OcNOS SP 4.0 ReleaseNotes All

OcNOS®
Open Compute
Network Operating System
Version SP 4.0
Release Notes
February 3, 2021
© 2021 IP Infusion Inc. All Rights Reserved.
This documentation is subject to change without notice. The software described in this document and this
documentation is furnished under a license agreement or nondisclosure agreement. The software and
documentation may be used or copied only in accordance with the terms of the applicable agreement. No
part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or any
means electronic or mechanical, including photocopying and recording for any purpose other than the
purchaser's internal use without the written permission of IP Infusion Inc.
IP Infusion Inc.
3965 Freedom Circle, Suite 200
Santa Clara, CA 95054
+1 408-400-1900
http://www.ipinfusion.com/
For support, questions, or comments via e-mail, contact:

support@ipinfusion.com
Trademarks:
IP Infusion, OcNOS, VirNOS, ZebM, and ZebOS-XP are trademarks or registered trademarks of IP
Infusion. All other trademarks, service marks, registered trademarks, or registered service marks are the
property of their respective owners.
Use of certain software included in this equipment is subject to the IP Infusion, Inc. End User License
Agreement at http://www.ipinfusion.com/license. By using the equipment, you accept the terms of the End
User License Agreement.
2 © 2021 IP Infusion Inc. Proprietary

Contents
About this Release ...................................................................................................................................... 7

Hardware Compatibility List ....................................................................................................................... 7
Dell ........................................................................................................................................................................ 7
EdgeCore ............................................................................................................................................................. 7
Tibit Communications ......................................................................................................................................... 8
Delta Agema ........................................................................................................................................................ 8
UFI Space ............................................................................................................................................................ 9
Qualified ONUs.......................................................................................................................................... 9
Optics and Accessories ............................................................................................................................. 9
Cables and Optics............................................................................................................................................... 9
UFI Space S9500-30XS..................................................................................................................................... 9
Delta Agema AGC7648A ................................................................................................................................. 11
EdgeCore AS5912-54X.................................................................................................................................... 11
EdgeCore AS7316-26XB ................................................................................................................................. 12
Dell S4248S FB/FBL-ON ................................................................................................................................. 14
EdgeCore AS5916-54XKS .............................................................................................................................. 14
EdgeCore ASXvOLT16 .................................................................................................................................... 15
New Features (SP 4.0)............................................................................................................................... 16

LACP Force-Up ....................................................................................................................................... 16
Port Security ............................................................................................................................................ 16
Active-Standby with MLAG ...................................................................................................................... 16
Port Authentication (802.1x) .................................................................................................................... 16
Frame Loss Diagnostics ETH-TST/LCK.................................................................................................. 16
Timing and Synchronization .................................................................................................................... 16
Debounce Timer ...................................................................................................................................... 17
Bidirectional-PIM ..................................................................................................................................... 17
VRRP Aware PIM .................................................................................................................................... 17
Multicast Source Discovery Protocol(MSDP) .......................................................................................... 17
EVPN-MPLS ............................................................................................................................................ 17
EVPN-VxLAN .......................................................................................................................................... 18
RSVP-TE Shared Link Risk Group (SRLG) ............................................................................................ 18
BGP-LS (BGP Link State Distribution) .................................................................................................... 18
Path Computation Element Protocol (PCEP): OcNOS as PCC [Path Computation Client].................... 19
PCEP RSVP ............................................................................................................................................ 19
Segment Routing (SR) ............................................................................................................................ 19
Segment routing Traffic Engineering (SR-TE) ........................................................................................ 19
PCEP-SR ................................................................................................................................................. 19
SR- TI LFA ............................................................................................................................................... 20
SR OAM .................................................................................................................................................. 20
Host protocols source IP selection .......................................................................................................... 20
LDP Inter-Area......................................................................................................................................... 20

L2VPN Stats MIB..................................................................................................................................... 21
RSVP MIB ............................................................................................................................................... 21
L3VPN MIB .............................................................................................................................................. 21
OSPFv3 MTU .......................................................................................................................................... 21
BFD MIB .................................................................................................................................................. 21
OLT (Optical Line Terminal) .................................................................................................................... 21
VLAN N:1 and Flow Management .................................................................................................................. 21
Rogue ONU Detection and Isolation .............................................................................................................. 21
PON TC-Layer Encryption. .............................................................................................................................. 21
PON FEC ........................................................................................................................................................... 21
Jumbo Frame..................................................................................................................................................... 21
SNMP Trap ........................................................................................................................................................ 22
SFlow .................................................................................................................................................................. 22
Remote Tibit Firmware upgrade ..................................................................................................................... 22
ONU Auto Finding ............................................................................................................................................. 22
New Features (SP 3.0)............................................................................................................................... 23

License server ......................................................................................................................................... 23
License SKU validation............................................................................................................................ 23
OSPF v2 domain-id ................................................................................................................................. 23
L3 VPN Internet Access .......................................................................................................................... 23
6PE Inter-AS Option-B ............................................................................................................................ 23
MPLS VPN Inter-AS Option-B ................................................................................................................. 23
MPLS VPN Inter-AS Option-C ................................................................................................................. 24
6PE per VRF label ................................................................................................................................... 24
RSVP Multiple Secondary ....................................................................................................................... 24
MPLS Ping and Trace Route ................................................................................................................... 24
Timing and Synchronization .................................................................................................................... 25
Netconf Support....................................................................................................................................... 25
Netconf Framework Support ........................................................................................................................... 25
Netconf Configuration Datamodel Support ................................................................................................... 26
EVPN-MPLS (Demonstrable Feature) .................................................................................................... 26
OLT (Optical Line Terminal) .................................................................................................................... 26
ONU Provisioning ............................................................................................................................................. 27
VLAN 1:1 and Flow Management................................................................................................................... 27
IPoE and DHCP Relay with Option 82........................................................................................................... 27
Traffic Limiting, Shaping and QoS .................................................................................................................. 27
PON Access Control List ................................................................................................................................. 27
Reconfiguration ................................................................................................................................................. 27
MLD Snooping ......................................................................................................................................... 27
L2 Sub-Interface ...................................................................................................................................... 27
L3 Sub-Interface ...................................................................................................................................... 28
Fault Management System (Demonstrable Feature) .............................................................................. 28
BMC Support via IPMI Interface .............................................................................................................. 29

ACL Support over Loopback ................................................................................................................... 29
Passwordless SSH .................................................................................................................................. 29
DHCP Relay with Option82 ..................................................................................................................... 29
Technical Support ..................................................................................................................................... 30

Technical Documentation ........................................................................................................................ 30
Installation Prerequisites ......................................................................................................................... 31

Memory and Storage Requirements ....................................................................................................... 31
Open Network Install Environment Requirements .................................................................................. 31
Remote Access ....................................................................................................................................... 31
Device date and time ............................................................................................................................... 31
Upgrade Notes ........................................................................................................................................... 32

Reinstall ................................................................................................................................................... 32
Migration pre-requisite...................................................................................................................................... 32
Fresh Install ............................................................................................................................................. 32
Limitations and Restrictions .................................................................................................................... 33

L3 VPN Internet Access .......................................................................................................................... 33
BGP Peer Group ..................................................................................................................................... 33
BGP ECMP ........................................................................................................................................................ 33
Netconf .................................................................................................................................................... 34
6PE/MPLS VPN....................................................................................................................................... 34
6PE...................................................................................................................................................................... 34
6PE Inter-AS Option-B ..................................................................................................................................... 34
MPLS VPN Inter-AS Option-B......................................................................................................................... 34
IP Fast Reroute/Loop-Free Alternate for ISIS/OSPF .............................................................................. 34
Layer-2 .................................................................................................................................................... 34
Layer 3 ..................................................................................................................................................... 35
CFM ......................................................................................................................................................... 36
Ethernet Ring Protection Switching (ERPS)............................................................................................ 36
Sub-interface ........................................................................................................................................... 36
KAPS Forwarding Profile ......................................................................................................................... 37
BGP Labeled Unicast (RFC 3107) .......................................................................................................... 38
BGP Peering Router ................................................................................................................................ 38
MPLS ....................................................................................................................................................... 39
Management............................................................................................................................................ 41
Multicast .................................................................................................................................................. 41
MLD Snooping ................................................................................................................................................... 41
Bidirectional PIM ............................................................................................................................................... 42
Hardware BFD ......................................................................................................................................... 42
Access Control List .................................................................................................................................. 42
Quality of Service (QoS) .......................................................................................................................... 42
L2/L3 ................................................................................................................................................................... 42

MPLS DIFFSERV ............................................................................................................................................. 42
EVPN VxLAN ........................................................................................................................................... 43
EVPN MPLS ............................................................................................................................................ 43
OSPFv3 ................................................................................................................................................... 44
ISISv6 ...................................................................................................................................................... 44
BFD.......................................................................................................................................................... 44
Traffic Management................................................................................................................................. 45
Platform ................................................................................................................................................... 45
Timing and Synchronization (PTP and SyncE) ....................................................................................... 45
Entropy Label .......................................................................................................................................... 45
OLT .......................................................................................................................................................... 45
Fault Management System (FMS) .......................................................................................................... 46
Path Computation Element Protocol ....................................................................................................... 46
System Management............................................................................................................................... 46
Debounce Timer ................................................................................................................................................ 46
Segment Routing ..................................................................................................................................... 47
Open Caveats ............................................................................................................................................ 48

Segment Routing ..................................................................................................................................... 48
NetConf ................................................................................................................................................... 49
OLT .......................................................................................................................................................... 49
CFM ......................................................................................................................................................... 51
L2 ............................................................................................................................................................. 51
L3 ............................................................................................................................................................. 51
MPLS ....................................................................................................................................................... 53
System Features ..................................................................................................................................... 55
PTP .......................................................................................................................................................... 55
VxLAN ..................................................................................................................................................... 56
Hardware Statistics.................................................................................................................................. 56
EVPN MPLS ............................................................................................................................................ 56
Sub Interface ........................................................................................................................................... 57
Multicast .................................................................................................................................................. 57
Resolved Caveats ..................................................................................................................................... 58

NetConf ................................................................................................................................................... 58
OLT .......................................................................................................................................................... 58
VxLAN ..................................................................................................................................................... 58
MPLS ....................................................................................................................................................... 60
Sub-interface ........................................................................................................................................... 61
L3 ............................................................................................................................................................. 61
L2 ............................................................................................................................................................. 63

About this Release
This is OcNOS SP 4.0 release.
Hardware Compatibility List

OcNOS SP 4.0 supports the platforms as shown in the following table.
Note: See the Feature Matrix for a complete list of features supported on each platform.
Dell
Port Hardware Revision Comments

Model Switching ASIC
configuration
S4248-FB-ON Broadcom 40 X 10G SFP+ Label Revision: A00 OCNOS_SP_IP_BASE

BCM88375_B0 port CPLD 2 Version: 0.1 OCNOS_SP_MPLS
2 X 40G QSFP CPLD 3 Version: 0.1
OCNOS_SP_IPADV_C
port CPLD 4 Version: 0.1
E_AGGR
6 X 100G
QSFP28 port
S4248-FBL-ON Broadcom 40 X 10G SFP+ CPLD 2 Version: 0.1 OCNOS_SP_IP_BASE

BCM88375_B0 port CPLD 3 Version: 0.1 OCNOS_SP_MPLS
2 X 40G QSFP CPLD 4 Version: 0.1
OCNOS_SP_IPADV_C
port
E_AGGR
6 X 100G
QSFP28 port
EdgeCore

configuration
AS5912-54X Broadcom 48 ports 10G, 6 Label Revision: OCNOS_SP_IP_BASE

BCM88370_B0 ports 100G R0BB
OCNOS_SP_MPLS
CPLD 1 Version: 5
OCNOS_SP_IPADV_C
CPLD 2 Version: 5
E_AGGR
Fan CPLD Version:
1
AS7316-26XB Broadcom 16 port 10G, 8 Label Revision: OCNOS_SP_CSR
BCM88470_B0 port 25G and 2 R0DD
ports 100G CPLD version: 2
FPGA version: 6
Fan CPLD version:
1

configuration
AS5916-54XKS Broadcom 48 ports 10G, 6 Label Revision: OCNOS_SP_IP_BASE

ports 100G R0A
BCM88375_B0 OCNOS_SP_MPLS
CPLD 1 Version: 4
OCNOS_SP_IPADV_C
CPLD 2 Version: 6
E_AGGR
Fan CPLD Version:
2
ASXvOLT16 QAX BCM88470, 16 x 10G XFP Xeon D-1518 CPU OCNOS_SP_OLT_LIT
8 x Maple PON, E
BCM68620 4 x 100G
QSFP28
Tibit Communications
Port Hardware Revision SKU

configuration
TIBIT XGS-PON Broadcom 1 x 10G Ethernet- Tibit Hardware OCNOS_SP_OLT_S

version 180713 A_IPBASE
10G SFP+ OLT BCM88370_B0 to-XGS-PON
OCNOS_SP_OLT_S
(AS5912-54X) OLT MAC bridge
A_IPMPLS
Delta Agema
Port Hardware Revision SKU

configuration
AGC7648A Broadcom 48 X 10G SFP+ CPU CPLD Version: OCNOS_SP_IP_BAS

BCM88375_B0 port 1 E
6 X 100G SW CPLD(U21) OCNOS_SP_MPLS
QSFP28 port Version: 1
OCNOS_SP_IPADV_
SW CPLD(U134)
CE_AGGR
Version: 1
SW CPLD(U215)
Version: 1

UFI Space

configuration
9500-30XS Broadcom 20 port 10G, 8 Label Revision: 2 OCNOS_SP_CSR

BCM88470_B0 port 25G and 2 CPU CPLD
ports 100G version:21
BMC: AST2400
BMC Firmware
Revision: 3.08
Qualified ONUs
• BFW Software/Firmware version: 3.2.20 (WAC5-40PG-TLAB-SR3.2.20).
• Alpha Software/Firmware version: Provisionally 5.02L.07_008 (PON-34000B).
Optics and Accessories

Cables and Optics
UFI Space S9500-30XS
Type Name Part Number Make
1G-SX Finisar SFP/SFP+/SFP28 FTLF8519P2BNL FINISAR

CORP
10G SFP Evertz SFP10G SFP10G-TR13S EVERTZ
10GBASE-SR Edgecore SFP/SFP+/SFP28 ET5402-AOC- EdgeCore

10M
10GBASE-SR Edgecore SFP/SFP+/SFP28 ET5402-AOC-7M EdgeCore
25GAUI C2M Edgecore SFP/SFP+/SFP28 ET7302-AOC-5M EdgeCore
25GBASE-CR CA-S Optech SFP/SFP+/SFP28 OPQS28T03P/SF Optech

284
SFP/SFP+/SFP28 Finisar SFP/SFP+/SFP28 FCBG110SD1C0 FINISAR

1 CORP.
SFP/SFP+/SFP28 Amphenol SFP/SFP+/SFP28 616740001 Amphenol
40GBASE-SR4 Finisar QSFP ET6402-40AOC- Edgecore

7M
40G QSFP AVAGO QSFP AFBR-79E4Z Avago

100GBASE-CR4 Finisar QSFP28 ET7402-100DAC- Edgecore

1M
1000BASE-SX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-SX E.C.I.

NETWORKS
1000BASE-LX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-LX E.C.I.

NETWORKS
1000BASE-LX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-EX E.C.I.

NETWORKS
1000BASE-LX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-ZX E.C.I.

NETWORKS
10GBASE-SR E.C.I. SFP/SFP+/SFP28 EN-SFP10G-SR E.C.I.

NETWORKS
10GBase-LR E.C.I. SFP/SFP+/SFP28 EN-SFP10G-LR E.C.I.

NETWORKS
10GBase-ER E.C.I. SFP/SFP+/SFP28 EN-SFP10G-ER E.C.I.

NETWORKS
10GBase-ER E.C.I. SFP/SFP+/SFP28 EN-SFPP-ER E.C.I.NETWOR

KS
100GBASE-SR4 or E.C.I. SFP/SFP+/SFP28 EN-SFP28-SR E.C.I.

25GBASE-SR NETWORKS
100GBASE-LR4 or E.C.I. SFP/SFP+/SFP28 EN-SFP28-LR E.C.I.

25GBASE-LR NETWORKS
100GBASE-SR4 or E.C.I. QSFP28 Or Later EN-QSFP28-SR4 E.C.I.

25GBASE-SR NETWORKS
100GBASE-LR4 or E.C.I. QSFP28 Or Later EN-QSFP28-LR4 E.C.I.

25GBASE-LR NETWORKS
1000BASE-SX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-SXi E.C.I.

NETWORKS
1000BASE-LX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-LXi E.C.I.

NETWORKS
10GBASE-SR E.C.I. SFP/SFP+/SFP28 EN-SFP10G-SRi E.C.I.

NETWORKS

10GBase-LR E.C.I. SFP/SFP+/SFP28 EN-SFP10G-LRi E.C.I.

NETWORKS
Delta Agema AGC7648A
SFP/SFP+/SFP28 Edgecore SFP/SFP+/SFP28 ET5402-DAC-1M Edgecore
SFP/SFP+/SFP28 Finisar SFP/SFP+/SFP28 FCBG110SD1C01 FINISAR CORP
SFP/SFP+/SFP28 FS SFP/SFP+/SFP28 SFP-10GSR-85 FS

100GBASE-CR4 or Edgecore 100GBASE-CR4 ET7402-100DAC-3M Edgecore
25GBASE-CR CA-L
EdgeCore AS5912-54X

ET5402-DAC-3M
SFP/SFP+/SFP28 FINISAR SFP/SFP+/SFP28 FCBG110SD1C01 FINISAR CORP

FCBG110SD1C03
FCBG110SD1C05
10GBASE-SR Edgecore SFP/SFP+/SFP28 ET5402-AOC-7M Edgecore

ET5402-AOC-10M
100GBASE-LR4 or FS QSFP28 LR4 QSFP28-LR4-100G FS

25GBASE-LR
100GBASE-SR4 or FS QSFP28 SR4 QSFP28-SR4-100G FS

25GBASE-SR
1000BASE-CX FCI SFP/SFP+/SFP28 10114734-2030LF FCI Electronics
100GBASE-CR4 or Dell QSFP28 76V43 DELL

25GBASE-CR CA-L
40GBASE- Dell QSFP+ 10093084-2030LF FCI Electronics

CR4,1000BASE-
T,1000BASE-CX

100GBASE-CR4 or Edgecore QSFP28 ET7402-100DAC-3M Edgecore

25GBASE-CR CA-L ET7402-100DAC-1M
10GBASE-SR FS SFP/SFP+/SFP28 SFP-10GSR-85 FS
10GBase-LR FS SFP/SFP+/SFP28 SFP-10G-BX40 FS
10GBase-LR FS SFP/SFP+/SFP28 SFP-10G-BX FS
SFP/SFP+/SFP28 FS SFP/SFP+/SFP28 SFP-10GZRC-55 FS
SFP/SFP+/SFP28 FS 10GBase-LR SFP-10G-BX80 FS
SFP/SFP+/SFP28. Finisar 10GBASE-SR FTLX8574D3BCL FINISAR CORP
SFP/SFP+/SFP28 Finisar SFP/SFP+/SFP28 616740001 Amphenol
SFP/SFP+/SFP28 Methode 1000BASE-T SP7041-M1-JN-01 Methode Elec.
100G AOC (Active Edgecore QSFP28 ET7402-100AOC10M Edgecore

Optical Cable) or
25GAUI C2M AOC
100G AOC (Active FINISAR SFP/SFP+/SFP28 FCBG125SD1C05 FINISAR CORP

Optical Cable) or
25GAUI C2M AOC
EdgeCore AS7316-26XB

ET5402-DAC-3M

ET5402-AOC-10M
25GBASE-CR CA-S Edgecore SFP/SFP+/SFP28 ET7402-25DAC-3M Edgecore
100GBASE-CR4 or Edgecore QSFP28 ET7402-100DAC-1M Edgecore

25GBASE-CR CA-L
10GBASE-SR Finisar SFP/SFP+/SFP28 FTLX8574D3BCL FINISAR CORP

100G AOC (Active Finisar SFP/SFP+/SFP28 FCBG125SD1C05 FINISAR CORP

Optical Cable) or
25GAUI C2M AOC
100G AOC (Active Finisar QSFP28 ET7402-100AOC10M Edgecore

Optical Cable) or
25GAUI C2M AOC
1000BASE-T Finisar 1000BASE-T FCMJ-8521-3 FINISAR CORP
1000BASE-SX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-SX E.C.I.

NETWORKS
1000BASE-LX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-LX E.C.I.

NETWORKS
1000BASE-LX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-EX E.C.I.

NETWORKS
1000BASE-LX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-ZX E.C.I.

NETWORKS
10GBASE-SR E.C.I. SFP/SFP+/SFP28 EN-SFP10G-SR E.C.I.

NETWORKS
10GBase-LR E.C.I. SFP/SFP+/SFP28 EN-SFP10G-LR E.C.I.

NETWORKS
10GBase-ER E.C.I. SFP/SFP+/SFP28 EN-SFP10G-ER E.C.I.

NETWORKS
10GBase-ER E.C.I. SFP/SFP+/SFP28 EN-SFPP-ER E.C.I.

NETWORKS
100GBASE-SR4 or E.C.I. SFP/SFP+/SFP28 EN-SFP28-SR E.C.I.

25GBASE-SR NETWORKS
100GBASE-LR4 or E.C.I. SFP/SFP+/SFP28 EN-SFP28-LR E.C.I.

25GBASE-LR NETWORKS
100GBASE-SR4 or E.C.I. QSFP28 Or Later EN-QSFP28-SR4 E.C.I.

25GBASE-SR NETWORKS
100GBASE-LR4 or E.C.I. QSFP28 Or Later EN-QSFP28-LR4 E.C.I.

25GBASE-LR NETWORKS
1000BASE-SX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-SXi E.C.I.

NETWORKS
1000BASE-LX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-LXi E.C.I.

NETWORKS
10GBASE-SR E.C.I. SFP/SFP+/SFP28 EN-SFP10G-SRi E.C.I.

NETWORKS
10GBase-LR E.C.I. SFP/SFP+/SFP28 EN-SFP10G-LRi E.C.I.

NETWORKS
Dell S4248S FB/FBL-ON
10GBase-LR Dell SFP/SFP+/SFP28 RN84N DELL
10GBASE-SR Dell SFP/SFP+/SFP28 WTRD1 DELL
25GBASE-CR CA-N Dell QSFP28 26FN3 DELL
25GBASE-CR CA-S Dell QSFP28 7R9N9 DELL
100GBASE-SR4 or Dell QSFP28 14NV5 DELL

25GBASE-SR
100GBASE-CR4 or Dell QSFP28 P7C7N DELL

25GBASE-CR CA-L
100GBASE-SR4 or Finisar QSFP28 FTLC9551REPM FINISAR CORP

25GBASE-SR
100GBASE-CR4 or Dell QSFP28 FN4FC DELL

25GBASE-CR CA-L
EdgeCore AS5916-54XKS
1000BASE-T AVAGO SFP/SFP+/SFP28 ABCU-5730RZ AVAGO
SFP/SFP+/SFP28. Finisar SFP/SFP+/SFP28 FCBG110SD1C01 FINISAR CORP

EdgeCore ASXvOLT16
XFP Hisense XFP LTH7226-PC+ Hisense
QSFP+ Fiberstore QSFP+ or later QSFP-40G-DAC Fiberstore
QSFP28 Edgecore QSFP28 or later ET7402-100DAC-1M Edgecore

New Features (SP 4.0)
OcNOS SP 4.0 is based on Debian-10 OS
LACP Force-Up
The Force-up feature forces the member port of a dynamic LAG (Link Aggregation Group) to
be logically operational irrespective of the operation status of the dynamic LAG.
Port Security
Port security enables users to configure the maximum number of secured MACs for each
physical and logical port.
Dynamically learned or statically programmed MAC addresses do not exceed the maximum number of
secured MACs configured for a particular port.
Once the switch reaches the maximum limit for secured MACs, traffic from all other MACs is dropped.
Active-Standby with MLAG

This feature provides a way to configure active-standby support for L2-MLAG deployment along with
VPWS active-standby. In active-standby mode, one of the MLAG nodes is in active state and forwards
the traffic and the other is in standby mode and becomes active during switchover scenarios.
Port Authentication (802.1x)

Port based authentication with RADIUS server restricts unauthenticated devices from connecting to a
switch. Only after authentication is successful, traffic is allowed through the switch.
Frame Loss Diagnostics ETH-TST/LCK

ETH-TST (Ethernet Test Signal) and ETH-LCK (Ethernet Lock Signal) protocol features are defined as
per Y.1731 standards.
ETH-TST is used to perform one-way on-demand in-service or out-of-service diagnostics tests. This
includes verifying bandwidth throughput, frame loss, bit errors, etc.
ETH-LCK is used to communicate the administrative locking of a MEP and consequential interruption of
data traffic forwarding towards the MEP expecting this traffic. It allows a MEP receiving frames with ETH-
LCK information to differentiate between a defect condition and an administrative locking action at lower
level MEP.
Timing and Synchronization

G.8275.2 specifies a profile for telecommunication applications based on precision time protocol (PTP).
Following features are supported for this profile.
• UFI-S9500-30XS
o T-BC-P, T-BC-A
o T-GM
• AS-7316-26XB

o T-BC-P, T-BC-A
• G.8273.4 defines performance requirements for PTS and APTS architectures (G.8275.2)
o Class-A and Class-B requirements are supported.
• G.8275.2 over IPv6 is not supported.
• G8275.2 Profile T-GM source GPS is not supported on AS-7316 board.
Debounce Timer
This feature avoids frequent updates (churn) to higher layer protocols during flapping of an interface. If
the status of a link changes quickly from up to down and then back to up, the port debounce timer
suppresses the link status notification. If the link transitions from up to down, but does not come back up,
then the port debounce timer delays the link status notification. This feature is applicable only for physical
link flaps.
Bidirectional-PIM
Bidirectional PIM extends it to provide source-agnostic multipoint-to-multipoint multicast forwarding. This
forwarding is based on a RP rooted distribution tree and designated forwarder election on each
forwarding segment. The implementation is based on RFC 5015.
Note:
• Bidirectional PIM RP count up to 256 supported.
• Supported gross multicast routes (including bidir,non-bidr and snooping) is up to 48K for Qumran
MX and up to 12K for Qumran AX chipsets.
VRRP Aware PIM

VRRP Aware PIM is a redundancy mechanism for the Protocol Independent Multicast (PIM) to
interoperate with the Virtual Router Redundancy Protocol (VRRP). It allows PIM to track VRRP state and
to preserve multicast traffic upon failover in a redundant network with virtual routing groups enabled. This
feature is implemented based on RFC-7910, and only PIM-SM (Sparse-Mode) is supported for it.
Multicast Source Discovery Protocol(MSDP)

The Multicast Source Discovery Protocol (MSDP) describes a mechanism to connect multiple
IP Version 4 Protocol Independent Multicast Sparse-Mode (PIM-SM) domains together. Each PIM-SM
domain uses its own independent Rendezvous Point (RP) and does not have to depend on RPs in other
domains. MSDP-speaking routers in a PIM-SM domain have a MSDP peering relationship with MSDP
peers in another domain. The peering relationship is made up of a TCP connection in which control
information is exchanged. Each domain has one or more connections to this virtual topology.
EVPN-MPLS
Ethernet VPN (EVPN) is a next generation solution that provides Ethernet multipoint services (E-LAN, E-
LINE, E-TREE) over VxLAN/MPLS networks. It solves the limitations of existing deployed VPLS/VPWS
such as, control plane MAC learning for load-balancing, Multi-Homing and Scalability.

