From 2628cefceb05031639613f34370c29c6a608539f Mon Sep 17 00:00:00 2001 From: cumulusAnia Date: Mon, 11 Dec 2023 16:03:01 -0800 Subject: [PATCH] add DHCP options --- .../DHCP/DHCP-Relays.md | 18 +++++++++ .../DHCP/DHCP-Servers.md | 2 + .../Protocol-Independent-Multicast-PIM.md | 28 ++++++------- .../Synchronous-Ethernet-SyncE.md | 8 ++-- .../Date-and-Time/_index.md | 6 ++- content/cumulus-linux-57/Whats-New/_index.md | 39 ++++++++++++------- 6 files changed, 66 insertions(+), 35 deletions(-) diff --git a/content/cumulus-linux-57/Layer-1-and-Switch-Ports/DHCP/DHCP-Relays.md b/content/cumulus-linux-57/Layer-1-and-Switch-Ports/DHCP/DHCP-Relays.md index f406402923..49e1f507cc 100644 --- a/content/cumulus-linux-57/Layer-1-and-Switch-Ports/DHCP/DHCP-Relays.md +++ b/content/cumulus-linux-57/Layer-1-and-Switch-Ports/DHCP/DHCP-Relays.md @@ -114,6 +114,21 @@ Cumulus Linux supports DHCP Agent Information Option 82, which allows a DHCP rel To configure DHCP Agent Information Option 82: +{{< tabs "TabID117 ">}} +{{< tab "NVUE Commands ">}} + +The following example enables Option 82, enables circuit ID, and sets the remote ID to MAC address 44:38:39:BE:EF:AA: + +``` +cumulus@leaf01:~$ nv set service dhcp-relay agent enable on +cumulus@leaf01:~$ nv set service dhcp-relay default agent remote-id 44:38:39:BE:EF:AA +cumulus@leaf01:~$ nv set service dhcp-relay agent use-pif-circuit-id enable on +cumulus@leaf01:~$ nv config apply +``` + +{{< /tab >}} +{{< tab "Linux Commands ">}} + 1. Edit the `/etc/default/isc-dhcp-relay-default` file and add one of the following options: To inject the ingress *SVI interface* against which DHCP processes the relayed DHCP discover packet, add `-a` to the `OPTIONS` line: @@ -149,6 +164,9 @@ To configure DHCP Agent Information Option 82: cumulus@leaf01:~$ sudo systemctl restart dhcrelay@default.service ``` +{{< /tab >}} +{{< /tabs >}} + ### Control the Gateway IP Address with RFC 3527 When you need DHCP relay in an environment that relies on an anycast gateway (such as EVPN), a unique IP address is necessary on each device for return traffic. By default, in a BGP unnumbered environment with DHCP relay, the source IP address is the loopback IP address and the gateway IP address is the SVI IP address. However with anycast traffic, the SVI IP address is not unique to each rack; it is typically shared between racks. Most EVPN ToR deployments only use a single unique IP address, which is the loopback IP address. diff --git a/content/cumulus-linux-57/Layer-1-and-Switch-Ports/DHCP/DHCP-Servers.md b/content/cumulus-linux-57/Layer-1-and-Switch-Ports/DHCP/DHCP-Servers.md index 7b8ed06a65..4233f958f5 100644 --- a/content/cumulus-linux-57/Layer-1-and-Switch-Ports/DHCP/DHCP-Servers.md +++ b/content/cumulus-linux-57/Layer-1-and-Switch-Ports/DHCP/DHCP-Servers.md @@ -54,6 +54,8 @@ cumulus@switch:~$ nv config apply To set the DNS server IP address and domain name globally, use the `nv set service dhcp-server domain-name-server
` and `nv set service dhcp-server domain-name ` commands. +To set the interface name instead of the static IP address and MAC address, run the `nv set service dhcp-server static ifname` command. + {{< /tab >}} {{< tab "IPv6 ">}} diff --git a/content/cumulus-linux-57/Layer-3/Protocol-Independent-Multicast-PIM.md b/content/cumulus-linux-57/Layer-3/Protocol-Independent-Multicast-PIM.md index aa0f38cd8c..18cacf3a18 100644 --- a/content/cumulus-linux-57/Layer-3/Protocol-Independent-Multicast-PIM.md +++ b/content/cumulus-linux-57/Layer-3/Protocol-Independent-Multicast-PIM.md @@ -61,7 +61,7 @@ cumulus@leaf01:~$ nv set router pim enable on cumulus@leaf01:~$ nv set interface vlan10 router pim cumulus@leaf01:~$ nv set interface vlan10 ip igmp cumulus@leaf01:~$ nv set interface swp51 router pim -cumulus@leaf01:~$ nv set vrf default router pim address-family ipv4-unicast rp 10.10.10.101 +cumulus@leaf01:~$ nv set vrf default router pim address-family ipv4 rp 10.10.10.101 cumulus@leaf01:~$ nv config apply ``` @@ -73,7 +73,7 @@ cumulus@leaf02:~$ nv set router pim enable on cumulus@leaf02:~$ nv set interface vlan20 router pim cumulus@leaf02:~$ nv set interface vlan20 ip igmp cumulus@leaf02:~$ nv set interface swp51 router pim -cumulus@leaf02:~$ nv set vrf default router pim address-family ipv4-unicast rp 10.10.10.101 +cumulus@leaf02:~$ nv set vrf default router pim address-family ipv4 rp 10.10.10.101 cumulus@leaf02:~$ nv config apply ``` @@ -84,7 +84,7 @@ cumulus@leaf02:~$ nv config apply cumulus@spine01:~$ nv set router pim enable on cumulus@spine01:~$ nv set interface swp1 router pim cumulus@spine01:~$ nv set interface swp2 router pim -cumulus@spine01:~$ nv set vrf default router pim address-family ipv4-unicast rp 10.10.10.101 +cumulus@spine01:~$ nv set vrf default router pim address-family ipv4 rp 10.10.10.101 cumulus@spine01:~$ nv config apply ``` @@ -235,8 +235,8 @@ The above commands configure the switch to send all multicast traffic to RP 10.1 {{< tab "NVUE Commands ">}} ``` -cumulus@leaf01:~$ nv set vrf default router pim address-family ipv4-unicast rp 10.10.10.101 group-range 224.10.0.0/16 -cumulus@leaf01:~$ nv set vrf default router pim address-family ipv4-unicast rp 10.10.10.102 group-range 224.10.2.0/24 +cumulus@leaf01:~$ nv set vrf default router pim address-family ipv4 rp 10.10.10.101 group-range 224.10.0.0/16 +cumulus@leaf01:~$ nv set vrf default router pim address-family ipv4 rp 10.10.10.102 group-range 224.10.2.0/24 ``` {{< /tab >}} @@ -266,8 +266,8 @@ cumulus@leaf01:~$ nv set router policy prefix-list MCAST1 rule 1 match 224.10.0. cumulus@leaf01:~$ nv set router policy prefix-list MCAST2 rule 1 action permit cumulus@leaf01:~$ nv set router policy prefix-list MCAST2 rule 1 match 224.10.2.0/24 cumulus@leaf01:~$ nv config apply -cumulus@leaf01:~$ nv set vrf default router pim address-family ipv4-unicast rp 10.10.10.101 prefix-list MCAST1 -cumulus@leaf01:~$ nv set vrf default router pim address-family ipv4-unicast rp 10.10.10.102 prefix-list MCAST2 +cumulus@leaf01:~$ nv set vrf default router pim address-family ipv4 rp 10.10.10.101 prefix-list MCAST1 +cumulus@leaf01:~$ nv set vrf default router pim address-family ipv4 rp 10.10.10.102 prefix-list MCAST2 cumulus@leaf01:~$ nv config apply ``` @@ -319,8 +319,8 @@ cumulus@switch:~$ nv set router policy prefix-list SPTrange rule 1 match 235.0.0 cumulus@switch:~$ nv set router policy prefix-list SPTrange rule 1 action permit cumulus@switch:~$ nv set router policy prefix-list SPTrange rule 2 match 238.0.0.0/8 max-prefix-len 32 cumulus@switch:~$ nv set router policy prefix-list SPTrange rule 2 action permit -cumulus@switch:~$ nv set vrf default router pim address-family ipv4-unicast spt-switchover prefix-list SPTrange -cumulus@switch:~$ nv set vrf default router pim address-family ipv4-unicast spt-switchover action infinity +cumulus@switch:~$ nv set vrf default router pim address-family ipv4 spt-switchover prefix-list SPTrange +cumulus@switch:~$ nv set vrf