Release Notes
Introduction
Overview
The OcNOS RON (Routed Optical Networking) product is a specialized solution based on the OcNOS network operating system. Leveraging the robust OcNOS network operating system, OcNOS RON combines IP routing and optical transport technologies to deliver a comprehensive solution for converged network environments. With advanced features and capabilities tailored for routed optical networks, OcNOS RON empowers organizations to build high-performance, scalable, and efficient optical networks while benefiting from the flexibility and programmability of IP routing.
OcNOS Software
OcNOS (Open Compute Network Operating System) is a network operating system designed to run on white-box network hardware, following the principles of disaggregated networking. OcNOS provides a software-based solution for network switches and routers, offering a flexible and open approach to networking.
Key Features of OcNOS:
• Disaggregated Networking
• Robust Protocol Support
• Network Virtualization
• Programmability and Automation
• High Availability and Resilience
• Scalability and Performance
OcNOS works with applications in diverse network environments, including data centers, service provider networks, enterprise networks, and cloud deployments. It provides an open and flexible environment, and extensive protocol support for software-defined networking (SDN) and disaggregated networks.
About this Release
OcNOS RON 6.3.5 resolves high-priority issues, includes enhancements, and improves the overall performance, efficiency, and stability of the OcNOS RON product.
This document provides a cumulative view of hardware and software features and functionality introduced in Release 6.3.x.
IP Maestro Support
Monitor devices running OcNOS Release 6.3.4-70 and above using IP Maestro software.
IPI Product Release Version
IP Infusion moved to a three-digit version from a two-digit release version. An integer indicates major, Minor, and Maintenance release versions. Build numbers are for internal tracking and verification of the software build process and will be visible to customers as part of the software version number.
Product Name: IP Infusion Product Family
Major Version: New customer-facing functionality represents a significant change to the code base; in other words, it is used to represent a significant marketing change or direction in the product.
Minor Version: Enhancements/extensions to existing features, external needs, or internal requirements might be motivated by improvements to satisfy new sales regions or marketing initiatives.
Maintenance Version: It is a collection of product bugs/hotfixes and is usually scheduled every 30 or 60 days, based on the number of hotfixes.
Release 6.3.5
Release 6.3.5 of OcNOS RON introduces the following new software features and enhanced functionalities. This section provides details on these features.
Support ZTP on data ports
Zero-touch provisioning (ZTP), or zero-touch enrollment, is enhanced to perform remote provisioning on two distinct cases: during the new device boot-up before OcNOS is up (ZTP1) or after a reboot of the pre-installed OcNOS device (ZTP2). The ZTP1 is supported only on the management interface and the first In-band port. However, the ZTP2 is supported on all out-of-band and in-band interfaces that are UP, but it does not support IPv6 in the 6.3.5 release.
For more information on ZTP, refer to the “Automatic Install using Zero Touch Provisioning” section in OcNOS Installation Guide, Release 6.3.5.
Support 100G and 200G OFEC in Coherent Optics
The coherent optics module is enhanced to support the following signal modulation formats:
• dp-qpsk-ofec Dual polarization quadrature phase shift keying with OFEC
• 8qam-200g-ofec 8-quadrature amplitude modulation format for 200G with OFEC
Release 6.3.4
Release 6.3.4 of OcNOS RON introduces the following new software features and functionalities. This section provides details on these features.
Modified Extended ACL Deny Rule Behavior in VTY
The existing Extended Access Control List (ACL) translation has been enhanced in this release. In general, the Virtual Teletype (VTY) ACLs are more specific to management protocols. Hence, the Extended ACL “Any” rule translation is modified to allow or deny management protocols under the following conditions:
• If the deny ACL rule includes any value in protocol, then only Telnet, SSH, NetConf-SSH protocols are denied.
• The permit ACL rule remains unchanged.
For more information of the Extended ACL Deny Rule, see the ACL OVER Virtual Terminal (VTY) Configuration section in System Management guide.
SFTP and SCP Enhancements
OcNOS now includes enhancements to the sys-update install and sys-update get functionalities by introducing support for Secure File Transfer Protocol (SFTP) and Secure Copy Protocol (SCP). These additions allow users to benefit from improved flexibility and security in managing software updates. These enhancements support IPv4 and IPv6 addresses and hostnames, helping network administrators and engineers.
For more information, refer to the Licensing and Upgrade Commands chapter in the OcNOS Licensing Guide, Release 6.3.4.
BGP VPNv4 Route Display Command
OcNOS introduces a new CLI command, show ip bgp vpnv4 all neighbors A.B.C.D routes, which enables users to view BGP VPNv4 routes for a specific neighbor. This addition provides users with improved visibility and control over their BGP VPNv4 routes, enhancing network monitoring and management capabilities.
For more information, refer to the show ip bgp vpnv4 command section in the OcNOS Layer 3 Guide, Release 6.3.4.
Release 6.3.3
Custom Syslog Port
Release 6.3.3 enhances the current ability to configure Syslog only on the default port and permits configuration on a custom port. The existing logging server CLI command has been enhanced to provide this additional capability. Typically, using the default port in a production network is not recommended. This feature enhancement allows for secure communications using a custom port as opposed to the default port, port 514, that is not considered secure.
Use the revised CLI to configure the custom port within the specified range for Syslog.
New CLI Syntax:
logging remote server (A.B.C.D|X:X::X:X|HOSTNAME) ((0|1|2|3|4|5|6|7)|) (port <1024-65535>|) (vrf management|)
no logging remote server (A.B.C.D|X:X::X:X|HOSTNAME) ((0|1|2|3|4|5|6|7)|) (port|) (vrf management|)
For more information of the Custom Syslog port, see the Custom Syslog Configuration and Syslog Commands sections in System Management guide.
Release 6.3.2
This release does not introduce any new hardware. This section will present an overview of the latest additions, highlighting their key capabilities and benefits. Below is a summary of the changes and enhancements in this release:
TACACS+ Security: Authorization before Authentication
In this release, the TACACS+ authentication request sequence was modified to improve interoperability with other vendors. Previously, the system would send the authorization request first and then the authentication request, causing compatibility issues with commercial TACACS servers. With the updated sequence, the system sends the authentication packet before the authorization request, ensuring seamless integration and compatibility with commercial TACACS servers from various vendors. This change enhances the overall performance and compatibility of the authentication process.
SNMP Server Engine ID
In this release, extended the support for Engine ID, which was previously limited to a default value generated from the MAC address. With the introduction of a new CLI, users can now configure the Engine ID to their specific requirements, enhancing customization and flexibility.
Release 6.3.1
Release 6.3.1 continues to support all new hardware and software features offered in Release 6.3.0.
Release 6.3.0
This release does not introduce any new hardware. However, Release 6.3.0 offers a range of new software features and enhancements to our product. This section offers a comprehensive overview of these additions, highlighting their key capabilities and benefits.
Erbium-Doped Fiber Amplifier (EDFA)
EDFA uses Erbium doped fiber as an amplification medium and is the most widely deployed in WDM systems. It can amplify multiple optical signals simultaneously. It is generally used in the C-band. OcNOS allows users to configure Operating mode (APC/AGC), change target out-power, and supports DDM functions and EDFA specific attributes like pump bias and gain.
OcNOS supports the following 100G/400G packet-optical pluggable EDFA modules:
• Edgecore ECPO-BA-A1 (Booster Amplifier)
• Edgecore ECPO-PA-A1 (Pre-Amplifier)
Fujitsu DCO module support
This release supports new digital coherent optics from Fujitsu, i.e., FOC (Fujitsu 200G Metro CFP2 MSA Transceiver) with part number FIM38760. It supports QPSK (200G, 100G) and 16QAM (200G) modulation formats.
DCO module support has the following limitations:
• Configurable attributes such as pulse-shaping TX, differential encoding, FEC-mode, threshold- pre-FEC-ber-signal degrade, threshold-pre-fec-ber-signal failure, threshold-pre-fec-ber-signal clear, threshold-Q-margin on the line side and FEC-type on host side are not supported.
• Runtime attributes such as PRBS-IN-SYNC, Current-Q-margin, current-provisioned-channel-pow, current-post-voa-provisioned-channel-pow, and current-ber-period are not supported.
• FAWS attributes such as pre-FEC-ber, Q-margin, and chromatic dispersion are not supported.
• Threshold monitoring attributes such as RX Q-margin threshold and PreFEC signal-failure threshold are not supported.
• Error counters, such as FEC-Uncorrected-Block-Count, are not supported.
Layer-2
Data Center Bridging (DCB)
Data Center Bridging (DCB) is enhanced to control lossy/lossless settings per port queues in the Ethernet local area network communication protocol used in data center environments.
Priority-based Flow Control (PFC) is a way that provides a link-level flow control mechanism that controls each frame priority independently. This mechanism ensures zero loss (lossless) under congestion in DCB networks.
Quality of service (QoS) works by default with lossy behavior, which is required to function with minimum bandwidth, shaping, and scheduling properly.
This release supports enabling PFC and QoS simultaneously, allowing the ability to control lossy/lossless settings per port queues.
Layer-3
Static Route Object Tracking using IP SLA
Static Route Object Tracking with IP SLA is a feature that allows monitoring a static route's reachability status through IP SLA.
Static route object tracking has the following limitations:
• Leaked static routes do not support object tracking.
• Five hundred tracked objects is the maximum supported number.
• When a static route enables BFD and object tracking, the system will not install the route if either BFD or the tracked object goes down.
VRRP Route Advertisement for IPv6
As per RFC 5798, the Count IPvX address field in the VRRP packet indicates the number of either IPv4 or IPv6 addresses contained in a VRRP advertisement (the minimum value is 1). In the case of VRRP for IPv6, the first address must be an IPv6 link-local address associated with the virtual router. Supports one additional IPv6 address as a Virtual IP, which becomes a global IPv6 address.
