OcNOS also drastically reduces operational costs as it can be used to address multiple solutions such as Data Center, Optical Transport, Cell Site Router, Provider Aggregation, and Passive Optical Networks.

Open Compute Network Operating System (OcNOS) is a network operating system designed to run on Commercial Off-The-Shelf (COTS) platforms, following the principles of disaggregated networking. OcNOS provides a software-based solution for network switches and routers, offering a flexible and open approach to networking.

Key benefits of OcNOS:

OcNOS works with applications in diverse network environments, including data centers, service provider networks, enterprise networks, and cloud deployments. It provides an open, flexible environment, extensive protocol support for software-defined networking (SDN) and disaggregated networks.

Release 6.6.1 offers new software enhancement features.

OcNOS DC Release 6.6.1 introduces several software features, and product enhancements.

This feature supports for VXLAN Integrated Routing and Bridging (IRB) on TD4-based platforms. It enables routing between VXLAN segments directly at the leaf switch by leveraging IRB interfaces, allowing seamless Layer 2 and Layer 3 connectivity across VXLAN overlays.

For more details, refer to the VxLAN IRB section in the OcNOS VxLAN Guide, Release 6.6.1.

This feature introduces support for running Single Hop BFD sessions over Integrated Routing and Bridging (IRB) interfaces using a new CLI option: bfd session software. This enhancement, designed for interoperability with legacy routers that lack hardware BFD support, enables BFD operation entirely in the control plane. Each session maintains its local discriminator, state variables, and state machine, ensuring failure detection and compatibility in mixed hardware environments.

For more details, refer to the Single Hop BFD over IRB section in the OcNOS VxLAN Guide, Release 6.6.1.

OcNOS enhances BGP Large Communities (LC), allowing networks to tag routes with 12-byte identifiers. This makes it easier to manage routing policies across large-scale, multi-domain, and multi-vendor environments. LC provides a clean, structured way to group and control routes, especially when standard or extended communities aren't enough. Users can match, set, or delete Large Community values in route-maps and apply policies to neighbors like other community types. This feature gives operators flexibility, simplifies policy management, and helps ensure consistent behavior across complex networks.

For more details, refer to the BGP Large Communities section from the OcNOS Layer 3 Guide, Release 6.6.1.

OcNOS is enhanced to support of Data Center Bridging (DCB) for Layer 3 (L3) interfaces to eliminate the current dependency on Layer 2 (L2) interfaces.

Presently, OcNOS supports to configure DCB features on both L2 and L3 interfaces seamlessly.

The enhancement specifically includes support for Priority-based Flow Control (PFC) and Data Center Bridging Exchange (DCBX) over L3 interfaces using LLDPv2.

The Priority-based Flow Control (PFC) over L3 interface introduces the following configuration commands.

The following CLIs are applicable to L3 interfaces in addition to L2 interfaces from release 6.6.1.

Below are the revised commands. For more details, refer to CLI section.

Both the CLI’s command syntax are updated to add “all” attribute which displays PFC enabled L2 and L3 interfaces in the show output.

For more information refer to Data Center Bridging Configuration sections in OcNOS Layer 3 Configuration Guide Release 6.6.1

OcNOS introduces the signal integrity (SI) tuning commands to provide fine-grained control of the following physical layer level features:

The phy dfe enable command activates adaptive receiver feedback equalization to compensate for inter-symbol interference (ISI).

Use cases:

The phy link-training enable command activates adaptive training frames for dynamic equalization during link initialization.

Use Cases:

The phy unreliable-los enable command facilitates masking of short-duration LOS events to prevent link flaps caused by transient disturbances.

Use cases:

For more details, refer to the Interface Commands section in the System Management Guide, Release 6.6.1.

The new gi-addr and src-ip-addr parameters are added to enhance the ip dhcp relay command. When both of these parameters are executed, it configures the gateway interface (GI) address and specifies it as the source IP address for the DHCP relay packets. When a router functions as a DHCP relay, the GI address distinguishes between different subscriber interfaces and between the defined group interfaces.

For more details, refer to the Dynamic Host Configuration Protocol Relay section in the System Management Guide, Release 6.6.1.

