Ruckus FastIron Family Ation Updates, 07.4.00 Fast Iron 07.4.00h Updates 07400h
FastIron 07.4.00h ation Updates FastIron_07400h_ationUpdates
2017-04-26
User Manual: Ruckus FastIron 07.4.00h ation Updates
Open the PDF directly: View PDF .
Page Count: 36
- Contents
- About This Document
- Brocade FastIron ICX 6610 Stackable Switch Hardware Installation Guide Updates
- Brocade ICX 6430 and ICX 6450 Stackable Switches Hardware Installation Guide Updates
- FastIron Configuration Guide Updates
- Configuring stack guard
- Enabling BPDU protection by port
- Configuration notes for port mirroring and monitoring
- LLDP configuration notes and considerations
- Event (RMON group 9)
- Trunk group load sharing
- Trunk group rules
- Configuring a multi-port static MAC address
- Configuring and enabling sFlow
- Changing the login timeout period for Telnet sessions
- Configuring the route map
- Scroll control
- Adding multiple ACLs to a route map
- Configuring exec authorization
- Configuring an IP helper unicast
- High CPU on SXL
- Port speed and duplex mode modification
- PHY calibration in stack ports of ICX 6610
- Stack port resiliency in ICX 6610 devices
- Enabling broadcast or unknown unicast traffic to the PVLAN on FSX devices
- Selection of master node
- Static MAC address
- Power classes for PDs
- Multi-Device Port Authentication
- Example 5: Configuring a static trunk group for devices in an IronStack
- SSH show commands
- Virtual Cable Testing support
- ACL-based Rate Limiting and ACL Counting
- FWS supports DSA keys only
- Stacking configuration for ICX 6430
- IPv6 routing features
- show link-aggregate partner
- Local accounts with encrypted passwords
- Displaying CPU utilization statistics
- Enabling port speed down-shift
- Specifying the maximum number of login attempts for Telnet access
- MCT configuration considerations
- Documentation updates for Unified IP MIB Reference
53-1002757-07
27 February 2015
®
FastIron Family
Documentation Updates
Supporting IronWare R07.4.00 releases
Copyright © 2015 Brocade Communications Systems, Inc. All Rights Reserved.
ADX, Brocade, Brocade Assurance, the B-wing symbol, DCX, Fabric OS, HyperEdge, ICX, MLX, MyBrocade, OpenScript, The
Effortless Network, VCS, VDX, Vplane, and Vyatta are registered trademarks, and Fabric Vision and vADX are trademarks of
Brocade Communications Systems, Inc., in the United States and/or in other countries. Other brands, products, or service names
mentioned may be trademarks of others.
Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning
any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to
this document at any time, without notice, and assumes no responsibility for its use. This informational document describes
features that may not be currently available. Contact a Brocade sales office for information on feature and product availability.
Export of technical data contained in this document may require an export license from the United States government.
The authors and Brocade Communications Systems, Inc. assume no liability or responsibility to any person or entity with respect
to the accuracy of this document or any loss, cost, liability, or damages arising from the information contained herein or the
computer programs that accompany it.
The product described by this document may contain open source software covered by the GNU General Public License or other
open source license agreements. To find out which open source software is included in Brocade products, view the licensing
terms applicable to the open source software, and obtain a copy of the programming source code, please visit http://
www.brocade.com/support/oscd.
Brocade Communications Systems, Incorporated
Document History
Corporate and Latin American Headquarters
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
Tel: 1-408-333-8000
Fax: 1-408-333-8101
E-mail: info@brocade.com
Asia-Pacific Headquarters
Brocade Communications Systems China HK, Ltd.
No. 1 Guanghua Road
Chao Yang District
Units 2718 and 2818
Beijing 100020, China
Tel: +8610 6588 8888
Fax: +8610 6588 9999
E-mail: china-info@brocade.com
European Headquarters
Brocade Communications Switzerland Sàrl
Centre Swissair
Tour B - 4ème étage
29, Route de l'Aéroport
Case Postale 105
CH-1215 Genève 15
Switzerland
Tel: +41 22 799 5640
Fax: +41 22 799 5641
E-mail: emea-info@brocade.com
Asia-Pacific Headquarters
Brocade Communications Systems Co., Ltd. (Shenzhen WFOE)
Citic Plaza
No. 233 Tian He Road North
Unit 1308 – 13th Floor
Guangzhou, China
Tel: +8620 3891 2000
Fax: +8620 3891 2111
E-mail: china-info@brocade.com
Title Publication number Summary of changes Date
FastIron Family Documentation
Updates
53-1002757-01 New document October 19, 2012
FastIron Family Documentation
Updates
53-1002757-02 Added the new “show link-
aggregate partner” CLI
command
February 22, 2013
FastIron Family Documentation
Updates
53-1002757-03 Revised for 07.4.00d release July 31, 2013
FastIron Family Documentation Updates iii
53-1002757-07
FastIron Family Documentation
Updates
53-1002757-04 Revised for 07.4.00e release December 20, 2013
FastIron Family Documentation
Updates
53-1002757-05 Revised for 07.4.00f release April 30, 2014
FastIron Family Documentation
Updates
53-1002757-06 Revised for 07.4.00g release September 30, 2014
FastIron Family Documentation
Updates
53-1002757-07 Revised for 07.4.00h release February 27, 2015
Title Publication number Summary of changes Date
iv FastIron Family Documentation Updates
53-1002757-07
FastIron Family Documentation Updates v
53-1002757-07
Contents
About This Document
Brocade resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii
Getting technical help. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii
Document feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii
Brocade FastIron ICX 6610 Stackable Switch Hardware Installation Guide Updates
Package contents shipped with an ICX 6610 switch . . . . . . . . . . . . . 1
Installing the device in a rack or cabinet. . . . . . . . . . . . . . . . . . . . . . . 1
2-Post rack mount installation . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
4-Post rack mount installation . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Brocade ICX 6430 and ICX 6450 Stackable Switches Hardware Installation Guide Updates
