernet interfaces in the running-config.

Condition: GigabitEthernet interfaces configured for VRRP track parameters





Symptom: When we reload one MM, on the other MM it displays "FAULTY" status for the reloading MM

rather than "LOADING" status.

Condition: We can see the incorrect MM status by executing "show mm" noscli.






Symptom: VDX 6740-T undergoes a kernel panic when 10G twinax cable inserted on a specific adaptor.

Condition: Specific to an adaptor.





Symptom: Under certain conditions VM may lose connectivity to the network after migration when port-profile

is configured along with VRRP-E.

Condition: VM are moved to same esx host with VRRP & port-profile configs

Workaround: If we do “clear arp no-refresh” then VM starts to ping most of the time




Reported In Release: NOS 4.0.1_BBD Technology Area: FIPS

Symptom: OpenSSL had identified seven vulnerabilities that can affect and allow an attacker to decrypt or

modify traffic with DLTS.

Condition: When open SSL is used.





Symptom: Under some conditions, the traffic load-balancing may not be evenly distributed across ISL links.

Condition: In some cases, after a power cycle of the line card

Workaround: If an rbridge has ports participating in a port-channel, execute the following for each of the port-

channels the rbridge is participating in. Thus, as an example if the rbridge 3 has member links in

Port-channel 10, then

sw0# conf t

Entering configuration mode terminal

sw0(config)# rbridge 3

sw0(config-rbridge-id-3)# fabric port-channel 10 load-balance src-mac-vid

sw0(config-rbridge-id-3)# no fabric port-channel 10 load-balance src-mac-vid

sw0(config-rbridge-id-3)# end





Symptom: Switch does not respond to unicast ARP requests for virtual IP of VRRP/VRRP-Extended sessions

Condition: Issue seen with unicast ARP requests

Recovery: Sender device should attempt to resolve ARP for Virtual IP with broadcast destination MAC address

if timeout occurs for ARP request with unicast MAC address.






Symptom: Certain interfaces may come online with an error raslog indicating Incompatible SFP transceiver.

Condition: When breakout is configured.





Symptom: Traffic flow is affected from a VDX containing non-primary vLAG ports.

Condition: ARP does not get resolved from an rbridge containing the non-primary ports.





Symptom: DCMD panic when 'show running-configuration' command is repeated executed over a period of

days, continuously.

Condition: Repeated monitoring of the output of the command 'show running-configuration' can cause this issue.





Symptom: The Interface specific description is not shown in output of "show interface description" command

even though the user has configured description on that interface.

Condition: Anytime user has configured "interface description" on an interface.


Technical Severity: Critical Probability: High



Symptom: The switch running VRRP/VRRP-E could unexpectedly reload. A RASLOG similar to 'Component

vrrp terminated' could be seen on the console screen.

Condition: The switch configured with VRRP/VRRP-E feature could see the error condition.





Symptom: CLI does not accept "show tunnel tagged-ieee-bpdu" command in Local-only VCS mode.

Condition: Switch should be in Local-only VCS mode.



Technical Severity: Low Probability: High



Symptom: On reload of the Linecard Module, port-channel load-balancing scheme may change, resulting in a

different distribution of traffic than before.

Condition: On reload of a Linecard Module





Symptom: After VDX8770 reload, FCoE Host cannot login and cannot access storage device.

Condition: This condition was introduced when VDX8770 'reload' happens, FCoE does not send out Discovery

Advertisements and causes FCoE Host login to fail.

Workaround: shut/no shut on the port that the FCoE Host is connected to.





Symptom: Under certain rare condition, VRRP-E MACs not getting programmed in hardware resulting in traffic

drop for multiple flows.

Condition: Under rare condition, VRRP-E MAC gets removed from forwarding table along with Dynamic

MACs.





Symptom: POST1 and POST2 diags should only run in this scenarios:

1). Power Off from SVP, Power On with standard diag level 0 -> NO POST1 and NO POST2

2). Power Off from SVP, Power On with extended diag level 1 -> only POST2

3). Power Off from SVP, Power On with full diag level 1 -> POST1 and POST2

Also POST1 and POST2 should not run in these scenarios: hotplug, power off power on, standard

diag.

Condition: POST1 and POST2 should not run in these scenarios: hotplug, power off power on, standard diag.

Workaround: Fixed bootup POST level control issue of Katana





Symptom: SNMPd daemon occupies 100% of CPU when the switch is configured with SNMP and TCP/UDP

ports are scanned through an external utility.

Condition: Switch is scanned for complete TCP/UDP port range using an external utility.






Symptom: 10000 BGP routes are learned from EBGP spirent host. DUT is sending duplicate packets which are

ingressed from MLX for the learned networks.

Condition: redirect case with routers forwarding traffic where it is not directly connected but input/output device

is same




Reported In Release: NOS4.1.2 Technology Area: NetCONF

Symptom: Not able to view Trace route details using NETCONF calls

From BNA no data is shown 2 out of three times attempted.

