EOS 4.32.1F TOI

802.1X is an IEEE standard protocol that prevents unauthorized devices from gaining access to the network.

This feature adds support for associating a WAN interface with multiple Dynamic Path Selection (DPS) path groups to allow paths originating from the same interface to have different priorities.

BGP Non Stop Forwarding (NSF) aims to minimize the traffic loss when the the following scenarios occur:

Route reflectors are commonly used to distribute routes between BGP peers belonging to the same autonomous system. However, this can lead to non-optimal path selection. The reason for this is that the route reflector chooses the optimal route based on IGP cost from its perspective. This may not be optimal from the perspective of the client as its location may be different from the RR

This feature adds support for BGP UCMP in the multi agent routing protocol model. The TOI for BGP UCMP in the ribd

MPLS speculative parsing is the parsing of the headers following the MPLS header. Because there is no ethertype following the MPLS header, it can be difficult to discern the following header type(s). Some headers can be misparsed, so certain configurations are provided to allow customization of the parsing behaviour.

Connectivity Monitor is an EOS feature that allows users to monitor their network resources from their Arista switches. The resources being monitored may or may not be Arista devices. Connectivity monitoring is unidirectional in nature.

This document describes the configuration and behavior of physical interfaces on the DCS-7280SR3A-series switches including: Speed, Forward Error Correction (FEC), Logical ports, Precoding, Transceiver Online Insertion and Removal (OIR).

The Dot1x Dropped Counters count the packets that get dropped for dot1x interfaces. The following

EOS allows users to statically configure link min-delay and max-delay used for IS-IS FlexAlgo until EOS release 4.32.0. This feature adds support for dynamic measurement of link delay using the TWAMP Light protocol described in RFC8186 and provides it to IS-IS FlexAlgo dynamically.

Segment Routing Traffic Engineering Policy (SR-TE) aka SR Policy makes use of Segment Routing (SR) to allow a headend to steer traffic along any path without maintaining per flow state in every node. A headend steers traffic into an SR Policy. SR-TE policies allow creating segment lists using segments along the shortest path or along a flex algo path. These policies can be traffic engineered to avoid the shortest or flex-algo paths.

This feature introduces a new configurable attribute, weight, for vias through EosSdk and EosSdkRpc. The attribute is supported in both forward and nexthop_group type vias. A value of 0 indicates a via does not have a weight value and this is the default value for the attribute. Despite the attribute being type uint32, the maximum value it can support is 2^24 - 1 

EVPN MPLS VPWS (RFC 8214) provides the ability to forward customer traffic to / from a given attachment circuit (AC) without any MAC lookup / learning. The basic advantage of VPWS over an L2 EVPN is the reduced control plane signalling due to not exchanging MAC address information. In contrast to LDP pseudowires, EVPN MPLS VPWS uses BGP for signalling. Port based and VLAN based services are supported.

Factory reset will reset the device back to the EOS.swi image and configs that the device came with from the factory saved on a different partition. The device can be reset either through push-button or through the command line interface. Once the factory reset is requested, the device will reboot and will delete all files on the normal partition to be replaced with the swi image and config files that were saved in the recovery partition during manufacturing.

EOS supports the ability to match on a single VLAN tag (example: encapsulation dot1q vlan 10)  or a VLAN tag pair (example: encapsulation dot1q vlan 10 inner 20) to map matching packets to an interface. In this case, the encapsulation string is considered consumed by the mapped interface before forwarding, which means that the tags are effectively removed from the incoming packet for the purposes of any downstream forwarding.

This feature introduces hardware forwarding support for IPv4-over-IPv4 GRE tunnel interfaces on selected Arista

The ip address virtual command is generally used to conserve IP addresses in VXLAN deployments and can be used to provide an Anycast gateway. On a VLAN, the same IP address can be configured using this command on multiple VTEPS or on both MLAG devices. Release 4.22.1F introduced [ip address virtual support for PIM and IGMP]. Using that solution, users are required to configure pim ipv4 local-interface on the VLAN interface. PIM and IGMP then borrow the IP address from the local interface specified. Using this configuration, IGMP skips subnet checks for received control messages.

