NVIDIA Onyx User Manual v3.10.3100
v8.2.2200

Overview

These pages are intended for network administrators who are responsible for configuring and managing NVIDIA’s switch platforms.

The following table lists the documents referenced in this User Manual.

Document Name

Description

System Hardware User Manual

This document contains hardware descriptions, LED assignments, and hardware specifications, among other things

Switch Product Release Notes

Please look up the relevant switch system/series Release Notes file

Virtual Modular Switch Reference Guide

This reference architecture provides general information concerning NVIDIA L2 and L3 Virtual Modular Switch (VMS) configuration and design

Community

Provides Ethernet Switch Solutions

Term

Description

AAA

Authentication, Authorization, and Accounting:

  • Authentication—verifies user credentials (username and password)

  • Authorization—grants or refuses privileges to a user/client for accessing specific services

  • Accounting—tracks network resources consumption by users

ARP

Address Resolution Protocol. A protocol that translates IP addresses into MAC addresses for communication over a local area network (LAN).

CLI

Command Line Interface. A user interface in which you type commands at the prompt.

DCB

Data Center Bridging

DCBX

Should be Data Center Bridging eXchange—an extension of Link Layer Data Protocol to discover DCB compliant peers and exchange configuration information

DHCP

The Dynamic Host Configuration Protocol (DHCP) is an automatic configuration protocol used on IP networks.

DNS

Domain Name System. A hierarchical naming system for devices in a computer network.

ECN

Explicit Congestion Notification

ETS

Enhanced Transmission Selection provides a common management framework for assignment of bandwidth to traffic classes.

FTP/TFTP/sFTP

File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one host to another over a TCP-based network, such as the Internet.

Gateway

A network node that interfaces with both InfiniBand and Ethernet, using different network protocols.

HA

High Availability. A system design protocol that provides redundancy of system components, thus enables overcoming single or multiple failures in minimal downtime.

Host

A computer platform executing an Operating System which may control one or more network adapters

LACP

Link Aggregation Control Protocol (LACP) provides a method to control the bundling of several physical ports together to form a single logical channel. LACP allows a network device to negotiate an automatic bundling of links by sending LACP packets to the peer (directly connected device that also implements LACP).

LDAP

The Lightweight Directory Access Protocol is an industry standard application protocol for accessing and maintaining distributed directory information services over an IP network.

LLDP

Link Layer Discovery Protocol. A vendor neutral link layer protocol used by network devices to advertise their identify, capabilities and for neighbor discovery.

MAC

A Media Access Control address (MAC address) is a unique identifier assigned to network interfaces for communications on the physical network segment. MAC addresses are used for numerous network technologies and most IEEE 802 network technologies including Ethernet.

MTU

Maximum Transfer Unit. The maximum size of a packet payload (not including headers) that can be sent /received from a port.

Network Adapter

A hardware device that allows for communication between computers in a network.

NTP

Network Time Protocol. A protocol for synchronizing computer clocks in a network.

PFC/FC

Priority Based Flow Control applies pause functionality to traffic classes OR classes of service on the Ethernet link.

PTP IEEE-1588

Precision Time Protocol. A high-accuracy time transfer protocol for synchronizing computer clocks in a network.

RADIUS

Remote Authentication Dial In User Service. A networking protocol that enables AAA centralized management for computers to connect and use a network service.

RDMA

Remote Direct Memory Access. Accessing memory in a remote side without involvement of the remote CPU.

RoCE

RDMA over Converged Ethernet. A network protocol that leverages Remote Direct Memory Access (RDMA) capabilities to accelerate communications between applications hosted on clusters of servers and storage arrays.

RSTP

Rapid Spanning Tree Protocol. A spanning-tree protocol used to prevent loops in bridge configurations. RSTP is not aware of VLANs and blocks ports at the physical level.

SCP

Secure Copy or SCP is a means of securely transferring computer files between a local and a remote host or between two remote hosts. It is based on the Secure Shell (SSH) protocol.

SNMP

Simple Network Management Protocol. A network protocol for the management of a network and the monitoring of network devices and their functions.

SSH

Secure Shell. A protocol (program) for securely logging in to and running programs on remote machines across a network. The program authenticates access to the remote machine and encrypts the transferred information through the connection.

syslog

A standard for forwarding log messages in an IP network.

