You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
By default, Cumulus Linux blocks LLDP packets on unauthorized ports. If you need to discover the physical topology before 802.1X authentication (for example, in multi-tenant data centers), you can configure the switch to allow LLDP packets on unauthorized ports on ingress, egress, or both.
984
984
985
985
{{%notice note%}}
986
-
This feature only affects ports in the pre-authentication stage. Cumulus Linux does not block authenticated ports.
986
+
- This feature only affects ports in the pre-authentication stage. Cumulus Linux does not block authenticated ports.
987
+
- Link down puts the 802.1x enabled ports in the pre-authentication state.
988
+
- When you reboot the switch, the 802.1x enabled ports come up in either blocked or allowed mode based on the configuration.
987
989
{{%/notice%}}
988
990
989
991
{{< tabs "TabID960 ">}}
@@ -1010,7 +1012,7 @@ cumulus@switch:~$ nv set system dot1x pre-auth allow-protocol lldp both
1010
1012
To revert to the default setting of blocking LLDP packets on unauthorized ports, run the `nv unset system dot1x pre-auth allow-protocol lldp` commands. For example:
1011
1013
- To block LLDP packets on unauthorized ports on ingress, run the `nv unset system dot1x pre-auth allow-protocol lldp ingress` command.
1012
1014
- To block LLDP packets on unauthorized ports on egress, run the `nv unset system dot1x pre-auth allow-protocol lldp egress` command.
1013
-
- To block LLDP packets on unauthorized ports on both ingress and egress, run the `nv unset system dot1x pre-auth allow-protocol lldp both` command.
1015
+
- To block LLDP packets on unauthorized ports on both ingress and egress, run the `nv unset system dot1x pre-auth allow-protocol lldp both` command or the `nv set system dot1x pre-auth allow-protocol lldp none` command.
Copy file name to clipboardExpand all lines: content/cumulus-linux-517/Layer-1-and-Switch-Ports/Quality-of-Service/_index.md
+15-19Lines changed: 15 additions & 19 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -930,10 +930,10 @@ Dynamic ECN is a congestion marking mechanism optimized for high-performance tra
930
930
931
931
{{%notice note%}}
932
932
- Cumulus Linux supports dynamic ECN on switches with Spectrum-4 and later.
933
-
- ECN marking probability has a hardware granularity of 1 percent; effective probabilities below 1 percent do not produce any marking.
933
+
- ECN marking probability has a hardware granularity of one percent; effective probabilities below one percent do not produce any marking.
934
934
{{%/notice%}}
935
935
936
-
To configure dynamic ECN:
936
+
To configure dynamic ECN, determine which traffic classes carry loss-sensitive or bursty traffic (such as RoCE on traffic class 3), determine the percentage of dynamic buffer allowance you want to trigger congestion marking, then set dynamic ECN:
937
937
- Set the dynamic ECN mode to `relative` for the `default-global` profile to apply system-wide default settings or for a custom profile for specific port groups. The default value is `absolute`.
938
938
939
939
When you set the dynamic ECN mode to `relative`, the switch hardware ignores existing byte thresholds and the ASIC immediately begins marking based on the dynamic buffer calculation: threshold = (alpha_quota * percent) / 100. When you set the dynamic ECN mode to `absolute`, the switch hardware ignores percentage thresholds and the ASIC reverts to marking based on static cell counts derived from the configured byte values.
@@ -1930,12 +1930,15 @@ The QoS subsystem supports multiple lossless priority groups that share a single
1930
1930
All lossless priority groups continue to share the same ingress and egress buffer pools. However, each priority groups maintains its own reserved buffers, xon and xoff thresholds, and descriptor buffer allocations. This design provides isolation and independent flow-control behavior while still making efficient use of shared buffer resources.
1931
1931
1932
1932
You can configure the following headroom settings:
1933
-
- Required headroom
1934
-
- Exclusive headroom
1935
-
- Oversubscription ratio
1936
-
- Port shared buffer
1933
+
- Required headroom per priority group in bytes. The switch converts this value to cells.
1934
+
- Exclusive headroom per priority group in bytes. The switch converts this value to cells.
1935
+
- Oversubscription ratio for the shared headroom pool. You can set a value between 1 and 256.
1937
1936
1938
-
The following example assigns switch priority 3 and 4 to priority group 3, configures the ingress lossless buffer service pool mapping to service-pool 1, and sets the required and exclusive headroom for switch priority 3 and 4 to 1024, oversubscription ratio to 2, and port shared buffer to 1024. The example enables the shared headroom pool on swp10.
1937
+
{{%notice note%}}
1938
+
The required headroom must be more than exclusive headroom.
1939
+
{{%/notice%}}
1940
+
1941
+
The following example assigns switch priority 3 and 4 to priority group 3, configures the ingress lossless buffer service pool mapping to service-pool 1, and sets the required headroom for switch priority 3 and 4 to 1024, the exclusive headroom for switch priority 3 and 4 to 1010, and oversubscription ratio to 2. The example enables the shared headroom pool on swp10.
1939
1942
1940
1943
{{< tabs "TabID1935 ">}}
1941
1944
{{< tab "NVUE Commands ">}}
@@ -1945,9 +1948,8 @@ The following example assigns switch priority 3 and 4 to priority group 3, confi
0 commit comments