EVPN-MPLS uses sub-interface as Access-port and network port can be of any L3 type
(physical/SVI/LAG/sub-ifp etc) . The below sub-features are supported in this release:
• E-LAN : ARP/ND cache (enable/disable), ARP revalidate, MAC-hold timer, ESI-hold timer.
• E-LINE (point to point vpws).
• E-LAN/E-LINE Multihoming Support in Active-Active Mode.
• ESI-hold timer (To reduce traffic loss during bootup time).
• Multiple MPLS transport & Protection mechanism Support (LDP, RSVP - secondary/Multiple-
secondary/FRR/MBB/Facility-Back-up/LSP-reoptimization).
• QoS support on Access & Network ports.
• Scalability support upto 2K VNID.
EVPN-VxLAN
EVPN with VxLAN is popular in DC deployments, also can be used in other deployments for
end to end L2 VPN service. This facilitates control plane MAC learning for load-balancing,
ARP/ND cache local response and Multi-Homing.
EVPN-VxLAN network port can be of any L3 type (physical/SVI/LAG/sub-ifp etc) . The below
sub-features are supported in this release:
• E-LAN : ARP/ND cache (enable/disable), ARP revalidate, MAC-hold timer, ESI-hold timer
• E-LAN Multihoming Support in Active-Active Mode.
• QoS support on Access & Network ports.
• Scalability support upto 2K VNID.
RSVP-TE Shared Link Risk Group (SRLG)

Shared Risk Link Group (SRLG) is a feature which allows the user to establish a backup secondary LSP
(label switched path) path or a FRR (fast-reroute) LSP path which is disjoint from the path of the primary
LSP. Links which are members of the same SRLG represent resources which share the same risk. A
typical application of the SRLG feature is to provide an automatic placement of secondary backup LSPs
or FRR bypass/detour LSPs that minimizes the probability of fate sharing with the path of the primary
LSP. RSVP SRLG is supported in OcNOS for OSPFv2 only.
BGP-LS (BGP Link State Distribution)

BGP link state distribution is a method of collecting link state and Traffic Engineering information from
Interior gateway protocols (ISIS/OSPF) and advertises them to external components like Path
Computation Element using BGP.
BGP LS extensions for segment routing is meant for providing support for sending segment routing
information from ISIS/OSPF to BGP using well defined TLVs in link state address family. BGP Link state
address family to carry the Segment Routing link information in the form of Node, Link and Prefix NLRIs.
So that any external controller like Path Computation Element will be updated with the SR path for the
complete topology.

Path Computation Element Protocol (PCEP): OcNOS as PCC
[Path Computation Client]
Path Computation Element (PCE) is an entity that is capable of computing a network path by applying
computational constraints. A Path Computation Client (PCC) is any client application requesting a path
computation to be performed by a PCE. PCEP is a protocol designed specifically for communication
between PCC and PCE. A path computation client will make use of PCEP protocol to request for path
computation to the PCE server. This feature provides OcNOS the capability to act as path computation
client by complying to the standard RFC 5440 and RFC 7896(extension to RFC 5440).
OcNOS also supports PCEP stateful capabilities, which allows a PCE controller to gain the complete
control of the LSPs and make changes dynamically on need basis. OcNOS supports both PCC initiated
and PCE initiated functionalities, along with Stateless and Passive stateful capabilities.
PCEP RSVP
With the help of PCEP protocol, OcNOS can query the path required to establish MPLS-TE tunnels. PCE
Protocol allows the PCC to offload the CSPF computations to the controller and be responsible only for
signaling the MPLS Tunnels using RSVP-TE. Controllers typically can be used for leveraging the overall
visibility it might possess.
Segment Routing (SR)

Using SR, a source node steers a packet through a path without relying on hop-by-hop signalling
protocols such as LDP or RSVP-TE. Each path is specified as an ordered list of instructions called
"segments". Each segment is an instruction to route the packet to a specific place in the network, or to
perform a function on the packet. A database of segments can be distributed through the network using a
routing protocol (such as IS-IS or OSPF) or by any other means.
Segment routing Traffic Engineering (SR-TE)

Segment routing Traffic Engineering (SR-TE) is achieved through SR Policy.
An SR Policy is a framework that enables instantiation of an ordered list of segments on a node for
establishing TE LSP with a specific intent for traffic steering from that node. An SR Policy is associated
with one or more candidate paths.
PCEP-SR
With the PCE-SR it is possible to use a stateful PCE for computing one or more SR-TE paths subject to
certain constraints and optimization criteria in SR networks. A PCC can request an SR path from either a
stateful or stateless PCE using SR Policy. PCE will send PCReply with SR-ERO sub objects to make SR-
POLICY up. A network controller (acting as a PCE) can also initiate candidate paths for an SR policy onto
head-end node (acting as a PCC) using PCEP. PCC can also delegate SR Policies to controller (PCE),
later PCE can update the candidate paths ERO. Stateless LSPs can also be delegated to controller
(PCE), after delegation it will act as stateful LSP.

SR- TI LFA
Topology-Independent Loop-Free Alternate (TI-LFA) uses segment routing to provide link protection in
topologies where other fast reroute techniques, such as RLFA (Remote Loop Free Alternative) cannot
provide protection. The goal of TI-LFA is to reduce the packet loss that results while routers converge
after a topology change due to a link failure. Rapid failure repair (up to 50msec) is achieved using pre-
calculated post-convergence backup-path.
SR OAM
LSP ping and Traceroute mechanisms are used to detect and isolate faults in MPLS dataplane. Segment
routing operates on top of MPLS dataplane. So the mechanism of data plane validation defined in RFC
4379 can be applied to Segment routing as well. SR Ping and Traceroute will be an extension to MPLS
Ping/Traceroute to detect and isolate the fault. In this case, IGP Prefix SID or IGP Adjacency SID Target
FEC stack TLV are carried to perform FEC validation.
Host protocols source IP selection

Source IP feature is used for unique client identification at the server site. The source IP address is
determined by the system and is usually the IP address of the outgoing interface in the routing table.
However, routing switches may have multiple routing interfaces due to load balancing or routing
redundancy, and outgoing packets can potentially be sent by different paths at different times. This
results in different source IP addresses, which creates a client identification problem on the server site.
To decrease the amount of administrative work involved, a configuration model is provided that allows the
selection of an IP address to use as the source address for all outgoing traffic generated by a specified
software application on the switch. This allows unique identification of the software application on the
server site regardless of which local interface has been used to reach the destination server.
This feature applies to the following software applications:
• TACACS+
• RADIUS
• NTP
• Syslog
• SNMP
LDP Inter-Area
During scaling scenarios with many PE nodes require redistribution of a large number of addresses by
the ABR which is not an optimal solution. To address this issue, LDP Inter-Area feature as defined in RFC
5283 is supported, with following:
• Route (IP) aggregation at the ABR. This route aggregation when enabled, shall ensure that only
summary routes (aggregated prefix) be advertised by the ABR. The LSR receiving the route update
shall install the summary routes in the corresponding RIB.
• Handling of FEC’s for which an exact match is not present in the RIB. Once the ABR starts
advertising the IGP aggregated routes, the same gets installed in the LSR RIB. Now when an LDP

message is received from the same ABR, the FEC received may not contain an exact match in the
RIB since for this FEC the IGP had advertised an aggregate prefix. For such FEC entries a longest
prefix match should be performed against the route entries present in the RIB. If the longest prefix
match succeeds, then the corresponding FEC label binding shall be created and the FTN and NHLFE
entries shall be programmed in the LDP FIB.
L2VPN Stats MIB

Support for managed objects to monitor MPLS Layer-2 VPN services by retrieving network and access
port statistics per PWE and VPLS instances.
RSVP MIB
Support for managed objects to monitor MPLS RSVP MIB w.r.t RFC 2206.
L3VPN MIB
Support for managed objects to monitor MPLS L3VPN MIB w.r.t RFC 4382.
OSPFv3 MTU
This feature helps in establishing the OSPFv3 sessions over interfaces that have mis-matched
MTUs by advertising the configured OSPFv3 MTU in OSPFV3 DD packets.
BFD MIB
BFD private MIB support implemented for BFD IPv4 and IPv6.
OLT (Optical Line Terminal)

VLAN N:1 and Flow Management
The OcNOS OLT supports N:1 VLAN translation using translation profile and flow setup and
Management.
Rogue ONU Detection and Isolation

The OcNOS OLT supports detection of Rogue ONUs and isolation of the identified ONUs.
PON TC-Layer Encryption.

The OcNOS OLT supports configuration of TC-Layer encryption for PON network.
PON FEC
The OcNOS OLT supports configuration of Forward Error Correction for PON network.
Jumbo Frame
The OcNOS OLT supports Jumbo frames.

SNMP Trap
The OcNOS OLT supports SNMP Trap notifications for identified triggers like PON & NNI interface link
status change, ONU discovery, etc.
SFlow
The OcNOS OLT supports SFlow Counter Sampling for PON and NNI interfaces.
Remote Tibit Firmware upgrade

The OcNOS OLT supports upgrade of TIBIT firmware on remote OLTs through PON configuration.
ONU Auto Finding

ONU auto finding feature lists the available ONUs serial number which the user can use to do manual
provisioning.

New Features (SP 3.0)
License server
OcNOS supports Node-locked license, which can be downloaded by the customer for every device one
by one. To simplify this process pool of licenses will be delivered to the customer and they can be
distributed to all the devices through the HTTP alike server application provided by Flexera.
License SKU validation

Enhanced licensing feature to include software SKU validation against the installed software in addition to
the existing HOST-ID (device base MAC) validation. Any mismatch between the SKU present in the
license and the software installed on the device would lead to license deactivation. Subsequently, device
configurations will be lost after upgrading to SP 3.0/later version from ED 2.4/prior. Detailed steps are
documented in the migration guide section "License SKU migration" to identify the SKU mismatch and the
steps required to correct without impacting the device normal operation.
OSPF v2 domain-id
The domain-id feature helps in installing VPNv4 MP-BGP learned OSPF Intra-area and summary routes
of the same domain as summary routes instead of AS external routes. When routes are learned from
different domains, the routes will be installed as external routes.
L3 VPN Internet Access

This feature will provide internet access to customer sites when the internet gateway resides in the
provider network. When the ISP internet gateway resides in the provider network, Internet connectivity to
and from a particular customer is achieved by installing two static routes.
One a static route to reach CE network from PE router, whose next-hop is pointing towards the VRF
learned IP address/Interface of CE.
Another static route to the Internet from MPLS L3VPN in the customer VRF with next-hop pointing the
Internet gateway with public instance interface of provider PE router.
6PE Inter-AS Option-B

6PE Inter-AS Option B solution enables IPv6 domains to communicate with each other over the MPLS
IPv4 core network. MP-BGP in the IPv4 network is used to exchange IPv6 reachability information along
with a label for each IPv6 prefix announced. OcNOS support the following Option-B scenarios for 6PE:
• eBGP IPv6 labeled-unicast between directly connected v4 gateway ASBR’s.
• eBGP IPv6 labeled-unicast between v4 loopbacks of ASBR’s using RFC3107.
MPLS VPN Inter-AS Option-B

In an Inter-AS option B network where a Virtual Private Network (VPNs) extends to different ASes in
different geographical areas, ASBR ports are connected by one or more sub interfaces that are enabled
to receive MPLS traffic. A Multi-Protocol Border Gateway Router (MP-BGP) session distributes labelled

VPN prefixes through eBGP VPNv4/VPNv6 session between the ASBRs. As a result, the traffic that flows
between the ASBRs is label switched.
By default, eBGP-VPNs are not allowed. Therefore, the command allow-ebgp-vpn is used to configure
an eBGP peer and to activate the peer for a VPN address-family so that they can exchange VPN routes
over an eBGP connection.
OcNOS support the following Option-B scenarios for both VPNv4, VPNv6 address-families:
• eBGP VPN between directly connected gateway ASBR’s.
• eBGP VPN between loopbacks of ASBR’s using RFC3107.
MPLS VPN Inter-AS Option-C

The Inter-AS-Option-C feature is an extension of L3VPN. This helps the customer to have VPN
connectivity over two different service provider or different autonomous systems between their sites. The
feature is supported for VPNv4, 6VPE and 6PE.
VPN connectivity can be established using MP-eBGP VPN between provider edge routers or route
reflectors. The edge routers or route reflector’s reachability will be learning via BGP IPv4-LU.
6PE per VRF label

6PE per-VRF label feature allocates a single label for all 6PE routes. This helps in scale scenarios in-
terms of conservation of label pool resources and hardware resources. Per-VRF label is supported for
local routes.
RSVP Multiple Secondary

RSVP Multiple Secondary feature tries to provide continuous protection when multiple failures happen. In
the majority of the scenarios, this feature tries to provide seamless protection.
This is a proprietary feature where the user can configure multiple secondary sessions in an RSVP-trunk.
Each secondary will be associated with a priority. Priority secondary sessions must be programmed with
a predefined path. User can configure a maximum of five priority levels. Lowest priority number
corresponds to the highest priority. Highest priority session will be signaled to be programmed as a
secondary session. If the highest priority session cannot come up, then the next available secondary will
be selected based on polling.
During the primary session fail-over, the programmed secondary priority session will protect the primary
and then goes for an MBB update to act as the primary session until the primary comes up. Once the
highest priority session comes up as acting primary session, next available secondary priority session will
be programmed to signal and come up as secondary.
Re-optimization timer executed once in every 5 minutes to ensure the best priority session serves as
secondary. Configuration updates on secondary priority configurations don't trigger MBB and session will
be restarted.
MPLS Ping and Trace Route

• Ping and Trace Route support is extended for 6PE and 6VPE routes.
• L3 VPN CE-PE and CE-CE traceroute is now supported (For VPNv4 and VPNv6 routes)

Following new CLI’s options should be used instead:
ping ip <ip addr> vrf <vrfname>
ping ipv6 <ipv6 add> vrf <vrfname>
trace route ip <l3vpn route>
trace route ipv6 <6PE/6vPE route>
Timing and Synchronization

• G.8275.1 (T-GM) with GPS.
Netconf Support
Netconf Framework Support
Support of Netconf Server accepting incoming connections over SSH port 830.
Capability Description Supported Version RFC
Base The base protocol support 1.0, 1.1 RFC 6241

(In edit-config: Only merge and
delete operations supported)
Candidate Candidate configuration datastore 1.0 RFC 6241
Confirmed-commit Auto rollback unless confirmed Not Supported RFC 6241
Directly write configuration to

Writable-running Not Supported RFC 6241
running datastore
The server can rollback to the

Rollback-on-error configuration at the start of edit- 1.0 RFC 6241
config if it fails.
Syntactic/Semantic error check

Validate Not Supported RFC 6241
before applying configuration
Subscribe and receive event

Notification 1.0 RFC 5277
notifications
Schema retrieval, datastores,

Monitoring Yes RFC 6022
sessions, statistics, capabilities
Yang Yang version 1.0 Yes RFC 6020
Support notification and other

Interleave 1.0 RFC 5277
operations in the same session
Can accept URL in source/target

URL parameter of edit-config/copy- 1.0 RFC 6241
config.