VCT is not supported on Brocade ICX 6430 and ICX 6450
stackable switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11
FastIron Configuration Guide Updates
Configuring stack guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
Enabling BPDU protection by port . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Configuration notes for port mirroring and monitoring. . . . . . . . . . . 14
LLDP configuration notes and considerations . . . . . . . . . . . . . . . . . 14
Event (RMON group 9) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15
Trunk group load sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15
Trunk group rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15
Configuring a multi-port static MAC address. . . . . . . . . . . . . . . . . . .15
Configuring and enabling sFlow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Changing the login timeout period for Telnet sessions . . . . . . . . . . 16
Configuring the route map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Scroll control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Adding multiple ACLs to a route map. . . . . . . . . . . . . . . . . . . . . . . . . 17
Configuring exec authorization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Configuring an IP helper unicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
High CPU on SXL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Port speed and duplex mode modification . . . . . . . . . . . . . . . . . . . .18
vi FastIron Family Documentation Updates
53-1002757-07
PHY calibration in stack ports of ICX 6610 . . . . . . . . . . . . . . . . . . . . 18
Syslog messages for PHY calibration . . . . . . . . . . . . . . . . . . . . .18
Stack port resiliency in ICX 6610 devices . . . . . . . . . . . . . . . . . . . . . 19
Configuring stack port resiliency in ICX 6610 . . . . . . . . . . . . . .19
Syslog messages for stack port resiliency . . . . . . . . . . . . . . . . .19
Enabling broadcast or unknown unicast traffic to the PVLAN on FSX
devices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
Command syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
Selection of master node . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
Static MAC address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
Power classes for PDs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
Multi-Device Port Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
Example 5: Configuring a static trunk group for devices
in an IronStack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
SSH show commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Virtual Cable Testing support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
ACL-based Rate Limiting and ACL Counting . . . . . . . . . . . . . . . . . . .25
FWS supports DSA keys only . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
Stacking configuration for ICX 6430 . . . . . . . . . . . . . . . . . . . . . . . . .25
IPv6 routing features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
show link-aggregate partner. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
Local accounts with encrypted passwords . . . . . . . . . . . . . . . . . . . .25
Displaying CPU utilization statistics . . . . . . . . . . . . . . . . . . . . . . . . . .26
Enabling port speed down-shift . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26
Specifying the maximum number of login attempts for
Telnet access. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26
MCT configuration considerations . . . . . . . . . . . . . . . . . . . . . . . . . . .26
4 Documentation updates for Unified IP MIB Reference
Supported on FastIron devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
FastIron Family Documentation Updates vii
53-1002757-07
About This Document
This document contains updates to the product manuals for the Brocade ICX, FCX, TurboIron 24X,
and FastIron SX, FWS, and FESX (IPv6 Models) Switches running the IronWare software release
07.4.00 stream. These updates became available after the 07.4.00a documents were released.
Brocade resources
To get the latest version of all the document, go to http://www.brocade.com/ethernetproducts.
Getting technical help
To contact Technical Support, go to http://www.brocade.com/services-support/index.page for the
latest e-mail and telephone contact information.
Document feedback
Quality is our first concern at Brocade and we have made every effort to ensure the accuracy and
completeness of this document. However, if you find an error or an omission, or you think that a
topic needs further development, we want to hear from you. Forward your feedback to:
documentation@brocade.com
Provide the title and version number of the document and as much detail as possible about your
comment, including the topic heading and page number and your suggestions for improvement.
viii FastIron Family Documentation Updates
53-1002757-07
FastIron Family Documentation Updates 1
53-1002757-07
Chapter
1
Brocade FastIron ICX 6610 Stackable Switch Hardware
Installation Guide Updates
The information in this section is a supplement to the Brocade FastIron ICX 6610 Stackable Switch
Hardware Installation Guide.
Package contents shipped with an ICX 6610 switch
The package contents shipped with an ICX 6610 switch includes two 1M Passive copper QSFP
stacking cables.
Installing the device in a rack or cabinet
CAUTION
Make sure the rack or cabinet housing the device is adequately secured to prevent it from
becoming unstable or falling over.
NOTE
You need a #2 Phillips screwdriver for installation.
Before mounting the switch in a rack, pay particular attention to the following factors:
•Temperature: Since the temperature within a rack assembly may be higher than the ambient
room temperature, check that the rack-environment temperature is within the specified
operating temperature range.
•Mechanical loading: Do not place any equipment on top of a rack-mounted unit.
•Circuit overloading: Be sure that the supply circuit to the rack assembly is not overloaded.
•Grounding: Rack-mounted equipment should be properly grounded. Particular attention should
be given to supply connections other than direct connections to the mains.