OcNOS supports CPU monitoring for streaming telemetry. When enabled (default), the system actively tracks CPU utilization and pauses telemetry subscriptions if usage exceeds a configurable threshold. This reduces telemetry-related CPU usage when the 5-minute average exceeds the threshold, allowing critical functions, such as control plane applications, to retain sufficient CPU resources. The gNMI server resumes normal operation once CPU usage returns to safe levels.

For more details, refer to the Streaming Telemetry CPU Monitoring section in the OcNOS Streaming Telemetry Guide, Release 6.6.1.

OcNOS adds support for new IPI data model paths that extend telemetry visibility across BGP peers, interfaces, VPRN/VRF, IS-IS, VRRP, IP-SLA, LAGs or Bonds, and sub-interfaces. The added support includes administrative and operational state, protocol metrics, and performance indicators such as latency and packet loss. These enhancements improve real-time monitoring and diagnostics of critical services and protocols.

For more details, refer to the IPI Data Models section in the OcNOS Streaming Telemetry Guide, Release 6.6.1.

OcNOS offers improved internal caching in the gNMI server to reduce CPU utilization during telemetry streaming. The optimization enables stable performance at higher scales (up to 1k sensor paths), ensures streamed data is the latest from the source, and prevents stream disconnections. This enhances control-plane stability during heavy monitoring operations.

For more details, refer to the gNMI Server Cache Optimization section in the OcNOS Streaming Telemetry Guide, Release 6.6.1.

Support for traffic mirroring using ERSPAN is extended to the following XGS platforms: Trident 4 and Tomahawk 4.

For more details on the supported scenarios for each board type, refer to the Traffic Mirroring using ERSPAN section in the OcNOS Key Features document, Release 6.6.1.

OcNOS has enhanced the existing functionality by increasing the maximum number of peers that can be configured in a BGP dynamic peer-group. The supported limit has been raised from 200 to 512 peers.

For more details, refer to the BGP Configuration section of the Layer 3 Guide, Release 6.6.1.

This enhancement introduces a new CLI parameter learn-disable, with the MAC access-list filter topic. Enabling this command prevents the learning of new MAC addresses, when configured with hardware profile filters.

For more information refer to the mac access-list filter section in the OcNOS System Management Guide, Release 6.6.1.

OcNOS introduces the MAC Limit feature for EVPN, enabling control of MAC address learning at the EVI and per-AC levels across VxLAN underlays. Per-AC limits track MAC addresses learned from Customer Edge (CE) to Provider Edge (PE) or Virtual Tunnel Endpoint (VTEP), while EVI limits encompass all MACs, including those from ACs and BGP. Configurable actions include logging for both EVI and AC limit breaches and error-disabling for ACs, with high/low watermark thresholds for syslog notifications and recovery timers for error-disabled ACs. This software-based feature halts MAC learning upon reaching limits without stopping flooding, enhancing network stability and security.

For more details, refer to the MAC Limit Enforcement at EVI and AC for EVPN-VxLAN section in the OcNOS Virtual Extensible LAN Guide, Release 6.6.1.

The check for uniqueness of the key attributes is already enforced in datamodel check and the validation of CLI / NetConf configurations is done by CML validation layer. However, sometimes even some non-key attributes need to be unique within a list. With the unique datamodel support, the uniqueness in YANG lists with non-key attributes is also checked by a CML validation layer. The check is defined in the CML datamodel XML, validated by the CMLd.

For more details, refer to the YANG Unique Datamodel Support section in the NetConf User Guide, Release 6.6.1.

A command syntax #show xml|json candidate-config-diff has been introduced to show the difference between candidate configuration and running configuration in Custom NetConf Remote Procedure Calls (RPC).

For more details, refer to the Common Management Layer Commands section in the OcNOS System Management Guide, Release 6.6.1.

The all parameter for the no match cos (WORD|all) and no match cos inner (WORD|all) commands are removed to explicitly specify the cos value as an individual or as a range.

For more information refer to the Quality of Service Commands section in OcNOS Quality of Service Guide Release 6.6.1.

The ip source-interface and ipv6 source-interface are updated with new default port numbers 123,162,1812,49, and 514 parameters to configure multiple ports for the same protocol.

For more details, refer to the Source Interface Commands section in the OcNOS Layer 3 Guide, Release 6.6.1.

OcNOS now supports the kdump-tools package, streamlining kernel crash dump setup and management. This feature configures kdump to capture system memory (vmcore) during kernel failures, aiding post-mortem debugging. Systems with over 8GB of memory reserve 256MB for a secondary kernel during crashes; kdump is disabled on systems with less than 8GB. This software update works seamlessly with existing Linux setups, enhancing kernel diagnostics without hardware changes.

For more details, refer to the Debugging Kernel Crash section in the OcNOS Troubleshooting Guide, Release 6.6.1.

OcNOS introduces new alarm types in the Fault Management System (FMS). This enhances the network monitoring capability. It also enables precise tacking of critical system components, improving fault detection and operational reliability. The new alarms include:

CMM_MONITOR_ENTITY_PRESENCE: Monitors the presence of entities within the system.

CMM_CMIS_MODULE_MONITOR: Tracks the operational status of the Common Management Information Service (CMIS) module.

CMM_CMIS_MODULE_MEDIA_LANE_MONITOR: Observes the media lane performance within the CMIS module.

CMM_CMIS_MODULE_HOST_LANE_MONITOR: Monitors the host lane functionality within the CMIS module.

For more details, refer to the Fault Management System Configuration section in the OcNOS System Management Guide, Release 6.6.1.

The sFlow sampling feature has been enhanced to support configurable sampling directions — ingress, egress, or both. This enhancement is available in both the global sFlow configuration mode and the interface-level sFlow configuration mode.

A new CLI sub-menu has been introduced under sFlow sampling to consolidate related attribute configurations. Additionally, a new attribute is added to the interface-level sFlow configuration, allowing users to enable or disable sampling for a specific direction.

The show sflow details CLI command output has also been updated with a new column to display the active sampling direction.

For more information refer to Configuring sFlow Sampling Direction and Rate and sflow commands sections in OcNOS System Management Guide Release 6.6.1.

This release introduces Dynamic Load Balancing (DLB), designed to optimize traffic distribution across Equal-Cost Multi-Path (ECMP) groups in AI/ML data center environments. Unlike traditional static hash-based methods, DLB dynamically monitors real-time link utilization and adaptively allocates or reassigns flows to prevent congestion and improve bandwidth efficiency.

This feature ensures optimal network utilization and performance, especially under high-volume AI/ML workloads that require reliable, congestion-free data transfers.

For more information, refer to the Dynamic Load Balancing Based on ROCEV2 Destination-QPAIR section in the OcNOS System Management Guide Release 6.6.1.

To allow an IPv4 and IPv6 prefix list creation without any action associated with it, a new module Prefix-Group has been implemented. To dynamically reference values from the system configuration, a feature Match XPath has been introduced where the match-xpath configuration is added in the CLI in addition to IPv4 and IPv6 addresses directly on prefixes group creation. This feature dynamically generates prefix list entries based on XPath and makes the configuration more flexible and reusable.

For more details, refer to the Dynamic and Static Prefix-Group with Match XPath Configuration section in the OcNOS System Management Guide, Release 6.6.1.

This section discusses the new hardware introduced in the Release OcNOS 6.6.1.

OcNOS supports UfiSpace S9321-64E, a high-performance 51.2 Tbps data center switch with Tomahawk5 BCM78900.

It supports the following:

For more information, refer to the S9321-64E Port Mapping section in the OcNOS UfiSpace Installation Guide, Release 6.6.1.

For more details on the ASIC Model, Ports, SKU, and Hardware Revision, refer to the OcNOS Hardware Compatibility List.

OcNOS supports Edgecore AS9817-64D, a high-performance 51.2 Tbps data center switch with Tomahawk 5 BCM78900.

It supports the following:

For more information, refer to the AS9817-64D Port Mapping section in the OcNOS EdgeCore Installation Guide, Release 6.6.1.

For more details on the ASIC Model, Ports, SKU, and Hardware Revision, refer to the OcNOS Hardware Compatibility List.

OcNOS DC Release 6.6.0 introduces several software features, and product enhancements along with support for a few new hardware device.