default router pim address-family ipv4 spt-switchover action infinity cumulus@switch:~$ nv config apply ``` @@ -376,7 +376,7 @@ cumulus@switch:~$ nv set router policy prefix-list MyCustomSSMrange rule 10 acti Apply the custom prefix list: ``` -cumulus@switch:~$ nv set vrf default router pim address-family ipv4-unicast ssm-prefix-list MyCustomSSMrange +cumulus@switch:~$ nv set vrf default router pim address-family ipv4 ssm-prefix-list MyCustomSSMrange cumulus@switch:~$ nv config apply ``` @@ -547,7 +547,7 @@ The following steps configure a Cumulus switch to use MSDP: 2. On every multicast switch, configure the group to RP mapping using the anycast address: ``` - cumulus@switch:$ nv set vrf default router pim address-family ipv4-unicast rp 10.100.100.100 group-range 224.0.0.0/4 + cumulus@switch:$ nv set vrf default router pim address-family ipv4 rp 10.100.100.100 group-range 224.0.0.0/4 cumulus@switch:$ nv config apply ``` @@ -1643,7 +1643,7 @@ cumulus@leaf01:~$ nv set interface lo router pim cumulus@leaf01:~$ nv set interface swp51 router pim cumulus@leaf01:~$ nv set interface vlan10 router pim cumulus@leaf01:~$ nv set interface vlan10 ip igmp -cumulus@leaf01:~$ nv set vrf default router pim address-family ipv4-unicast rp 10.10.10.101 +cumulus@leaf01:~$ nv set vrf default router pim address-family ipv4 rp 10.10.10.101 cumulus@leaf01:~$ nv config apply ``` @@ -1667,7 +1667,7 @@ cumulus@leaf02:~$ nv set interface lo router pim cumulus@leaf02:~$ nv set interface swp51 router pim cumulus@leaf02:~$ nv set interface vlan20 router pim cumulus@leaf02:~$ nv set interface vlan20 ip igmp -cumulus@leaf02:~$ nv set vrf default router pim address-family ipv4-unicast rp 10.10.10.101 +cumulus@leaf02:~$ nv set vrf default router pim address-family ipv4 rp 10.10.10.101 cumulus@leaf02:~$ nv config apply ``` @@ -1685,7 +1685,7 @@ cumulus@spine01:~$ nv set vrf default router bgp address-family ipv4-unicast net cumulus@spine01:~$ nv set interface lo router pim cumulus@spine01:~$ nv set interface swp1 router pim cumulus@spine01:~$ nv set interface swp2 router pim -cumulus@spine01:~$ nv set vrf default router pim address-family ipv4-unicast rp 10.10.10.101 +cumulus@spine01:~$ nv set vrf default router pim address-family ipv4 rp 10.10.10.101 cumulus@spine01:~$ nv config apply ``` diff --git a/content/cumulus-linux-57/System-Configuration/Date-and-Time/Synchronous-Ethernet-SyncE.md b/content/cumulus-linux-57/System-Configuration/Date-and-Time/Synchronous-Ethernet-SyncE.md index 988c03fc84..7e119a0707 100644 --- a/content/cumulus-linux-57/System-Configuration/Date-and-Time/Synchronous-Ethernet-SyncE.md +++ b/content/cumulus-linux-57/System-Configuration/Date-and-Time/Synchronous-Ethernet-SyncE.md @@ -249,10 +249,10 @@ network-type 1 summary Group #0: TRACKING holdover acquired on swp1. freq_diff: 77 (ppb) ``` -To show SyncE statistics for a specific interface, run the NVUE `nv show interface synce counters` command or the Linux `syncectl show interface counters counters synce` command or the Linux `syncectl show interface counters synce counters` command or the Linux `syncectl clear interface counters ` command. +To clear counters for a specific SyncE interface, run the NVUE `nv action clear interface counters synce` command or the Linux `syncectl clear interface counters ` command. ``` -cumulus@switch:~$ nv action clear interface swp1 synce counters +cumulus@switch:~$ nv action clear interface swp1 counters synce swp1 counters cleared Action succeeded ``` diff --git a/content/cumulus-linux-57/System-Configuration/Date-and-Time/_index.md b/content/cumulus-linux-57/System-Configuration/Date-and-Time/_index.md index db6a2a4c15..781b06a326 100644 --- a/content/cumulus-linux-57/System-Configuration/Date-and-Time/_index.md +++ b/content/cumulus-linux-57/System-Configuration/Date-and-Time/_index.md @@ -7,5 +7,7 @@ toc: 3 This section discusses how to: - Set the time zone, and the date and time on the software clock on the switch -- Configure {{}} -- Configure {{}} +- Configure {{}} +- Configure {{}} +- Configure {{}} +- Configure {{}} diff --git a/content/cumulus-linux-57/Whats-New/_index.md b/content/cumulus-linux-57/Whats-New/_index.md index 44dd6e342a..19a5f48a31 100644 --- a/content/cumulus-linux-57/Whats-New/_index.md +++ b/content/cumulus-linux-57/Whats-New/_index.md @@ -34,6 +34,8 @@ Cumulus Linux 5.7.0 supports new platforms, contains several new features and im - {{}} - {{}} for the NVUE REST API - {{}} commands + - {{}} + - {{}} - Enhanced {{}} command output to show the certificate used for the API and additional {{}} commands to show information about the certificates installed on the switch. - Commands to show {{}} and {{}} - Commands to show the {{}} and {{}} and to add static entries to the {{}} and {{}} @@ -80,7 +82,7 @@ nv set/unset router bgp wait-for-install | `nv set vrf router pim address-family ipv4-unicast ssm-prefix-list` | `nv set vrf router pim address-family ipv4 ssm-prefix-list` | | `nv set vrf router pim address-family ipv4-unicast register-accept-list` | `nv set vrf router pim address-family ipv4 register-accept-list`| | `nv set vrf router pim address-family ipv4-unicast send-v6-secondary`| `nv set vrf router pim address-family ipv4 send-v6-secondary` | -| `nv set system aaa tacacs authorization role (nvue-monitor\|system-admin\|nvue-admin)` | +| `nv set system aaa tacacs authorization role (nvue-monitor system-admin nvue-admin)` | `nv set system aaa tacacs authorization role `| | `nv show interface synce counters` | `nv show interface counters synce`| | `nv show acl rule match ip source-port` |`nv show acl rule match ip udp source-port`
`nv show acl rule match ip tcp source-port` | @@ -93,6 +95,7 @@ nv set/unset router bgp wait-for-install | `nv show vrf router pim address-family ipv4-unicast rp ` | `nv show vrf router pim address-family ipv4 rp ` | | `nv show vrf router pim address-family ipv4-unicast rp group-range` | `nv show vrf router pim address-family ipv4 rp group-range` | | `nv show vrf router pim address-family ipv4-unicast rp group-range ` | `nv show vrf router pim address-family ipv4 rp group-range ` | +| `nv action clear interface synce counters` | `nv action clear interface counters synce`| {{< /expand >}} @@ -154,7 +157,6 @@ nv show service dhcp-relay agent nv show service dhcp-relay agent remote-id nv show service dhcp-relay agent remote-id nv show service dhcp-relay agent use-pif-circuit-id -nv show service synce nv show service ptp servo nv show service telemetry nv show service telemetry histogram @@ -176,7 +178,6 @@ nv show system security certificate dump nv show system security ca-certificate nv show system security ca-certificate nv show system security ca-certificate dump -nv show system synce nv show system maintenance nv show system date-time nv show system forwarding ecmp-weight-normalisation @@ -216,7 +217,14 @@ nv set bridge domain stp force-protocol-version (stp|rstp) nv set evpn mac-vrf-soo nv set interface link flap-protection enable (on|off) nv set interface link protodown -nv set interface neighbor ipv4|ipv6 +nv set interface neighbor ipv4 +nv set interface neighbor ipv4
