Jumbo Frames. Don't run away...
Anyone else see SSH issues after globally enabling them?
I'm using the MGMT interface on the back to SSH to the ICX 6610. The interface MTU is 1500:
If I do the following, it crashes the SSH session. I don't recall that this happened prior to globally enabling jumbo frames.
It crashes the session before actually displaying the question mark.
Other commands with lots of output (but not show commands, they're paginated or something via less or similar) also crash the session. For what it's worth, the NIC on this PC is configured for an MTU of 9000. The terminal is Token2Shell on Windows 10, also crashes XShell. Don't recall having this problem with some other access switches (SG-300's) with jumbo frames enabled, or on the ICX 6610 prior to enabling jumbo frames.
It's like the switch is originating its own larger MTU in response to the command '?", but is then dropping that frame on egress from it's MGMT interface due to the 1500 MTU (which can't be changed anyway) rather than fragmenting the packet...and somehow killing SSH in the process?
I do have an inband mgmt vlan and ve with 'ip mtu 1500' avaliable as well, might try accessing via that and see if it does the same...
******
EDIT:
So, global jumbo frames don't break the in-band SSH management. At least, not as long as you have the ip mtu 1500 set in the ve for the vlan as I do. The physical mgmt port remains broken. I can't be bothered rolling back jumbo globally and then reconfiguring all the vlans and int mtu's again just to confirm as this is an in use switch, but if someone with the same switch/software could check if they have a spare test switch, it might save someone a headache in future.
******
Switch Software:
Anyone else see SSH issues after globally enabling them?
I'm using the MGMT interface on the back to SSH to the ICX 6610. The interface MTU is 1500:
sh int man 1 | i MTU
Internet address is xxx.xxx.xxx.xxx/24, MTU 1500 bytes, encapsulation ethernet
If I do the following, it crashes the SSH session. I don't recall that this happened prior to globally enabling jumbo frames.
conf t
int e x/x/x
ip ?
It crashes the session before actually displaying the question mark.
Other commands with lots of output (but not show commands, they're paginated or something via less or similar) also crash the session. For what it's worth, the NIC on this PC is configured for an MTU of 9000. The terminal is Token2Shell on Windows 10, also crashes XShell. Don't recall having this problem with some other access switches (SG-300's) with jumbo frames enabled, or on the ICX 6610 prior to enabling jumbo frames.
It's like the switch is originating its own larger MTU in response to the command '?", but is then dropping that frame on egress from it's MGMT interface due to the 1500 MTU (which can't be changed anyway) rather than fragmenting the packet...and somehow killing SSH in the process?
I do have an inband mgmt vlan and ve with 'ip mtu 1500' avaliable as well, might try accessing via that and see if it does the same...
******
EDIT:
So, global jumbo frames don't break the in-band SSH management. At least, not as long as you have the ip mtu 1500 set in the ve for the vlan as I do. The physical mgmt port remains broken. I can't be bothered rolling back jumbo globally and then reconfiguring all the vlans and int mtu's again just to confirm as this is an in use switch, but if someone with the same switch/software could check if they have a spare test switch, it might save someone a headache in future.
******
Switch Software:
sh ver
Copyright (c) 1996-2016 Brocade Communications Systems, Inc. All rights reserved.
UNIT 1: compiled on Apr 23 2020 at 13:17:12 labeled as FCXR08030u
(10545591 bytes) from Primary FCXR08030u.bin
SW: Version 08.0.30uT7f3
Boot-Monitor Image size = 370695, Version:10.1.00T7f5 (grz10100)
HW: Stackable ICX6610-48-HPOE
==========================================================================
UNIT 1: SL 1: ICX6610-48P POE 48-port Management Module
Serial #:
License: ICX6610_ADV_ROUTER_SOFT_PACKAGE (LID: )
P-ENGINE 0: type E02B, rev 01
P-ENGINE 1: type E02B, rev 01
==========================================================================
UNIT 1: SL 2: ICX6610-QSFP 10-port 160G Module
==========================================================================
UNIT 1: SL 3: ICX6610-8-port Dual Mode(SFP/SFP+) Module
==========================================================================
Last edited: