802.1X is an IEEE standard protocol that prevents unauthorized devices from gaining access to the network.

This feature adds support for associating a WAN interface with multiple Dynamic Path Selection (DPS) path groups to allow paths originating from the same interface to have different priorities.

TOI DPS EOS 4.32.1F

BGP Non Stop Forwarding (NSF) aims to minimize the traffic loss when the the following scenarios occur:

Route reflectors are commonly used to distribute routes between BGP peers belonging to the same autonomous system. However, this can lead to non-optimal path selection. The reason for this is that the route reflector chooses the optimal route based on IGP cost from its perspective. This may not be optimal from the perspective of the client as its location may be different from the RR

This feature adds support for BGP UCMP in the multi agent routing protocol model. The TOI for BGP UCMP in the ribd

The CPU CoS mapping feature can be configured on Front panel ports, sub-interfaces, LAG and LAG sub-interfaces. SVIs and Tunnel interfaces are not supported at this time.

MPLS speculative parsing is the parsing of the headers following the MPLS header. Because there is no ethertype following the MPLS header, it can be difficult to discern the following header type(s). Some headers can be misparsed, so certain configurations are provided to allow customization of the parsing behaviour.

MPLS EOS 4.32.1F

Connectivity Monitor is an EOS feature that allows users to monitor their network resources from their Arista switches. The resources being monitored may or may not be Arista devices. Connectivity monitoring is unidirectional in nature.

This document describes the configuration and behavior of physical interfaces on the DCS-7280SR3A-series switches including: Speed, Forward Error Correction (FEC), Logical ports, Precoding, Transceiver Online Insertion and Removal (OIR).

EOS 4.32.1F 7280SR3A

DirectFlow runs alongside the existing layer 2/3 forwarding plane, enabling a network architecture that incorporates new capabilities, such as TAP aggregation and custom traffic engineering, alongside traditional forwarding models. DirectFlow allows users to define flows that consist of match conditions and actions to perform that are a superset of the OpenFlow 1.0 specification. DirectFlow does not require a controller or any third party integration as flows can be installed via the CLI.

The Dot1x Dropped Counters count the packets that get dropped for dot1x interfaces. The following

Until EOS release 4.32.0F, EOS allows users to statically configure link min-delay and max-delay used for IS-IS FlexAlgo. This feature adds support for dynamic measurement of link delay using the TWAMP Light protocol described in RFC 8186 and provides it to IS-IS FlexAlgo dynamically.

This document describes how to configure and monitor this feature.

Segment Routing Traffic Engineering Policy (SR-TE) aka SR Policy makes use of Segment Routing (SR) to allow a headend to steer traffic along any path without maintaining per flow state in every node. A headend steers traffic into an SR Policy. SR-TE policies allow creating segment lists using segments along the shortest path or along a flex algo path. These policies can be traffic engineered to avoid the shortest or flex-algo paths.

EOS 4.32.1F Dynamic SR-TE

This feature introduces a new configurable attribute, weight, for vias through EosSdk and EosSdkRpc. The attribute is supported in both forward and nexthop_group type vias. A value of 0 indicates a via does not have a weight value and this is the default value for the attribute. Despite the attribute being type uint32, the maximum value it can support is 2^24 - 1 

Eossdk EosSdkRpc EOS 4.32.1F Weight

EVPN MPLS VPWS (RFC 8214) provides the ability to forward customer traffic to / from a given attachment circuit (AC) without any MAC lookup / learning. The basic advantage of VPWS over an L2 EVPN is the reduced control plane signalling due to not exchanging MAC address information. In contrast to LDP pseudowires, EVPN MPLS VPWS uses BGP for signalling. Port based and VLAN based services are supported.

Factory reset will reset the device back to the EOS.swi image and configs that the device came with from the factory saved on a different partition. The device can be reset either through push-button or through the command line interface. Once the factory reset is requested, the device will reboot and will delete all files on the normal partition to be replaced with the swi image and config files that were saved in the recovery partition during manufacturing.

EOS 4.32.1F Factory Reset

EOS supports the ability to match on a single VLAN tag (example: encapsulation dot1q vlan 10)  or a VLAN tag pair (example: encapsulation dot1q vlan 10 inner 20) to map matching packets to an interface. In this case, the encapsulation string is considered consumed by the mapped interface before forwarding, which means that the tags are effectively removed from the incoming packet for the purposes of any downstream forwarding.