This feature enhances IPv4 VRF scale to 256 VRFs on AWE-7230R and AWE-7250R. On CloudEOS, the VRF scale is as follows

EOS IS-IS implementation advertises interface-address TLVs for both passive and non-passive interfaces. IS-IS “advertise interface-address passive-only” feature is used to control the advertisement of interface address TLVs in LSP Advertisement. Once this feature is enabled on the device, IS-IS advertises interface address TLVs i,e. IP Interface Address TLV #132 and IPv6 Interface Address TLV #232 only for passive interfaces in the LSP Advertisement and stops advertising these TLVs for active or non-passive interfaces.

This feature introduces a way for IS-IS to advertise its IP reachability and SID for loopback interfaces only when routes matching an RCF function are present. One example use-case is to use IS-IS Segment Routing to attract traffic to a router only when routes towards the ultimate destination are present.

L2 protocol packets - LLDP, LACP and STP are trapped to the CPU by default. This feature allows for disabling the per protocol trap on a given set of interfaces. Starting from 4.32.1F, forwarding of MACsec EAPoL frames is also supported on a per interface basis on certain platforms.

Lanz Mirroring feature allows users to automatically mirror traffic queued as a result of congestion to either CPU or a different interface.

ECN (Explicit Congestion Notification) is a mechanism of notifying network congestion without dropping the packets.The ECN based network congestion notification can be done in two ways: queue-length based ECN, latency based ECN. The queue-length based ECN marks the ECT packets when the average VOQ length exceeds the configured ECN threshold value whereas latency based

This feature adds support for specifying Resolution Rib Profile as system-connected per-via (next-hop) for static routes. System-connected means that a static route is only resolved if the next-hop is reachable over a connected route. If system-connected is not specified, it means that the static route is resolved if the next-hop is reachable over any kind of route in the routing FIB, including a connected route as well as a tunnel rib.

In some situations, packets received by an ASIC need to be redirected to the control plane: packets that have the destination address of the router or packets that need special handling from the CPU for example. The control plane cannot handle as many packets as the ASIC. A system that protects the control plane against DOS and prioritizes packets to send to the CPU is needed.  This is accomplished by CoPP (control-plane policing). CoPP is already functioning, however, the CPU queues are statically allocated to a specific feature. If a feature is not used, the CPU queue statically allocated to the feature is not used either. This is a loss of resources.

Configuring OSPF as PE-CE protocol enables us to distinguish between the “real external routes” and intra network routes between the sites that are stretched across VPN.  But the problem arises when VPN sites are in the same area and have a backdoor connection. With OSPFv3 as PE-CE protocol redistribution, CE routers end up getting inter-area routes (assuming the VRFs on the PE devices that connect the CE sites, are configured with the same OSPFv3 domain id) that actually belong to the same area and just happen to be multihomed to the backbone.

The postcard telemetry (GreenT - GRE Encapsulated Telemetry) feature is used to gather per flow telemetry information like path and per hop latency. For network monitoring and troubleshooting flow related issues, it is desirable to know the path, latency and congestion information for flows at different times.

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.

Routing Control Functions (RCF) is a language that can express route filtering and attribute modification logic in a powerful and programmatic fashion.The document covers: Configurations of a RCF function for BGP points of application

The sFlow VPLS extension adds support for providing VPLS-related information to sFlow packet samples, for VPLS forwarded traffic. Specifically, for customer traffic ingressing on a CE-facing PE interface in a VPLS deployment that uses statically configured LDP pseudowires, information such as the name of the VPLS instance and the ID of the pseudowire that the packet will egress over will be included in the sFlow datagram.

Priority-based flow control (PFC) buffer counters track ingress port buffer usage for each packet priority. This feature displays the high watermark buffer usage over two time intervals: a polling interval (by default 2 seconds) and the encompassing interval since the counters were cleared. The PFC buffer counter watermarks can be used to expose bursty and transient ingress buffer resource usage. High watermark values indicate congestion conditions that could explain packet loss.

