IP Infusion announces the general availability of OcNOS CP 7.0, the latest version of its production-ready networking control plane source code platform. OcNOS CP — formerly known as ZebOS — is designed for networking vendors, system integrators, and enterprises building connected systems that require a proven, carrier-grade control plane foundation.
OcNOS CP 7.0 introduces two enhanced purpose-built bundles, stronger security capabilities, improved operational visibility, and expanded automation support. This release continues IP Infusion’s commitment to delivering a structured product roadmap — not a services-driven, ad-hoc development model.
Two New Control Plane Bundles
OcNOS-CP-SR-MPLS Bundle: Modernizing Service Provider Networks
The SR-MPLS bundle eliminates the complexity of LDP and RSVP-TE from existing MPLS networks while enabling deterministic path control through Segment Routing Traffic Engineering. Key features include:
- Segment Routing with IS-IS and OSPF — IGP-distributed labels replace LDP, reducing control-plane state across the entire network
- SR-TE and Flex-Algo — explicit path control and custom routing algorithms for network slicing without additional hardware
- TI-LFA Fast Reroute — topology-independent pre-computed backup paths for sub-50ms failover
- BGP-LU (Labeled Unicast) — seamless inter-domain label distribution for multi-domain SR deployments
- EVPN over SR-MPLS — L2VPN and L3VPN services riding the SR underlay for a unified service architecture
! OcNOS CP 7.0 -- SR-MPLS bundle: IS-IS SR with TI-LFA
!
router isis DOMAIN
net 49.0001.0000.0000.0002.00
is-type level-2-only
segment-routing mpls
fast-reroute per-prefix level-2 ti-lfa
!
address-family ipv4 unicast
segment-routing mpls
fast-reroute per-prefix ti-lfa
exit-address-family
!
interface lo
ip address 10.0.0.2/32
ip router isis DOMAIN
isis segment-routing prefix-sid index 2
!
! Verify TI-LFA backup paths
! show isis fast-reroute summary
! show isis fast-reroute 10.0.0.5/32 detailOcNOS-CP-EVPN-VXLAN Bundle: Scalable Data Center and Campus Fabrics
The EVPN-VXLAN bundle transforms data center and campus networking by replacing the 4K VLAN limitation with 16 million VXLAN Network Identifiers (VNIDs), moving MAC learning from the data plane to the BGP control plane, and enabling clean L3 Clos fabric design without STP dependency.
! OcNOS CP 7.0 -- EVPN-VXLAN bundle: L2VPN ELINE over VXLAN
!
vlan 100
vni 10100
!
router bgp 65001
!
address-family l2vpn evpn
neighbor 10.0.0.3 activate
advertise-all-vni
!
!
interface vxlan1
vxlan local-tunnelip 10.0.0.1
vxlan vlan 100 vni 10100
!
! Verify EVPN state:
! show bgp l2vpn evpn summary
! show evpn vni detail
! show mac address-table evpnEnhanced Security: First-Hop Security and Traffic Protection
OcNOS CP 7.0 strengthens first-hop security with Dynamic ARP Inspection (DAI), IP Source Guard (IPSG), and DHCPv4/v6 snooping — protecting hosts within the fabric from ARP spoofing, IP address theft, and rogue DHCP servers. Traffic protection mechanisms include uRPF (Unicast Reverse Path Forwarding) and enhanced ACL capabilities for edge enforcement.
! OcNOS CP 7.0 -- First-hop security configuration
!
! Enable DHCP snooping globally and per-VLAN
ip dhcp snooping
ip dhcp snooping vlan 100-200
!
! Trust the uplink (toward DHCP server)
interface Ethernet1/1
ip dhcp snooping trust
!
! Enable DAI on untrusted VLANs
ip arp inspection vlan 100-200
!
! Enable IP Source Guard on access ports
interface Ethernet1/10
ip verify sourceOperational Visibility: TWAMP, Y.1731, and IP SLA
OcNOS CP 7.0 includes comprehensive performance measurement capabilities for service assurance. TWAMP (Two-Way Active Measurement Protocol) enables bidirectional delay, jitter, and packet loss measurement between any two network nodes. Y.1731 provides Ethernet-level OAM for service-level verification. IP SLA enables event-driven automation triggered by performance threshold violations.
! OcNOS CP 7.0 -- TWAMP session for service SLA verification
!
twamp server
port 862
timer inactivity 900
!
twamp sender
session SLA-CHECK
destination 10.100.1.1
port 862
dscp 46 ! EF for high-priority measurement
interval 1000 ! 1-second test interval
packet-size 256
!
!
! Trigger automation on SLA violation using IP SLA
ip sla 1
icmp-echo 10.100.1.1
threshold 100 ! 100ms RTT threshold
frequency 30
!
ip sla schedule 1 start-time now life forever
!
track 1 ip sla 1 reachability
delay down 10 up 5Who Is OcNOS CP For
OcNOS CP 7.0 is used by organizations that need source-code access to a production-grade control plane for deep integration, customization, and product differentiation:
- OEMs and ODMs building white-box networking platforms on merchant silicon
- Security vendors (firewalls, SD-WAN, SASE) that need a full routing stack embedded in their product
- Cloud operators requiring a customizable control plane for proprietary fabric architectures
- Enterprise networking teams building internal infrastructure on custom hardware
Customers include over 300 networking product companies worldwide, with deployments across Tier-1 service providers and major enterprise networks.
- OcNOS CP 7.0 — Platform Overview and Positioning
- OcNOS CP Product Page
- OcNOS Feature Matrix
- Contact IP Infusion
Alan Huang is Senior Product Manager, Data Center at IP Infusion. Connect on LinkedIn.