Capability Description Supported Version RFC
Support of Xpath expressions in

Xpath Not Supported RFC 6241
the filter
Default parameter retrieval mode

With-defaults Not Supported RFC 6243
like explicit/trim/report-all
Lock only a part of the

Partial-lock Not Supported RFC 5717
configuration
Netconf Configuration Datamodel Support

The following data models will be supported in SP 3.0 release.
• Interface
o ipi-interface.yang
 Partially compliant to OpenConfig base interface module (openconfig-
interfaces.yang).
o ipi-if-ethernet.yang
• This is partially compliant to (openconfig-if-ethernet.yang).
o ipi-if-ip.yang
• LLDP
o ipi-lldpv2.yang
EVPN-MPLS (Demonstrable Feature)

The Ethernet-VPN with Multi-Protocol Label Switching (MPLS) modules provide a complete solution to
provide ethernet multipoint services over MPLS networks. This release shall support a single-homed CE
solution wherein one CE is connected to One PE device. The below EVPN route types are supported:
Route Type 2: MAC/IP Advertisement Route
The host's IP and MAC addresses are advertised to the peers within NLRI. The control plane learning of
MAC addresses reduces unknown unicast flooding.
Route Type 3: Inclusive Multicast Ethernet Tag Route
This route establishes the connection for broadcast, unknown unicast, and multicast (BUM) traffic from a
source PE to a remote PE. This route is advertised on per VLAN and per ESI basis.
In the data plane of EVPN, MPLS tunnels are established using the RSVP protocol. EVPN VLAN-based
and VLAN-aware-bundle aware services are supported.
OLT (Optical Line Terminal)

This release adds OLT (Optical Line Terminal) application using OcNOS platform. The following features
are to be delivered in this release:

ONU Provisioning
The OcNOS OLT can detect, provision and register an ONU. The ONU provisioning mode is configurable
as manual or automatic.
VLAN 1:1 and Flow Management

The OcNOS OLT supports 1:1 VLAN translation using translation profile and flow setup and
management.
IPoE and DHCP Relay with Option 82

The OcNOS OLT supports insertion of DHCP Option 82 data while performing the role of a DHCP Relay
on the upstream via the NNI port.
Traffic Limiting, Shaping and QoS

The OcNOS OLT supports traffic limiting, traffic shaping and QoS in the upstream and downstream
directions.
PON Access Control List

The OcNOS OLT supports the addition of ACL rules for PON network traffic.
Reconfiguration
The OcNOS OLT supports handling of reconfiguration: OLT reboot, ONU reboot, enabling/disabling of
PON and NNI port, ONU MIB reset, locking/unlocking of UNI port and enabling/disabling OLT.
MLD Snooping
The MLD Snooping runs on a Layer 2 device to listen on MLD conversations between hosts and routers.
It maintains a map regarding which port is interested in which IP Multicast streams. This prevents hosts
from receiving traffic for a multicast group to which they haven’t joined.
Note:
• MLD snooping feature is implemented as per RFC 4541.
• MLD snooping is enabled by default.
MLD snooping supports maximum multicast groups up to ~49151 for Qumran MX chipset and up to
~12248 for Qumran AX chipset.
L2 Sub-Interface
L2 Sub-Interface makes it possible for a logical interface to be created on an Ethernet physical interface
to handle one slice of resource handled by the physical interface. The supported method for this resource
slicing is VLAN credential based. VLAN credential for a Subinterface may be a single tag as in 802.1q or
double tag based on 802.1ad. This L2 Subinterface provides support for 4 TPIDs (8100,88a8,
9100,9200), of which all 3 later TPIDs will be referred through Service-TPID value configured under the
corresponding parent port.
The intended L2 service with this support for L2 subinterface is:

• AC to AC bidirectional cross-connect
Note:
• L2 Sub-Interfaces can be classified with different encapsulation types: dot1q, dot1ad, default and
untagged
• Rewrite operations supported are PUSH, POP, TRANSLATE and they are symmetric
• L2 Sub-Interface can be created on physical and LAG interfaces.
• MAC and IPv4 ACL is supported on L2 Sub-interface
• QoS (cos-to-queue, queue-color-to-cos, Policer & Remarking) are supported on L2 Sub-Interface
• Max limit of sub-interface that can be created per interface is 2K.
• Max limit of L2 Sub-Interfaces that can be created per system is 8K for QMX and 4k for QAX.
L3 Sub-Interface
L3 Sub-Interface is enhanced with the below features:
• MAC and IPv4 ACL is supported on L3 Sub-interface.
• QoS (dscp-to-queue, dscp-to-dscp, Policer & Remarking) are supported on L3 Sub-Interface.
• MPLS support - LDP, RSVP on the network side and L3VPN on access side is available for L3
Sub-Interface.
• IPv6 unicast routing with OSPFv3 and BGP is supported on L3 Sub-Interface.
Note:
• Both L2 and L3 Sub-Interfaces are supported on the same physical interface.
Fault Management System (Demonstrable Feature)

Fault Management System (FMS) in OcNOS detects events, correlates them and raises relevant alarms.
The events are OPER_LOGs relayed from vlogd module. The alarms are a result of the correlation rules
and provide a persistent indication of the faults. The alarms are maintained in a database and can be
displayed via a show command.
FMS applies the following correlation procedures based on the configurations specified:
• Generalization
o Generalization will group two or more events into a single alarm.
o A Generalized Alarm will further use one of the correlation types - none, time-bound, counting
and compression – for applying correlation logic to the new alarm.
• Time-bound
o The Time-bound logic stipulates, that when the event is received, a timer is started for that
event.
o Till the timer is running, subsequent events of the same type will be suppressed.
o On the expiry of the timer, an alarm will be raised for that event stating the count for the
number of times that event was received in this duration.
• Counting

o The Counting logic has considered a specified number of similar events as one. In this
Correlation type, the respective alarm will be raised after the event has occurred for count
times.
• Compression
o The Compression takes multiple occurrences of the same event, examines them for
duplicate/ redundant events information, removes redundancies and reports them as a single
alarm.
BMC Support via IPMI Interface

OcNOS uses the Intelligent Platform Management Interface (IPMI), which provides monitoring status and
operational data of hardware components like temperature, fan, power, voltage and current. It also
provides information related to the FRU devices and monitoring events from embedded BMC controller.
CLI and SNMP support is available to get the component status information and alarms.
New SNMP MIB CMM-IPMI-MIB.txt is registered under IP Infusion Private Enterprise MIB.
• .1.3.6.1.4.1.36673.100.5 for get
• .1.3.6.1.4.1.36673.100.6 for traps/notifications.
Currently, BMC support is available only for UFI-S9500-30XS platform.
ACL Support over Loopback

ACL support over loopback interface is available as part of this release. Loopback interface ACL is used
to provide basic level security to protect management applications from external attacks. Applications
which shall be protected using this ACL are SSH, TELNET, SNMP, NTP, and SNMP TRAP.
Passwordless SSH
OcNOS now supports passwordless SSH. with this, key-based authentication is supported in SSH which
is more secure than password-based authentication.
DHCP Relay with Option82

DHCP relay option-82's sub-option remote ID feature is supported from this release. Once this option is
configured the relay agent inserts remote-id (which is a sub-option of DHCP relay information option 82)
while forwarding client-originated DHCP packets to a DHCP server.

Technical Support
IP Infusion maintains an online technical support site that provides a variety of technical support
programs for licensed OcNOS customers at http://www.ipinfusion.com/customer-support.
IP Infusion’s maintenance customers and partners can access the support Web site. The site allows
customers and partners to open technical support calls, update open calls with new information and
review the status of open and closed calls. The password-protected site includes technical
documentation, Release Notes, and descriptions of service offerings.
Technical Documentation
Please refer to the following technical documentation for OcNOS:
• OcNOS Installation Guide
Installation procedure for OcNOS on ONIE (Open Network Install Environment).
• OcNOS Configuration Guide
Complete configuration guide for all features.
• OcNOS MPLS Configuration Guide
Complete configuration guide for MPLS features.
• Quick Configuration Guides:
Use the guides below for quick feature configurations. Refer to the OcNOS Configuration Guide
for features other than those covered below.
o OcNOS Layer 2 Quick Configuration Guide
Layer2 features VLAN, LAG, LLDP, STP, RSTP, and MSTP.
o OcNOS Layer 3 Unicast Quick Configuration Guide
RIP, OSPFv2, ISIS, BGP, BFD, and VRRP.
o OcNOS System Management Quick Configuration Guide
User management, SSH, Telnet, Syslog, DNS, and DHCP.
• OcNOS Feature Matrix
Standards compliance by feature.
• OcNOS Troubleshooting Guide
Procedures to resolve common problems.
• OcNOS MIBs (Layer 2, Layer 3):
https://github.com/IPInfusion/OcNOS/tree/OcNOS-SP-4.0/mibs
• OcNOS Ansible modules:
https://github.com/IPInfusion/OcNOS/tree/OcNOS-SP-4.0/ansible
• OcNOS Yang modules for NetConf clients:
https://github.com/IPInfusion/OcNOS/tree/OcNOS-SP-4.0/yang-files/qumran

Installation Prerequisites
Memory and Storage Requirements
OcNOS SP 4.0 requires a minimum 2 GB of RAM and 4 GB of storage space for installation.
Open Network Install Environment Requirements

Open Network Install Environment (ONIE) must be present on the board. In case ONIE is not present on
the board, please contact the manufacturer of the board or IP Infusion Technical Support.
During installation, the OcNOS installer reconfirms whether it matches the device model using the onie-
sysinfo command to avoid incorrect image installation. OcNOS proceeds with the installation only if the
output matches as shown below:
ONIE:/ # onie-sysinfo
x86_64-dellemc_s4248fb_c2538-r0
ONIE:/ # onie-sysinfo
x86_64-dellemc_s4248fbl_c2538-r0
OcNOS can be installed via ONIE installer using various methods such as HTTP, TFTP, FTP and DHCP.
Same has been verified on all the Edgecore platforms that are supported as part of this release.
Remote Access
OcNOS login (username/password: ocnos/ocnos) is for administration access of the router via
console/SSH/Telnet.
Root login (username/password: root/root) is supported only via console.
Device date and time

Ensure the device date and time are updated to the current date and time to get the license installed on
the device.
It can be set in the OcNOS also using the clock command.

Upgrade Notes
There are two types of upgrades:
• Reinstall which preserves as much existing configuration as possible
• Fresh install which does not preserve existing configuration
Reinstall
A reinstall is nondestructive and saves existing configuration files which are applied when OcNOS starts.
In a reinstall upgrade, you install a new OcNOS version over an existing OcNOS version by:
• Choosing ONIE: Install OS during ONIE boot up, following the instructions in the OcNOS
Install Guide
or
• Running the sys-update install command as described in the OcNOS Install Guide
It is recommended to take a backup of the configuration before a reinstall.
Migration pre-requisite
• Upgrade from SP 2.4 or previous releases to SP 4.0 is incompatible and requires NOS
installation from ONIE shell. Alternatively, perform sys-update to SP 3.0 followed by sys-update to
SP 4.0 or later releases.
Note: The sys-update method is the only way when management port and the device console are
not is use.
• Upgrade from SP 2.4 or previous releases to SP-3.0 or above may lead to license invalidation
because of the SKU mismatch between the license and software installed on the device.
Subsequently, device configurations will be lost and cannot be restored. Please refer to the
“License SKU migration” section from the Migration document.
Please refer to the Migration document for the CLI/Configuration changes.
Fresh Install
A fresh install is destructive and deletes all existing configuration. You must manually restore the
configuration from backups as needed.
In a fresh install upgrade, you:
• Uninstall an existing OcNOS version by choosing ONIE: Uninstall OS during ONIE boot up.
• Install a new OcNOS version by choosing ONIE: Install OS and then follow the instructions in
the OcNOS Install Guide.
A fresh install can only be done during ONIE boot up.

Limitations and Restrictions
L3 VPN Internet Access
• Static route with the global keyword will not be advertised to VPNv4 neighbors.
• The current solution is only a static route solution when the gateway is in the provider network.
• NAT usage is out of scope for this feature as IPI node does not do VRF NAT and NAT needs to
be done in internet GW or some other device in CE network if Internet gateway is in the customer
network. In this case, the default gateway will be NAT node.
• This feature is supported only for IPv4.
• Overlapping IP addresses not supported for internet gateway static routes.
BGP Peer Group

• Maximum of 32 peers can be bound in a peer-group.
• Peer-group is not supported for the following address families:

o IPv6 LU
o VPNv4 unicast
o 6PE
o 6VPE
o VRF
• The following commands are not supported in the peer group:
o port
o g-shut
o g-shut-timer
o restart-time
o unsuppress-map
o graceful restart
o dampening
• For address-family IPv4 labeled unicast, only the below options are supported:
o Next-hop-self
o Route-map
o Route-reflector-client
BGP ECMP
• Weight, Local Preference, AS Path, Origin code, MED, IGP metric Needs to be same to be a
multipath candidate.
• To be multipath-candidate with AS Path - AS path length and Neighbor AS value should be same.
• Next-Hop address for the each path should be different.

Netconf
• All the configurations apart from Interface and LLDP need to be done via CLI. After CLI
configurations are done, the interface and LLDP configurations can be added, modified, deleted
and retrieved via Netconf Operations merge, delete, get, get-config.
Note:
Via Netconf will be able to add, update, delete, get only the Interface and LLDP configuration data, even
though the system has all other data present which can be controlled via CLI.
• DHCP module is not yet supported via Netconf in this release. CLI command ip address dhcp
is handled by DHCP module. Hence <get-config> will not work for DHCP IP address
configuration. However, the DHCP allocated IP address can be retrieved via Netconf <get>,
when the configuration is done via CLI.
6PE/MPLS VPN
• Graceful restart is not supported for L3VPN/6PE/6VPE.
• In MPLS VPNv4/VPNv6/6PE Inter-AS Option-C, RSVP-TE tunnel is not supported as end-to-end
trunk cannot be created in this case. TE to LU stitching is also not supported on ASBRs in Inter-
AS option C.
6PE
• Only per VRF label allocation (default) is recommended though per prefix and per VRF label
allocation modes are supported.
• If per-VRF label allocation is configured, the per VRF label allocation applies only for the local
routes (connected routes, static routes redistributed OSPFv3/ISIS routes and routes from BGP
IPv6-unicast peer to IPv6-labeled-unicast peer). Other than these, label allocation happens per-
prefix (on 6PE ASBR).
6PE Inter-AS Option-B

• For 6PE Option-B, only IPv4 stack is supported between ASBRs. OcNOS does not support dual-
stack between ASBRs.
MPLS VPN Inter-AS Option-B

• At ASBR’s BGP label allocation mode falls into per-prefix label allocation. Per-VRF label
allocation cannot be achieved in ASBR’s (VPNv4 and VPNv6).
IP Fast Reroute/Loop-Free Alternate for ISIS/OSPF

• LFA feature is not supported for IPv6 (OSPFv3 and ISISv6).
Layer-2
• VLAN IDs that can be configured and used are mentioned below. Remaining VLANs have been
reserved for internal use:

Model VLAN Range
Dell S4248S-FB/FBL- 2-4094

ON
Delta Agema 2-4094

AGC7648A
EdgeCore AS5912- 2-4094

54X/ AS7316-26XB/
AS5916-54XKS
UFI Space S9500- 2-4094

30XS
• Multiple bridges are not supported in the hardware.

• McLAG is proprietary to IP Infusion and will not Inter-OP with any third-party switches. Only
MLAG active/standby mode is supported.
• In the current release, SNMPWALK/SNMPGET on Q-MIB will not list logical interfaces.
• VLAN ID 1 is allowed by default on the trunk ports.
• OcNOS does not support provider MSTP.
• For Ethernet Lock, the MEP configured for the out-of-service test does not transmit LCK frames
at the configured MD-Level..1.
• For Port Authentication (802.1x):
o Dot1x can be enabled only in L2 switchport.
o Dot1x is not supported on LAG interface.
o No support for multiple radius server.
o Only EAP-MD5 Authentication methods supported as part of 802.1x.
o Supplicant should be EAP capable.
o Failed Authentication messages [Failed Mac Address] wont be displayed.
Layer 3
• Graceful Restart of OSPF with Virtual link is not supported.
• IPv4 is supported with the following caveats:
o BGP configurations are limited to a single instance
o ECMP is not supported for routes learned via RIP
o OSPF Multi-Area Adjacency is not supported
o BGP Next-Hop Tracking is not supported for MPLS routes
o BGP Outbound Route Filter is not supported
o BFD is not supported for VPNv4 address family
o VRF for ISIS is not supported

• Enabling URPF will reduce the routing table size to half.
• FRR for ECMP routes and Shared Risk Link Group (SRLG) are not supported.
• OSPF
o LSA refresh timer command is not supported in OcNOS.
o Max-metric command is not supported in OcNOS.
• BGP speaker moves from Connect to Idle and vice versa every 5 seconds, if the peer has no
routing entry for this BGP transport address
• IPv4 neighbor cannot be created or activated in IPv6 VRF address-family and IPv6 neighbor
cannot be created or activated in IPv4 VRF address-family. IPv4 neighbor creation is allowed in
IPv4 VRF address family and IPv6 neighbor creation in IPv6 VRF address family.
• For larger description use hyphen (-) or underscore (_), as space is not supported.
• IPv6-MIB (OID .1.3.6.1.2.1.55) is obsolete and supported as part of (OID .1.3.6.1.2.1.4.32).
• IPV6 Inter-VRF route leaking of dynamic and static routes are not supported.
• Support for only 3 mtu profiles for all Logical interfaces.
In Broadcom Dune architecture, only 3 mtu profiles are supported for all logical interfaces (i.e.
sub-interfaces, svi) in the switch. As a result across all logical interfaces supports three different
values. Currently, 1 mtu profile is used for default mtu value i.e. 1500 and other 2 mtu profiles
for end-user to configure two different mtu values.
• Unplanned GR is not supported for ISISv4/v6 and OSPFv2/v3.
• OSPF v2/v3 GR for L3VPN not supported.
• OSPF v2/v3 GR with LFA is not supported.
• OSPF v2/v3 GR with BFD is not supported.
• Restart signaling of ospfv2/v3 is not supported.
• Only Planned BGP4/4+ GR supported.
• BFD session over user-defined VRF with RIP is not supported.
CFM
• Down MEP and MIP are not supported for VPWS instance.
• AIS (Alarm Indication Signal) is not supported for MEPs created over VPWS.
• CCM Tx/Rx counters are not supported for MEPs created for VPWS.
• UP MEP/MIP is not supported for L2 Bridge.
• A maximum of 950 MEPs is supported.
Ethernet Ring Protection Switching (ERPS)

• ERPS supported on Customer (802.1q) and Provider (802.1ad) bridges.
Sub-interface
• NETCONF is not supported for Layer 2 and Layer 3 sub-interface
• Only In and Out interface statistics are supported

The L3 sub-interface feature has some limitations:
• ISIS IPv6 and BFD IPv6 are not supported.
• Scalability limit of 4K includes both L3 sub-interface and VRF instances. For example, a system
with 2K VRF instances can support only 2K L3 sub-interfaces.
Note:
• All commands which are present for physical interfaces are available for sub-interfaces as well,
but support is limited.
L2 Sub-interface has below limitations with its implementation in Dune platform:
• As per dune hardware, classification of ingress traffic with outer TPID is not supported.
• Only two TPID can be identified per interface and the unknown TPID traffic will be treated as
untagged.
• 32 Unique VLAN Ranges are supported in system-level. These 32 Ranges can be reused in
Subinterfaces over different physical ports.
KAPS Forwarding Profile

• Applicable for Dell S4248-FB-ON, EdgeCore AS5912-54X
MAC Addresses 750K
KAPS Profile Type Public Database Size Private Database Size

(LPM Table) (VRF 0) (VRF !=0)
profile-one (default) ~255K 100
profile-two ~127K ~127K
• Applicable for Dell S4248-FBL-ON, Delta Agema AGC7648A, EdgeCore AS5916-54XKS
MAC Addresses 750K
ELK TCAM Forwarding IPv4-db-size IPv6-db-size

Profile Type
profile-one (default) ~2048k N/A
profile-two N/A ~2048k
• When ELK TCAM Forwarding Profile Type is profile-one
KAPS Profile Type IPv4-db-size IPv6-db-size

(LPM Table)
profile-two N/A ~200K

• When ELK TCAM Forwarding Profile Type is profile-two
KAPS Profile Type IPv4-db-size IPv6-db-size

(LPM Table)
profile-two ~200K N/A
• Applicable for UFI Space S9500-30XS, EdgeCore AS7316-26XB
MAC Addresses 250K
KAPS Profile Type Public Database Size Private Database Size

(LPM Table) (VRF 0) (VRF !=0)
profile-one (default) ~128K 100
profile-two ~64K ~64K

Note:
• For profile 1, though 100 is the Non-VRF limit mentioned, SDK manages the allocation and this
number may vary. But for Non-VRF, minimal routes are supported.
• For profile 2, though routes are configured 50% for default VRF and 50% for non-default-VRF, the
numbers may vary. i.e. if there are no default-VRF routes, non-default routes can go up to 100%
and vice versa.
BGP Labeled Unicast (RFC 3107)

• BGP-LU for IPv6 is not supported.
• BGP-LU label allocation filtering via label allocate and Route-map not supported
• BGP-LU FRR /PIC and ECMP are not supported.
• BGP-LU GR is not supported.
• BGP-LU Get (Netconf) is not supported.
• BGP-LU with Segment Routing (OSPF/ISIS) is not supported.
• Seamless switchover of the BGP-LU traffic over RSVP (underlay) back-up/secondary LSP is not
supported in this release.
BGP Peering Router

• Support for ECMP for full Internet Routing Table is not validated in this release.
• Tech Support command does not display complete information for all routes, it only provides
route summary.
• BGP Graceful Restart is not supported with BGP dampening.
• When BGP redundant route reflectors are deployed with BFD multi-hop timer as 999ms and
multiplier as 3, BGP convergence time will be around 6 sec in the case of aggregator node
reload.

• VPNv4/v6 prefixes received with remote Route distinguisher (RD) value 0 will be silently
discarded.
MPLS
• LDP Inter-Area Graceful Restart (GR) is not supported in this release.
• LDP Inter-Area Downstream-on-Demand(DOD) is not supported.
• LDP Inter-Area - Only PREFIX_ACL is supported. Prefix-list is not supported.
• For L3 VPN MIB, 6PE/6VPE VRF routes fetching is not supported.
• Port Security:
o Violation detection: Traffic drop from unsecure MAC will not be notified to users via log
messages or SNMP traps.
o On enabling port-security , device shall clear all previous programmed MAC on that port.
• For LACP Force-up, configuring multiple ports as force-up is not allowed.
• lacp force-up cannot be configured when channel-group mode is configured as passive.
• MPLS for IPv6 networks are not supported.
• MAC aging timers for VPLS are not supported in Hardware.
• MPLS ECMP is not supported.
• For RSVP, Penultimate Hop Popping (PHP) is disabled by default i.e default behavior is no-php.
We recommend to use this default behavior and not to enable the PHP configuration for RSVP. If
PHP mode is used, the total number of RSVP trunks will be limited to 512 due to hardware
limitation. Egress node should be in no-php for FRR if the protection is on the PHP node.
• The advertise-label command under LDP is supported only for downstream, on-demand label
distribution mode.
• L2VPN:
o The supported TPID for VPLS/VPWS is 0x8100,0x88a8,0x9100.
• Depending on the topology, detour path may not merge with the protected LSP, it may directly
terminate at the egress. This may increase the number of LSPs in the network.
• If the user provides the RSVP path option for secondary, the primary path exclusion logic gets
disabled. User needs to keep primary and secondary path mutually exclusive. Else, RSVP-
Primary LSP and RSVP-Secondary LSP may select the same next hop, when RSVP is
configured with loose. Hence RSVP-Path first next-hop should be strict.
• Statistics:
o Statistics for reserved label range (0-15) is not supported.
o Multicast traffic is not counted in egress direction statistics.
o On egress node, in-label statistics for tunnel label shows only IP traffic count, L2VPN or
L3VPN traffic not counted for in-label statistics.
o Statistics do not show error packets or policy dropped packets on LSP Tunnel or L2-Circuit
Pseudowire.

o Statistics will be shown only for the active session and will be flushed when the session goes
down.
• BGP VPLS
o Multi-homing a VPLS site is not supported.
o Hierarchical BGP VPLS is not supported.
o Use of route reflectors (RR) in BGP signaled VPLS network is not supported.
o VE-range is not configurable and set to a fixed value of 64 where VE refers to the VPLS edge
device.
o The VE-IDs configured at the VPLS peer nodes must be a positive number and must always
lie in a range of plus/minus 64 (VE-range) of the local VE-ID.
o The Route-Distinguisher and Route-Target are not configurable. These are auto-generated
using the tuples (VPN_ID: ASN) where VPN_ID is the locally configured VPLS instance ID
and ASN is the BGP’s Autonomous System Number.
• Match Untagged
o When the match type is untagged, only the push action is supported.
o This command has a dependency on switchport dot1q ethertype <TPID>. The packets
received with TPID other than 0x8100 (default value) and TPID value configured by this
command shall be treated as untagged. For example, configure switchport dot1q
ethertype 0x88a8, then the packets received with TPID 0x8100 or 0x88a8 are treated as
tagged. Packets received with other TPID values are treated as untagged.
• VPLS
o Control word for PW is not supported in VPLS.
o H-VPLS functionality is not supported.
• Supports a maximum of 2 label decap (SWAP/POP/PHP) without entropy. With entropy enabled
maximum 4 label decap is supported which includes 2 entropies (ELI/EL) labels.
• Whenever entropy is enabled, PHP/implicit-null should not be enabled on egress node else data
forwarding will not work. For LDP (explicit-null) and RSVP (no-php or explicit-null)
should be configured if entropy is enabled.
• LDP DoD is not supported with “Ordered mode”. LDP DoD must be used in “Independent label
distribution mode”
• Scalability:
Board type FTN ILM
EdgeCore AS7316-26XB 28K Protected 32K Protected