2FastIron Family Documentation Updates
53-1002757-07
Installing the device in a rack or cabinet
2-Post rack mount installation
NOTE
Use the following procedure when installing the Brocade ICX 6610 device in a 2-post rack. For 4-post
racks, follow the procedures in the section “4-Post rack mount installation” on page 6.
Remove the rack mount kit from the shipping carton. The kit contains the following:
•Two L-shaped mounting brackets.
•Sixteen 8-32 x 3/8 in., panhead Phillips screws with patchlocks.
•Four 10-32 x 5/8 in., panhead Phillips screws (torque to 25 in-lb, 29 cm-kg)
•Eight 32-10 retainer nuts (for square-hole rack rails)
•Eight 32-10 retainer nuts (for round-hole rack rails)
FIGURE 1 2-post rack mount kit for Brocade ICX 6610
1 Bracket, front right 2 Bracket, front left
3 Screw, 8-32 x 3/8 in., panhead Phillips 4 Screw, 10-32 x 5/8 in., panhead Phillips
5 Retainer nut, 10-32, (for square-hole rack rails) 6 Retainer nut, 10-32, (for round-hole rack rails)
FastIron Family Documentation Updates 3
53-1002757-07
Installing the device in a rack or cabinet
Use the following steps to mount devices in a 2-post rack.
1. Attach the mounting brackets to the sides of the device using the 8-32 x 3/8 in. screws.
There are two sets of holes, labeled “A” or “B”. Use the holes labeled “A” if you want the device
to be flushed with the rack rails (Figure 2).
FIGURE 2 Attaching the brackets on an Brocade ICX 6610, flush rail mounting
1 Bracket 2 8-32 x 3/8 in. screws
4FastIron Family Documentation Updates
53-1002757-07
Installing the device in a rack or cabinet
Use the holes labeled “B” if you want the device to protrude 4-1/2 inches from the front of the
rail rack (Figure 3).
FIGURE 3 Attaching the brackets on a Brocade ICX 6610 devices, mid rail mounting
2. Position the switch in the cabinet, providing temporary support under the switch until the rail
kit is secured to the cabinet.
3. Attach the front right bracket to the rail rack using two 10-32 x 5/8 in. screws and the
appropriate round or square retainer nuts (Figure 4 or Figure 5).
1 Bracket 2 8 - 32 x 3/8 in. screws
FastIron Family Documentation Updates 5
53-1002757-07
Installing the device in a rack or cabinet
FIGURE 4 Installing the device, flush rail mounting
FIGURE 5 Installing the device, mid rail mounting
4. Repeat step 1 to step 3 to attach the left front bracket to the left front rack rail and tighten all
10-32 x 5/8 in. screws to a torque of 25 in-lb (29 cm-kg). See Figure 4 or Figure 5.
5. Proceed to the section “Attaching a PC or terminal” of the Brocade ICX 6610 Stackable Switch
Hardware Installation Guide.
6FastIron Family Documentation Updates
53-1002757-07
Installing the device in a rack or cabinet
4-Post rack mount installation
Kits for 4-post rack mounting are not included in the shipping carton and must be ordered
separately.
NOTE
Use the following procedure when installing the Brocade ICX 6610 device in a 4-post rack cabinet.
For 2-post cabinets, follow the procedures in the section “2-Post rack mount installation”.
Remove the rack mount kit from the shipping carton. The kit contains the following (Figure 6):
•Two mounting brackets.
•Two pairs of extension brackets. Use the shorter pair for rack that are up 27 inches deep.
Use the longer pair for racks up to 32 inches deep.
•Thirty-two 8-32 x 3/8 in., panhead Phillips screws with patchlocks.
•Eight 10-32 x 5/8 in., panhead Phillips screws (torque to 25 in-lb, 29 cm-kg).
•Eight 32-10 retainer nuts (for square-hole rack rails).
•Eight 32-10 retainer nuts (for round-hole rack rails)
FastIron Family Documentation Updates 7
53-1002757-07
Installing the device in a rack or cabinet
FIGURE 6 4-post rail kit
Use the steps below to mount devices in a 4-post rack.
CAUTION
Do not use the hardware supplied in a 2-post rack mounting kit to mount a Brocade ICX 6610
device in a 4-post rack. Mounting the device in a 4-post rack requires additional hardware to
prevent drooping from possible flexing and distortion of the 4-post rack when a device is not
properly installed.
1 Bracket, front right 2 Bracket, front left
3 Bracket extensions up to 34 in. 4 Bracket extensions, up to 27 in.
5 Screw, 8-32 x 3/8 in., panhead Phillips 6 Screw, 10-32 x 5/8 in., panhead Phillips
7 Retainer nut, 10-32, (for square-hole rack rails) 8 Retainer nut, 10-32, (for round-hole rack rails)
8FastIron Family Documentation Updates
53-1002757-07
Installing the device in a rack or cabinet
1. Attach the mounting brackets to the sides of the device as illustrated in Figure 7, using the
8-32 x 3/8 in. screws.
FIGURE 7 Attaching 4-post brackets
2. Attach the appropriate extensions as required for the type of rack in which you are installing
the device (Figure 8).
FIGURE 8 Attaching bracket extensions
3. Position the switch in the cabinet, providing temporary support under the switch until the rail
kit is secured to the cabinet.
4. Attach the brackets to the front and back rails, using the 10-32 x 5/8 in. screws and the
appropriate round or square retainer nuts (Figure 9).
