- Written by Asang Dani
- Posted on April 17, 2024
- Updated on April 17, 2024
- 1167 Views
The goal of route prioritization is to improve overall network behavior by ensuring that routes classified as having a higher priority are processed and installed in a timely fashion. Activity for lower priority routes must not significantly delay high priority route processing. For example, when a network event affects a large number of BGP routes causing them to be reprogrammed, the programming of an important IGP route that provides underlay connectivity and is affected by a subsequent event should not have to be queued behind the BGP routes. Prioritizing the IGP route programming will improve network convergence. It may also eliminate duplicate work for other routes depending on it.
- Written by David Cronin
- Posted on March 3, 2022
- Updated on July 3, 2024
- 10477 Views
Routing Control Functions (RCF) is a language that can express route filtering and attribute modification logic in a powerful and programmatic fashion.The document covers: Configurations of a RCF function for BGP points of application
- Written by Sergiu Stambolian
- Posted on March 31, 2017
- Updated on June 5, 2024
- 6110 Views
Sampled Mirroring is an extension of the Mirroring feature and sampling is a property of the individual mirroring session: when the session's sample rate N is specified, a packet eligible for mirroring will have a 1/N chance of being mirrored, that is, 1 packet is mirrored for every N packets.
- Written by Haotian Zhang
- Posted on June 4, 2020
- Updated on May 31, 2024
- 7302 Views
This article describes the support for Filtered Mirroring using security ACL. The user can selectively mirror packets based on the statement in the configured IPv4, IPv6 or MAC ACL.
- Written by Athish Rao
- Posted on March 5, 2021
- Updated on May 30, 2024
- 10128 Views
Segment Routing Traffic Engineering Policy (SR-TE) aka SR Policy makes use of Segment Routing (SR) to allow a headend to steer traffic along any path without maintaining per flow state in every node. A headend steers traffic into an SR Policy.
- Written by Gokul Unnikrishnan
- Posted on June 27, 2024
- Updated on June 27, 2024
- 290 Views
The sFlow VPLS extension adds support for providing VPLS-related information to sFlow packet samples, for VPLS forwarded traffic. Specifically, for customer traffic ingressing on a CE-facing PE interface in a VPLS deployment that uses statically configured LDP pseudowires, information such as the name of the VPLS instance and the ID of the pseudowire that the packet will egress over will be included in the sFlow datagram.
- Written by Gokul Unnikrishnan
- Posted on May 7, 2024
- Updated on May 7, 2024
- 774 Views
The sFlow VPLS extension adds support for providing VPLS-related information to sFlow packet samples, for VPLS forwarded traffic. Specifically, for customer traffic ingressing on a CE-facing PE interface in a VPLS deployment that uses statically configured LDP pseudowires, information such as the name of the VPLS instance and the ID of the pseudowire that the packet will egress over will be included in the sFlow datagram.
- Written by Thejesh Panchappa
- Posted on May 1, 2015
- Updated on May 13, 2024
- 6424 Views
This is an infrastructure that provides management of SSL certificates, keys and profiles. SSL/TLS is an application-layer protocol that provides secure transport between client and server through a combination of authentication, encryption and data integrity. SSL/TLS uses certificates and private-public key pairs to provide this security.
- Written by Fathima Thasneem
- Posted on August 23, 2022
- Updated on May 30, 2024
- 5206 Views
Interface reflectors are useful to make sure a service provided to customers is working as expected and it's within SLA constraints. Now, we are extending the support to configure subinterfaces as ethernet reflector. The Subinterface Interface Reflector feature allows performing certain actions (such as source/destination MAC address swap) on packets reaching subinterfaces patched to Pseudowire that are reflected back to the source interface. It is useful to test properties and SLAs before deploying the service for a customer.
- Written by Josh Pfosi
- Posted on June 11, 2019
- Updated on April 22, 2024
- 10328 Views
This feature adds support for CPU traffic policy capable of matching and acting on IP traffic which would otherwise
- Written by Deepanshu Shukla
- Posted on August 21, 2020
- Updated on June 3, 2024
- 11123 Views
This feature adds support for “Dynamic Load Balancing (DLB)” on Equal Cost Multi Path (ECMP) groups.