A new option to encrypt sensitive information, such as authentication keys, using the Advanced Encryption Standard (AES) algorithm is now available in OcNOS. Previously, sensitive data was encrypted using the 3DES algorithm by default. With this update, users can configure AES encryption for enhanced data security.

The AES encryption option provides improved confidentiality and integrity for sensitive data stored in the OcNOS database, particularly for routing protocols such as BGP, OSPF, RIP, IS-IS, LDP, BFD, MSDP, and RADIUS authentication.

For more information, refer to the User Config AES Encryption section in the OcNOS System Management Guide, Release 6.6.0.

The TR3 boards significantly enhance IPv6 multicast capabilities by integrating PIM-Sparse Mode (PIM-SM) with a centralized Rendezvous Point (RP) for optimized routing, the Bootstrap Router (BSR) mechanism for automated RP distribution, and static RP configuration for improved control and redundancy. PIM Source-Specific Multicast (PIM-SSM) eliminates the need for RPs, streamlining source-specific routing. Multicast Listener Discovery (MLD) enables efficient MCASTv6 group membership management, while MLD snooping ensures multicast streams reach only interested hosts, reducing network load. These advanced features, combined with IPv6 multicast support across XGS devices including TD3-X3, TD3-X5, TD3-X7, TH3, TH2, TH, and TH+ models enable scalable, efficient, and controlled MCASTv6 network operations.

For more information, refer to the MLD Configuration section in the OcNOS Multicast Configuration Guide, Release 6.6.0.

Prior to version 6.6.0, all sessions displayed logging messages by default, and there was no option to disable this feature globally. The new command [no] terminal monitor default enables users to either enable or disable logging messages globally, ensuring that new sessions reflect the desired behavior without the need for manual configuration every time.

For more details, refer to the Basic Commands section in the OcNOS System Management Guide, Release 6.6.0.

The existing OcNOS IPI-CMM-CHASSIS-MIB.txt file is deprecated. Renamed IPI-CMM-CHASSIS-V2-MIB.txt file to IPI-CMM-CHASSIS-MIB.txt.

To get the latest MIB files, visit the IPInfusion GitHub repository.

The diff_ignore_lines argument now supports regular expressions and exact line matches, providing flexibility in ignoring dynamically updated configuration lines. Previously, it could only ignore specific lines but lacked pattern-matching capabilities. This enhancement allows users to specify regex patterns for dynamic values or plain strings for static entries, giving better control over configuration management and reducing unnecessary diffs in automated workflows.

For more details, refer to the OcNOS Ansible Guide, Release 6.6.0.

Enhanced the following CLI commands by providing additional information for clarity:

For more details, refer to the Commit-Confirmed and Commit Rollback sections in the OcNOS System Management Guide, Release 6.6.0.

OcNOS supports wildcard capability in streaming telemetry sensor paths to subscribe automatically to multiple components with minimal configuration. Users can dynamically include all appropriate components automatically using wildcard-based sensor paths, reducing operational complexity and increasing scalability. The system automatically streams and monitors telemetry for newly included components with the wildcard pattern. This feature increases Dial-In and Dial-Out telemetry mode flexibility, enhancing network monitoring efficiency.

For more details, refer to the Wildcard Support in Sensor Paths section of the OcNOS Streaming Telemetry Guide, Release 6.6.0.

OcNOS now enables streaming telemetry across multiple Virtual Routing and Forwarding (VRF) instances, allowing users to manage data for up to four VRFs simultaneously. This enhancement improves efficiency and monitoring capabilities within the network.

For more details, refer to the feature streaming-telemetry section of the OcNOS Streaming Telemetry Guide, Release 6.6.0.

OcNOS enhances user control over telemetry maximum subscriptions and minimum sampling intervals. Users can manage the sensor path subscriptions using the command telemetry maximum-subscribe-paths, which allows customized monitoring based on specific operational needs. Users set the minimum sampling interval across all VRF instances within a range from 10 to 36000 seconds using the telemetry minimum-sample-interval command. These enhancements help users optimize resource usage while ensuring timely data collection.

For more details, refer to the telemetry maximum-subscribe-paths and telemetry minimum-sample-interval commands in the OcNOS Streaming Telemetry Guide, Release 6.6.0.