Multicast
PIM ECMP Redirect (IPv4)
Protocol Independent Multicast - Equal-Cost Multipath (PIM ECMP) Redirect enables equal-cost multipath routing for IPv4 multicast traffic. Customers benefit from enhanced performance, load balancing capabilities, and network resilience. It is used in scenarios with high-volume multicast traffic, the need for network redundancy, and scalable multicast deployments.
Multi-Protocol Label Switching (MPLS)
RSVP Facility Backup
RSVP supports multiple path protection mechanisms including facility backup. With facility backup protection, N number of LSPs sharing the common path can be protected using one bypass tunnel, which leads to better resource utilization.
RFC 4090 describes the extensions on fast reroute extensions to RSVP-TE for LSP tunnels, which include the facility backup protection mechanism.
NetConf
Confirmed Commit CLI
The confirm commit feature conforms to NetConf (RFC 6241). This feature commits the configuration on a trial basis. If a customer does not confirm the changes within the default timeout of 300 seconds, the configuration will revert to its previous state. A customer can manually revert the configuration changes before the default timeout.
The confirm commit capability helps mitigate risks, maintain configuration accuracy, and support change control processes. Customers can use it in complex environments, during change management processes, or to meet compliance and auditing requirements.
The confirm commit feature has the following limitations:
• OcNOS RON supports a maximum of one confirmed commit. It does not support multiple or parallel confirm commit transactions in multiple sessions.
• Confirm commit persistent parameters are not supported. Since it is used to, issue a follow-up confirmed commit from any session, transactions do not survive over session disconnects.
• The confirm commit CLI timeout parameter is not supported. Since it is used to reset the timer during transactions, timeout extensions are not supported.
Improvements in CLI error messages
OcNOS has added the ability to choose an error message displayed in Xpath notation or CLI command string. The Xpath path notation example is as follows:
OcNOS(config-router)#commit
% Configuration “ /ospfv2/processes/process[ospf-id=’10’]/areas/area[area-id=’3.3.3.3’]/ interfaces/interface[name=’eth3’]/vrf-name” depends on “/ospfv2/global/config/area- interface-config-mode”
% Failed to commit .. As error(s) encountered during commit operation…
CLI command example is as follows:
OcNOS(config-router)#commit
% Configuration “ area <value-option> interface <value-option>” depends on “ ospf area- interface-config-mode”
% Failed to commit .. As error(s) encountered during commit operation…
OcNOS#cmlsh cli-format enable
System Management
DHCP Server (IPv4 and IPv6)
A Dynamic Host Configuration Protocol (DHCP) server on a network automates the process of assigning IP addresses, default gateways, and other network parameters to client devices. It employs the DHCP as the standard protocol to respond to client queries and provide essential network information. It offers properties to start and stop the DHCP server. OcNOS utilizes the open-source package "isc-dhcpd-4.4.1." In a single VRF instance, run only one IPV4 and one IPv6 DHCP server. An OcNOS router can accommodate a maximum of 256 IPv4 and 256 IPv6 DHCP server instances.
DHCP-Option 82 (IPv4)
While forwarding client-initiated DHCP packets to the server, the DHCP relay agent inserts the relay agent information option, Option 82. Typically, the relay agent removes this option during Reply, yet a configuration option must be available to override this default behavior.
VXLAN
EVPN VXLAN- L2CP on EVPN Access
EVPN VXLAN-L2CP on EVPN Access enables the transport of Layer 2 Control Protocol (L2CP) traffic over an EVPN (Ethernet Virtual Private Network) with VXLAN (Virtual Extensible LAN) in an access network environment.
When deploying EVPN with VXLAN in an access network, transporting L2CP traffic across the VXLAN overlay becomes necessary to maintain seamless connectivity and proper functioning of these control protocols.
By supporting EVPN VXLAN-L2CP on EVPN Access, the network infrastructure allows L2CP traffic to be carried over the VXLAN tunnel between the access switches. This ensures that essential control plane protocols can traverse the EVPN overlay network, providing consistent and uninterrupted communication between Layer2 devices across the Edge devices or VTEPs.
The benefits of EVPN VXLAN-L2CP on EVPN Access include:
• Seamless control protocol operation
• Improved network stability and convergence
• Simplified management and troubleshooting
Technical Support
IP Infusion maintains an online technical support site that provides a variety of technical support programs for licensed OcNOS customers at
https://www.ipinfusion.com/support/.IP Infusion’s maintenance customers and partners can access the Support Website. The site allows customers and partners to open technical support calls, update open calls with new information, and review the status of open or closed calls. The password-protected site includes technical documentation, Release Notes, and descriptions of service offerings.
Technical Documentation
For information on core commands and configuration procedures, visit:
https://docs.ipinfusion.com/routed-optical-networking/ Technical Sales
For more information about the OcNOS Routed Optical Networking solution, contact IP Infusion sales representative.