OcNOS also drastically reduces operational costs as it can be used to address multiple solutions such as Data Center, Optical Transport, Cell Site Router, Provider Aggregation, and Passive Optical Networks.

OcNOS (Open Compute Network Operating System) is a network operating system designed to run on white-box network hardware, following the principles of disaggregated networking. OcNOS provides a software-based solution for network switches and routers, offering a flexible and open approach to networking.

Key Features of OcNOS:

OcNOS works with applications in diverse network environments, including data centers, service provider networks, enterprise networks, and cloud deployments. It provides an open, flexible environment and extensive protocol support for software-defined networking (SDN) and disaggregated networks.

Release 6.4.2 offers new software enhancement features. This section provides a high-level introduction to these compelling additions:

The following software enhancements further enhance the data center product deployments:

IP Infusion moved to a three-digit release version number from a two-digit release version number. An integer indicates major, Minor, and Maintenance release versions. Build numbers are for internal tracking and verification of the software build process and are visible to customers as part of the software version number.

Product Name: IP Infusion Product Family

Major Version: New customer-facing functionality that represents a significant change to the code base; in other words, a significant marketing change or direction in the product.

Minor Version: Enhancements/extensions to existing features, external needs, or internal requirements might be motivated by improvements to satisfy new sales regions or marketing initiatives.

Maintenance Version: It is a collection of product bugs/hotfixes and is usually scheduled every 30 or 60 days, based on the number of hotfixes.

Multi Home VxLAN IRB with OSPF and ISIS enhances the flexibility, active-active redundancy mode, and compatibility of network configurations by expanding the functionality of IRB interfaces to include OSPF and ISIS support. Consequently, it leads to an overall improvement in network performance and connectivity within the network infrastructure.

For more information, refer to the Multi Home VxLAN-EVPN IRB with OSPF or ISIS section in the VxLAN Configuration Guide, Release 6.4.2.

The current implementation of Remote Authentication Dial-In User Service (RADIUS) authentication assigns network-admin role to any user irrespective of the privilege-level. This behavior is modified in the current release. The RADIUS server is enhanced with an authorization service to assign the role to the authenticated users based on the privilege level specified in the RADIUS server.

For more information, refer to RADIUS Authorization Configuration section in the System Management Guide, Release 6.4.2.

Streaming Telemetry in OcNOS introduces new platform states that provide an understanding of the operational status and attributes of various components, including memory, board Field Replaceable Unit (FRU), and temperature. The inclusion of these platform states enhances visibility into the health and performance of the networking hardware, enabling network administrators to access information and improve their ability for enhanced management and troubleshooting.

For more information, refer to the Streaming Telemetry section in the OcNOS Key Feature document, Release 6.4.2.

 

Release 6.4.1 introduces three new platforms: Edgecore AS9716-32D, UfiSpace S6301-56ST, and UfiSpace S8901-54XC. This section provides more details about each platform.

The Edgecore AS9716-32D provides support for the following capabilities and comes equipped with configurable ports

Following are the ports supported on the AS9716-32D:

The following table lists the chipset and port layout supported by this platform:

For more information, refer to AS9716-32D Port Mapping chapter in the OcNOS Edgecore Installation Guide, Release 6.4.1.

The following ports are supported on the UfiSpace S6301-56ST:

For more information, refer to S6301-56ST Port Mapping chapter in the OcNOS UfiSpace Installation Guide, Release 6.4.1.

Following are the ports supported on the UfiSpace S8901-54XC:

The following table lists the chipset and port layout supported by this platform:

For more information, refer to S8901-54XC Port Mapping chapter in the OcNOS UfiSpace Installation Guide, Release 6.4.1.

The NetConf subsystem runs on the default access port 830 over SSH and port 6513 over TLS. Typically, these default access ports are not configurable and are always open. Hence, the NetConf port access control feature enhancement ensures that the Netconf-SSH and NetConf-TLS port access can be controlled and configurable through the new CLIs introduced in the 6.4.1 release.

This feature supports the following:

For more information, see the NetConf Port Access Control section in the OcNOS Key Feature document, Release 6.4.1.

The neighbor local-as command has been enhanced to hide the Autonomous System (AS) number of remote router from the external connected BGP peer. The local-as CLI command has been modified to add new options 'no-prepend'' and 'replace-as''. These options replace the remote AS number with the configured alternate AS in the AS_PATH and BGP OPEN message sent from the remote router. Hence, the remote AS is unknown to the external neighbor peer. This makes the neighbor believe that the received routes are from the alternate AS number included in the AS_PATH and BGP OPEN messages. Thus, the AS number of the remote BGP router is unknown to the external peer.

For more information, see the Hide the Remote AS using the neighbor local-as Command section in the OcNOS Key Feature document, Release 6.4.1.

The existing IGMP Snooping capability has been extended to include the Provider Bridged (PB) network.The following capabilities are supported:

For more information, see the Support IGMP Snooping for Provider Bridge section in the OcNOS Key Feature document, Release 6.4.1.

The manual configuration between the routing devices establishes the BGP peer that creates a Transmission Control Protocol (TCP) session. This feature enables the configuration of TCP Maximum Segment Size (MSS) that defines the maximum segment size in a single TCP segment during a communication session. A TCP segment is a unit of data transmitted in a TCP connection.

TCP MSS configuration per BGP neighbor adjusts the BGP Update Packet Size according to the configured value, which prevents the BGP update packet from getting dropped in transit. The configurable MSS range is from 40-1440. Configure TCP MSS per BGP neighbor using the CLI or NetConf interface.

For more information, refer to the TCP MSS configuration for BGP neighbors section in the OcNOS Key Feature document, Release 6.4.1.

Label Distribution Protocol (LDP) uses TCP to establish sessions between the devices. This feature enables the configuration of TCP Maximum Segment Size (MSS) that defines the maximum segment size in a single TCP segment during a communication session. The configuration of the TCP MSS for LDP neighbors helps the neighbors adjust the MSS value of the TCP SYN packet. The configurable MSS range is from 560 to 1440. Configure the TCP MSS through the CLI and NetConf interface.

For more information, refer to the TCP MSS configuration for LDP sessions section in the OcNOS Key Feature document, Release 6.4.1.

The number of BGP peers in a Peer-Group is limited to 32. This means that every time the number of peer members exceeded 32, a new Peer-Group has to be created.

To circumvent this need, the feature has been enhanced to increase the members in a peer group from 32 to 255.

The port breakout capability offers a robust and secure solution to divide 400GbE ports into multiple ports, ensuring a reliable network infrastructure. In today's networks, there is a demand for a diverse range of Ethernet interface speeds, including 10GbE, 25GbE, 40GbE, and 100GbE. It is essential to have a variety of cost-effective cabling options. This flexibility is crucial to address connectivity requirements and facilitate seamless migrations as network and density needs continue to evolve.

For more information, refer to Port Breakout (400G) for Qumran2 Series Platforms OcNOS Key Feature document, Release 6.4.1.

Single Home VxLAN IRB with OSPF and ISIS enhances the flexibility and compatibility of network configurations by expanding the functionality of IRB interfaces to include OSPF and ISIS support. Consequently, it leads to an overall improvement in network performance and connectivity within the network infrastructure.

For more information, see the Single Home VxLAN IRB with OSPF and ISIS section in the OcNOS Key Feature document, Release 6.4.1.

OcNOS has now included enhancements to password strength requirements, and the password must adhere to the following criteria:

For more information, refer to the username command in the OcNOS System Management Guide, Release 6.4.1.

In the event of a RADIUS server authentication failure, this feature provides the ability to fallback to the local authentication server. This occurs in the following two scenarios:

To implement the above requirements, the existing aaa authentication login default fallback error local non-existent-user vrf management command is used to enable fallback to local authentication server. This is disabled by default.

By default, the fallback to local authentication is applied when the RADIUS server is unreachable.