OcNOS now supports VRF-specific telemetry display in the show streaming-telemetry command by adding the optional parameters (vrf (NAME|management)|). This update allows users to view telemetry details for specific or all configured VRFs, improving data accessibility and readability.

OcNOS has removed the (vrf (NAME|management)|) parameters from the debug telemetry gnmi command, enabling users to debug gNMI telemetry and configure tunnel-server retry intervals across all VRFs without specifying a VRF name.

The grpc-tunnel-server retry-interval command is moved under the streaming-telemetry feature sub-mode; hence, retry-interval can be set per VRF.

For more details, refer to the individual commands in the streaming telemetry commands section of the OcNOS Streaming Telemetry Guide, Release 6.6.0.

Before OcNOS version 6.6.0, the gNMI Subscribe RPC response timestamp indicated when the gNMI server sent the response packet. In OcNOS version 6.6.0, the timestamp shows when the protocol modules collect the streamed data, providing accurate telemetry, improving synchronization and event correlation, and ensuring precise real-time network analysis.

OcNOS supports streaming telemetry over Transport Layer Security (TLS), ensuring secure, encrypted telemetry data transmission between the gNMI server (OcNOS Target) and gNMI client (Collector). This feature protects telemetry streams from unauthorized access, interception, and tampering while maintaining real-time network monitoring. Users can configure TLS with server, client, and CA certificates, define sensor groups, and establish secure subscriptions with a customizable sample interval. The system also supports an optional insecure TLS mode, allowing certificate validation only when provided. This enhancement improves security, compliance, and reliability in network telemetry streaming.

For more details, refer to the Streaming Telemetry Over Transport Layer Security section in the OcNOS Streaming Telemetry Guide, Release 6.6.0.

OcNOS supports the gNMI Get RPC operation with JSON-IETF encoding, expanding its management capabilities alongside the existing Subscribe operation. This enhancement allows users to retrieve Config, State, and Operational data via the gNMI interface. Since State and Operational data are the same in OcNOS, the system fetches state data for both types when requested. This update improves flexibility and interoperability, enabling more efficient retrieval of network configuration and status information.

For more details, refer to the Get RPC section in the OcNOS Streaming Telemetry Guide, Release 6.6.0.

OcNOS now enforces XPath formatting rules for gNMIc subscription commands in Dial-In mode. String keys must be enclosed in double quotes (""), while integer keys must be provided without quotes to ensure correct parsing. Implicit wildcard keys can be specified with or without single quotes. These rules improve command consistency, prevent syntax errors, and enhance compatibility with gNMI-based telemetry subscriptions.

For more details, refer to the XPath Formatting Rules section in the OcNOS Streaming Telemetry Guide, Release 6.6.0.

OcNOS adds support for additional IPI and OpenConfig data model modules and new transceiver states in the ipi-platform data modules. The new modules ipi-lldpv2, ipi-bfd, ipi-vrf, ipi-qos, ipi-bgp, ipi-isis, ipi-rib, and oc-cmis enhance visibility into the operational status and attributes of various components.

For more details, refer to the IPI Data Models and OpenConfig Data Models sections in the OcNOS Streaming Telemetry Guide, Release 6.6.0.

Encapsulated Remote Switched Port Analyzer (ERSPAN) is a function used for monitoring network traffic. It utilizes Generic Routing Encapsulation (GRE) based tunneling mechanism to transport mirrored traffic from the source to the destination over Layer 3 IP network.

Using ERSPAN, you can monitor both ingress and egress traffic, and the mirrored traffic can be sent to a remote monitoring device for analysis without being restricted by Layer 2 boundaries.

For more information, refer to the Traffic Mirroring using ERSPAN section in the OcNOS Key Features document, Release 6.6.0.

OcNOS provides support for sending SYSLOG messages over SNMP traps.

For more information, refer to Syslog Commands in the OcNOS System Management Guide, Release 6.6.0.

OcNOS introduces a new recursive parameter in the ip route and ipv6 route commands, allowing users to enable recursive lookup behavior for the next-hop in each static route. This behavior is disabled by default. As part of this change, any existing static route configurations will become non-recursive after upgrading to 6.6.0. To make static routes recursive, reconfigure static routes using the recursive option.

