™
BLADEOS
Release Notes
1/10Gb Uplink Ethernet Switch Module for IBM BladeCenter
Version 5.1
®
Part Number: BMD00098, December 2009
2350 Mission College Blvd.
Suite 600
Santa Clara, CA 95054
Release Notes
The 1/10Gb Uplink Ethernet Switch Module (GbESM) is one of up to four GbESMs that can be
installed in the IBM BladeCenter chassis.
These release notes provide the latest information regarding BLADEOS 5.1 for the 1/10Gb Uplink
Ethernet Switch Module. This supplement modifies information found in the complete
documentation:
ꢀ
ꢀ
ꢀ
ꢀ
ꢀ
BLADEOS 5.1 Application Guide for the 1/10Gb Uplink Ethernet Switch Module for IBM
BladeCenter
BLADEOS 5.1 Command Reference for the 1/10Gb Uplink Ethernet Switch Module for IBM
BladeCenter
BLADEOS 5.1 ISCLI Reference for the 1/10Gb Uplink Ethernet Switch Module for IBM
BladeCenter
BLADEOS 5.1 BBI Quick Guide for the 1/10Gb Uplink Ethernet Switch Module for IBM
BladeCenter
1/10Gb Uplink Ethernet Switch Module for IBM BladeCenter, Installation Guide
The publications listed above are available from the IBM support website:
Please keep these release notes with your product manuals.
BMD00098, December 2009
3
BLADE OS 5.1 Release Notes
Hardware Support
BLADEOS 5.1 software is supported only on the 1/10Gb Uplink Ethernet Switch Module
(Figure 1) for IBM BladeCenter. The GbESM is a high performance Layer 2-3 embedded network
switch that features tight integration with IBM BladeCenter management modules.
Figure 1 1/10Gb Uplink ESM Faceplate
1
2
SFP+ slots
10Gb Ethernet
RS-232
console port
3
4
6
7
RJ45 ports
1Gb Ethernet
9
The GbESM has the following port capacities:
ꢀ
ꢀ
ꢀ
ꢀ
ꢀ
Three external 10Gb SFP+ slots
Six external 1Gb Ethernet ports (RJ45)
One RS-232 serial console port
Two 100Mb internal management ports
Fourteen 1000Mb Ethernet internal ports
4
BMD00098, December 2009
BLADE OS 5.1 Release Notes
The GbESM contains three 10 Gigabit Small Form-factor, Pluggable (SFP+) slots. The 10Gb SFP+
slots can accept 1Gb copper transceivers, 10Gb optical transceivers, or Direct Attach Cables
(DAC).
Note – If a DAC is not programmed to meet MSA specifications (including length identifier), the
switch disables the port and generates a syslog message indicating that the DAC is not approved.
The GbESM does not disable the SFP+ ports when using MSA-compliant DAC cables. For best
results, the following cables have been qualified to work with the switch:
Table 1 Recommended SFP+ transceiver
Part number
Description
BN-SP-CBL-1M SFP+ Copper Direct Attach Cable - 1 meter
BN-SP-CBL-3M SFP+ Copper Direct Attach Cable - 3 meters
BN-SP-CBL-7M SFP+ Copper Direct Attach Cable - 7 meters
BN-SP-CBL-10M SFP+ Copper Direct Attach Cable - 10 meters
BMD00098, December 2009
5
BLADE OS 5.1 Release Notes
Updating the Switch Software Image
The switch software image is the executable code running on the GbESM. A version of the image
ships with the switch, and comes pre-installed on the device. As new versions of the image are
released, you can upgrade the software running on your switch. To get the latest version of software
available for your GbESM, go to:
From the BLADEOS CLI, use the /boot/cur command to determine the current software version.
The typical upgrade process for the software image consists of the following steps:
ꢀ
ꢀ
ꢀ
Place the new image onto a FTP or TFTP server on your network, or on a local computer.
Transfer the new image to your switch.
Select the new software image to be loaded into switch memory the next time the switch is reset.
Loading New Software to Your Switch
The switch can store up to two different software images, called image1 and image2, as well as
boot software, called boot. When you load new software, you must specify where it should be
placed: either into image1, image2, or boot.
For example, if your active image is currently loaded into image1, you would probably load the
new image software into image2. This lets you test the new software and reload the original active
image (stored in image1), if needed.