56K Unprotected 32K Unprotected
UFI Space 9500-30XS 28K Protected 32K Protected

56K Unprotected 32K Unprotected

Note:
• All the above numbers MAX size and are from a shared table. They will vary depending upon the
configurations.
• When the tunnel is using the bypass LSP, trace mpls rsvp does not show bypass path hop
details (shows timeout).
• For VPNv4/v6 routes its recommended to use per VRF (default) mode instead of per-prefix mode
for better scalability and faster convergence in case of transport changes.
• Traceroute from CE to CE output doesn't show MPLS node details after enabling mpls
propagate-ttl in PE router. It only shows one hop between ingress to egress PE routers.
• Detour will be up only if CSPF is enabled.
• VPLS BUM traffic will not be read in the interface queue statistics.
• Holddown timer value should be higher than LDP IGP sync timer.
Management
• Routing and switching protocols are not supported on management VRF. Only the management
application protocols mentioned in new feature section are supported on management VRF.
• The I2C takes about 2 minutes to read the transceiver EEPROM, which causes the delay.
• Sometimes telnet process can take 100% CPU usage continuously after overnight stress testing.
• During the Upgrade via In-band port, the download of the build is taking a long time. Though the
build is getting downloaded, it is not booting up with the downloaded image due to the session
timeout. So the upgrade is failed.
Note:
• Although the upgrade is failed due to session time-out, then also the system can be upgraded
with the downloaded image which is present under /installer/ folder using the size - update.
Multicast
• IGMPv2 group compatibility mode and IGMPv2 host compatibility mode is not supported.
• A maximum number of Multicast interfaces (VIF) supported are 100.
MLD Snooping
• Limited support for version 2. i.e: Source-based learning is not supported.
• Report-suppression is not supported on Qumran devices.
• Explicit host tracking, Immediate leave and MLD snooping proxy are not supported
• Multiple Group addresses map to single multicast MAC address, as only one forwarding entry can
exist for the same set of group addresses, the forwarding entry would typically be that of one of
the group entries
• On Broadcom dune platforms, MLD reports would be flooded to all ports except the incoming
ports

Bidirectional PIM
• Save & reboot is required after Enabling or Disabling PIM BIDIR globally.
• Vlan classifier & MAC authentication (based on SA Authentication) features will not work with PIM
BIDIR feature enabled. System reboot is required while switching between these features.
• Currently PIM-BIDIR not supported for the below on VRF instance :
o For VxLAN BUM Transport.
o PIM-BIDIR for IPV6 not supported.
o Statistics for PIM BIDIR Traffic is not supported.
• Usually the number of extended ingress filter groups that can be created at the same time is 3. If
PIM Bidirectional feature is enabled, only 2 ingress extended filter groups can be created, since
PIM Bidirectional feature consumes additional TCAM resources.
Hardware BFD
• Supports a maximum of 256 BFD Sessions only.
Access Control List

• Logging and sampling actions are not supported.
Quality of Service (QoS)

L2/L3
• Classification, policing is supported only at ingress.
• Cos map is applicable on L2 ports only and DSCP map is applicable on L3 ports only.
• Remark dei enable/disable is not supported.
• Set DSCP action will change the DSCP value of IP traffic only.
• Minimum Bandwidth reservation is not supported.
• Port shaper is not supported on VLAN and LAG interface.
• Queuing service policy is not supported on VLAN interface.
• Classification based on IPv6 is not supported due to hardware resource limitation.
• Only mapping and queuing are supported for IPv6 traffic.
• Shaping, port-shaper and WFQ are working with a variation of 0.5 to 1.5 percent
• Scheduling of traffic is affected in the case of multicast traffic due to buffer exhaustion. Storm
control to be used if the high rate of multicast traffic is expected.
• Ingress policer drops are also shown in egress queue counters.
MPLS DIFFSERV
• For L2 VPN, at the egress node, Queue selection happens on basis of service label’s Exp.
• Service template configuration without rewrite operation will override the MPLS Diffserv model.

• For L2 VPN services, only pipe and uniform models are supported and when the operation is pop,
CoS will be inherited from EXP value irrespective of model.
• For L3 VPN services, the default model is short-pipe.
• DSCP-EXP and DSCP-DSCP map profiles share the available 15 egress maps.
• COS-CLASS map profiles are limited to 15.
• CLASS-COS map profiles are limited to 14.
• The maximum number of DSCP-EXP map profiles that can be bound to different interfaces at a
time is limited to 6.
• Remarking EXP is not supported.
• DSCP-EXP map profile applies only to L3 traffic and mapping of EXP encapsulation for L2 traffic
is fixed and mapped one-to-one with a queue.
• Per VC QoS not supported for VPLS/VPWS
EVPN VxLAN
• This feature is not supported on QumranAX (QAX) chipset based platforms and supported only
on QumranMX (QMX) chipset-based platforms.
• Due to chipset limitation COS override at the access port egress is not supported, when inner VID
is not disabled.
• Due to chipset limitation, a specific TPID cannot be set on the access interface when inner VID is
not disabled.
• The limitation with hardware profile groups, when VxLAN is enabled, a maximum of 3 other
groups can be configured. Alternatively, if already 4 other groups are enabled then VxLAN enable
will fail.
• MAC move and MAC-IP conflict are not supported.
Note: MAC move for L2 traffic is not supported. MAC move can be detected through the ARP/ ND packet.
• Only All-Active multihoming will be supported. A CE can be multihomed to only two PEs.
• MAC Hold timer will not be applicable on ESI interface.
• Arp-cache disable sometimes affects host state and hence flooding might occur.
• Queue-color-cos remarking will not work for VNI which do not have inner-vid-disable.
• Source and target MPLS-ID to be unique for XConnect.
EVPN MPLS
• EVPN can work with either VxLAN or MPLS underlay. Both cannot be enabled together on the
same node.
• Multi-Homing only Active-Active mode supported with max 2 MH peers and max 8 ESI (ethernet
segments) per node towards access-side.
• When admin does “evpn mpls enable/disable” the board needs to be rebooted to enable the
EVPN SOC in hardware.

• EVPN-MPLS does not work with entropy due to hardware trade-off limitation. Due to the
hardware resource contention, board reboot is mandatory whenever EVPN-MPLS is
enabled/disabled.
• Does not support ingress/egress network side counters. For the Access side, it relies on Sub-ifp
counters.
• VLAN bundle services not supported, but VLAN bundle-aware services supported.
• Sub-interface encapsulation type with VLAN-Range is not supported for EVPN-MPLS.
• MAC move detection is supported with ARP traffic but not with L2 traffic.IRB is not supported.
• The LU/Segment-Routing transports & Inter-AS support is validated in limited capacity during
development cycles.
• Below are the scalability parameters for the QMX platforms:
EVPN MPLS Parameter Value Supported
Layer-2 VNI 2000
MAC Address 32000
• MPLS EVPN over BGP-LU is not supported.

• MPLS EVPN with Segment Routing as transport is not supported.
• Inter-AS EVPN MPLS is not supported.
• Upto 2K EVIs are supported with 32K MAC route or MAC-IP routes.
• EVPN tunnel statistics is not supported. Access port statistics can be accessed via Sub-Interface
IFMIB Counters.
• Source and target MPLS-ID to be unique for XConnect.
• Multihoming all-active is supported and limited to two PE’s. Single-active multihoming is not
supported.
OSPFv3
• SNMP Get APIs are not supported.
• Domain-id is not supported in OSPFv3.
• OSPFv3 MTU size should be less than or equal to interface MTU to avoid fragmentation.
ISISv6
• Multi-topology is not supported. (This is not supported for ISISv4 as well)
BFD
• BFD for RSVP-TE not supported. However, when OSPF BFD is enabled, in case of connectivity
lost, RSVP FRR is triggered within 50ms.
• With Hardware-offload BFD (on hardware), keyed-MD5 and Meticulous keyed-MD5
authentication type is not supported.

• BFD over MPLS is not supported.
• Demand mode is not supported.
• OIDs for GTSM, bfdSessPerfCtrlPktdrop,EchopktIn and Drop is not supported.
Traffic Management
• IEEE 802.1P/Q mapping to IP DSCP is not supported.
Platform
• When Incompatible transceiver(s) insertions result in hang, two possible recovery mechanisms
are:
o Remove the incompatible transceiver
o Power Cycle the board (Not reboot)
• When Incompatible transceivers insertion results in hang, system reboot or CMMd restart could
lead to undefined behavior (includes inaccessible system).
• When the system first boots up after upgrade with incompatible transceiver present which results
in hang, the system might be inaccessible after the upgrade.
• DELL transceiver having Part No. 14NV5 is not supported.
• UFI_S9500-30XS does not support notification logs and SNMP traps for insert/removal of power
cable/power fluctuation on one of the PSUs.
Timing and Synchronization (PTP and SyncE)

• Vlan id should be unique for each clock-port.
• G.8275.1 profile is applicable for physical interfaces and LAG interfaces.
Entropy Label
• Entropy label for OAM is not supported.
• ELC signaling is currently supported for RSVP and LDP transport only.
OLT
• 1:1 subscriber service is identified based on s-tag and c-tag (p-bit is not included)
• NNI port-breakout is not supported
• ACL, DHCP & Statistics for N:1 flow is not available.
• Maximum bandwidth for Edgecore platform with FEC enabled is 8G and for TIBIT its 8.5G.
• OcNOS 4.0 is not compatible with 1.2 firmware on TIBIT.
• Parallel interactive ONU command execution at the same time is not supported.
• Multiple N:1 flows for same S-vlan on the same Alpha ONU require upstream traffic to be sent
first for downstream to work.
• Rx Packet counter on OLT for jumbo frame traffic does not increment.
• MTU for jumbo frame needs to be set in the beginning, on the UNI port before flow is configured.

• TIBIT platform does not support ethertype 0x8100 for N:1 traffic & 1:1 traffic.
• Maximum 8 T-conts per ONU are supported and one gemport to one T-cont mapping is
supported.
• Upstream FEC disabling per ONU is not supported on TIBIT platform.
• WRR scheduling is not supported.
• Traffic shaping is not supported in downstream direction on TIBIT platform. Policing on the OLT
and shaping on the ONU together can be used to achieve traffic shaping.
• LLDP tx is not supported on TIBIT Platform.
• QOS and queues stats are not supported.
• Rogue ONU detection on TIBIT has limitation from TIBIT firmware 1.3 version. It does not report
power in idle window for rogue ONU which emits all the time.
Fault Management System (FMS)

• OPER_LOGs will be the events considered by FMS for alarm generation.
• Support for SNMP and Netconf is deferred from the current release. This will be taken up if
required as per future customer requests.
• This feature is providing the FMS framework. For Alarm Generation for each event, the
correlation logic parameters have to be specified by individual Protocol Modules.
• By default, once FMS is enabled, alarms will be received for all the events (valid OPERLOGS)
received by the FMS node.js process.
• The FMS event-alarm correlation configuration is provided in the YAML file format. This file
cannot be modified via cmlsh commands. If need be, an operator with relevant privileges can
modify it obeying YAML syntax.
Path Computation Element Protocol

• RSVP Fast Re-Route (FRR) and RSVP Re-optimization configurations are not supported with
OcNOS as PCC.
• In the absence of a field deployable PCE controller, PCEP testing has been done mainly with
IXIA as PCE controller.
• PCEP protocol validation (in terms of the PCE-PCC messages exchanged) is done in this
release. But PCE functionality of computing ERO is not fully tested because of limitations from
Controller.
System Management
• DHCP Prefix delegation is not supported
Debounce Timer
• Debounce timer has to be configured on both ends of the network link. Configuring it on one side
of the network is not supported.

• Enabling debounce timer delays the detection of link up and down status, this results in a traffic
loss during that period. This has an impact on the convergence of some protocols.
Segment Routing
• For ISIS and OSPF:
o Redistribution of Prefix-SID stlv is not supported.
o Graceful Restart for SR is not supported.
o For the SR Label Switched Path, Load balancing or ECMP is not supported.
o SNMP MIB Support for SR is not available.
o Anycast-SID and Parallel adjacencies (RFC 8402 Section 3.4.1.) is not supported.
o In case of OSPF-SR, Segment Routing for External Prefixes is not supported.
• For BGP-LS-OSPFand BGP-LS-ISIS, SRLB range is not carried in BGP-LS NLRI.
• As part of SR-TI-LFA, only Link protection is supported. Node Protection is not supported.
• For SR policy:
o Only Type-1 segment(mpls label) is supported in segment-list.
o Multiple weighted segment-lists not supported for a Candidate Path.
o Originator based selection is not supported for Candidate Path.
o trace mpls for SR policy with explicit path is not supported.
o MAX SID depth is platform-dependent. With QUMRAN boards, the supported stack-
depths is as follows:
 Without-service i.e., Only transport labels - 6 label stack.
 With Service - 4 transport labels + 1 or 2 Service label.
• For SR-OAM, reply-mode 3 for ping (or trace) ospf-sr/isis-sr is not supported.

Open Caveats
Segment Routing
• Defect Description:
ping mpls ospf-sr/isis-sr/sr-policy fails when TI-LFA is enabled and primary path is shutdown.
Defect ID: 43351
Workaround: Stop the ping and start the ping again after link shutdown.
For SR Policy : When an IP constraint is given as loose, the Node where that IP address is
configured will be considered as a constraint and that Node will be identified by Node's router-ID.
In case a Node's router-ID is changed and Policy is using IP constraint of that node with affinity,
the policy will not go down.
Defect ID: 43211
Workaround: The admin state of SR Policy needs to be toggled to bring the policy in correct state.
With Stateless PCEP RSVP reply, if there is a PathErr seen for RSVP trunk, the "Last Recorded
Error Value" in the RSVP session details will continue to display as "None".
Defect ID: 43120
MPLS Ping and Traceroute for Explicit SR policy with Cisco router as LSR doesn't work, as Cisco
doesn't support ADJ FEC TLV.
Defect ID: 42991
ILM for FEC for OSPF-SR FTN is not installed sometimes with steps including toggling label
switching command. This issue is seen only intermittently.
Defect ID: 42938
Workaround: Clear OSPF Session.
For Stateful PCEP, PCC shall synchronize the LSP states at the time the PCEP session comes
up. In case PCEP module is selectively restarted and PCEP session comes up before the LSP
states are learned from Segment Routing or RSVP modules, the LSP states between PCC and
PCE do not get synchronized.
Defect ID: 42466
Workaround: In such cases, the PCEP session needs to be re-established. This can be done by
using the "clear pcep peer" command.
For SR Policy: When an interface IP address is configured as a constraint and that IP address is
modifed changed the policy will not go down.