Additionally, the egress interface for static routes in a VRF instance is now optional, enhancing configuration flexibility.

For more information, refer to the Fundamental Layer 3 Commands section in the OcNOS Layer 3 Guide, Release 6.6.0.

OcNOS supports IP ACL configuration on the IRB interface attached to the VxLAN EVPN topology. It enables traffic filtering for the routed packets using the IRB interface.

For more details, refer to the ACL on IRB Interface Over VXLAN EVPN section in the System Management Guide, Release 6.6.0.

OcNOS introduces a new bfd multihop-peer interval command to facilitate the global configuration of timers for all multi-hop BFD sessions.

For more information refer to the Bidirectional Forwarding Commands section in OcNOS Layer 3 Guide, Release 6.6.0.

The maximum range for bfd slow-timer <1000-30000> command has changed to bfd slow-timer <1000-1703>, and the default slow timer interval has changed from 2000 to 1703 milliseconds.

For more information refer to the Bidirectional Forwarding Commands section in OcNOS Layer 3 Guide, Release 6.6.0.

The test-signal frame-size command has changed to frame-size, without change in the functionality. Two new commands cir and eir are added to help configure the committed information rate (CIR) and excess information rate (EIR) respectively.

For more information refer to the CFM Commands section in OcNOS Carrier Ethernet Guide, Release 6.6.0.

The time range for the switchover type revertive command has changed from <1-255> to <1-3600>, allowing configuration of a broader range of revertive time.

For more information refer to the Multi-Chassis Link Aggregation Commands section in the OcNOS Layer 2 Guide.

OcNOS introduces new restrictions for BGP peer groups, affecting peer binding and activation. These restrictions apply to IPv4, IPv6, and unnumbered peer groups, ensuring configuration controls.

For more details refer to the neighbor peer-group command in the BGP Commands section of the OcNOS Layer 3 Guide, Release 6.6.0.

OcNOS introduces a new parameter, cl108, for the FEC command to support the configuration of 64/66b 5T low-latency Reed-Solomon (RS) Forward Error Correction (FEC) on designated physical ports. This enhancement improves data transmission reliability and efficiency in fabric environments.

For more details, refer to the fec command in the Interface Commands section of the OcNOS System Management Guide, Release 6.6.0.

OcNOS introduces a Global Configuration mode to streamline network configuration by allowing centralized management of key parameters such as PCH load-balance, load-interval, L2 protocol tunnel, sFlow sampling rate and poll interval, Interface MTU, and LLDP settings for all LLDP-enabled interfaces. This configuration mode ensures consistent configurations across the network.

For more information, refer to Link Layer Discovery Protocol v2 Commands section in the OcNOS Layer 2 Guide, Release 6.6.0.

OcNOS introduces the show hsl evpn multihoming esi command, allowing customers to efficiently monitor the HSL state for ES-LAG connections. This enhancement provides improved visibility and simplifies troubleshooting, ensuring better network management and operational efficiency.

For more information, refer to the VXLAN Commands section in the OcNOS Layer 3 Guide, Release 6.6.0.

OcNOS previously limited support for System Management protocols to the Default and Management VRFs. This support has been extended to address more flexible deployment needs to allow the below protocols to operate within user-defined VRFs. This enhancement improves management plane connectivity and enables better customization for a broader range of network environments:

For more information, refer to the OcNOS System Management Guide, Release 6.6.0.

This section provides the new hardware details introduced in the OcNOS 6.6.0 release.

OcNOS supports the UfiSpace S9300-32D hardware, a high-performance white box switch designed for modern data center networks with rich features, multiple protocols support, and run-time programmability, enabling high performance in the most demanding environments. It supports centralized management of computing resources with efficient Ethernet connectivity.

It supports the following:

For more details on the ASIC Model, Ports, SKU, and Hardware Revision, refer to the OcNOS Hardware Compatibility List.

For port mapping information, refer to UfiSpace Installation Guide, Release 6.6.0

To ensure product security, OcNOS undergoes rigorous vulnerability scanning and promptly addresses any issues that are found. OcNOS version 6.6.0 provides a detailed list of CVEs that are included in the OcNOS Security Updates document. In addition, request a detailed OcNOS Security Guide from the IPI sales team.