Split horizon groups (SHG) may be used to divide all subinterfaces and VPLS pseudowires in a VLAN to different bridging groups so that bridging is prevented between members of the same SHG. Bridging is allowed between members of different SHGs and subinterfaces which don’t belong to any SHG.

This feature adds support for Static Route UCMP local forwarding in the multi-agent routing protocol model. Unequal Cost Multi Path (UCMP) for Static Route is a mechanism for forwarding traffic from a device for an ECMP route in the ratio of the weights with which the next hops of that route are programmed in the FIB.

Fail-To-Wire feature enables monitoring for software failures. Fail-To-Wire is a hardware supported feature. Since some agents are considered critical for the system, following events are tracked:

The new feature maintains STP restartability while a portfast-enabled port’s link status changes. In older releases, when portfast is enabled on an interface and the interface is flapping, i.e., going up and down, STP becomes non-restartable. After the new feature is introduced, STP remains restartable during port flapping. This may be applicable in several scenarios, but the most common usage is to keep STP restartable after endpoints are connected and disconnected. This feature is important for SSU because an SSU can only be performed while STP is restartable. After the portfast port's link status changes, SSU can still be conducted.

This feature provides a cli command showing the list of mac addresses which could not be learned due to hash collision in the hardware table. A hash collision occurs when two or more distinct pieces of data map to the same entry ( or slot ) in the hardware table. It can happen when the hash function used to calculate the index for a given mac address results in the already occupied index, resulting in failure of inserting the later mac address to the hardware table.

This TOI supplements the Ingress Traffic Policy applied on ingress port interfaces. Please refer to that document for a description of Traffic Policies and field-sets. This TOI explains the Traffic Policies as applied in the ingress direction on VLAN interfaces.

This feature introduces the ability to define matching rules to configure transceiver tuning on a switch. This is useful when a particular collection of transceivers are known to require tuning values which differ from EOS defaults.

This feature is only applicable to shaped port-channel subinterfaces. Traffic destined to a shaped port-channel subinterface would be load-balanced across all members of the port-channel. Shaping configured on the port-channel subinterface will be directly used across all the members of port-channel. Load-balancing criterion for flows destined to a shaped port-channel subinterface is the same as parent port-channel load-balancing criterion. Each shaped port-channel subinterface consumes as many SPPID (System physical port identifier) as the number of members added to the port-channel along with one extra port-channel resource (LAG ID) to combine all these SPPID. Anchor based approach is default behavior and we explicitly need to enable and reload the system for this feature to work.

SwitchApp is an FPGA-based feature available on Arista’s 7130LB-Series and 7132LB-Series platforms. It performs ultra low latency Ethernet packet switching. Its packet switching feature set, port count, and port to port latency are a function of the selected SwitchApp profile. Detailed latency measurements are available in the userguide on the Arista Support site.

Tap aggregation traffic steering allows users to redirect traffic flows received on TAP interfaces based on configurable policy-map rules. This feature enables the ability to define policy-map rules that filter on IP header fields on the following Ethernet-over-MPLS packet types.

This feature comprises two parts:

To extend Traffic Steering to Nexthop Groups (GRE) by allowing us to specify one or more nexthop groups of type DzGRE (DANZ GRE) as the destination for a TAP aggregation steering policy. A DzGRE header will be encapsulated to the packets sending out a nexthop group of type DZGRE.

To extend GRE Tunnel Termination by allowing decapsulation of traffic received from nexthop groups of type DZGRE and adding VLAN tags based on DZGRE metadata.

User-defined recovery policy is a type of reset that allows the customer to rollback a device to a previously saved state. A state can be saved by taking a snapshot of the configuration files that the customer wants to save.  Once a snapshot has been taken, the device can be reset either through push-button or through the command line interface. This feature provides a trivial way to get back to a tested and working version of EOS.swi with user-defined configs in case of failure.

This feature allows traffic ingressing a VLAN to be mirrored. It mirrors based on the VLAN tag in the Ethernet header, so it is not port based.