The following sections detail what is new in this document.
Note
Despite the presence of MACsec-capable ports on many of the 5420 Series models, this release does not support MACsec on the 5420 Series.
VOSS 8.4 supports the following new switching models:
5420F-8W-16P-4XE: 8 10/100/1000BASE-T full-duplex (FDX), half-duplex (HDX), MACsec-capable ports with 802.3bt Type 4 PoE (90W), 16 10/100/1000BASE-T FDX, HDX with 802.3at Type 2 PoE+ (30W) ports, two SFP-DD Universal Ethernet ports, and four 1/10G SFP+ ports
5420F-24P-4XE: 24 10/100/1000BASE-T FDX/HDX 802.3at Type 2 PoE+ (30W) MACsec-capable ports, two SFP-DD Universal Ethernet ports, and four 1/10G SFP+ ports
5420F-24S-4XE: 24 100/1000BASE-X SFP MACsec-capable ports, two SFP-DD Universal Ethernet ports, and four 1/10G SFP+ ports
5420F-24T-4XE: 24 10/100/1000BASE-T FDX/HDX MACsec-capable ports, two SFP-DD Universal Ethernet ports, and four 1/10G SFP+ ports
5420F-16MW-32P-4XE: 16 100MB/1Gb/2.5Gb 802.3bt Type 4 PoE ports (90W), 32 10/100/1000BASE-T FDX/HDX 802.3at Type 2 PoE+ (30W) MACsec-capable ports, two SFP-DD Universal Ethernet ports, and four 1/10G SFP+ ports
5420F-16W-32P-4XE: 16 10/100/1000BASE-T FDX/HDX 802.3bt Type 4 PoE (90W) ports, 32 10/100/1000BASE-T FDX/HDX 802.3at Type 2 PoE+ (30W) MACsec-capable ports, two SFP-DD Universal Ethernet ports, and four 1/10G SFP+ ports
5420F-48P-4XE: 48 10/100/1000BASE-T FDX/HDX 802.3at Type 2 PoE+ (30W) MACsec-capable ports, two SFP-DD Universal Ethernet ports, and four 1/10G SFP+ ports
5420F-48P-4XL: 48 10/100/1000BASE-T FDX/HDX 802.3at Type 2 PoE+ (30W) MACsec-capable ports, two SFP-DD Universal Ethernet ports, and four 1/10 Gbps LRM/MACsec-capable SFP+ ports
5420F-48T-4XE: 48 10/100/1000BASE-T FDX/HDX MACsec-capable ports, two SFP-DD Universal Ethernet ports, and four 1/10G SFP+ ports
5420M-24T-4YE: 24 10/100/1000BASE-T FDX/HDX MACsec-capable ports, two SFP-DD Universal Ethernet ports, and four 1/10G SFP+ ports
5420M-24W-4YE: 24 10/100/1000BASE-T FDX/HDX 802.3bt Type 4 PoE (90W) MACsec-capable ports, two SFP-DD Universal Ethernet ports, and four 1/10/25G SFP28 ports
5420M-16MW-32P-4YE: 16 100Mb/1Gb/2.5Gb 802.3bt Type 4 PoE (90W) ports, 32 10/100/1000BASE-T FDX/HDX 802.3at Type 2 PoE+ (30W) MACsec-capable ports, two SFP-DD Universal Ethernet ports, and four 1/10/25G SFP28 ports
5420M-48T-4YE: 48 10/100/1000BASE-T FDX/HDX MACsec-capable ports, two SFP-DD Universal Ethernet ports, and four 1/10/25G SFP28 ports
5420M-48W-4YE: 48 10/100/1000BASE-T FDX/HDX 802.3bt Type 4 PoE (90W) ports MACsec-capable ports, two SFP-DD Universal Ethernet ports, and four 1/10/25G SFP28 ports
In addition to the fixed ports, all models provide console interface ports (one micro Type B USB and one RJ-45), one RJ-45 out-of-band (OOB) management port (10/100/1000), and two USB ports for removable storage.
The 5420 Series also have two SFP-DD Universal Ethernet ports that can function as reserved ports for advanced features (factory default) or as Ethernet ports. When Advanced Feature Bandwidth Reservation is disabled, each port accepts one SFP+ with 10 Gbps port speed. In this release, when you insert an SFP+ in SFP-DD Universal Ethernet ports, only the first port obtained after channelization can be used. Ports on the second channel are blocked from traffic.
For more information, see 5420 Series.
Feature documentation is updated to include support statements specific to the new hardware.
Note
XA1400 Series does not support this feature.
If a port answers DHCP requests sent by your device and the port is in the Auto-sense UNI state, the system automatically changes the port's private VLAN configuration from isolated mode to promiscuous mode.
Without this enhancement, the other devices in the network cannot receive an IP address through the DHCP server if they are in the Zero Touch Fabric Configuration mode unless you disable Auto-sense on the port and manually change the port from isolated mode to promiscuous mode.
For more information, see the following sections:
In VOSS 8.3,Dynamic Nickname Assignment added configuration support for a prefix that can use a range from 0.00.00 to F.FF.FF. This method increased granularity, providing 256 groups that cover the range of 0.00.00 to F.FF.FF instead of the ranges previously available through the spbm nick-name server range <a-f> command. VOSS 8.4 removes the spbm nick-name server range <a-f> command.
If you configured the range allocation using the spbm nick-name server range <a-f> command in an earlier release, the configuration remains supported after you upgrade to VOSS 8.4, unless the configuration used the default range a. If the configuration used the default range a, it is converted to a prefix configuration of A.00.00-A.0F.FF.
