From a19f9f50cb2e2eed0f148c3d14a6875c4f20fd2b Mon Sep 17 00:00:00 2001 From: cumulusAnia Date: Fri, 31 Jan 2025 08:09:32 -0800 Subject: [PATCH 1/5] updates to RADIUS local fallback --- .../Authentication-Authorization-and-Accounting/RADIUS-AAA.md | 3 ++- content/cumulus-linux-512/Whats-New/_index.md | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/content/cumulus-linux-512/System-Configuration/Authentication-Authorization-and-Accounting/RADIUS-AAA.md b/content/cumulus-linux-512/System-Configuration/Authentication-Authorization-and-Accounting/RADIUS-AAA.md index 62467cc1ad..66d70c03ae 100644 --- a/content/cumulus-linux-512/System-Configuration/Authentication-Authorization-and-Accounting/RADIUS-AAA.md +++ b/content/cumulus-linux-512/System-Configuration/Authentication-Authorization-and-Accounting/RADIUS-AAA.md @@ -242,7 +242,8 @@ netgroup: nis {{< /tabs >}} {{%notice note%}} -If you configure the authentication order to prefer local authentication before RADIUS, login falls back to RADIUS only if the user is not present locally. +- If you configure the authentication order to prefer local authentication before RADIUS, login falls back to RADIUS only if the user is not present locally. +- If you need to add the user to both the local account and RADIUS, you must configure the local user **before** the user accesses RADIUS for authentication for the first time; otherwise, you will not be able to configure the local user. {{%/notice%}} ## RADIUS User Command Accounting diff --git a/content/cumulus-linux-512/Whats-New/_index.md b/content/cumulus-linux-512/Whats-New/_index.md index 9821fa6094..97aaee934f 100644 --- a/content/cumulus-linux-512/Whats-New/_index.md +++ b/content/cumulus-linux-512/Whats-New/_index.md @@ -68,7 +68,7 @@ nv show system log file nv show system log file brief nv show system log file list nv show system log file follow -nv show system log file nv show system packages +nv show system log file nv show system log file brief nv show system log component nv show system log component From 9d83975bf8c58e09378788c4ea543f4c5f1f3508 Mon Sep 17 00:00:00 2001 From: cumulusAnia Date: Fri, 31 Jan 2025 08:23:21 -0800 Subject: [PATCH 2/5] updated local fallback --- .../Authentication-Authorization-and-Accounting/RADIUS-AAA.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/cumulus-linux-512/System-Configuration/Authentication-Authorization-and-Accounting/RADIUS-AAA.md b/content/cumulus-linux-512/System-Configuration/Authentication-Authorization-and-Accounting/RADIUS-AAA.md index 66d70c03ae..c5df9ae206 100644 --- a/content/cumulus-linux-512/System-Configuration/Authentication-Authorization-and-Accounting/RADIUS-AAA.md +++ b/content/cumulus-linux-512/System-Configuration/Authentication-Authorization-and-Accounting/RADIUS-AAA.md @@ -242,8 +242,8 @@ netgroup: nis {{< /tabs >}} {{%notice note%}} -- If you configure the authentication order to prefer local authentication before RADIUS, login falls back to RADIUS only if the user is not present locally. -- If you need to add the user to both the local account and RADIUS, you must configure the local user **before** the user accesses RADIUS for authentication for the first time; otherwise, you will not be able to configure the local user. +- If you configure the authentication order to prefer local authentication before RADIUS, login falls back to RADIUS only if the user is not configured locally. +- If you configure the same account on the switch locally and on your RADIUS server, you must configure the local user account before attempting authentication with RADIUS for the user; otherwise, local account creation fails. {{%/notice%}} ## RADIUS User Command Accounting From f85dcbcfdd4ff6f9e82e6fb90674ffe3397a05be Mon Sep 17 00:00:00 2001 From: cumulusAnia Date: Fri, 31 Jan 2025 09:01:43 -0800 Subject: [PATCH 3/5] updates to otel --- .../Optional-BGP-Configuration.md | 2 +- .../Open-Telemetry-Export.md | 34 ++++++++++++++++--- content/cumulus-linux-512/Whats-New/foss.md | 2 +- 3 files changed, 31 insertions(+), 7 deletions(-) diff --git a/content/cumulus-linux-512/Layer-3/Border-Gateway-Protocol-BGP/Optional-BGP-Configuration.md b/content/cumulus-linux-512/Layer-3/Border-Gateway-Protocol-BGP/Optional-BGP-Configuration.md index 9380dba0d2..e0c45abf49 100644 --- a/content/cumulus-linux-512/Layer-3/Border-Gateway-Protocol-BGP/Optional-BGP-Configuration.md +++ b/content/cumulus-linux-512/Layer-3/Border-Gateway-Protocol-BGP/Optional-BGP-Configuration.md @@ -1382,7 +1382,7 @@ cumulus@leaf01:~$ ## BGP Prefix Independent Convergence -BGP prefix independent convergence (PIC) reduces convergence times and improves unicast traffic convergence for remote link and node failures (when the BGP next hop fails) regardless of route scale. A remote link is a link between a spine and a remote leaf, or a spine and the super spine layer. +BGP prefix independent convergence (PIC) reduces convergence times and improves unicast traffic convergence for remote link and node failures (when the BGP next hop fails) on an individual prefix basis, regardless of route scale. A remote link is a link between a spine and a remote leaf, or a spine and the super spine layer. When you configure BGP PIC, Cumulus Linux assigns one next hop group for each source and the remote leaf advertises a route with a prefix derived from the router ID. The remote leaf tags prefix routes with a route-origin extended community (SOO) so that the local leaf recognizes the routes. When the network topology changes, the local leaf obtains the router ID route with the updated ECMP, allowing a O (1) next hop group replace operation for all prefixes from the remote leaf without waiting for individual BGP updates. diff --git a/content/cumulus-linux-512/Monitoring-and-Troubleshooting/Open-Telemetry-Export.md b/content/cumulus-linux-512/Monitoring-and-Troubleshooting/Open-Telemetry-Export.md index 6ca6dbb834..758eb95d7e 100644 --- a/content/cumulus-linux-512/Monitoring-and-Troubleshooting/Open-Telemetry-Export.md +++ b/content/cumulus-linux-512/Monitoring-and-Troubleshooting/Open-Telemetry-Export.md @@ -280,19 +280,43 @@ By default, OTLP export is in **secure** mode that requires a certificate. For c ### Customize Export -By default, the switch exports all statistics enabled {{}} (with the `nv set system telemetry ` command) to all configured OTLP destinations. If you want to export different metrics to different OTLP destinations, you can customize the export by specifying a statistics group (`interface-stats`, `platform-stats`, `histogram-stats`, or `routing-stats`) for a destination. +By default, the switch exports all statistics enabled {{}} (with the `nv set system telemetry ` command) to all configured OTLP destinations. If you want to export different metrics to different OTLP destinations, you can customize the export by specifying a statistics group to control which statistics you export and the sample interval for a destination. -The following example exports all platform statistics to the destination IP address 10.1.1.100: +{{%notice note%}} +Statistics groups inherit global OTLP export configurations by default. More specific configuration under a statistics group, such as enabling or disabling a statistic type or changing the sample interval overrides any global OTLP configuration. +{{%/notice%}} + +The following example: +- Configures STAT-GROUP1 to export all platform statistics (`platform-stats`) but not interface statistics (`interface-stats`). +- Applies the STAT-GROUP1 configuration to the OTLP destination 10.1.1.100. + +``` +cumulus@switch:~$ nv set system telemetry stats-group STAT-GROUP1 platform-stats export state enabled +cumulus@switch:~$ nv set system telemetry stats-group STAT-GROUP1 interface-stats export state disabled +cumulus@switch:~$ nv set system telemetry export otlp grpc destination 10.1.1.100 stats-group STAT-GROUP1 +cumulus@switch:~$ nv config apply +``` + +The following example: +- Configures STAT-GROUP2 to inherit all statistic configuration from the global telemetry configuration, but changes the sample interval of `router` statistics to 100: +- Applies the STAT-GROUP2 configuration to the OTLP destination 10.1.1.200. ``` -cumulus@switch:~$ nv set system telemetry export otlp grpc destination 10.1.1.100 stats-group platform-stats +cumulus@switch:~$ nv set system telemetry stats-group STAT-GROUP2 router sample-interval 100 +cumulus@switch:~$ nv set system telemetry export otlp grpc destination 10.1.1.200 stats-group STAT-GROUP2 cumulus@switch:~$ nv config apply ``` -The following example exports all routing statistics to the destination IP address 10.1.1.200: +The following example: +- Configures STAT-GROUP3 to disable histogram (`histogram`) and buffer (`buffer-stats`) statistics, and enables all platform statistics(`platform-stats`) except for disk state: +- Applies the STAT-GROUP3 configuration to the OTLP destination 10.1.1.30. ``` -cumulus@switch:~$ nv set system telemetry export otlp grpc destination 10.1.1.200 stats-group