This documentation is for an older version of the software. If you are using the current version of Cumulus Linux, this content may not be up to date. The current version of the documentation is available here. If you are redirected to the main page of the user guide, then this page may have been renamed; please search for it there.

What's New in Cumulus RMP 3.0.0

Cumulus RMP 3.0.0 has a host of new features and capabilities. In addition to this chapter, please read the release notes to learn about known issues with this release.

Cumulus RMP 3.0.0 includes these new features and platforms:

Read on to learn about more new functionality and new behaviors.

New Behavior and Functionality

Cumulus RMP 3.0.0 marks a significant departure from earlier releases of the operating system. As such, some new functionality and behaviors are to be expected.

Cumulus RMP Now Based on Jessie

Cumulus RMP is now based on Debian Jessie, instead of Debian Wheezy. For a list of issues you need to be aware of, please read the Debian documentation.

Default snmpd Port Binding

In previous releases of Cumulus RMP, the default port binding configuration in /etc/snmp/snmpd.conf was:

# 2.5.x default agent IP address binding (bind to all interfaces on UDP port 161)
agentAddress udp::161

This meant that the snmpd daemon listed and responded to all ports for UDP port 161.

In Cumulus RMP 3.0, the default configuration has been updated to a more secure setting:

# 3.x default agent IP address binding (bind to only loopback interface on UDP port 161)
agentAddress udp:127.0.0.1:161

This ensures that by default, the snmpd daemon will only listen on the loopback interface on UDP port 161, and will only respond to SNMP requests originating on the switch itself, rather than requests coming into the box on an interface. Since this is really only useful for testing purposes, most customers should change this to binding to a specific IP address.

iquerySecName and Rouser

In 2.5.x, default values for iquerySecName and rouser were configured in /etc/snmp/snpd.conf as follows:

iquerySecName internalUser
rouser internalUser

In 3.x, the default configuration has been updated to a more secure setting, by commenting out the default user:

#iquerySecName internalUser
#rouser internalUser

User accounts must now be created manually for SNMP traps to function correctly.

New Bond Defaults

In order to simplify configurations, many bond settings have had their defaults changed:

Setting2.x Default3.x Default
lacp-ratenone1
miimon0100
min-links01
modenone802.3ad
use-carriernone1
xmit-hash-policynonelayer3+4

New bridge mdb Command Syntax

The syntax of the bridge mdb command has changed slightly. Instead of using vlan <vid> to specify the VLAN ID of a multicast group on a VLAN-aware bridge, Cumulus RMP uses vid <vid>. Similarly, when dumping the MDB with the bridge mdb show command, the VLAN ID, if any, is displayed following the vid keyword.

Adding Static Bridge FDB Entries

To add a static bridge FDB entry, make sure to specify static in the bridge fdb command. For example:

cumulus@switch:~$ sudo bridge fdb add 00:01:02:03:04:06 dev eth0 master static

Printing VLAN Ranges for a Bridge

In order to print a range of VLANs in a bridge, use the -c option with bridge vlan show:

cumulus@switch:~$ bridge -c vlan show

List of Ports for a VLAN No Longer Displayed

The bridge vlan show vlan <vlanid> command in the Linux 4.1 kernel no longer displays the list of ports for a VLAN, unlike in the 3.2 kernel, which did show list of ports for a VLAN.

In addition, the /sys/class/net/<portname>/brport/pvid sysfs node is no longer present in Cumulus RMP.

virtio-net Driver Changes

The default speed setting for the virtio-net driver is set to SPEED_10.

In addition, VLAN Tx offload is enabled in the virtio-net driver by default.

New ARP Refresh Rate

For ARP timers, the default base_reachable_time_ms in Cumulus RMP 3.0 and later is 14400000 (4 hours); in Cumulus RMP 2.5.x it is 110000 (110 seconds).

switchd Doesn’t Start if License Isn’t Present

If a license is not installed on a Cumulus RMP switch, the switchd service will not start. If you install the license again, start switchd with:

cumulus@switch:~$ sudo systemctl start switchd.service

SSH to Switch as root User Disabled by Default

To improve security, the ability to use SSH to connect to a switch as the root user using a password has been disabled by default. To enable it, read User Accounts.

SSH Output No Longer Truncated

In Cumulus RMP 2.5.x, depending upon the number of peers on the network, the output of show ip bgp summary json over an SSH session might get truncated. This has been fixed in Cumulus RMP 3.0.

Removed Features

  • cl-img-install. The installer has been replaced.

  • Disk image slots and /mnt/persist: For information and strategies on how to preserve your network configuration across software upgrades, read the Upgrading Cumulus Linux chapter.

  • cl-brctl. This utility was simply a symlink to brctl, which is what you should use to configure bridges, VLANs and the like.

  • jdoo. Use systemd and systemctl for monitoring your switches.