Condition: Issue is intermittent , trace route is not seen thru Net conf calls





Symptom: Termination of the Dcmd process can occur due to high usage of the file system. This ternmiation

will result in an unexpected reload.

Condition: The issue can occur when cluster segmentation and reformation occurs where the principal node

changes and there is constant monitoring of the switches through CLI or Brocade Network Advisor.




Reported In Release: NOS4.1.2 Technology Area: Link Aggregation

Symptom: If the user has both port-profile-port and speed config on a port-channel interface, then reload of the

switch leads to the loss of speed config on the port-channel interface.

Condition: switch reload.





Symptom: In a rare scenario, Termination of the Dcmd process can occur due to high usage of the file system.

Condition: The issue can occur when cluster segmentation and reformation occurs on a large setup where the

principal node changes happening and there is constant monitoring of the switches through CLI,REST

or Brocade Network Advisor..






Symptom: If the user configures dwrr value 0 in FBQ(Flow Based QoS) scheduler, the dwrr value 0 will not

visible in the "show running-config policy-map", which leads to the failure of "copy file to running-

config" for FBQ scheduler config.

Condition: If the user configures dwrr value 0 for the non strict-priority traffic-class in FBQ (Flow Based QoS)

scheduler.





Symptom: In some cases snmp polling causes slow memory leak that results in system reset

Condition: Due to slow mem leak system will reboot




Reported In Release: NOS4.1.2 Technology Area: IPv4 Multicast Routing

Symptom: A number of routed multicast streams may stop working after the device running RP was moved

elsewhere.

Condition: When the link to RP is repeatedly toggled.





Symptom: "show interface stat" displays status as "notconnected" for Port-channel's even though Port-channel

formed properly

Condition: This is an error introduced in the intermediate build, not present in 4.1.3

Workaround: If port channel is working, then, "show int status" can be ignored on that port channel.





Symptom: Under some scenarios where VDX experiences lot many FCoE logins and logout it may lead to Out

Of Memory condition and VDX reload.

Condition: Continuous high number of FCoE logins & logouts

Workaround: reboot the switch when certain threshold is reached






Symptom: Under rare conditions FcoE logins will not be happening when user applies fcoe enabled port-profile

on interface and it is due to some timing issue.

Condition: Application of Fcoe enabled default port-profile on interface will cause the issue in few rare cases,

when the timing causes messages to back end daemons reach in wrong order.

Recovery: In order to come out of this situation just do the "shut" and "no shut" on the interface after applying

port-profile-port





Symptom: Explicit deny ALL entry in ACL entry applied to Management interfaces appears to match permitted

entries, even though permit statement is present.

Condition: If there is an explicit "deny ip any any" rule, then it gets the priority and incoming packet matches

that rule (as TCP packet will have IP header) and getting dropped.




Reported In Release: NOS4.0.1 Technology Area: Edge Loop Detection

Symptom: Interface protocol status reported as “up (ELD disabled link)” in the “show ip int brief” command

output after executing the command "clear edge-loop-detection interface port-channel".

Condition: Interface protocol status is wrongly displayed after running clear edge-loop-detection interface port-

channel command.





Symptom: VDX switch may go into a rolling reboot after the switch has been power-cycled.

Condition: The switch is abruptly power-cycled during operation.

Workaround: After five rolling reboots have been detected, a recovery menu will be displayed to the user. The

user can issue a cleanup cfg and then issue a reboot to recover the switch.





Symptom: With "pause tx Off, rx on" the buffer sharing on VDX-6740 is not triggered

Condition: With PFC enabled on RX buffer sharing is not happening on VDX 6740






Symptom: VDX is sending the duplicate packets which are ingressed.

Condition: Redirect case with routers forwarding traffic where it is not directly connected but input/output device

is same





Symptom: Under rare scenarios after multiple VRRP fail-overs, the ping to the VE IP address may fail when

routed via another VE interface.

Clearing ARP will resolve the pings.

Condition: In certain scenarios for vrrp vip arp, arpd fails to trigger l2ss notification while adding arp entry to an

empty mac/vlan hash. This results in l3 exm entry being programmed as mcast flood, and hence

black-holing the unicast packets (icmp requests in this case)




Reported In Release: NOS4.1.2 Technology Area: Traffic Policies

Symptom: Load balancing commands do not take effect and the traffic is not load balanced on the 6740

platform.

Condition: Running load balancing commands on VDX 6740


Known issues

Newly Open defects in Network OS v4.1.3

This section lists known defects newly found in NOS 4.1.3 with Critical, High, and Medium

Technical Severity as of November 30, 2015.





Symptom: The command “show ip igmp groups detail" may not show updated information (uptime & last

reported values) about the learnt groups.

Condition: This issue is observed only in the show command output & no functionality is impacted.




Reported In Release: NOS4.1.1 Technology Area: ICMP (IPv4)

Symptom: About 10-11 sec delay pinging end to end PC while an rbridge is joining the fabric after a reboot.

Condition: With 120K MAC addresses learned in the switch fabric, ping delays are noticed when an rbridge is

joining the fabric after a reboot.