TACACS+

Terminal Access Controller Access-Control System Plus. A networking protocol that enables access to a network of devices via one or more centralized servers. TACACS+ provides separate AAA services.

Feature

Detail

Software management

  • Dual software image

  • Software and firmware updates

File management

  • FTP

  • TFTP

  • SCP

Logging

  • Event history log

  • SysLog support

Management interface

  • DHCP/Zeroconf

  • IPv6

Chassis management

  • Monitoring environmental controls

  • Power management

  • Auto-temperature control

  • High availability

Network management interfaces

  • SNMP v1,v2c,v3

  • JSON

  • Puppet Agent

Security

  • SSH

  • Telnet

  • RADIUS

  • TACACS+

Date and time

  • NTP

Cables & transceivers

  • Transceiver info

Managing_an_Ethernet_Fabric_Using_Onyx.jpg

Feature

Detail

Layer 2 Feature Set

  • Multi Chassis LAG (MLAG)

  • IGMP V2/V3, Snooping, Querier

  • VLAN 802.1Q (4K)

  • Q-In-Q

  • 802.1w Rapid Spanning Tree (RSTP)

  • BPDU Filter, Root Guard

  • Loop Guard, BPDU Guard

  • 802.1s Multiple STP (MSTP)

  • PVRST+ (Rapid Per VLAN STP+)

  • 802.3ad Link Aggregation (LAG) & LACP

  • 32 Ports/Channel—64 Groups Per System

  • Port Isolation

  • LLDP

  • Store & Forward / Cut-through mode of work

  • HLL

  • 10/25/40/50/100GbE

  • Jumbo Frames (9216 BYTES)

  • Unicast MAC addresses

Layer 3 Feature Set

  • 64 VRFs

  • IPv4 & IPv6 Routing inc Route maps:

  • BGP4, OSPFv2

  • PIM-SM & PIM-SSM (inc PIM-SM over MLAG)

  • BFD (BGP, OSPF, static routes)

  • VRRP

  • MAGP

  • DHCPv4/v6 Relay

  • Router Port, int Vlan, NULL Interface for Routing

  • ECMP, 64-way

  • IGMPv2/v3 Snooping Querier

Synchronization

  • PTP IEEE-1588 (SMPTE profile)

  • NTP

Quality of Service

  • 802.3X Flow Control

  • WRED, Fast ECN & PFC

  • 802.1Qbb Priority Flow Control

  • 802.1Qaz ETS

  • DCBX—App TLV support

  • Advanced QoS—qualification, rewrite, policers

  • 802.1AB

  • Shared buffer management

Management & Automation

  • ZTP

  • Ansible, SALT Stack, Puppet

  • FTP \ TFTP \ SCP

  • AAA , RADIUS \ TACACS+ \ LDAP

  • JSON & CLI , enhanced web UI

  • SNMP v1,2,3

  • In-band management

  • DHCP, SSHv2, Telnet

  • SYSLOG

  • 10/100/1000 ETH RJ45 MNG ports

  • USB console port for management

  • Dual SW image

  • Events history

  • ONIE

Network Virtualization

  • VXLAN EVPN—L2 stretch use case

  • VXLAN Hardware VTEP—L2 centralized gateway

  • Integration with VMware NSX & OpenStack, etc.

Software Defined Network (SDN)

  • OpenFlow 1.3:

    • Hybrid

    • Supported controllers: ODL, ONOS, FloodLight, RYU, etc.

Docker Container

  • Full SDK access through the container

  • Persistent container & shared storage

Monitoring & Telemetry

  • What Just Happened (WJH)

  • sFlow

  • Real time queue depth histograms & thresholds

  • Port mirroring (SPAN & ERSPAN)

  • Enhanced Link & Phy Monitoring

  • BER degradation monitor

  • Enhanced health mechanism

  • 3rd party integration (Splunk, etc.)

Security

  • USA Department of Defense certification—UC APL

  • System secure mode—FIPS 140-2 compliance

  • Storm Control

  • Access Control Lists (ACLs L2-L4 & user defined)

  • 802.1X—Port Based Network Access Control

  • SSH server strict mode—NIST 800-181A

  • CoPP (IP filter)

  • Port isolation

© Copyright 2023, NVIDIA. Last updated on May 23, 2023.