OS10 A First Look

Article

OS10 – a first look

 

Now that we have installed it, let’s take a first look at Dell’s new switch NOS, OS10.

There will be two versions of this OS. The one we look at here is the Open Edition; soon a Premium Edition will be released that includes a full L2/L3 stack and a traditional switch CLI.

 What strikes us first is that we are not in a switch CLI, but a standard Linux shell. Even the default username is Linuxadmin. The whole filesystem is like you would epect to find it on a standard Linux server.

 So how do we configure / work with this system? Well, Linux already brings several network functions natively, like creating bridges, moving ports into bridges, adding VLAN tags, or even routing using quagga. All these functions that are natively available in Linux are now used to configure the switchports. Behind the scenes, all physical ports are mapped to Linux interfaces, and the port state and changes mapped accordingly.

The naming convention of the Linux interfaces encodes a lot of information.

Eth0 is the management interface, but all other interface names are built by the following convention:

eNSS-PPP-F.vvvv, where:

e means that it is an Ethernet port.

N is the node ID and is always set to 1.

SS is the slot number and is always set to 01.

PPP is the port number (1-999).

F is the number of a 4x10G fanout port (0-9).

vvvv is the VLAN ID number (0-4095).

So the first physical ethernet interface in the switch looks like this:

e101-001-0 Link encap:Ethernet  HWaddr 64:00:6a:e5:ab:3f 

          BROADCAST MULTICAST  MTU:1500  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:500

          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

 

Not everything we need to work with the switch is provided by native Linux implementations, so there are some tools to help with other needed functionality. Here is a short list:

 

os10-ethtool - Displays the interface statistics and the transceiver information (see Monitoring).

os10-show-stats - Displays the detailed statistics of a physical port (see Monitoring).

os10-config-fanout - Fans out native 40G ports to 4x10G interfaces (see Physical Ports in Networking Features).

os10-config-switch - Sets and gets values of different switching entities.

os10-show-transceivers – Shows transceiver information

 

So ifconfig shows us the interfaces, but how do we configure for example a VLAN on this system? Well, again we use the native Linux tools and edit the config files as we would for a server interface. The switch then maps this configuration to the physical, hardware accelerated switchport. Here is the example:

 

1. Create a Bridge Instance for the VLAN.

 

$brctl addbr br100

 

In the example, br100 is the name of the Bridge Instance used to model a VLAN. Note that OS10 does not derive the VLAN ID from the name.

2. Add a tagged port to the VLAN. Ensure that the Linux interface mapped to the port being added to the VLAN does not have an IP address.

 

$ifconfig e101-001-0 e101-001-0

Link encap:Ethernet HWaddr 90:b1:1c:f4:9d:3c

inet addr:1.1.1.1 Bcast:1.1.1.255 Mask:255.255.255.0

BROADCAST MULTICAST MTU:1500 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:2221 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:500

RX bytes:0 (0.0 B) TX bytes:523446 (511.1 KiB)

 

If the interface already has an IP address, remove the IP address before continuing to the next step.

 

$ IP  addr flush dev e101-001-0

 

3. Create a tagged virtual link. A Linux interface can only belong to a single bridge instance. To add the same interface to mult IP le VLAN domains, create a separate Linux virtual link for each VLAN in which the port is a member. Enter the IP link add command to create a virtual tagged link for the e101-001-0 Linux interface in VLAN 100. The .100 suffix used in the Linux interface name indicates that the interface is VLAN tagged.

 

$ IP  link add link e101-001-0 name e101-001-0.100 type VLAN id 100

 

4. Add the tagged virtual link to the VLAN. Enter the brctl addif command to add the newly created virtual link to the Linux bridge instance created in Step 1. OS10 creates the VLAN and adds the physical port mapped to the e101-001-0 Linux interface as a tagged member of the VLAN.

 

$brctl addif br100 e101-001-0.100

 

5. Verify the VLAN configuration.

 

$brctl show

bridge name bridge id STP enabled interfaces br100 8000.90b11cf49d3c no e101-001-0.100

 

Besides this way of interacting with the switch, the system provides to other ways that are quite interesting.

First, there is an extensive API that can be programmatically accessed. We will look at this in a later post, but for an overview we should look at a short list of the YANG models that are available:

YANG Models for Networking Features

YANG Model:                                      Networking Feature:

dell-base-acl.yang                              Access control lists (ACLs)

dell-base-common.yang                      Common definitions

dell-base-interface-common.yang        Interfaces

dell-base-l2-mac.yang                        Layer 2 MAC address

dell-base-lag.yang                              Port channels/ link aggregation groups (LAGs)

dell-base-mirror.yang                         Port mirroring

dell-base-phy-interface.yang               Layer 1/physical layer (PHY) interfaces

dell-base-port-security.yang                Port security protocols

dell-base-qos.yang                             Quality of Service (QoS)

dell-base-routing.yang                        Routing protocols

dell-base-sflow.yang                           sFlow

dell-base-statistics.yang                      Diagnostic/statistical information

dell-base-stg.yang                              STP protocols

dell-base-switch-element.yang            Global configuration parameters for NPU

dell-base-VLAN.yang                           VLAN

 

There is also the option to use well known server tools like Puppet or Nagios to configure or monitor your system.

In the Puppet example, we just install Puppet from Puppet Labs as on a standard server. An example configuration would look like this:

node 'R1.dell.com' {

    $int_enabled = true

    $int_loopback = '2.2.2.2'

    $int_layer3 = {

        e101-019-0 => {'int'=>'e101-019-0', 'address' => '19.0.0.1', 'netmask' => '255.255.255.0',

'cidr_netmask' => 24},

        e101-020-0 => {'int'=>'e101-020-0', 'address' => '20.0.0.1', 'netmask' => '255.255.255.0',

'cidr_netmask' => 24},

    }

    $bgp = {

        myasn => 65000,

        peergroupv4 => [ { name => 'R2', asn => 65000, peers => [ '19.0.0.2','20.0.0.2' ] } ]

    }

    include ibgp::switch

}

 

 

node 'R2.dell.com' {

    $int_enabled = true

    $int_loopback = '3.3.3.3'

    $int_layer3 = {

        e101-019-0 => { 'int'=> 'e101-019-0', 'address' => '19.0.0.2', 'netmask' => '255.255.255.0',

'cidr_netmask' => 24 },

        e101-020-0 => { 'int'=> ' e101-020-0','address' => '21.0.0.1', 'netmask' => '255.255.255.0',

'cidr_netmask' => 24 },

    }

    $bgp = {

        myasn => 65000,

        peergroupv4 => [ { name => 'R1', asn => 65000, peers => [ '19.0.0.1','20.0.0.1' ] } ]

    }

    include ibgp::switch

}

 

 

And the same is true for Nagios, we would just install the same packages and do the same configuration as on a standard server:

$ apt-get install nagios-nrpe-server

$ apt-get install nagios-plugin

 

And we configure the server to monitor the system

 

define host{

    use Linux-server

    host_name Dell_OS10

    alias client

    address 10.x.x.x

    }

 

and enter the commands to be used in the commands.cfg file:

 

define command{

            command_name check_nrpe

            command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$

            }

           

define command{

            command_name check_remote_disk

            command_line $USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$

            }

           

define command{

            command_name check_remote_procs

            command_line $USER1$/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$

            }