It is intended to help overcome the potential shortcomings of traditional hash-based load balancing by considering the traffic load of members of ECMP groups. DLB considers the state of the port while assigning egress ports to packets, resulting in a more even flow. The state of each port member is determined by measuring the amount of data transmitted from a given port and total number of packets enqueued to a given port.
- Written by Sameer Pakalapati
- Posted on July 3, 2024
- Updated on July 3, 2024
- 196 Views
The Command-tag feature adds support for grouping multiple configuration units/commands across features using a single command-tag, which is essentially a string. This tag can then be used to enable/disable/remove/disassociate all the associated commands with the tag, using a single CLI command, instead of performing the operation individually for each configuration command.
- Written by Brian Neville
- Posted on November 8, 2023
- Updated on May 17, 2024
- 2828 Views
gNSI (gRPC Network Security Interface) defines a set of gRPC-based microservices for executing security-related operations on network devices.
- Written by Brian Hsieh
- Posted on May 7, 2024
- Updated on May 7, 2024
- 716 Views
IPv6 Duplicate Address Detection Proxy is a proxy-based mechanism allowing the use of Duplicate Address Detection (DAD) by IPv6 nodes in a point-to-multipoint architecture with a "split-horizon" forwarding scheme. In Split-horizon scenario where the hosts can not directly communicate with each other, but only through a BNG (Broadband Network Gateway).
- Written by Adrian Fettes
- Posted on June 5, 2020
- Updated on May 20, 2024
- 6336 Views
GRE ( Generic Routing Encapsulation ) packet header has a Key extension which is used by Arista to carry packet metadata. Currently packets mirrored at egress to a GRE tunnel destination do not have this information. This feature could be used to enable metadata in egress mirrored packets to GRE destinations.
- Written by Basil Saji
- Posted on November 9, 2020
- Updated on May 21, 2024
- 9149 Views
Private VLAN is a feature that segregates a regular VLAN broadcast domain while maintaining all ports in the same IP subnet. There are three types of VLAN within a private VLAN
- Written by David Jowett
- Posted on April 18, 2024
- Updated on April 18, 2024
- 979 Views
This feature extends sampled flow tracker to support the selective sampling of certain traffic types (specified globally), such as routed IPv4, routed IPv6, and MPLS pop and route IPv4, per interface. The feature is applicable on interfaces, subinterfaces, port channels, and port channel subinterfaces.
- Written by Patrick MacArthur
- Posted on February 23, 2021
- Updated on April 18, 2024
- 6207 Views
Sub-interfaces can be grouped into logical units called scheduling groups, which are shaped as a single unit. Each scheduling group may be assigned a scheduling policy which defines a shape rate in kbps and optionally a guaranteed bandwidth, also in kbps.
- Written by Krystian
- Posted on May 15, 2024
- Updated on May 15, 2024
- 648 Views
Support is added to use VRRP (Virtual Router Redundancy Protocol) virtual IP (Internet Protocol) address as an IPsec ( Internet Protocol Security) tunnel source or destination address. This allows for configurations that offer both security (provided by IPsec tunnels) and redundancy (provided by VRRP).
- Written by Sandeep Kopuri
- Posted on October 7, 2019
- Updated on May 17, 2024
- 9378 Views
Topology Independent Fast Reroute, or TI-LFA, uses IS-IS SR to build loop-free alternate paths along the post-convergence path. These loop-free alternates provide fast convergence.
- Written by Prateek Mali
- Posted on August 19, 2020
- Updated on May 22, 2024
- 17594 Views
Access Control Lists (ACL) use packet classification to mark certain packets going through the packet processor pipeline and then take configured action against them. Rules are defined based on various fields of packets and usually TCAM is used to match packets to rules. For example, there can be a rule to match the packet source IP address against a list of IP addresses, and drop the packet if there is a match. This will be expressed in TCAM with multiple entries matching the list of IP addresses. Number of entries is reduced by masking off bits, if possible. TCAM is a limited resource, so with classifiers having a large number of rules and a big field list, TCAM runs out of resources.