1 Bracket 2 8 - 32 x 3/8 in. screws
1 Bracket 2 8 - 32 x 3/8 in. screws
FastIron Family Documentation Updates 9
53-1002757-07
Installing the device in a rack or cabinet
FIGURE 9 Attaching device to a 4-post rack
Proceed to the section “Attaching a PC or terminal” of the Brocade ICX 6610 Stackable Switch
Hardware Installation Guide.
10 FastIron Family Documentation Updates
53-1002757-07
Installing the device in a rack or cabinet
FastIron Family Documentation Updates 11
53-1002757-07
Chapter
2
Brocade ICX 6430 and ICX 6450 Stackable Switches
Hardware Installation Guide Updates
The information in this section is a supplement to the Brocade ICX 6430 and ICX 6450 Stackable
Switches Hardware Installation Guide.
VCT is not supported on Brocade ICX 6430 and ICX 6450
stackable switches
Brocade ICX 6430 and ICX 6450 Stackable Switches Hardware Installation Guide says that Virtual
Cable Test (VCT) technology is supported on the Brocade ICX 6430 and ICX 6450 stackable
switches. This is incorrect VCT is not supported on Brocade ICX 6430 and ICX 6450 stackable
switches.
12 FastIron Family Documentation Updates
53-1002757-07
VCT is not supported on Brocade ICX 6430 and ICX 6450 stackable switches
FastIron Family Documentation Updates 13
53-1002757-07
Chapter
3
FastIron Configuration Guide Updates
The information in this section are updates to the 07.4.00a version of the FastIron Configuration
Guide.
Configuring stack guard
A stack unit can be configured to disable the stacking control traffic on non-stacking ports.
The stacking control traffic boundary can be defined by configuring the stack guard command. The
stack guard command, if configured allows the stacking control traffic only through the ports
configured as stacking ports.
NOTE
A port which is part of stack connection is also considered as stacking port.
The following scenario explains stacking control traffic on a stack where the stack guard command
is configured:
In a two unit stack consisting of Unit 1 and Unit 2, the prospective stacking ports are as follows:
• Unit 1: 1/2/1 and 1/2/3
• Unit 2: 2/2/1 and 2/2/3
Assume that the connecting ports between Unit 1 and Unit 2 are 1/2/3 and 2/2/1. In such a
scenario, ports 1/2/1 and 2/2/3 are free to be used as data ports. If stack guard is enabled and
ports 1/2/3, 2/2/1, and 2/2/3 are configured as stacking ports using the stack-port command,
the stacking packet will not be sent or received on port 1/2/1.
14 FastIron Family Documentation Updates
53-1002757-07
stack guard
stack guard
Disables stacking control traffic on non-stacking ports and allows the traffic only through the ports
configured as stacking ports.
Syntax stack guard
no stack guard
Command
Default
The stacking control traffic is allowed on stacking and non-stacking ports.
Command
Modes
Global configuration mode
Usage
Guidelines
The no form of the command removes the stack guard configuration and allows the stacking
control traffic on both stacking and non-stacking ports.
Examples The following example configures stack guard functionality.
Brocade(config)# stack guard
History
Enabling BPDU protection by port
Before enabling STP BPDU guard on individual interfaces, spanning tree must be enabled on the
corresponding VLAN.
Configuration notes for port mirroring and monitoring
Port mirroring on SX chassis between third generation and first generation modules is not
supported. If the first generation module has the mirror port and the third generation module is
being monitored, the mirrored packets will contain CRC errors.
LLDP configuration notes and considerations
By default, the Brocade device forwards LLDP packets even though LLDP is not configured on the
device. This ensures consistency with other protocols and allows transparent forwarding, though it
amounts to noncompliance with IEEE Standards.
Release Command History
07.4.00h This command was introduced.
FastIron Family Documentation Updates 15
53-1002757-07
Event (RMON group 9)
Event (RMON group 9)
There are two elements to the Event Group--the event control table and the event log table .
The event control table defines the action to be taken when an alarm is reported. Defined events
can be found by entering the CLI command, show event. The Event Log Table collects and stores
reported events for retrieval by an RMON application.
A sample entry and syntax of the event control table is shown below.
device(config)# rmon event 1 description ‘testing a longer string’
trap public owner nyc02
Syntax rmon event event-entry description text-string {log | trap | log-and-trap} owner
rmon-station
NOTE
FastIron devices currently support only the trap option.
Trunk group load sharing
The following note is removed from the Trunk group load sharing section:
NOTE
Layer 2 and Layer 3 AppleTalk traffic is not load-balanced. Layer 3 routed IP or IPX traffic also is not
load balanced. These traffic types will however still be forwarded on the trunk ports.
Trunk group rules
The Trunk group rules section is updated with the following content:
•The sFlow configuration enabled on the primary port of a trunk group is applicable to all the
ports of the trunk group. Disabling the sFlow on the primary port of a trunk group removes the
configuration from all the ports of the trunk group.
•Combination of copper and fibre ports, even if they are of the same speed, cannot be
members the same trunk group.
Configuring a multi-port static MAC address
If the system has only default VLAN, the command to add a static entry for a server has to be
issued from the global configuration mode.