routing +cumulus@switch:~$ nv set system telemetry stats-group STAT-GROUP3 buffer-stats export state disabled +cumulus@switch:~$ nv set system telemetry stats-group STAT-GROUP3 histogram export state disabled +cumulus@switch:~$ nv set system telemetry stats-group STAT-GROUP3 platform-stats export state enabled +cumulus@switch:~$ nv set system telemetry stats-group STAT-GROUP3 platform-stats class disk state disabled +cumulus@switch:~$ nv set system telemetry export otlp grpc destination 10.1.1.30 stats-group STAT-GROUP3 cumulus@switch:~$ nv config apply ``` diff --git a/content/cumulus-linux-512/Whats-New/foss.md b/content/cumulus-linux-512/Whats-New/foss.md index daea9e9b1a..d1a0f897a3 100644 --- a/content/cumulus-linux-512/Whats-New/foss.md +++ b/content/cumulus-linux-512/Whats-New/foss.md @@ -13,7 +13,7 @@ Cumulus Linux 5.12 contains the following core switch package versions: | Package | Version | Description | | --- | ----| ----------- | -| SDK (`sx-sdk-eth`) | 4.7.3036 | Switch SDK package. Legal Notices and 3rd Party Licenses: {{}}; {{}}; {{}} | +| SDK (`sx-sdk-eth`) | 4.7.3056 | Switch SDK package. Legal Notices and 3rd Party Licenses: {{}}; {{}}; {{}} | | MFT (`kernel-mft-dkms`) | 4.30.2-23 | Switch MFT package. Legal Notices and 3rd Party Licenses: {{}}; {{}} | | Hardware management (`hw-management`) | 7.0040.3005 | Hardware management package.| | NVUE (`python3-nvue`) | 1.8.0.70 | NVUE core package. | From 7b0aa7e8a97e53e21bb44b54a07ffc820bb6b508 Mon Sep 17 00:00:00 2001 From: cumulusAnia Date: Fri, 31 Jan 2025 11:25:42 -0800 Subject: [PATCH 4/5] updates --- .../Border-Gateway-Protocol-BGP/Optional-BGP-Configuration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/cumulus-linux-512/Layer-3/Border-Gateway-Protocol-BGP/Optional-BGP-Configuration.md b/content/cumulus-linux-512/Layer-3/Border-Gateway-Protocol-BGP/Optional-BGP-Configuration.md index e0c45abf49..30e632af8d 100644 --- a/content/cumulus-linux-512/Layer-3/Border-Gateway-Protocol-BGP/Optional-BGP-Configuration.md +++ b/content/cumulus-linux-512/Layer-3/Border-Gateway-Protocol-BGP/Optional-BGP-Configuration.md @@ -1382,7 +1382,7 @@ cumulus@leaf01:~$ ## BGP Prefix Independent Convergence -BGP prefix independent convergence (PIC) reduces convergence times and improves unicast traffic convergence for remote link and node failures (when the BGP next hop fails) on an individual prefix basis, regardless of route scale. A remote link is a link between a spine and a remote leaf, or a spine and the super spine layer. +BGP prefix independent convergence (PIC) reduces convergence times and improves unicast traffic convergence for remote link and node failures (when the BGP next hop fails), regardless of route scale. A remote link is a link between a spine and a remote leaf, or a spine and the super spine layer. When you configure BGP PIC, Cumulus Linux assigns one next hop group for each source and the remote leaf advertises a route with a prefix derived from the router ID. The remote leaf tags prefix routes with a route-origin extended community (SOO) so that the local leaf recognizes the routes. When the network topology changes, the local leaf obtains the router ID route with the updated ECMP, allowing a O (1) next hop group replace operation for all prefixes from the remote leaf without waiting for individual BGP updates. From edbea17283f4a6ecf2ad9271c1154e8ca1dc736a Mon Sep 17 00:00:00 2001 From: cumulusAnia Date: Fri, 31 Jan 2025 11:57:50 -0800 Subject: [PATCH 5/5] update foss --- content/cumulus-linux-512/Whats-New/foss.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/cumulus-linux-512/Whats-New/foss.md b/content/cumulus-linux-512/Whats-New/foss.md index d1a0f897a3..11531773bd 100644 --- a/content/cumulus-linux-512/Whats-New/foss.md +++ b/content/cumulus-linux-512/Whats-New/foss.md @@ -16,7 +16,7 @@ Cumulus Linux 5.12 contains the following core switch package versions: | SDK (`sx-sdk-eth`) | 4.7.3056 | Switch SDK package. Legal Notices and 3rd Party Licenses: {{}}; {{}}; {{}} | | MFT (`kernel-mft-dkms`) | 4.30.2-23 | Switch MFT package. Legal Notices and 3rd Party Licenses: {{}}; {{}} | | Hardware management (`hw-management`) | 7.0040.3005 | Hardware management package.| -| NVUE (`python3-nvue`) | 1.8.0.70 | NVUE core package. | +| NVUE (`python3-nvue`) | 1.8.0.80 | NVUE core package. | | kernel (`linux-image`) | 6.1.94 | Linux kernel package. | To obtain a complete list of open source packages included in Cumulus Linux 5.12, see the downloads section on the {{}}.