To download a new software image to your switch, you will need the following:
ꢀ
The image and boot software loaded on a FTP or TFTP server on your network
ꢀ
ꢀ
Boot file:
GbESM-1-10U-5.1.1.0_Boot.img
Image file: GbESM-1-10U-5.1.1.0_OS.img
Note – Be sure to download both the new boot file and the new image file.
ꢀ
ꢀ
The hostname or IP address of the FTP or TFTP server
The name of the new software image or boot file
Note – The DNS parameters must be configured if specifying hostnames.
When the above requirements are met, use one of the following procedures to download the new
software to your switch. You can use the BLADEOS CLI, the ISCLI, or the BBI to download and
activate new software.
6
BMD00098, December 2009
BLADE OS 5.1 Release Notes
Using the BLADEOS CLI
1. At the Boot Options# prompt, enter:
Boot Options# gtimg
2. Enter the name of the switch software to be replaced:
Enter name of switch software image to be replaced
["image1"/"image2"/"boot"]: <image>
3. Enter the hostname or IP address of the FTP or TFTP server.
Enter hostname or IP address of FTP/TFTP server: <hostname or IP address>
4. Enter the name of the new software file on the server.
Enter name of file on FTP/TFTP server: <filename>
The exact form of the name will vary by server. However, the file location is normally relative to the
FTP or TFTP directory (usually /tftpboot).
5. Enter your username for the server, if applicable.
Enter username for FTP server or hit return for
TFTP server: {<username>|<Enter>}
6. The system prompts you to confirm your request.
Once confirmed, the software will load into the switch.
7. When loading is complete, enter the following command at the Boot Options# prompt:
Boot Options# image
8. The system informs you of which software image (image1 or image2) is currently set to be
loaded at the next reset, and prompts you to enter a new choice:
Currently set to use switch software "image1" on next reset.
Specify new image to use on next reset ["image1"/"image2"]:
Specify the image that contains the newly loaded software.
BMD00098, December 2009
7
BLADE OS 5.1 Release Notes
Using the ISCLI
1. In Privileged EXEC mode, enter the following command:
Router# copy {tftp|ftp} {image1|image2|boot-image}
2. Enter the hostname or IP address of the FTP or TFTP server.
Address or name of remote host: <name or IP address>
3. Enter the name of the new software file on the server.
Source file name: <filename>
The exact form of the name will vary by server. However, the file location is normally relative to the
FTP or TFTP directory (usually tftpboot).
4. Enter your username and password for the server, if applicable.
User name: {<username>|<Enter>}
5. The system prompts you to confirm your request.
Once confirmed, the software will load into the switch.
6. When loading is complete, use the following command in Global Configuration mode to select
which software image (image1 or image2) you want to run in switch memory for the next
reboot:
Router(config)# boot image {image1|image2}
The system will then verify which image is set to be loaded at the next reset:
Next boot will use switch software image1 instead of image2.
8
BMD00098, December 2009
BLADE OS 5.1 Release Notes
Using the BBI
You can use the Browser-Based Interface to load software onto the GbESM. The software image to
load can reside in one of the following locations:
ꢀ
ꢀ
ꢀ
FTP server
TFTP server
Local computer
After you log onto the BBI, perform the following steps to load a software image:
1. Click the Configure context tab in the toolbar.
2. In the Navigation Window, select System > Config/Image Control.
The Switch Image and Configuration Management page appears.
3. If you are loading software from your computer (HTTP client), skip this step and go to the next.
Otherwise, if you are loading software from a FTP/TFTP server, enter the server’s information in
the FTP/TFTP Settings section.
4. In the Image Settings section, select the image version you want to replace (Image for Transfer).
ꢀ
ꢀ
If you are loading software from a FTP/TFTP server, enter the file name and click Get Image.
If you are loading software from your computer, click Browse.
In the File Upload Dialog, select the file and click OK. Then click Download via Browser.
Once the image has loaded, the page refreshes to show the new software.
BMD00098, December 2009
9
BLADE OS 5.1 Release Notes
New and Updated Features
BLADEOS 5.1 for 1/10Gb Uplink Ethernet Switch Module (GbESM) has been updated to include
new and enhanced features in support of server and peer switch discovery, as well as failure
detection at the link layer. In addition, there are enhancements to existing implementations in the
areas of dynamic routing protocols, configuration and reporting.
The list of features below summarizes the updated features. For more detailed information about
configuring GbESM features and capabilities, refer to the complete BLADEOS 5.1 documentation
as listed on page 3.
Remote Monitoring
BLADEOS 5.1 now supports Remote Monitoring (RMON).
RMON allows network devices to exchange network monitoring data, gather cumulative and
history statistics for Ethernet interfaces, and create and trigger alarms for user-defined events.
An RMON management application can be used to access RMON MIB information on the GbESM,
as described in RFC 1757. The switch supports RMON Group 1 (Statistics), Group 2 (History),
Group 3 (Alarms), and Group 9 (Events).
RMON properties are configured globally in the RMON menu, and enabled on a per-port basis in
the Port menu:
# /cfg/rmon
(global RMON menu)
-and-
# /cfg/port <x>/rmon
(per-port RMON menu)
Link Layer Detection Protocol
BLADEOS 5.1 now supports 802.1AB Link Layer Detection Protocol (LLDP). Using LLDP, the
GbESM advertises port and link information to other LLDP-capable devices and accepts their
LLDP advertisements for the purpose of discovering pertinent information about remote ports.
Switch port information and any remote device information is stored in a Managed Information
Base (MIB). Higher-layer management tools may access the MIB to accumulate and report such
information, and even to and discover configuration inconsistencies between systems on the same
IEEE 802 LAN.
The LLDP configuration menu is accessed using the following CLI command:
# /cfg/l2/lldp
10
BMD00098, December 2009
BLADE OS 5.1 Release Notes
Uni-Directional Link Discovery Protocol
BLADEOS 5.1 now supports the Uni-Directional Link Discovery (UDLD) protocol, compliant
with RFC 5171. UDLD operates at Layer 2 in conjunction with existing IEEE 802.3 Layer 1 fault
detection mechanisms. It is used between peer devices to detect and disable unidirectional Ethernet
links caused, for instance, by mis-wired cable strands, interface malfunctions, or media converter
faults.
UDLD is configured on a per-port basis. It is disabled by default. The UDLD configuration menu is
available using the following CLI command:
# /cfg/port <x>/udld
Operation/Administration/Maintenance Protocol
BLADEOS 5.1 now supports IEEE 802.3ah Operation, Administration, and Maintenance (OAM)
protocol. OAM allows the switch to detect faults on physical port links. Using OAM, if the Local
Information that a port sends does not match the Remote Information received, the link is
determined to be in an anomalous condition and is automatically disabled.
OAM is configured on a per-port basis. It is disabled by default. The OAM configuration menu is
available using the following CLI command:
# /cfg/port <x>/oam
sFlow Monitoring
BLADEOS 5.1 now supports sFlow technology for monitoring traffic in data networks. The switch
software includes an embedded sFlow agent which can be configured on a per-port basis to sample
network traffic and provide continuous statistical report information to a central sFlow analyzer.
sFlow features are disabled by default, but may be configured using the following menu:
# /cfg/sys/sflow
BMD00098, December 2009
11
BLADE OS 5.1 Release Notes
Internal Loopback Interface
BLADEOS 5.1 now supports up to five loopback interfaces.
A loopback interface is an interface which is assigned an IP address, but is not associated with any
particular physical port. The loopback interface is thus always available for higher layer protocols
to use and advertise to the general network, regardless of which specific ports are in operation.
Loopback interfaces can be of benefit in a number of protocols, improving access to a switch, as
well as increasing its reliability, security, and scalability. In addition, loopback interfaces can add
flexibility and simplify management, information gathering, and filtering.
One example of this increased reliability is for OSPF to use a loopback interface in combination
with host routes to advertise an interface route which will be available regardless of the status of
individual physical links. This provides a higher probability that the routing traffic will be received
and subsequently forwarded.
Further reliability and performance could be provided by configuring parallel BGP paths to a
loopback interface on a peer device, which would result in improved load sharing.
Access and security can be improved through filtering. Incoming traffic can be filtered by rules that
specify loopback interfaces as the only acceptable destination addresses.
Information gathering and filtering as well as management can potentially be simplified if protocols
such as SNMP use loopback interfaces for receiving and sending trap and log type information.
The Loopback Interface configuration menu is accessed using the following CLI command:
# /cfg/l3/loopif <loopback interface number (1-5)>
Rate Limiting
BLADEOS 5.1 now supports traffic rate limits for packets broadcast, multicast, and unknown
unicast packets. For each port, the maximum number of packets permitted per second for each
packet type can be specified. The following commands have been added to the Port menu
(/cfg/port <x>) to support rate limiting:
ꢀ
ꢀ
ꢀ
brate <value>|dis
mrate <value>|dis
drate <value>|dis
Broadcast limit, 0 to 262143 packets per second, or no limit.