If the system has multiple VLANs, the command has to be issued from the VLAN configuration
mode.
device(config-vlan-30)#static-mac-address 0000.0063.67ff ethernet 1/1/1
16 FastIron Family Documentation Updates
53-1002757-07
Configuring and enabling sFlow
Configuring and enabling sFlow
The following note is removed from the Configuring and enabling sFlow section:
NOTE
If you change the router ID or other IP address value that sFlow uses for its agent_address, you need
to disable and then re-enable sFlow to cause the feature to use the new source address.
Changing the login timeout period for Telnet sessions
The default login timeout period value of a Telnet session is 1 minute.
Configuring the route map
The description of the deny parameter is updated as follows:
Syntax [no] route-map map-name { permit | deny } num
If you specify deny routemap instance, it is ignored and not programmed in Layer 4 CAM.
Scroll control
The following content is updated in the “Scroll control” section:
By default, the CLI uses a page mode to paginate displays that are longer than 24 lines to 24-line
page increments. For example, if you display a list of all the commands at the global CONFIG level,
the page mode stops the display at each 24-line increment and lists your choices for continuing the
display. An example is given below.
aaa
all-client
appletalk
arp
boot
some lines omitted for brevity...
ipx
lock-address
logging
mac
--More--, next page: Space, next line:
Return key, quit: Control-c
The software provides the following scrolling options:
•Press the Space bar to display the next page (one screen at a time).
•Press the Return or Enter key to display the next line (one line at a time).
•Press Ctrl-C or Q to cancel the display.
To toggle page display mode, enter the skip and page commands from the Privileged EXEC level of
the CLI as given below:
FastIron Family Documentation Updates 17
53-1002757-07
Adding multiple ACLs to a route map
Brocade#skip
Disable page display mode
Brocade#page
Enable page display mode
Adding multiple ACLs to a route map
You can apply multiple ACLs to a route map by entering commands such as the following:
device(config)#route-map test-route
device(config-routemap test-route)match ip address 50 51 52 53 54
Configuring exec authorization
When TACACS+ exec authorization is performed, the Brocade device consults a TACACS+ server to
determine the privilege level of the authenticated user. To configure TACACS+ exec authorization
on the Brocade device, enter the following command:
Brocade(config)#aaa authorization exec default tacacs+
Syntax aaa authorization exec default tacacs+[none]
Configuring an IP helper unicast
By default, IP helper does not forward client broadcast request to a server within the network. To
forward a client broadcast request when the client and server are on the same network, configure
an IP helper with unicast option on the interface connected to the client.
To configure an IP helper unicast option on interface 2 on chassis module 1, enter the following
commands:
device(config)# interface 1/2
device(config-if-1/2)ip helper-address 1 10.10.10.1 unicast
The IP helper with unicast parameter forwards the client request to the server 10.10.10.1 which is
within the network.
Syntax: ip helper-address num ip-addr (unicast)
The num parameter specifies the helper address number and can be from 1 through 16.
The ip-addr command specifies the server IP address or the subnet directed broadcast address
of the IP subnet the server is in.
The unicast parameter specifies that the client request must be forwarded to the server which is on
the same network.
High CPU on SXL
The following content is added in the “Flow-based learning configuration considerations” and “MAC
clear commands” sections:
18 FastIron Family Documentation Updates
53-1002757-07
Port speed and duplex mode modification
On SXL with authentication protocols and high traffic, the clear mac and mac flush operations log a
lot of new address messages resulting in high CPU utilization for few minutes.
Port speed and duplex mode modification
The following note is added in the “Port speed and duplex mode modification” section.
NOTE
When you use fix speed and duplex configuration, the non-auto MDI-MDIX configuration should be
used.
PHY calibration in stack ports of ICX 6610
On every boot initialization, an ICX 6610 device performs PHY calibration on the 40G and 4*10G
stack ports. Sometimes, this calibration is incorrect, and results in CRC errors and link drops on a
port. FastIron IronWare detects the calibration errors and, by default, recovers the port by
recalibrating it. You can use the no snmp-server enable traps nlp-phy-40g command to disable this
recovery of incorrectly calibrated stack ports. To re-enable the default behavior of recalibrating the
incorrectly calibrated stack ports for recovery, use the snmp-server enable traps nlp-phy-40g
command.
Syslog messages for PHY calibration
On boot initialization, an ICX 6610 device in a stack performs PHY calibration on its 40G and
4*10G stack ports, and generates a syslog message. The following syslog message example shows
the calibration of all 16 ports(4 PHY with 4 lanes for each) on an ICX 6610 stack unit.
SYSLOG: <14>0d00h02m52s : ICX6610-48 Router System: Port init success
Stack unit 3 Port 3/2/1 Lane 0 T 0 R 0 Type 0: 1630x00000x0000
1640x00000x0000 1710x00000x0000 1580x00000x0000 1630x00000x0000
1630x00000x0000 1640x00000x0000 1630x00000x0000 1670x00000x0000
1680x00000x0000 1690x00000x0000 1680x00000x0000 1650x00000x0000
1680x00000x0000 1660x00000x0000 1640x00000x0000
If any stack port in an ICX 6610 device has the PHY Tx or Rx CMU (voltage) reaching a threshold
value of 31 and the port is recalibrated, the stack unit generates a syslog message similar to the
following:
SYSLOG: <14>0d00h08m49s : ICX6610-48 Router System: Port init success
Stack unit 2 Port 2/2/1 Lane 0 T 22 R 23 Type 0: 10xc0f00x0216 10xc2430x87ea
10xcc080x08dc 10xcc090x08a3 10xcc040x004b 10xcc000x00fb 10xcc010x4880
10xcc0d0x002c 10xefed0x0027 10xef020x8000 10xef030xfa66 10xef040x8000
10xef050xfd03 10xeffc0x0001 10xeff90x0000 10xeff90x0000 10xeff60x0000
10xeff60x0000 10xeffd0x0000 10xefd20xc6ec 10xefd30x8121 10xefeb0x08a3
10xd0800x0ab9 10xd08f0x00fe 10xc0f20x0000 10xcc0a0x0668 10xcc0b0x0b6e
10xcc0c0x08e1 10xd0080x0001 10xd0920x0001 10xc20c0x1880 10xefe10x0000
10xefe20x0000 10xefe30x0000 10xefe40x0000 10xef2c0x00a9 10xefcc0x00a9
10xeffe0x0004 10xeffe0x0004 10xeffe0x0004 10xeff70x0000 10xeff80x0000
10xeff60x0000 10xca140x82f8 10xca440x82f8 30x00200x100d 30x00210x80ff
10xd0920x0001 10xca240x0001 10xca250x00e1 10xca260x0001 10xca270x0100
10xca280x0000 10xca290x1010 10xca2a0x1314 10xca2b0x1010 10xca2c0x8000
10xca2d0x0000 10xd0920x0000
FastIron Family Documentation Updates 19
53-1002757-07
Stack port resiliency in ICX 6610 devices
Stack port resiliency in ICX 6610 devices
In an ICX 6610 device, sometimes a stacking port cannot send or receive packets though the port
is logically operational. To detect this, probe packets are sent between the ICX 6610 units in a
stack every two seconds. If a port is logically operational and does not receive a probe packet for
60 seconds, it is considered a malfunctioning port. To resolve this, you can configure the active
controller to perform correctional steps such as error-disabling malfunctioning ports and reloading
one or more stack units. You can use the show errdisable summary command to view a list of all
error-disabled ports with the reason for error-disabling these ports.
NOTE
A malfunctioning stack port that is error-disabled cannot be enabled until the unit is reloaded.
NOTE
Traffic interruption happens for a few seconds or longer while the port malfunction is detected and
fixed.
Configuring stack port resiliency in ICX 6610
To configure stack port resiliency on an ICX 6610 device in a stack, run the stack
stack-port-resiliency command in global configuration mode. This enables the active controller to
perform correctional steps such as error-disabling malfunctioning ports and reloading one or more
stack units, depending on the value configured for the level variable in this command.
The following example shows the configuration of stack port resiliency on a stack with the level
variable value set to 2.
Brocade(config)# stack stack-port-resiliency 2
Syslog messages for stack port resiliency
For stack port resiliency, syslog messages are generated when the active controller performs
correctional steps such as error-disabling malfunctioning ports, reloading one or more stack units,
and reloading an entire stack. These syslog messages do not have a fixed format. They also may
not be entirely accurate because of communication problems between stack units.
When a malfunctioning port is error-disabled, the stack unit generates a syslog message similar to
the following:
SYSLOG: <10>0d00h10m22s : ICX6610-24P Router Stack: port 2/2/8 U2
errdisable 2/2/8: reason: 2/2/8 --> 1/2/8
When a stack unit reloads, the stack unit generates a syslog message similar to the following:
SYSLOG: <9>3d21h52m57s : ICX6610-24P Router Stack: unit 3 Reload u3 in
10 sec due to 3/2/6 port problems. reason: lose one nbr
SYSLOG: <9>0d00h08m59s : ICX6610-48 Router Stack: unit 2 U3 detects stack
port problem. will reload u2: one directional CPU to CPU: u2 --> u3, one
directional CPU to CPU: u2 --> u4,
When the entire stack reloads, the active controller generates a syslog message similar to the
following:
SYSLOG: <9>0d00h12m07s : ICX6610-48 Router Stack: "stack
stack-port-resiliency 3" is configured. Active u3 reloads the stack in 5s.
20 FastIron Family Documentation Updates
53-1002757-07
Stack port resiliency in ICX 6610 devices
reason: no CPU to CPU: u1 -x- u4, no CPU to CPU: u2 -x- u4, no CPU to
CPU: u3 -x- u4,
SYSLOG: <9>0d00h12m28s : ICX6610-24P Router Stack: "stack
stack-port-resiliency 3" is configured. Active u1 reloads the stack in 5s.
reason: 1: 1/2/1 (T0) ---> 2/2/6 (T1) *** error: one-way 2: 1/2/2
(T0) ---> 2/2/7 (T1) *** error: one-way 3: 1/2/3 (T0) ---> 2/2/8
(T1) *** error: one-way 4: 1/2/4 (T0) ---> 2/2/9 (T1) ***
error: one-way 5: 1/2/5 (T0) ---> 2/2/10(T1) *** error: one-way
one directional CPU to CPU: u2 --> u4,
FastIron Family Documentation Updates 21
53-1002757-07
stack stack-port-resiliency
stack stack-port-resiliency
NOTE
This command is only supported on an ICX 6610 device in a stack.
Configures different levels of correctional steps that an active controller can take to fix stacking
ports that cannot send or receive packets though the ports are logically operational. The
correctional steps involve error-disabling malfunctioning ports and reloading one or more stack
units. The no form of this command sets the level variable value to 1.
Syntax stack stack-port-resiliency level
no stack stack-port-resiliency level
Command
Default
This feature is enabled with the level variable value set to 1.