For more information, see Dynamic Nickname Assignment.
You can configure the egress shaping rate to limit egress bandwidth for tunnels on the Fabric IPsec Gateway Virtual Machine (VM).
For more information, see the following sections:
Egress Shaping for Fabric Extend Tunnels on Fabric IPsec Gateway
Configure Egress Shaping Rate for IPsec Tunnels on Fabric IPsec Gateway VM
Configure Logical Interface Tunnel on Fabric IPsec Gateway VM
Delete IPsec Tunnel Configuration on Fabric IPsec Gateway VM
Delete Logical Interface Tunnel Configuration on Fabric IPsec Gateway VM
Displays the IPsec Configuration on the Fabric IPsec Gateway VM
Display the Logical Interface IPsec Configurations on the Fabric IPsec Gateway VM
Entity MIB is defined in RFC 4133 and contains a hierarchy of physical and logical entities of a management system.
This release supports Entity MIB - Logical Table, which consists of logical interface entities, such as:
VLANs
MLTs
Circuitless IP (CLIP)
Fabric Extend interfaces (logical Layer 2 and Layer 3 ISIS interfaces)
Entity MIB - Logical Table is supported on the following VOSS platforms:
5420 Series
5520 Series
VSP 4450 Series
VSP 4900 Series
VSP 7200 Series
VSP 7400 Series
VSP 8200 Series
VSP 8400 Series
XA1400 Series
You can configure an ACE to filter routed packets only for IPv4 and IPv6 traffic.
Note
Filtering routed packets for IPv4 and IPv6 traffic is not supported on XA1400 Series.
For more information, see the following sections:
With this feature, Tx flow control is now enabled by default on XA1400 Series. Both Tx and Rx flow control are enabled by default.
For more information, see Configure IEEE 802.3X Pause Frame Transmit.
The Multi-area SPB feature enables building a scalable Shortest Path Bridging (SPB) network, consisting of multiple Intermediate System-to-Intermediate System (IS-IS) areas that connect to each other through the boundary nodes. The Multi-area SPB feature provides flexible network design through which you can group the nodes in the areas on a need basis.
Multi-area SPB enables you to configure two IS-IS areas on the VSP 7400 Series, which are the boundary nodes. For granular service (I-SID) redistribution and filtering, you can apply the layer 2 and layer 3 policies between the areas.
For more information, see the following sections:
Note
XA1400 Series does not support this feature.
You can now extend the 30-day factory-default trial license for an additional 90 days for VOSS hardware platforms.
New switches include a 30-day Factory Default Premier Trial License to use all features (excluding MACsec). You can run the extend-time-period command up to three times to extend the evalulation license for an additional 90 days. You can configure all features, except MACsec, without restrictions and save the configuration.
Note
If a Premier license was installed and then revoked, the trial period cannot be extended.
For more information, see the following sections:
To lower convergence time, switches now set the IS-IS overload bit automatically when a reset command is issued.
For more information about the overload bit, see IS-IS configuration parameters.
Note
XA1400 Series does not support this feature.
RADIUS port and VLAN based Vendor Specific Attributes (VSA) automate switch configuration using port and VLAN based attributes that it receives from the RADIUS Server.
This release introduces Extreme-Dyn-Config VSA to dynamically configure the following features:
VLAN Based Features
IGMP Snooping
DHCP Snooping
Dynamic ARP Inspection (DAI)
Port Based Features
IP Source Guard (IPSG)
Simple Loop Prevention Protocol (SLPP) Guard
Bridge Protocol Data Unit (BPDU) Guard
Traffic Control (Wake on LAN)
Custom Auto-Negotiation Advertisements (CANA)
For more information, see the following sections:
Field description tables for CLI show commands have been moved to the appropriate command sections in VOSS Command Line Interface Commands Reference.
Note
XA1400 Series does not support this feature.
VRFs are now included in the Base Software License for all VOSS platforms.
For more information about licensing, see Licensing Fundamentals.
Note
XA1400 Series does not support this feature.
You can store only two software releases on 5420 Series switches. If you attempt to add a third software release, you are prompted for a confirmation to overwrite the non-primary release. You can also use the software add <filename> -y command to bypass the confirmation question and automatically overwrite the non-primary release.
You can now configure the following LLDP TLVs for transmission:
dot3
local management address
For more information, see the following sections:
This release introduces the show eap sessions command to display EAP and non-EAP authentication sessions on a port.
For more information, see Display the Current EAP-Based Security Status.
The front panel view of Enterprise Device Manager (EDM) provides additional information for Power Over Ethernet (PoE) ports for the following switches:
5420F-24P-4XE
5420F-8W-16P-4XE
5420M-24W-4YE
5420M-48W-4YE
5420F-48P-4XE
5420F-16W-32P-4XE
5420F-48P-4XL
5420F-16MW-32P-4XE
5420M-16MW-32P-4YE
5520-12MW-36W
5520-24W
5520-48W
VSP4900-48P
VSP4900-12MXU-12XE
VSP 4450 Series
For more information, see View PoE Ports using EDM.
After Zero Touch Provisioning Plus (ZTP+) is configured, Extreme Management Center server can configure Network Time Protocol (NTP) on the switch.
For more information, see ZTP+ Phases of Operation.
You are no longer required to configure a circuitless IP address (loopback address) when you enable IP shortcuts on the BEBs.
For information about configuring IP shortcuts, see the following sections: