[f-nsp] Netiron 5.6 feedbacks

Wed Oct 1 08:30:59 EDT 2014

Dell - Internal Use - Confidential
I seriously don't think Brocade thoroughly tests their SSH implementations on their gear. Evidenced by this, and past experience. I remember one 5.x release that would NOT let me upgrade to a newer version via SSH giving some erroneous error during the copy of just one of the files. I forget which. Oddly, it worked if you were trying it via telnet and this bug was fixed in the release I was trying to upgrade to. It was a known bug that TAC told me about... unfortunately they told me after they insisted the file copied properly and to reboot the device despite the reload check failing. Naturally this caused the line card to fail to boot properly. Fortunately I was able to recover easily enough but it was very annoying. Other routers I used telnet (after turning it on) and the upgrade process went smoothly.

From: foundry-nsp [mailto:foundry-nsp-bounces at puck.nether.net] On Behalf Of Mitchell Warden
Sent: Wednesday, October 01, 2014 4:35 AM
To: Eldon Koyle; foundry-nsp at puck.nether.net
Subject: Re: [f-nsp] Netiron 5.6 feedbacks

Also seen in 5.7 and most likely in 5.7a. I think this happens after about 70 SSH logins.

I've been through the TAC and told it will be fixed in the next patch release for 5.6 and 5.7.

Zeroing out the key and recreating seems to work sometimes and/or briefly. Telnet is unaffected if you can get to the serial console to enable it :)

Mitchell
________________________________
From: Eldon Koyle [mailto:esk-puck.nether.net at esk.cs.usu.edu]
To: foundry-nsp at puck.nether.net<mailto:foundry-nsp at puck.nether.net> [mailto:foundry-nsp at puck.nether.net]
Sent: Wed, 01 Oct 2014 08:42:49 +1000
Subject: Re: [f-nsp] Netiron 5.6 feedbacks

In other news, I just had ssh stop working on 5 MLX routers, all running
5.6d:

$ ssh myrouter
invalid public DH value (1/1024)
Disconnecting: bad server public DH value
$

When will Brocade get their act together on their SSH implementation?
Does this really have to happen on every third firmware release?

--
Eldon Koyle
Information Technology
Utah State University
--
It is much easier to suggest solutions when you know nothing about the problem.

On Sep 29 11:40-0600, Eldon Koyle wrote:
> I gave up waiting on them. They claimed it was something with 32-bit
> counters, but do they even have 64-bit error counters?
>
> I ended up disabling SNMP caching (snmp-server cache disable), which has
> eliminated the symptoms for us. I'm not sure what the other
> ramifications of that change will be.
>
> --
> Eldon Koyle
> Information Technology
> Utah State University
> --
> BOFH excuse #192:
> runaway cat on system.
>
> On Sep 28 10:48+0200, Youssef Bengelloun-Zahr wrote:
> > Hello Eldon,
> >
> > Any feedbacks from BTAC regarding that SNMP defect ?
> >
> > Best regards.
> >
> >
> >
> > > Le 8 sept. 2014 à 06:54, Eldon Koyle <esk-puck.nether.net at esk.cs.usu.edu<mailto:esk-puck.nether.net at esk.cs.usu.edu>> a écrit :
> > >
> > > I don't have any more information than that, sorry. They didn't need my
> > > help to reproduce it, so I suspect others have reported the same issue.
> > > FWIW, I didn't notice this with 5.6c, but we didn't deploy that version
> > > as extensively.
> > >
> > > --
> > > Eldon Koyle
> > > Information Technology
> > > Utah State University
> > > --
> > > For certain people, after fifty, litigation takes the place of sex.
> > > -- Gore Vidal
> > >
> > >> On Sep 05 21:18+0200, Youssef Bengelloun-Zahr wrote:
> > >> Hi,
> > >>
> > >> This DEFECT isn't listed in the official Brocade KB. Can you tell us a little bit more about it (affected versions, etc.) ?
> > >>
> > >> I will ask my SE to look it up.
> > >>
> > >> Thanks for the feedback.
> > >>
> > >> Best regards.
> > >>
> > >>
> > >>
> > >>> Le 5 sept. 2014 à 21:08, Eldon Koyle <esk-puck.nether.net at esk.cs.usu.edu<mailto:esk-puck.nether.net at esk.cs.usu.edu>> a écrit :
> > >>>
> > >>> I finally heard back today, not sure how long it will take them to fix
> > >>> it:
> > >>>
> > >>> DEFECT000527089: 000527089 Seeing unexpected traffic spikes/dips during SNMP IfInOctets Polling
> > >>>
> > >>> I thought saw something about SNMP caching in the changelog... I'm
> > >>> wondering if they did something wrong there.
> > >>>
> > >>> --
> > >>> Eldon Koyle
> > >>> Information Technology
> > >>> Utah State University
> > >>>
> > >>>> On Sep 04 21:14+0200, Youssef Bengelloun-Zahr wrote:
> > >>>> Hello Eldon,
> > >>>>
> > >>>> Any news from BTAC ?
> > >>>>
> > >>>> Best regards.
> > >>>>
> > >>>>
> > >>>>
> > >>>>> Le 18 août 2014 à 21:00, Youssef Bengelloun-Zahr <youssef at 720.fr<mailto:youssef at 720.fr>> a écrit :
> > >>>>>
> > >>>>> Hello Eldon,
> > >>>>>
> > >>>>> Any news from BTAC ?
> > >>>>>
> > >>>>> Best regards.
> > >>
> >
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp at puck.nether.net<mailto:foundry-nsp at puck.nether.net>
> http://puck.nether.net/mailman/listinfo/foundry-nsp
>
_______________________________________________
foundry-nsp mailing list
foundry-nsp at puck.nether.net<mailto:foundry-nsp at puck.nether.net>
http://puck.nether.net/mailman/listinfo/foundry-nsp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/foundry-nsp/attachments/20141001/b5e2b1ce/attachment.html>