Defect ID: 41229
Workaround: The ISIS clear command "clear isis process" can be used on the node where
interface address is being changed.
The BGP-LS database when advertised to bgp link-state peers, does not encode remote-
interface ip address in BGP-LS attributes of NLRI, when network type is LAN/Broadcast with
ISIS/OSPF as IGP.
Defect ID: 42279
Inter-Area Flag is not displayed in OSPF Database output.
Defect ID: 42048
NetConf
Setting the anycast flag for IPv6 address for an interface is not working via CLI and Netconf.
Defect ID: 37983
Speed monitor configuration for Interface is not supported via Netconf in this release.
• Defect ID: 38155
Static IPv6 neighbors cannot be configured via Netconf in this release.
Defect ID: 38235
ARP ageing timeout and proxy ARP for an interface cannot be configured via Netconf in this
release.
Defect ID: 38119
Workaround: Can be configured via CLI.
OLT
When using BFW ONU with firmware SR.3.2.28 1:1 flow traffic is dropped at Tibit because tag
0x88a8 is not inserted at ONU.
Defect ID: 43209
Workaround: Configure double tagged traffic or downgrade to prior BFW ONU version to get 1:1
single tagged flow traffic.
For multiple N:1 flows on different uni ports of same Alpha ONU, downstream traffic drops, if run
prior to upstream traffic. This is a limitation of Broadcom firmware running on ONU.

Defect ID: 41905
Workaround: Run upstream traffic before the downstream.
BFW ONU does not support jumbo frame packets for upstream.
Defect ID: 43424
After flow is configured on Alpha ONU, MTU update does not take effect.
Defect ID: 42985
Workaround: The MTU should be set on the UNI port prior to creating the flow.
Enabling FEC causes a reduction in the maximum reachable data rate on the upstream to 8Gbps.
Defect ID: 42912
Workaround: To reach higher rates, FEC should be disabled.
Since TPID 0x88a8 is not supported for BFW ONUs, upstream traffic will not work when BFW
ONU's UNI is configured with this value.
Defect ID: 41819
Since TPID 0x88a8 is not supported for BFW ONUs, downstream traffic will not work when BFW
ONU's UNI is configured with this value.
Defect ID: 41755
Workaround: Use TPID 0x8100 when configuring a flow on a BFW ONU.
For multiple N:1 flows on different uni ports of same BFW ONU, downstream traffic drops, if run
prior to upstream traffic. This is a limitation of Broadcom firmware running on ONU.
Defect ID: 41621
Workaround: Run upstream traffic before running the downstream.
Flow stats update for unidirectional traffic is found to be sluggish.
Defect ID: 43075
Workaround: Wait for some time for the stats to catch up or run bidirectional traffic.
For jumbo frame traffic, Rx and TX drop packet counters are incrementing for ASXvOLT16.
Defect ID: 42074
Workaround: Packet counters can be checked on ONU and access switch which is connected to
OLT.

Updating of existing ACL causes flow traffic disruption.
Defect ID: 43292
Workaround: Instead of modifying, the user should delete the flow, and create it again with the
new ACL rule.
CFM
Y.1731 SLM Loss Measurement is not supported on AS7316.
Defect ID: 30709
L2
Port security for static MAC is not supported on the customer edge port.
Defect ID: 43394
L3
OSPF LSA Refresh timer modifications are not supported in this release of OcNOS.
Defect ID: 28892
OSPF max-metric is not supported in OSPF global configuration in this release of OcNOS. Other
sub-features of max-metric are also not available for this release.
Defect ID: 28889
Workaround: User needs to manually configure maximum metric if the router needs to be
bypassed for any upgrades or reloads.
During node reboot, the LSP advertisement can take place before the route is installed on the
rebooting node. This can result in traffic loss for the duration until the route is installed in the data
plane (normally less than 15 sec).
Defect ID: 31140
When the OSPF-FRR and flood reduction is configured on all nodes, and flap the network
interfaces on LSR node it may result in LDP ILM missing case which breaks the LSP path
impacting the services over it (BGP session may be stuck in connect state). The issue has seen
1/10 attempts. Without OSPF-FRR and flood reduction, the issue is not observed.
Defect ID: 36500
Workaround: Clear LDP session to recover from the issue.

During static route redistribution in ISIS, if a default route is not present in the RIB, the ISIS
default-information originate always config can be used to originate the default prefix
from ISIS. However, this will advertise the prefix in level-2 only. There is no configuration to
advertise this default prefix in the level-1 domain".
Defect ID: 37900
Workaround: If a default route has to be advertised in the level-1 domain in ISIS, the default route
should be added in the RIB and redistributed in ISIS using the default-information
originate level-1 command.
Static route IPv6 command does not have an option to add tag value.
Defect ID: 38732
BGP IPv6 unicast address family does not support tag option for redistribute isis command.
Defect ID: 38394
When scale sessions (100 sessions) are configured, and the configuration is applied at once, one
peer may stay down. This may happen rarely while reloading.
Defect ID: 29528
Workaround: Reconfigure the peer that is in the downstate again.
Few seconds traffic hit seen with high scale (255k) with OSPF in a specific scenario (multiple link
failures) when the intermediate router is rebooted.
Defect ID: 27758
When an OSPFv3 NSSA LSA is received from two ASBRs, tie-breaking is not working as per
highest router-id.
Defect ID: 38380
When LDP and LU deployed together in aggregation layer, LDP/IGP disruptions like clearing the
IGP/LDP processes cause BGP FTN to be selected and installed for few seconds before topology
convergence and resulting in a transient loop that causes TCP application buffers to become full
causing TCP connection drops. This recovers in a few seconds.
Defect ID: 40255
Workaround: If the recovery is taking time more than a few seconds, then clear BGP sessions to
restore TCP connections.
When 6PE router is deployed as route reflector and next-hop-self is configured to make the route-
reflector participate in data path forwarding, BGP fails to update 6PE ILM binding when
redistribution of IGP is disabled and enabled in quick succession.

Defect ID: 40565
clear ip bgp * on route reflector node to recover the label bindings. The issue can be avoided
by giving the time gap of a few seconds (Around 10s) between enable and disable re-distribution.
MPLS
Inter-area RSVP-TE is not supported for this release of OcNOS.
Defect ID: 26546
During multiple link failures testing, LDP-LSP path could be broken between AGG nodes. This
may occur in a specific scenario with two redundant IGP ASBRs and is only observed while
running two different MPLS transports in different ISIS instances (one using LDP and other using
RSVP) and avoids LDP to select the next-hop on an interface which is not enabled for LDP
protocol. The issue is only specific to ISIS and cannot be seen with any other routing protocol or a
mix of routing protocols.
Defect ID: 36345
Workaround: The recommendation is to change the ISIS metric (or metric-type) in route-map
when redistributing its loopback between two ISIS instances on the IGP ASBR nodes so that ISIS
selects the next-hop which lies in the redistributing ISIS instance when calculating SPF for the
loopback address advertised by the redundant IGP ASBR.
Traffic loss is observed for VPWS service after multiple shut / no shut of the network interfaces.
Defect ID: JIRA- 36094
Workaround: Clear transport (RSVP/LDP) over which VPWS service is configured, for recovering
traffic loss.
BGP LU next-hop updates are handled as a delete followed by add. This may lead to higher
convergence time in case there are more services over BGP LU.
When LU and LDP are configured at the same time in the network, Manual stopping of LDP by
way of software-induced segmentation fault will result in inconsistent LSP's in the data path.
Workaround: When the LDP process is manually stopped by induced software crash, reload the
node to avoid inconsistent MPLS LSP.
LDP label re-distribution(mapping) process may take longer when ISIS daemon (underlying IGP)
alone is re-started upon fault recovery. This may result in higher convergence (around 2
seconds).

Head node reload is observed in a sequence of execution that involves SVI interface flapping,
removal of VLAN configuration and reconfiguring VLANs again and then reloading adjacent node.
Workaround: Recommended to avoid VLAN un-configuration and configuration.
TLDP is configured across LU segments. When BGP LU next-hop is changed due to node reboot
in the path, it causes LU next-hop (NH) update. But if underlay transport is not immediately
available for new LU next-hop, it results in old LU next-hop and services over it to be deleted and
new LU next-hop is updated post underlay transport is available. This can result in traffic loss till
new LU next-hop transport comes up and results in TLDP/BGP session to flap.
Workaround: Increase the TLDP hello hold timer and keepalive timeout >100 and hello and keep
alive intervals to 1/3rd of timeout values by configuring.
BGP remote-peer shut should be performed to restore MPLS path.
This is an interop scenario where Cisco is configured with multiple loopback-IP and RSVP-tunnel
is mapped to it. VPWS is UP even though the peer and FTN are mapped to different prefixes.
Workaround: Not applicable. The user should take care of mapping the VPWS with peer address
and FTN which are mapped to the same prefix.
With multiple link failures across nodes, there is possible of IGP having micro-loops. In a
scenario, LDP FTN is not installed when LDP cannot get the label from downstream as the
upstream router is the next-hop for the downstream router.
Workaround: Do clear ldp session with the peer in which labels did not get advertised.
RSVP "mplsTunnelOwner" shows as LDP and "mplsTunnelRowStatus" shows as 0 even if
rowStatus is active.
On removing ISIS configurations, ILM entries are sometimes getting missed on peer device,
though the label is advertised
Defect ID: 39492
Workaround: Clear the LDP session for which the LSP path is down.

On removing ISIS configurations, ILM entries are sometimes getting missed on peer device,
though the label is advertised
Defect ID: 36139
Workaround: Clear the LDP session for which the LSP path is down.
While doing Interop testing with Nokia 7210 for RSVP tunnel. It was noted that tunnel takes
around 3-4 min to go down, after removing the loopback interface IP on the Nokia(7210) router
which is the egress point of the tunnel.
Defect ID: 35870
MPLS Ping to Pseudo-Wire is failing.
Defect ID: 43231
HSL out of memory errors are seen with the scaled configuration when around 45K+ vpnv4
routes are flapped multiple times, having LDP as transport in per-prefix mode.
Defect ID: 43056
Workaround: Recommended to use per-vrf mode label allocation where resources are optimized.
Also per-vrf is the default label allocation mode.
System Features
Interface level LLDP counters are not displayed in Netconf get output when only lldp run is
enabled globally, (without explicitly configuring LLDP agent on the interface).
Defect ID: 40050
Workaround: Use show lldp interface <> to check the counters.
"Clear ntp statistics" does not clear the statistics
Defect ID: 42501
Use the CLI “ntp sync-retry“, which clears the statistics. Please make a note that this CLI triggers
the NTP clock sync operation as well.
PTP
PTP: Packet Layer Transient Response and Holdover Performance not in an acceptable range
(UFI 9500-30XS).
Defect ID: 29852
Workaround : Use command in Synce mode “dpll3-select 10mhz-in” (UFI 9500-30XS). Connect a
loopback cable 10mhz-in to 10mhz-out.

VxLAN
After conflict MAC removal, MAC entry's conflict status not removed/updated.
Defect ID: 39370
Workaround: Since its static conflict, remove and re-add the original MAC.
Hardware Statistics
For all the following hardware statistics, need to enable the appropriate Hardware Profile for
statistics to be enabled. Without enabling the profile, the statistics will be reflected as 0
o ac-lif stats for VxLAN access ports
o CFM-CCM stats for CFM CCM counter
o CFM-LM stats for CFM Loss Measurements
o Ingress-ACL stats for Ingress ACL
o MPLS-AC stats for attachment circuits
o MPLS-LSP stats for MPLS LSP's
o MPLS-PWE stats for MPLS pseudowire-lif's
o Tunnel-lif stats for VxLAN tunnels
Defect ID: 28345
EVPN MPLS
In the scalable EVPN MPLS config(2K EVI, 2K access ports) with traffic,if "clear mac address
table dynamic evpn-mpls" command is issued, temporary CPU hog is observed till FDB sync is
settled.
Defect ID: 43279
Workaround: No functional impact, suggested to avoid doing clear mac address table when
scalabale config is there and traffic is running for the same. If the issue happens, system will
recover by itself.
In EVPN MPLS multihoming scaled config(2K EVI, 2K access ports) when one of the PE reboots,
traffic loss may be seen for some of the streams. This issue is seen only intermittently.
Defect ID: 43278
Workaround: At the switch/CE, do shut no-shut of the interface connected to multihomed PE
nodes making sure that shut and no-shut are at least 5 sec apart.
In EVPN multihoming sometimes ARP/ND entries are not visible in the remote PE/VTEP, locally
they are present.

Defect ID: 42676
Workaround: In the source PE/VTEP delete and readd the corresponding VPN ID and remap the
VPN ID to access interfaces
In EVPN VPWS MH-to-MH scenario, any change in MTU from one value (V1) to another (V2) and
coming back to same value (V1) shall result into 50% traffic loss.
Defect ID: 41979
Workaround: This issue is seen occasionally, to recover unmap the subif from evid and map it
again. This shall ensure previous value (V1) of mtu to applied properly.
In EVPN multihoming sometimes stale ARP/ND entries are seen.
Defect ID: 41832
Workaround: In the switch connected to multihoming devices do only source mac based hashing
of the traffic.
Momentarily loop for traffic shall be formed until DF / Non-DF selection does not happen for MH
peers
Defect ID: 41394
In EVPN-MPLS scalable config, sometime while shutting down the po interface
TUNNEL_ADD_ERROR logs are observed without any functionality impact.
Defect ID: 40674
In the scalable EVPN MPLS config(2K EVI, 2K access ports), performing esi/no esi multiple times
may lead to the system reload.
Defect ID: 43391
Workaround: It is recommended not to perform esi/no esi on a system with scaled config.
Sub Interface
Interface MIB objects Speed and Phyaddress values are wrongly displaying for Sub-interface
Defect ID: 43251
Multicast
MSDP session may flap if there are more than 200 source advertisements to the same peer.
Defect ID: 42487

Resolved Caveats
NetConf
LLDP EVB session CLIs are not working.
Defect ID: 38676
<state> container node for few objects are not displayed in get output data (For object having
hierarchy depth more than 3 levels)
Defect ID: 40244
Workaround: The data for these <state> nodes are similar as corresponding <config> node in Get
output. So, data can be looked in <config> node hierarchy.
OLT
Single tagged traffic (S-tagged only) with non-zero p-bit does not work.
Defect ID: 40075
Workaround: Use double tag traffic for the service if non zero p-bit is to be configured.
Traffic is not resuming after upgrading BFW ONU firmware.
Defect ID: 41528
Workaround: Traffic is resumed after ONU reboot.
ONU is not discovered when changing the ONU profile before the ONU discovery and OLT
coming up.
Defect ID: 41385
Workaround: Reboot the OLT to discover the ONUs.
Dynamically changing of ONU mode and disabling/enabling of OLT may result in BFW ONU not
getting discovered.
Defect ID: 42118
Reboot of the OLT will recover the BFW ONU discovery.
VxLAN
vxlan disable with huge config (more than 1K VNID and 1K access-ports) and continuous ARP
traffic on VxLAN-access ports makes OSPF session to flap.
Defect ID: 37784

Workaround: Make sure no ARP traffic on access-ports and then issue VxLAN disable command.
Alternatively, access-ports can be shut down before issuing vxlan disable command.
Disabling VxLAN with high VxLAN access-traffic (ARP/ND or new mac learnings) and enable it
leads access-interface LAG flaps
Defect ID: 38058
Workaround: Either stop the access-traffic or do a shutdown of access-interface or do delete of
access-interface first before doing VxLAN disable.
In the case of VxLAN Multihomed VTEPs, local flooding will not happen for BUM traffic.
Defect ID: 34379
With scaled config, issuance of clear nvo vxlan tunnel shall result in access and network PO
flap.
Defect ID: 39363
Workaround: Shut the access interface before clear nvo vxlan tunnel
On issuance of clear ip bgp * convergence takes 7s for SH-MH / MH-SH and 3s for MH-MH
traffic
Defect ID: 38961
Workaround: If required, try clearing session with a particular neighbor instead of clearing all
neighbors using *
In a scaled scenario with multihoming config, disabling VxLAN at the global level with traffic
running in the background should be avoided.
Defect ID: 40293
Workaround: Stop the traffic on VxLAN access ports and then disable the VxLAN.
Default QoS profile will not be applied for L2 traffic when QoS is enabled before enabling VxLAN
configuration
Defect ID: 40531
Workaround: Disable and re-enable QoS
Caution: before disabling QoS, ensure the QoS configuration is saved as QoS disable removes
all the QoS configuration.
After disabling the VxLAN and enabling it again, leads to other protocols session losses and not
able to recover those sessions.
Defect ID: 40795

Workaround: If VxLAN needs to be disabled and enabled again, recommended not to use the
command nvo vxlan disable, instead unconfigure VNID, access ports individually with their
respective "no" commands and configure again for VNI and access ports.
MPLS
During scaling scenario (around 4000 VPWS), if the LDP process is forcefully restarted (kill -11 or
kill -9), it results in few of the PW's to go in standby at one end.
Workaround: Clearing LDP session over which VPWS is mapped.
Have VPWS services over LDP transport. Also, have another LDP FEC path via the alternate
interface and BGP LU FEC for same. After shut of interface, VPWS goes in standby at one side.
Workaround: Clear LDP session over which VPWS is mapped.
When an RSVP session is established with JUNIPER box with one-to-one protection enabled, all
sessions come up fine for the first time. Now if we change the primary path of the primary
session, the detour session which originates from downstream node to JUNIPER calculates
exclude link wrongly due to which it doesn't come up.
Defect ID: 40183
If path change is required for primary, delete the trunk and reconfigure the trunk with new
required parameters.
LDP forwarding path may be different than the IGP path if LDP configs are removed from one
node and alternate path for LDP exists.
Defect ID: 39608
Have LDP FEC as forwarding path and L2/L3 VPN services over it. Now configure/un-configure
static ip route with blackhole next-hop for same FEC. This results in the reload of the board.
Defect ID: 40791
Workaround: Avoid configuring static ip route with blackhole next-hop for FEC's installed via
LDP.
This is an interop scenario with Cisco VM where the MPLS OAM Trace over RSVP is not
successful.
Defect ID: 40380

Sub-interface
If QOS Policy with an inner-cos match is applied, then single tagged Packets may be incorrectly
matched using the L3 header.
Defect ID: 37432
Workaround: Admin should configure outer-cos match with higher priority than inner-cos.
The set queue configuration on L2 sub-interface is also modifying the CoS value of the packets
which are going through the same Queue.
Defect ID: 37466
L3
When an OSPFv3 NSSA LSA is received from two ASBRs, tie-breaking is not working as per
highest router-id.
Defect ID: 37187
When Static route is being configured with next-hop as network address [1000::] but interface IP
is not /127, it fails and returns an error.
Defect ID: 39408
Workaround: In case static route has to be configured with network address [1000::],
interface IP shall be configured as /127.
VRRP is allowing L2 interface to be configured in interface-tracking.
Defect ID: 37790
" FTN installation failed" error is seen when BGP LU implicit label is received by OcNOS. as
OCNOS does not support LU implicit NULL label.
Defect ID: 39759
Workaround: Configure peer node not to send BGP LU implicit NULL. ( OCNOS will not send
implicit BGP NULL) to avoid this issue.
VRRP Tracked interface is not getting removed after making the configured interface as L2-
interface.
Defect ID: 37793
Workaround: Before making the interface as L2 interface, remove VRRP interface tracking
configuration on the interface.

ACL rule is not getting applied on port-channel sub-interface after shut/no shut on the parent
interface.
Defect ID: 40486
Workaround: Remove and add the ACL rule on sub-interface
(or)
shut/no shut the port-channel-subinterface.
If the same prefix is learnt via OSPF as /32 and we configure its static route with /24, in the RIB,
for the BGP route when the recursive lookup happens, it takes the static route instead of OSPF.
So longest prefix match is not preferred.
Defect ID: 40300
Workaround: We need to remove the static configuration for the prefix if the prefix is learnt via
IGP.
With an increase in route scale, an increase in convergence is observed for BGP routes.
Defect ID: 40029
BGP LU sessions with Multihop BFD flaps for 2~3 mins between PE nodes when one of the PE
nodes comes up after reboot.
Defect ID: 37582
When a peer is added to the peer group and is also activated in another address family deletion
of peer throws an error.
Defect ID: 40434
To delete a peer that is part of the peer group in one address family and is activated in another
address family, remove peer from peer group before deleting the peer.
When a peer is added to the peer group and is also activated in another address family deletion
of peer throws an error.
Defect ID: 37013
To delete a peer that is part of the peer group in one address family and is activated in another
address family, remove peer from peer group before deleting the peer.
The error message in "ILM lookup exact failed" does not give us the label information to which the
error has occurred.

L2
When the Tunnel moves from the Backup/Bypass/Secondary to primary as a result of primary
link/node recovery, operator logs of MPLS PW state moving to UP are observed. These logs are
only in the control plane and informational and do not have service/traffic impact. The PW state
changes from UP --> UP and hence traffic switchover is hitless.
Defect ID: 40489
Some BFD packets may get dropped during CFM scalability config. Hence, while configuring with
a higher number of MEPs, the CC (Continuity Check) intervals can be configured as mentioned in
the Workaround section for this defect.
Defect ID: 39685
Workaround: The range of MEPs and corresponding CC intervals can be configured as below
o Till 150 MEPs – 3.3 Ms
o 151-250 MEPs – 10Ms
o 251-400 MEPs – 100 Ms
o 401-950 – 1Sec or 10 Sec
Note: If the number of MEPs is 300, all 300 MEPs can be configured 100 Ms or above (not that
first 150 MEPs are in 3.3 Ms and the rest in 100Ms).
If the number of MEPs is 700, all 700 MEPs can be configured 1Sec or above.
Configuring sub-ring with multiple major rings on the same VLAN without virtual channel
configuration leads to ERPS interface flaps
Defect ID: 33875
Workaround: Either of the two approaches can be applied,
o By configuring virtual channel on subrings which are interconnected with main rings.
o Configuring the other Mainring and Subrings with different VLANs and Data VLAN should
be the same over the devices.

OcNOS SP 4.0 ReleaseNotes All

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

OcNOS SP 4.0 ReleaseNotes All

Uploaded by

Copyright:

Available Formats

OcNOS®

For support, questions, or comments via e-mail, contact:

2 © 2021 IP Infusion Inc. Proprietary

About this Release ...................................................................................................................................... 7

New Features (SP 4.0)............................................................................................................................... 16

3 © 2021 IP Infusion Inc. Proprietary

New Features (SP 3.0)............................................................................................................................... 23

4 © 2021 IP Infusion Inc. Proprietary

Technical Support ..................................................................................................................................... 30

Installation Prerequisites ......................................................................................................................... 31

Upgrade Notes ........................................................................................................................................... 32

Limitations and Restrictions .................................................................................................................... 33

5 © 2021 IP Infusion Inc. Proprietary

Open Caveats ............................................................................................................................................ 48

Resolved Caveats ..................................................................................................................................... 58

6 © 2021 IP Infusion Inc. Proprietary

Hardware Compatibility List

Port Hardware Revision Comments

S4248-FB-ON Broadcom 40 X 10G SFP+ Label Revision: A00 OCNOS_SP_IP_BASE

S4248-FBL-ON Broadcom 40 X 10G SFP+ CPLD 2 Version: 0.1 OCNOS_SP_IP_BASE

Port Hardware Revision Comments

AS5912-54X Broadcom 48 ports 10G, 6 Label Revision: OCNOS_SP_IP_BASE

7 © 2021 IP Infusion Inc. Proprietary

AS5916-54XKS Broadcom 48 ports 10G, 6 Label Revision: OCNOS_SP_IP_BASE

Port Hardware Revision SKU

TIBIT XGS-PON Broadcom 1 x 10G Ethernet- Tibit Hardware OCNOS_SP_OLT_S

Port Hardware Revision SKU

AGC7648A Broadcom 48 X 10G SFP+ CPU CPLD Version: OCNOS_SP_IP_BAS

8 © 2021 IP Infusion Inc. Proprietary

Port Hardware Revision Comments

9500-30XS Broadcom 20 port 10G, 8 Label Revision: 2 OCNOS_SP_CSR

Optics and Accessories

UFI Space S9500-30XS

Type Name Part Number Make

1G-SX Finisar SFP/SFP+/SFP28 FTLF8519P2BNL FINISAR

10G SFP Evertz SFP10G SFP10G-TR13S EVERTZ

10GBASE-SR Edgecore SFP/SFP+/SFP28 ET5402-AOC- EdgeCore

10GBASE-SR Edgecore SFP/SFP+/SFP28 ET5402-AOC-7M EdgeCore

25GAUI C2M Edgecore SFP/SFP+/SFP28 ET7302-AOC-5M EdgeCore

25GBASE-CR CA-S Optech SFP/SFP+/SFP28 OPQS28T03P/SF Optech

SFP/SFP+/SFP28 Finisar SFP/SFP+/SFP28 FCBG110SD1C0 FINISAR

SFP/SFP+/SFP28 Amphenol SFP/SFP+/SFP28 616740001 Amphenol

40GBASE-SR4 Finisar QSFP ET6402-40AOC- Edgecore

40G QSFP AVAGO QSFP AFBR-79E4Z Avago

9 © 2021 IP Infusion Inc. Proprietary

100GBASE-CR4 Finisar QSFP28 ET7402-100DAC- Edgecore

1000BASE-SX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-SX E.C.I.

1000BASE-LX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-LX E.C.I.

1000BASE-LX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-EX E.C.I.

1000BASE-LX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-ZX E.C.I.

10GBASE-SR E.C.I. SFP/SFP+/SFP28 EN-SFP10G-SR E.C.I.

10GBase-LR E.C.I. SFP/SFP+/SFP28 EN-SFP10G-LR E.C.I.

10GBase-ER E.C.I. SFP/SFP+/SFP28 EN-SFP10G-ER E.C.I.

10GBase-ER E.C.I. SFP/SFP+/SFP28 EN-SFPP-ER E.C.I.NETWOR

100GBASE-SR4 or E.C.I. SFP/SFP+/SFP28 EN-SFP28-SR E.C.I.

100GBASE-LR4 or E.C.I. SFP/SFP+/SFP28 EN-SFP28-LR E.C.I.

100GBASE-SR4 or E.C.I. QSFP28 Or Later EN-QSFP28-SR4 E.C.I.

100GBASE-LR4 or E.C.I. QSFP28 Or Later EN-QSFP28-LR4 E.C.I.

1000BASE-SX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-SXi E.C.I.

1000BASE-LX E.C.I. SFP/SFP+/SFP28 EN-SFP1G-LXi E.C.I.

10GBASE-SR E.C.I. SFP/SFP+/SFP28 EN-SFP10G-SRi E.C.I.

10 © 2021 IP Infusion Inc. Proprietary

10GBase-LR E.C.I. SFP/SFP+/SFP28 EN-SFP10G-LRi E.C.I.

Delta Agema AGC7648A