Multicast limit, 0 to 262143 packets per second, or no limit.
Unknown unicast limit, 0 to 262143 packets per second, or no limit.
12
BMD00098, December 2009
BLADE OS 5.1 Release Notes
Hot Links
BLADEOS 5.1 now supports Hot Links. Hot Links provides basic link redundancy with fast
recovery for network topologies that require Spanning Tree to be turned off.
Hot Links allows up to five triggers, each of which consists of a pair of layer 2 interfaces that may
contain either an individual port or trunk. One interface is the Master, and the other is a Backup.
While the Master interface is active and forwarding traffic, the Backup interface is placed in a
standby state and blocks traffic. If the Master interface fails, the Backup interface becomes active
and forwards traffic. Once the Master interface is restored, it transitions to the standby state and
blocks traffic unless the Backup interface fails.
OSPF Enhancements
BLADEOS 5.1 includes multiple enhancements to the GbESM Open Shortest Path First (OSPF)
implementation:
ꢀ
Passive Interfaces
OSPF interfaces may be configured as passive. Passive interfaces send LSAs to active
interfaces, but do not receive LSAs, hello packets, or any other OSPF protocol information
from active interfaces. Passive interfaces behave as stub networks, allowing OSPF routing
devices to be aware of devices that do otherwise participate in OSPF (either because they do
not support it, or because the administrator chooses to restrict OSPF traffic exchange or
transit). The following command has been added:
# /cfg/l3/ospf/if <x>/passive {enable|disable}
ꢀ
Point-to-Point Networks
For LANs that have only two OSPF routing agents (the GbESM and one other device),
specifying the interfaces as part of a point-to-point network allows the switch to significantly
reduce the amount of routing information it must carry and manage, enhancing OSPF
efficiency. The following command has been added:
# /cfg/l3/ospf/if <x>/ptop {enable|disable}
ꢀ
Sub-second timers
To increase OSPF convergence speed, hello and dead timers for OSPF interfaces and virtual
interfaces can now specified in milliseconds by adding “ms” to the number. For example:
# /cfg/l3/ospf/if <x>/hello 200ms
(200 milliseconds)
ꢀ
Loopback Interface Address
OSPF can now be configured to use the GbESM internal loopback address in advertising its
Router ID.
BMD00098, December 2009
13
BLADE OS 5.1 Release Notes
LACP Trunk Enhancements
BLADEOS 5.1 now supports up to eight links in each LACP Link Aggregation Group (LAG).
Layer 2 Failover Enhancements
BLADEOS 5.1 includes multiple enhancements to the Layer 2 Failover feature to support advanced
NIC teaming:
ꢀ
In addition to the automatic monitoring triggers for trunk links, the switch software now
supports new manual monitoring triggers. This allows you to define a list of ports and/or static
or dynamic trunks to disable when a link failure thresdhold is reached on set of trigger ports
and/or static or dynamic trunks.
ꢀ
Up to two LACP keys can be used for each failover trigger. Previously, only one per trigger was
supported.
ACL Precedence Enhancement
With BLADEOS 5.1, the implementation of Access Control Lists (ACLs) has been standardized to
use ascending order of precedence.
ACLs that are assigned to a port are now processed in numeric sequence, based on ACL number.
Lower-numbered ACLs take precedence over higher-numbered ACLs within each precedence
group. For example, ACL 1 (if assigned to the port) is evaluated first and has top priority within
precedence group 1.
When upgrading from an earlier version of BLADEOS, the ACLs are automatically renumbered to
maintain prior function within the new order of precedence.
Forwarding Database Enhancements
Configuration of the Forwarding Database (FDB) aging feature has been simplified. Because FDB
aging required the same value configured in all Spanning Tree Groups (STGs), the per-STG aging
parameters have been replaced with a single, global configuration command:
# /cfg/l2/stg <STG number>/brg/aging <value>
(old per-STG command)
-replaced by-
# /cfg/l2/fdb/aging <value>
(new global command)
14
BMD00098, December 2009
BLADE OS 5.1 Release Notes
ISL Layer 2 Protocol Enhancements
BLADEOS 5.1 now supports additional Layer 2 protocols on Inter-Switch Link (ISL) ports:
ꢀ
ꢀ
ꢀ
ꢀ
ꢀ
ꢀ
ꢀ
VRRP
STP
RSTP/MSTP
802.1Q VLAN Tagging
802.1p QoS/CoS
802.1X Port-Based Access Control
ACLs
STP Fast Uplink Bridge Priority
With BLADEOS 5.1, the Fast Uplink Convergence bridge priority has been set to 65535.
CLI List and Range Inputs
For CLI commands that allow an individual item to be selected from within a numeric range, lists
and ranges of items can now be specified. For example, the /info/vlan command permits the
following options:
# /info/vlan
(show all VLANs)
# /info/vlan 1
(show only VLAN 1)
# /info/vlan 1,3,4095
# /info/vlan 1-20
# /info/vlan 1-5,90-99,4090-4095
# /info/vlan 1-5,19,20,4090-4095
(show listed VLANs)
(show range 1 through 20)
(show multiple ranges)
(show a mix of lists and ranges)
The numbers in a range must be separated by a dash: <start of range>-<end of range>
Multiple ranges or list items are permitted using a comma: <range or item 1>,<range or item 2>
Do not use spaces within list and range specifications.
Ranges can also be used to apply the same command option to multiple items. For example, to
enable multiple ports with one command:
# /cfg/port 1-4/ena
(Enable ports 1 though 4)
Note – Port ranges accept only port numbers, not aliases such as INT1 or EXT1
BMD00098, December 2009
15
BLADE OS 5.1 Release Notes
Chassis Internal Network
BLADEOS 5.1 now supports BladeCenter Chassis Internal Network (CIN). CIN provides internal
connectivity between blade server ports and the internal Advanced Management Module (AMM)
port. This allows blade server users to access the AMM via CLI, web-browser, or SNMP session,
and allows the AMM to use services on the blades, such as LDAP, SMTP, DNS, and NTP.
BC-S Chassis Support
BLADEOS 5.1 supports the BladeCenter BC-S chassis. When the GbESM is installed in the BC-S
chassis, the following information displays reflect the BC-S port mapping:
ꢀ
Port link information (/info/link) for switches installed in bay 1 and bay 2:
Alias
----
Port
-----
Speed
-----
1000
1000
1000
1000
1000
1000
1000
1000
1000
1000
1000
1000
1000
1000
100
10000
10000
10000
1000
1000
1000
1000
1000
1000
Duplex
-------- --TX-----RX--
Flow Ctrl
Link
------
up
up
up
up
down
up
up
up
up
up
up
up
up
up
up
up
up
up
up
up
up
up
up
up
INT1A
INT1B
INT2A
INT2B
INT3A
INT3B
INT4A
INT4B
INT5A
INT5B 10
INT6A 11
INT6B 12
SMGT1 13
SMGT2 14
MGT1
EXT1
EXT2
EXT3
EXT4
EXT5
EXT6
EXT7
EXT8
EXT9
1
2
3
4
5
6
7
8
9
full
full
full
full
full
full
full
full
full
full
full
full
full
full
full
any
any
any
any
any
any
any
any
any
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
15
17
18
19
20
21
22
23
24
25
16
BMD00098, December 2009
BLADE OS 5.1 Release Notes
Port link information (/info/link) for switches installed in bay 3 and bay 4:
ꢀ
Alias
----
Port
-----
Speed
-----
Duplex
-------- --TX-----RX--
Flow Ctrl
Link
------
INT1
INT2
INT3
INT4
INT5
INT6
MGT1
EXT1
EXT2
...
1
2
3
4
5
1000
1000
1000
1000
1000
1000
100
full
full
full
full
full
full
full
any
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
yes
up
up
down
up
up
up
up
up
up
6
15
17
18
10000
10000
any
ꢀ
Port information (/info/port) for switches installed in bay 1 and bay 2:
Alias Port Tag Fast Lrn Fld PVID
NAME
VLAN(s)
----- ---- --- ---- --- --- ---- -------------- --------------------
INT1A
INT1B
INT2A
INT2B
INT3A
INT3B
INT4A
INT4B
INT5A
INT5B 10
INT6A 11
INT6B 12
SMGT1 13
SMGT2 14
MGT1
EXT1
EXT2
EXT3
EXT4
EXT5
EXT6
EXT7
EXT8
EXT9
1
2
3
4
5
6
7
8
9
y
y
y
y
y
y
y
y
y
y
y
y
y
y
y
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
n
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
1 INT1A
1 INT1B
1 INT2A
1 INT2B
1 INT3A
1 INT3B
1 INT4A
1 INT4B
1 INT5A
1 INT5B
1 INT6A
1 INT6B
1 SMGT1
1 SMGT2
4095*MGT1
1 EXT1
1 4095
1 4095
1 4095
1 4095
1 4095
1 4095
1 4095
1 4095
1 4095
1 4095
1 4095
1 4095
1 4095
1 4095
4095
1
1
1
1
1
1
1
1
1
15
17
18
19
20
21
22
23
24
25
1 EXT2
1 EXT3
1 EXT4
1 EXT5
1 EXT6
1 EXT7
1 EXT8
1 EXT9
BMD00098, December 2009
17
BLADE OS 5.1 Release Notes
Port information (/info/port) for switches installed in bay 3 and bay 4:
ꢀ
Alias Port Tag Fast Lrn Fld PVID
NAME
VLAN(s)
----- ---- --- ---- --- --- ---- -------------- --------------------
INT1
INT2
INT3
INT4
INT5
INT6
MGT1
EXT1
EXT2
...
1
2
3
4
5
y
y
y
y
y
y
y
n
n
n
n
n
n
n
n
n
n
n
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
e
1 INT1
1 INT2
1 INT3
1 INT4
1 INT5
1 4095
1 4095
1 4095
1 4095
1 4095
1 4095
4095
6
1 INT6
15
17
18
4095*MGT1
1 EXT1
1
1
1 EXT2
Other Features
BLADEOS 5.1 now also supports
PVRST
ꢀ
18
BMD00098, December 2009
BLADE OS 5.1 Release Notes
Supplemental Information
This section provides additional information about configuring and operating the GbESM and
BLADEOS.
Management Module
ꢀ
The “Fast POST=Disabled/Enabled” inside the IBM management module Web interface “I/O
Module Admin Power/Restart” does not apply to the GbESM.
Solution: To boot with Fast or Extended POST, go to the “I/O Module Admin/Power/Restart”
window. Select the GbESM, and then choose “Restart Module and Run Standard Diagnostics”
or “Restart Module and Run Extended Diagnostics.”
ꢀ
The following table correlates the Firmware Type listed in the IBM management module’s Web
interface “Firmware VPD” window to the GbESM software version:
Table 2 Firmware Type list
Firmware Type
Description
Boot ROM
GbESM Boot code version
Main Application 1 Currently running image
Main Application 2 Backup image
ꢀ
Within the IBM management module Web interface, the Java applets of “Start Telnet Session”
and “Start Web Session” do not support changing of default known ports 23 and 80
respectively.
Solution: If the Telnet or HTTP port on the GbESM is changed to something other than the
default port number, the user must use a separate Telnet client or Web browser that supports
specifying a non-default port to start a session to the GbESM user interface.
BMD00098, December 2009
19
BLADE OS 5.1 Release Notes
Management Module/GbESM Connectivity
Currently, the IBM management module is designed to provide one-way control of the GbESM. As
a result, the GbESM may lose connectivity to the management module via the management port
under the following conditions:
ꢀ
If new IP attributes are pushed from the management module to the GbESM while the IP
Routing table is full, the new attributes will not be applied.
Solution: Enable “External Management over all ports,” connect to the switch using other
interface and then clear the routing table. Then push the IP address from the management
module. If this does not work, use Solution 2 below.
ꢀ
If you execute the /boot/reset CLI command on the GbESM or the GbESM resets itself, the
management module might not push the IP attributes to the switch, and connectivity may be
lost.
Solution 1: If you should experience any connectivity issues between the switch module and the
management module, go to the “I/O Module Configuration” window on the management module’s
Web interface. Under the “New Static IP Configuration” section, click Save to trigger the
management module to push the stored IP attributes to the switch module.
Solution 2: If Solution 1 does not resolve your connectivity issue, then go to the “I/O Module
Admin/Power/Restart” window on the management module’s Web interface. Restart the switch
module in question.
Solution 3: If this still does not resolve the issue, enable Preserve new IP configuration on all resets
setting on the management module and restart the switch module via the “I/O Module
Admin/Power/Restart” window on the management module’s Web interface.
Note – As a rule, always use the management module Web interface to change the GbESM
management IP attributes (IP address, mask and gateway), and then click Save to push the IP
attributes to the switch module. Use of the command-line interface to change the switch module
management IP attributes may result in duplicated entries for the management IP Interface in the
switch route table and/or loss of connectivity via the management module.
20
BMD00098, December 2009
BLADE OS 5.1 Release Notes
Secure Management Network
The following GbESM attributes are reserved to provide secure management access to and from the
IBM management module:
Internal management—
ꢀ
ꢀ
ꢀ
ꢀ
ꢀ
MGT1 (port 15) and MGT2 (port 16)
VLAN 4095
IP interface 128
Gateway 4
STG 128
For more information about remotely managing the GbESM through the external ports, see
“Accessing the Switch” in the BLADEOS 5.1 Application Guide.
Note – The external uplink ports (EXTx) cannot be members of management VLANs.
Secure Shell (SSH)
Because SSH key generation is CPU intensive, the GbESM attempts to avoid unnecessary key
generation. The process generates three server keys:
1. One key is generated to replace the current server key, if used.
2. A second key is generated as a spare, in case the current server key is used and the specified interval
expires.
3. A third key is generated for use at the next reboot.
Therefore, if you never login via SSH, you will only see two key generation events. You may see all
three events directly following a reboot. If you want to witness the key generation after the specified
interval has expired, then you must login via SSH at least once during each expiration interval.
Trunk Group Configuration Tips
Please be aware of the following information when you configure trunk groups:
ꢀ
ꢀ
Always configure trunk groups first on both ends, before you physically connect the links.
Configure all ports in a trunk group to the same speed (you cannot aggregate 1Gb ports with
10GBASE-SFP+ ports).
BMD00098, December 2009
21
BLADE OS 5.1 Release Notes
Spanning Tree Configuration Tips
To ensure proper operation with switches that use Cisco Per VLAN Spanning Tree (PVST+), you
must do one of the following:
ꢀ
ꢀ
Create a separate Spanning Tree Group for each VLAN.
Manually add all associated VLANs into a single Spanning Tree Group.
When using Layer 2 Trunk Failover, disable Spanning Tree Protocol on external ports.
Syslog Configuration Tip
The facility parameter traditionally is used to correlate services (such as IP, CLI, etc.) to messages.
This is done to distinguish between the different services that are running in the network/device.
However, for the GbESM, there is a single configured facility value (0-7) used on all messages. By
configuring a unique facility value for each switch, a single SYSLOG server can distinguish
between the various GbESMs in the network. Refer to “System Host Log Configuration” in the
BLADEOS 5.1 Command Reference.
Internal Port Autonegotiation
By default, link autonegotiation is turned on for internal ports. This is in contrast to external ports,
where autonegotiation is off by default. Internal ports use autonegotiation in order to support the
Wake-Over-LAN (WOL) features of some servers. If an attached server does not support
autonegotiation or WOL, turn autonegotiation off for the internal port.
FTP/TFTP Directory Path
When you use the CLI to perform a FTP/TFTP file transfer, you cannot use a forward slash ( / ) in
the directory path, unless it is preceded by a back slash ( \ ). This issue occurs only when a full
command is issued on one line.
For example, the following is invalid:
# /boot/gtimg 1 10.10.10.2 image_directory/filename
The following is correct:
# /boot/gtimg 1 10.10.10.2 image_directory\/filename
22
BMD00098, December 2009
BLADE OS 5.1 Release Notes
Known issues
The following are known issues for BLADEOS 5.1 on the 1/10Gb Uplink Ethernet Switch Module.
Access Control Lists
ꢀ
When an Access Control List (ACL) is installed on two different ports, only one statistics
counter will be available. The GbESM does not support two different statistics counter for one
ACL installed on two different ports.
ꢀ
ꢀ
The ACL filters for TCP/UDP work properly only on packets that do not have IP options.
When configuring an ACL to set 802.1p priority for in-profile packets, and updating the DSCP
field using TOS bits for out-of-profile packets, the out-of-profile packets will have also the
802.1p priority set as defined in the in-profile setting.
ꢀ
Although the management port can be configured for port filtering option, actual port filtering
will not occur, because the system filters out the management VLAN.
IGMP Relay
ꢀ
When having joins from multiple VLANs, and the multicast data transmitter is on a VLAN that
did not receive any joins, multicast data is routed only if the flood option is disabled using the
/cfg/l3/igmp/adv/flood d command.
ꢀ
If an IGMP v2 joins an IGMP group on the same port where an IGMP v1 join has already been
issued, the software will default to the IGMP v1 timeout value.
Interoperability with Older Hubs
The command-line interface might display link up and link down messages continuously for an
external port that is connected to certain older hub models configured for 100 Mbps halfduplex. The
display might show link up erroneously. This behavior has been observed when connecting the
GbESM with the following devices:
ꢀ
ꢀ
ꢀ
ꢀ
ꢀ
NETGEAR FE104 100 hub
SBS 1000Base-T NIC
3Com Linkbuilder FMS100 Hub 3C250 TX/I
3Com SuperStack II 100TX 3C250C-TX-24/12
Nortel Baystack 204 Hub
If the GbESM is connected to an Alteon Application Switch which requires a link speed of 100
Mbps half-duplex, then enable auto negotiation on the GbESM port with port speed=any,
mode=any, fctl=both, and auto=on.
BMD00098, December 2009
23
BLADE OS 5.1 Release Notes
Link Aggregation Control Protocol
If a static trunk on a GbESM is connected to another GbESM with LACP configured (but no active
LACP trunk), the /info/l2/trunk command might erroneously report the static trunk as
forwarding.
Since LACP trunks use LACPDU packet to maintain trunking with the partner, there is a possibility
for those packets to be dropped from an extremely busy trunk. If this happens, some links in the
LACP trunk might be removed, then aggregated back to the trunk if an LACPDU is received. To
avoid this unstable LACP trunk link, you can add more links to the trunk to increase the bandwidth,
or use regular static trunk if there are no more links available.
Linking at 10/100Mb
When the link speed for an external connection is forced (i.e. no Auto-Negotiation) to 100 Mbps
and then changed to 10 Mbps, if the external device is changed first, the external device may
erroneously report the link as DOWN even after the GbESM is changed to 10 Mbps.
Solution: At the external device, disconnect and reconnect the cable.
Static Mrouter
If a port has a static multicast router (Mrouter) configured, and you move the port to a different
VLAN, the static Mrouter appears in the /info/l3/igmp/mrouter/dump output for the
original VLAN.
Solution: When you move the port to a new VLAN, remove the static Mrouter from the port, and
add it again.
QoS Metering
Traffic may exceed the configured maximum burst size of the ACL meter
(/cfg/port <x>/aclqos/meter/mbsize) by one packet, with that packet remaining
In-Profile. Once the ACL meter has been exceeded, additional burst packets fall Out-of-Profile.
QoS and Trunking
When you assign an ACL (or ACL Group) to one port in a trunk, BLADEOS does not automatically
assign the ACL to other ports in the trunk, and it does not prompt you to assign the ACL to other
ports in the trunk.
Solution: Manually assign each ACL or ACL Group to all ports in a trunk.
24
BMD00098, December 2009
BLADE OS 5.1 Release Notes
RADIUS with SSHv2
With RADIUS turned on, users might see a duplicate login prompt for SSHv2 clients, if the
RADIUS server is too slow to respond or if the RADIUS server is not available. In this case, users
must re-type the username and password to login.
RIP MIBs
Due to backward-compatibility issues, two Routing Information Protocol (RIP) MIBs are available
in BLADEOS: ripCfg and rip2Cfg. Use the rip2Cfg MIB to configure RIPv1 and RIPv2
through SNMP.
BLADEOS does not support the standard RIPv2 MIB, as described in RFC 1724. Use the
rip2Cfg MIB to configure RIPv1 and RIPv2 through SNMP.
Trunk and Link Loop
When you create a trunk or link loop between the GbESM and another switch, packets might loop
infinitely at line rate within the related links. When this problem occurs, the GbESM continuously
displays the following messages at the console:
WARNING: packet_sent u: 0, dv_active: tx ring full
packet_sent dcnt=114, public1=110, vcnt=1025
Solution: Remove the loop to resolve this misconfiguration.
Trunk Traffic
Multicast, broadcast and DLF (Destination Lookup Failure, which are unknown destination MAC
packets) traffic is sent to the lowest numbered port in the trunk. If this port is down, then the traffic
is sent to the next lowest-numbered port. If the port that was down comes up again, the traffic is not
re-hashed back to the recovered port.
Browser Based Interface
ꢀ
Some versions of Microsoft Internet Explorer version 6.x do not perform HTTP download
efficiently. If you have one of these versions, HTTP software download might take much
longer than expected (up to several minutes).
ꢀ
Web-browsers from different vendors may vary in their support of standard features. If you
encounter problems using the BBI in a particular browser, a different browser may resolve the
issue.
BMD00098, December 2009
25
BLADE OS 5.1 Release Notes
Strong Password Expiration
If you configure a Strong Password with automatic expiration, the password might not expire if the
system date and time is not configured first. Use of a Network Time Protocol (NTP) server resolves
this issue.
Solution: When you configure a strong password with automatic expiration, first configure the
system time and date for the switch.
26
BMD00098, December 2009
|