lladdr +nv set interface neighbor ipv4
lladdr
flag +nv set interface neighbor ipv4
lladdr
state +nv set interface neighbor ipv6 +nv set interface neighbor ipv6
lladdr +nv set interface neighbor ipv6
lladdr
flag +nv set interface neighbor ipv6
lladdr
state nv set interface port-security static-mac nv set interface port-security enable (on|off) nv set interface port-security mac-limit 1-512 @@ -245,6 +253,10 @@ nv set interface telemetry histogram counter counter-type telemetry histogram counter counter-type histogram-size 1-4294967295 nv set interface telemetry histogram counter counter-type sample-interval 128-1000000000 nv set interface dot1x auth-fail-vlan (enabled|disabled) +nv set service dhcp-server static ifname +nv set service dhcp-relay agent remote-id +nv set service dhcp-relay agent use-pif-circuit-id enable (on|off) +nv set service dhcp-relay agent enable (on|off) nv set service telemetry histogram ingress-buffer bin-min-boundary 96-4294967295 nv set service telemetry histogram ingress-buffer histogram-size 96-4294967295 nv set service telemetry histogram ingress-buffer sample-interval 128-1000000000 @@ -261,10 +273,6 @@ nv set service telemetry snapshot-interval 1-604800 nv set system api certificate self-signed nv set system link flap-protection threshold 0-30 nv set system link flap-protection interval 0-60 -nv set system synce enable (on|off) -nv set system synce wait-to-restore-time 1-720 -nv set system synce log-level (info|debug|notice|error|critical) -nv set system synce provider-default-priority 1-256 nv set system forwarding ecmp-weight-normalisation mode (enabled|disabled) nv set system forwarding ecmp-weight-normalisation max-hw-weight 10-255 nv set system dot1x radius server @@ -327,7 +335,14 @@ nv unset evpn mac-vrf-soo nv unset interface link flap-protection nv unset interface link flap-protection enable nv unset interface link protodown -nv unset interface neighbor ipv4|ipv6 +nv unset interface neighbor ipv4 +nv unset interface neighbor ipv4
lladdr +nv unset interface neighbor ipv4
lladdr
flag +nv unset interface neighbor ipv4
lladdr
state +nv unset interface neighbor ipv6 +nv unset interface neighbor ipv6
lladdr +nv unset interface neighbor ipv6
lladdr
flag +nv unset interface neighbor ipv6
lladdr
state nv unset interface port-security nv unset interface port-security static-mac nv unset interface port-security enable @@ -375,7 +390,6 @@ nv unset interface dot1x mba nv unset interface dot1x auth-fail-vlan nv unset service dhcp-server static ifname nv unset service dhcp-relay agent -nv unset service dhcp-relay agent remote-id nv unset service dhcp-relay agent remote-id nv unset service dhcp-relay agent use-pif-circuit-id nv unset service dhcp-relay agent use-pif-circuit-id enable @@ -405,11 +419,6 @@ nv unset system link nv unset system link flap-protection nv unset system link flap-protection threshold nv unset system link flap-protection interval -nv unset system synce -nv unset system synce enable -nv unset system synce wait-to-restore-time -nv unset system synce log-level -nv unset system synce provider-default-priority nv unset system forwarding ecmp-weight-normalisation nv unset system forwarding ecmp-weight-normalisation mode nv unset system forwarding ecmp-weight-normalisation max-hw-weight