Parameters level When a stacking port is malfunctioning, the correctional steps that an active
controller can take, depend on the value of this level variable. Its value can
range from 0 to 3.
Command
Modes
Global configuration mode
Usage
Guidelines
NOTE
A non-active controller is any stack unit that is not an active controller.
NOTE
If you use the command and set the level variable value to 1, this configuration shows in the show
run command output. If you use the no form of this command, the level variable value is set to 1 but
this configuration will not show in the show run command output.
The different levels and the corresponding correctional steps are as follows:
•If the level value is set to 0, the active controller does not perform any correctional steps.
•If the level value is set to 1 and the unit with the malfunctioning port is a non-active controller:
•The active controller checks if other ports in the same static LAG are fully operational.
•If the total bandwidth of the operational static LAG is equal to or more than 20 Gbps, the
malfunctioning port is error-disabled.
•If the total bandwidth of the operational static LAG is less than 20 Gbps and error-disabling
all ports of the LAG can lead to the disconnection of one or more other units from the
stack, the unit reloads.
•If the total bandwidth of the operational static LAG is less than 20 Gbps and error-disabling
all ports of the LAG does not lead to the disconnection of one or more other units from the
stack, all the ports of the LAG are error-disabled.
•If the level value is set to 2 and the unit with the malfunctioning port is a non-active controller,
the unit reloads. After this reload, if any other non-active controller unit is not able to
communicate with the active controller, it also reloads.
22 FastIron Family Documentation Updates
53-1002757-07
Enabling broadcast or unknown unicast traffic to the PVLAN on FSX devices
•If the level value is set to 3, the correctional steps in level 2 are performed. If the port is still not
operating correctly, the entire stack reloads.
NOTE
You can use the show errdisable summary command to view a list of all error-disabled ports with the
reason for error-disabling these ports.
NOTE
Traffic interruption happens for a few seconds or longer while the port malfunction is detected and
fixed.
Examples The following example shows the configuration of stack port resiliency on a stack with the level
variable value set to 2.
Brocade(config)# stack stack-port-resiliency 2
History
Related
Commands
show errdisable summary
Enabling broadcast or unknown unicast traffic to the PVLAN on FSX
devices
The following content was erroneously excluded from the 7.4 Layer 2 configuration guide:
Command syntax
To configure the ports in the primary VLAN to forward broadcast or unknown unicast and multicast
traffic received from sources outside the PVLAN, enter the following commands at the global
CONFIG level of the CLI.
Brocade(config)# pvlan-preference broadcast flood
Brocade(config)# pvlan-preference unknown-unicast flood
These commands enable forwarding of broadcast and unknown-unicast packets to ports within the
PVLAN. To again disable forwarding, enter a command such as the following.
Brocade(config)# no pvlan-preference broadcast flood
This command disables forwarding of broadcast packets within the PVLAN.
Syntax: [no] pvlan-preference broadcast | unknown-unicast flood
Release Command History
07.3.00g This command was introduced.
FastIron Family Documentation Updates 23
53-1002757-07
Selection of master node
NOTE
The pvlan-preference broadcast and pvlan-preference unknown-unicast commands are not
supported on the FCX and ICX platforms. These are supported on all the other FastIron platforms.
Selection of master node
NOTE
Any node on an MRP ring that has two shared interfaces cannot be elected as the master node.
Static MAC address
The following note in the “Configuring a multi-port static MAC address” and “Assigning static MAC
entries to priority queues” sections is not valid.
NOTE
The location of the static-mac-address command in the CLI depends on whether you configure
port-based VLANs on the device. If the device does not have more than one port-based VLAN (VLAN
1, which is the default VLAN that contains all the ports), the static-mac-address command is at the
global CONFIG level of the CLI. If the device has more than one port-based VLAN, then the
static-mac-address command is not available at the global CONFIG level. In this case, the command
is available at the configuration level for each port-based VLAN.
Power classes for PDs
The default maximum power allocation for a Class 0 PoE+ device has changed from 30 watts to
15.4 watts.
Multi-Device Port Authentication
In the table “Supported Multi-device port authentication (MDPA) features”, the feature “Source
guard protection” listed in “Support for Multi-Device Port Authentication together with:” is not
supported in Layer 2 images.
TABLE 1 Power classes for PDs
Class Usage Power (watts) from Power Sourcing Device
Standard PoE PoE+
0 default 15.4 15.4
1optional4 4
2optional7 7
3 optional 15.4 15.4
4optional15.430
24 FastIron Family Documentation Updates
53-1002757-07
Example 5: Configuring a static trunk group for devices in an IronStack
Example 5: Configuring a static trunk group for devices
in an IronStack
To configure a static trunk group for units in an IronStack and then deploy the trunk group, enter
the following commands:
Brocade (config)#trunk ethernet 1/1/1 ethernet 1/1/2
Trunk will be created in next trunk deploy
Brocade (config)#write memory
Brocade (config)#trunk deploy
The trunk configuration does not take effect until you deploy it.
The result of the configured trunk group in the show trunk output is as follows:
Brocade(config)#show trunk
Configured trunks:
Trunk ID: 1
Hw Trunk ID: 1
Ports_Configured: 2
Primary Port Monitored: Individually
Ports PortName Port_Status Monitor Rx_Mirr Tx_Mirr Monitor_Dir
1/1/1 none enable off N/A N/A N/A
1/1/2 none enable on 1/1/15 1/1/15 both
Operational trunks:
Trunk ID: 1
Hw Trunk ID: 1
Duplex: Full
Speed: 1G
Tag: No
Priority: level0
Active Ports: 2
Ports Link_Status port_state
1/1/1 active Forward
1/1/2 active Forward
SSH show commands
Effective from 07.2.03 FastIron release, there are following changes in SSH show commands:
•The ssh show-host-keys command is deprecated.
•The show ip ssh command output displays SSH server status and whether SSH authentication
keys are of DSA or RSA type.
Virtual Cable Testing support
Information in the 07.4.00a version of the FastIron Configuration Guide is not correct. The guide
will be updated in the next release. VCT is not supported on the following devices:
•Brocade FSX with third generation modules
•Brocade ICX 6610 devices
•Brocade ICX 6430 devices
FastIron Family Documentation Updates 25
53-1002757-07
ACL-based Rate Limiting and ACL Counting
•Brocade ICX 6450 devices
ACL-based Rate Limiting and ACL Counting
The feature support table in Chapter 50, Rate Limiting on FastIron WS Series Switches shows that
ICX 6610, ICX 6430, and ICX 6450 support ACL-based rate limiting. That is incorrect. These devices
do not support ACL-based Rate Limiting.
Also, that feature support table should say that ACL counting is not supported on ICX 6430.
FWS supports DSA keys only
The section on SSH2 authentication types in the FastIron Configuration Guide does not contain
information about the limitation for FWS devices. FWS devices support only DSA keys and hence
there are no options for the crypto key generate command. On FWS devices, the syntax is crypto
key generate | zeroize.
Stacking configuration for ICX 6430
Release 07.4.00a allows ICX 6430 48-port units and 24-port units to be included in an IronStack.
IPv6 routing features
Release 07.4.00a supports IPv6 static routes and ECMP load sharing on ICX 6450.
show link-aggregate partner
The “show link-aggregate partner” CLI command is new In software release 07.4.00c. It provides
information on the System Priority, System ID, Key, Actor, and Partner of each LAG port.
Local accounts with encrypted passwords
The service password-encryption command is deprecated in release 07.4.00a.
Brocade(config)#show link-aggregate partner
[SP - System Priority] [SID - System Id] [K - Key] [ACTR - ACTOR] [PRTR - PARTNER]
Port 1/1 ACTR(SP=1,SID=748e.f833.e600,K=10000) PRTR(SP=1,SID=0012.f223.3900,K=10000)
Port 1/2 ACTR(SP=1,SID=748e.f833.e600,K=30000) PRTR(SP=1,SID=748e.f820.e6c5,K=30000)
Port 4/1 ACTR(SP=1,SID=748e.f833.e600,K=10000) PRTR(SP=1,SID=0012.f223.3900,K=10000)
Port 4/2 ACTR(SP=1,SID=748e.f833.e600,K=10000) PRTR(SP=1,SID=0012.f223.3900,K=10000)
Port 16/1 ACTR(SP=1,SID=748e.f833.e600,K=10000) PRTR(SP=1,SID=0012.f223.3900,K=10000)
Port 16/2 ACTR(SP=1,SID=748e.f833.e600,K=30000) PRTR(SP=1,SID=748e.f820.e6c5,K=30000)
26 FastIron Family Documentation Updates
53-1002757-07
Displaying CPU utilization statistics
Displaying CPU utilization statistics
The show process cpu command is deprecated in release 07.4.00a.
Enabling port speed down-shift
The port speed down-shift feature is no longer supported in release 07.4.00a.
Specifying the maximum number of login attempts for
Telnet access
NOTE
The number of allowed telnet login attempts set by telnet login-retries command is only effective
when you configure telnet connection with both enable telnet authentication and enable telnet
password commands.
MCT configuration considerations
The following content in the 07.4.00a version of the FastIron Configuration Guide is incomplete or
inaccurate:
•An ICL is preferably a static trunk that provides port level redundancy and higher bandwidth for
cluster communication.
•An ICL cannot be an LACP trunk (must be either a static trunk or single port).
The revised content is as follows:
•It is recommended that you set up ICL as a static trunk with at least two ports. This provides
port level redundancy and higher bandwidth for cluster communication.
•An ICL cannot be a regular port link or an LACP trunk. It must be a single or multiple ports
static trunk.
The following content is an additional MCT configuration consideration in the 07.4.00a version of
the FastIron Configuration Guide:
•In any MCT configuration, there are two different cluster-related IDs, the Cluster ID and the
Cluster RBridge ID. The Cluster ID uniquely identifies a cluster and all cluster devices in the
same MCT cluster have the same Cluster ID. The Cluster RBridge ID uniquely identifies a
cluster device within the cluster. To avoid conflicts, ensure that the Cluster ID and the Cluster
RBridge ID are unique within an MCT configuration and not confused with each other.
FastIron Family Documentation Updates 27
53-1002757-07
Chapter
4
Documentation updates for Unified IP MIB Reference
The information in this section is a supplement to the Unified IP MIB Reference.
Supported on FastIron devices
FastIron devices support the following RFC:
•3411 – SNMP Framework MIB
NOTE
In RFC 3411, the snmpEngineBoots object supports the maximum value 9999.
28 FastIron Family Documentation Updates
53-1002757-07
Supported on FastIron devices