- Written by Eddie Xie
- Posted on January 31, 2024
- Updated on July 15, 2024
- 1342 Views
This TOI supplements the Ingress Traffic Policy applied on ingress port interfaces. Please refer to that document for a description of Traffic Policies and field-sets. This TOI explains the Traffic Policies as applied in the ingress direction on VLAN interfaces.
- Written by Matthew Carrington-Fair
- Posted on March 3, 2023
- Updated on May 21, 2024
- 3596 Views
This feature allows IP FIB (Forwarding Information Base) export through the OpenConfig AFT YANG models.
- Written by Prasanna Parthasarathy
- Posted on December 23, 2021
- Updated on July 12, 2024
- 11595 Views
SwitchApp is an FPGA-based feature available on Arista’s 7130LB-Series and 7132LB-Series platforms. It performs ultra low latency Ethernet packet switching. Its packet switching feature set, port count, and port to port latency are a function of the selected SwitchApp profile. Detailed latency measurements are available in the userguide on the Arista Support site.
- Written by Victoria Austin
- Posted on June 5, 2023
- Updated on May 2, 2024
- 1971 Views
This feature is disabled by default. It can be enabled by a CLI toggle "logging transceiver communication" under the "monitor layer1" config mode. Note that “logging transceiver” will enable SMBus communication failure and digital optical monitoring syslogs. See under Resources for more information on digital optical monitoring syslogs.
- Written by Pierre
- Posted on May 30, 2024
- Updated on July 10, 2024
- 468 Views
User-defined recovery policy is a type of reset that allows the customer to rollback a device to a previously saved state. A state can be saved by taking a snapshot of the configuration files that the customer wants to save. Once a snapshot has been taken, the device can be reset either through push-button or through the command line interface. This feature provides a trivial way to get back to a tested and working version of EOS.swi with user-defined configs in case of failure.
- Written by Isidor Kouvelas
- Posted on February 28, 2022
- Updated on May 17, 2024
- 12656 Views
Virtual Private LAN Service (VPLS) appears in (almost) all respects as an Ethernet type service to customers of a Service Provider (SP). A VPLS glues together several individual LANs across a packet switched network to appear and function as a single bridged LAN.
- Written by Ronish Kalia
- Posted on June 12, 2019
- Updated on April 18, 2024
- 6690 Views
This feature enables policer (using policy-map) on a VTEP to rate limit traffic per VLAN/VNI. The policer can be applied in both input and output directions to rate limit decapsulated and encapsulated VXLAN traffic, respectively. Prior to EOS-4.32.0F, the policers are not applicable on multicast traffic through the VTEP. For platforms supporting rate limiting of both bridged and routed encapsulated traffic, the rate limiting would be done on common policer limits.
- Written by Simon Liang
- Posted on September 5, 2021
- Updated on May 30, 2024
- 7668 Views
This document describes the VRF selection policy and VRF fallback feature. A VRF selection policy contains match rules that specify certain criteria (e.g. DSCP, IP protocol) as well as a resulting action to select a VRF in which to do the FIB lookup. The VRF fallback feature is an extension of these policies which allows users to optionally specify a “fallback” VRF for each VRF. The behavior is such that if the FIB lookup fails in a match rule’s selected VRF, another lookup will be attempted in the configured fallback VRF. Additionally, the fallback VRF itself can have yet another fallback VRF, such that if the lookup in the VRF and fallback VRF fail, the fallback-of-the-fallback VRF will be looked up (see the Configuration section for an example of this).
- Written by Navlok Mishra
- Posted on February 8, 2017
- Updated on May 17, 2024
- 6355 Views
WRED ( Weighted Random Early Detection ) is one of the congestion management techniques.