For more information, see the Fall Back Option for RADIUS Authentication section in the OcNOS Key Feature document, Release 6.4.1.

The existing Extended Access Control List (ACL) translation has been enhanced in this release. In general, the Virtual Teletype (VTY) ACLs are more specific to management protocols. Hence, the Extended ACL "Any'' rule translation is modified to allow or deny management protocols under the following conditions:

For more information, see the Modified Extended ACL Deny Rule Behavior in VTY section in the OcNOS Key Feature document, Release 6.4.1.

In OcNOS, this feature enhances the routing experience by forming a detour in a ring topology. When a failure or congestion occurs in the primary Label Switched Path (LSP), the detour protects data traffic. The detour formation is a local protection mechanism to minimize data traffic loss.

For more information, see the RSVP Detour Over Ring Topology section in the OcNOS Key Feature document, Release 6.4.1.

Execution of the Commit Rollback functionality within Common Management Layer Commands (CMLSH) allows for the rollback of configurations previously committed. To support this functionality, introduced the following CLIs:

For more information, refer to Commit Rollback section in the OcNOS Key Feature document, Release 6.4.1.

Streaming Telemetry in OcNOS introduces a dynamic monitoring approach, enabling real-time transmission of structured operational data from routers to external systems. Enable streaming telemetry for monitoring interface counters and the health of the OcNOS target device, including memory, CPU usage, fan speed, and temperature. OcNOS version 6.4.1 introduces the gNMI Server Subscribe model, which enables Dial-in mode Telemetry for the management plane.

For more information, refer to the Streaming Telemetry section in the OcNOS Key Feature document, Release 6.4.1.

The existing OcNOS-DC Switch Port Analyzer (SPAN) monitor session feature has been enhanced in current release to support VLAN ranges for VLAN monitor sessions. The VLAN range is supported only for ingress traffic.

The following two commands have been updated to support the VLAN ranges:

For more information, see the Support VLAN Range in SPAN section in the OcNOS Key Feature document, Release 6.4.1.

The Route Monitor feature in OcNOS introduces a standalone tracking mechanism designed to be used by various processes. It monitors the reachability state of an object through IP SLA.

With Route Monitor, multiple tracked objects can be configured on one or more interfaces, collectively influencing the interface's operational state.

For more information, refer to the Route Monitor section in the OcNOS Key Feature document, Release 6.4.1.

OcNOS extended support for ISIS, LDP, and Bridge-Domain OpenConfig Translation. This enhancement enables network administrators to manage these additional components using standardized YANG models. This promotes consistency and simplifies network management. This extension also offers network operators flexibility and comprehensive error reporting through OpenConfig paths, which can be valuable for troubleshooting and diagnostics.

The OpenConfig Translation feature provides the ability to manage multi-vendor networks through a unified interface, reducing operational costs and complexity for network operators.

In previous OcNOS versions, the network-instance type determination on OcNOS was based on the type leaf and some configurations that relied on the presence of the number of interfaces or endpoints. However, starting from the OcNOS 6.4.1 release version, the network-instance type determination is based on the /oc-netinst:network-instances/network-instance/config/type and /oc-netinst:network-instances/network-instance/encapsulation/config/encapsulation-type leaves.

For more information, refer to the ISIS OpenConfig Translation, LDP Openconfig Translation, VLAN OpenConfig Translation, and Network-instance Object Values for “type” Attribute sections in the OcNOS OpenConfig Command Reference Guide, Release 6.4.1.

The remove operation in Netconf is supported under the edit-config category. Users can execute this operation using either the merge or replace operation types. The remove operation functions similarly to the delete operation, with one crucial difference. In cases where the requested data is not present in the running configuration, instead of displaying a data-missing error, it will ignore this error and continue further processing.

For more information, refer to the Supported Operations chapter in the OcNOS NetConf User Guide, Release 6.4.1.

Dynamic Host Control Protocol (DHCP) Group provides the capability to specify multiple DHCP servers as a group on the DHCP relay agent and to correlate a relay agent interface with the server group.

This feature helps one configure the DHCP IPv4 and IPv6 groups and attach server IP addresses to the group. Creating a maximum of 32 IPv4 and 32 IPv6 groups per VRF is allowed, and configuring eight DHCP servers is permitted for each DHCP server group.

The DHCP relay agent forwards the request message from the DHCP client to multiple DHCP servers in the group. Forwarding the request message to multiple DHCP servers increases the reliability of obtaining network configuration information.

For more information, refer to DHCP group section in the OcNOS Key Feature document, Release 6.4.1.

In OcNOS, the Virtual Ethernet Identifier (VE-ID) range is increased from 1-64 to 1-65535. This allows network operators to configure and manage Virtual Private LAN Service (VPLS) instances. The VE-ID must be unique for the VPLS peers in a VPLS instance.

For more information, refer to the command reference page for ve-id in the Virtual Private LAN Service Commands chapter in the OcNOS Multi-Protocol Label Switching Guide, Release 6.4.1.

OcNOS provides the capability to configure the Virtual Router Redundancy Protocol (VRRP) over Multi-Chassis Link Aggregation (MLAG) feature for custom Virtual Routing and Forwarding (VRF).

Custom Virtual routing and forwarding (VRF) isolates and virtualizes the network at Layer 3 of the OSI model, as Virtual Local Area Network (VLAN) serves similarly at Layer 2. The VRFs are used to separate the network traffic and efficiently use the routers. VRF can also create Virtual Private Network (VPN) tunnels dedicated to a single network or a client.

For more information, refer to the Custom VRF Configuration section of the VRRP Configuration chapter in the OcNOS Layer 3 Guide, Release 6.4.1.

Executing the graceful restart CLI commands for BGP, ISIS, RSVP and OSPF modules, deletes in progress configurations if not saved and requires manual restart of the devices running these protocols. To address this issue, the following existing graceful restart CLI commands are enhanced to notify the user to save the configurations before executing them.

For more information, refer to the Layer 3 Configuration Guide, Release 6.4.1.

OcNOS introduces improved MAC mobility support for Layer 2 traffic in VXLAN-EVPN networks. Prior to this enhancement, virtual machines faced communication disruptions when moving between Virtual Tunnel End Points (VTEPs) within the network. With this improvement, dynamically learned MAC addresses remain persistent with aging disabled, ensuring uninterrupted communication for dynamic hosts across VTEPs. This enhances network flexibility and reliability. The static host behavior remains unchanged.

OcNOS now includes enhancements to the sys-update install and sys-update get functionalities by introducing support for Secure File Transfer Protocol (SFTP) and Secure Copy Protocol (SCP). These additions allow users to benefit from improved flexibility and security in managing software updates. These enhancements support IPv4 and IPv6 addresses and hostnames, helping network administrators and engineers.

For more information, refer to the Licensing and Upgrade Commands chapter in the OcNOS Licensing Guide, Release 6.4.1.

When the “show techsupport” command is executed, a file is generated in the “/var/log” directory.

Currently, the file deletion command is not implemented, so the problem exists that files cannot be deleted.

Introduced the following new CLI command that enables operators to remove files:

For more information, refer to Software Monitoring and Reporting in the OcNOS System Management Release 6.4.1.

The AS5835-54T/AS5835-54X/S8901-54XC Maverick2 devices accommodates a combination of port breakout options with hybrid port speeds. These devices support 6 ports (port 49-54) with 100G Ethernet QSFP28 interfaces. By using port breakout, divide the 100G QSFP28 ports (ce49, ce50, ce51, ce52, ce53, and ce54) into 4X10G/4X25G/2X50G as needed. When executing a port breakout on the 100G port ce50, the original ce50 port will be replaced with ce50/1, ce50/2, ce50/3, and ce50/4.

vThese breakout ports permit the configuration of all Layer 2 and Layer 3 features similar to standard ports. In scenarios where no port breakout is applied, ce50/1, ce50/2, ce50/3, and ce50/4 will be removed, and the original ce50 port will be added.

OcNOS has extended support for IPv6 in Static Route Object Tracking using the Internet Protocol Service Level Agreement (IP SLA), enhancing the management and monitoring of IPv6 traffic. Using the capabilities of IP SLA, the feature continuously assesses IP service quality by employing ICMP pings to detect link failures and promptly notify registered clients of any events. The outcome is a resilient network infrastructure, empowering administrators to quickly respond to changes in tracked object values, ensuring network stability and network reliability across IPv4 and IPv6 networks.

For more information, refer to the Static Route Object Tracking using IP SLA chapter in the OcNOS Layer 3 Guide, Release 6.4.1.

OcNOS introduces a new CLI command, show ip bgp vpnv4 all neighbors A.B.C.D routes, which enables users to view BGP VPNv4 routes for a specific neighbor. This addition provides users with improved visibility and control over their BGP VPNv4 routes, enhancing network monitoring and management capabilities.

For more information, refer to the show ip bgp vpnv4 command section in the OcNOS Layer 3 Guide, Release 6.4.1.

The Border Gateway Protocol (BGP) ADDPATH allows the advertisement of multiple paths through the same peer session for a given prefix without the new paths implicitly replacing any previous paths. This behavior promotes path diversity and reduces the severity of a network failure, thereby improving the control plane convergence in case of network failures.

This release adds several commands to the IPv4 VRF address-family. The additional commands are listed in this section. Global mode commands in ipv4 vrf address-family

For more information, refer to the BGP Additional Path OcNOS Layer 3 Guide, Release 6.4.1.

RSVP-TE is a signaling protocol that supports explicit routing capabilities. As part of this process, an Explicit Route (ER) object is incorporated into the RSVP PATH messages. This object encapsulates a sequence of hops that constitute the explicitly-routed path. Using the ER object, the paths taken by label-switched RSVP-MPLS flows are pre-determined without conventional IP routing.

The following are the new CLI commands added to OcNOS DC.

The following CLI commands are removed from OcNOS DC.

For more information, refer to the RSVP-TE Commands section in the OcNOS DC MPLS, Release 6.4.1.

The inbound route filtering is available for Ethernet Virtual Private Network (EVPN) address families. By default, Layer 2 Virtual Private Network (L2VPN) EVPN routes are not installed into the VRF BGP table without the matching import route target. This matching mechanism prevents saving the unmatched routes in the remote Route Distinguisher (RD) BGP table and reduces memory consumption.

For more information, see the command reference page for bgp inbound-route-filter in the BGP Virtual Private Network Commands chapter in OcNOS Layer 3 Configuration guide, Release 6.4.1.

The enhanced EVPN Route Show Command now includes prefix-route for precision and detail for in-depth insights. It tailors the output to specific requirements, streamlining network management and decision-making with precise, customized data for efficient troubleshooting and enhanced control.

For more information, refer to the show bgp l2vpn evpn section in the VXLAN Commands document, Release 6.4.1.

Layer 3 Unidirectional Link Detection protocol (UDLD) support has been enabled.

The UDLD protocol monitors the physical links and detects when a unidirectional link exists. Upon detection, a user can either block the port or be notified of the link status based on the network administration configuration.

UDLD works in two different modes:

For more information, see the Unidirectional Link Detection Configuration section in the OcNOS Layer 3 Configuration guide, Release 6.4.1.

IP Infusion maintains an online technical support site that provides a variety of technical support programs for licensed OcNOS customers at http://www.ipinfusion.com/customer-support.

IP Infusion's maintenance customers and partners can access the support website. The site allows customers and partners to open technical support calls, update open calls with new information, and review the status of open or closed calls. The password-protected site includes technical documentation, Release Notes, and descriptions of service offerings.

For core commands and configuration procedures, visit: https://docs.ipinfusion.com/datacenter/

Contact the IP Infusion sales representative for more information about the OcNOS Service Providers solution.