A forwarding equivalence class (FEC) entry is the data structure that holds all reachable vias where the packets should be sent to, for certain routes. Before this feature, a FEC could not contain both IPv4 next hop vias and IPv6 next hop vias. This feature starts supporting FECs that have both IPv4 next hop vias and IPv6 next hop vias. In an Equal Cost Multi-Path (ECMP) FEC, some of the vias may have IPv4 next hop and others may have IPv6 next hop. 

BGP ECMP FEC PIC EOS 4.32.0F EOS 4.32.1F

This feature introduces hardware forwarding support for IPv4-over-IPv4 GRE tunnel interfaces on selected Arista

GRE Tunnel EOS 4.23.1F EOS 4.32.1F

The ip address virtual command is generally used to conserve IP addresses in VXLAN deployments and can be used to provide an Anycast gateway. On a VLAN, the same IP address can be configured using this command on multiple VTEPS or on both MLAG devices. Release 4.22.1F introduced [ip address virtual support for PIM and IGMP]. Using that solution, users are required to configure pim ipv4 local-interface on the VLAN interface. PIM and IGMP then borrow the IP address from the local interface specified. Using this configuration, IGMP skips subnet checks for received control messages.

Multicast Virtual IP Igmp EOS 4.32.1F

This feature enables IPv6 neighbor discovery (ND) proxies for IPv6 subnets on routed ports, L3 subinterfaces, and VLAN interfaces. IPv6 ND Proxy on VLAN interfaces support requires additional TCAM profile configuration. When enabling IPv6 ND proxy, all IPv6 ND Neighbor Solicitation (NS) packets will be trapped to the control plane instead of being forwarded. In response, IPv6 ND Neighbor Advertisement (NA) packets with the corresponding interface router MACs will be sent back.

EOS 4.26.1F EOS 4.32.1F

EOS IS-IS implementation advertises interface-address TLVs for both passive and non-passive interfaces. IS-IS “advertise interface-address passive-only” feature is used to control the advertisement of interface address TLVs in LSP Advertisement. Once this feature is enabled on the device, IS-IS advertises interface address TLVs i,e. IP Interface Address TLV #132 and IPv6 Interface Address TLV #232 only for passive interfaces in the LSP Advertisement and stops advertising these TLVs for active or non-passive interfaces.

IS-IS EOS 4.32.1F

This feature introduces a way for IS-IS to advertise its IP reachability and SID for loopback interfaces only when routes matching an RCF function are present. One example use-case is to use IS-IS Segment Routing to attract traffic to a router only when routes towards the ultimate destination are present.

Segment Routing IS-IS RCF EOS 4.32.1F

Segment Routing provides mechanism to define end-to-end paths within a topology by encoding paths as sequences of sub-paths or instructions. These sub-paths or instructions are referred to as “segments”. IS-IS Segment Routing (henceforth referred to as IS-IS SR) provides means to advertise such segments through IS-IS protocol.

Normally, a switch traps L2 protocol frames to the CPU. However, certain use-cases may require these frames to be forwarded or dropped. And in cases where the L2 protocol frames are forwarded (eg: Pseudowire), we may require the frames to be trapped to the CPU or dropped. The L2 Protocol Forwarding feature provides a mechanism to control the behavior of L2 protocol frames received on a port or subinterface.

Lanz Mirroring feature allows users to automatically mirror traffic queued as a result of congestion to either CPU or a different interface.

ECN (Explicit Congestion Notification) is a mechanism of notifying network congestion without dropping the packets.The ECN based network congestion notification can be done in two ways: queue-length based ECN, latency based ECN. The queue-length based ECN marks the ECT packets when the average VOQ length exceeds the configured ECN threshold value whereas latency based

This TOI describes the MAC limit per VLAN feature which can be used to limit the number of locally learned MAC addresses per VLAN.

MetaWatch is an FPGA-based feature available for Arista 7130 Series platforms. It provides precise timestamping of packets, aggregation and deep buffering for Ethernet links. Timestamp information and other metadata such as device and port identifiers are appended to the end of the packet as a trailer.

A mDNS Gateway extends the link-local scope of mDNS messages to additional subnets to provide service discovery and domain name resolution over an extended link-local multicast domain. A mDNS gateway can also peer with additional mDNS gateways to extend the logical link-local multicast domain to include directly connected subnets on a mDNS gateway peer.

Multicast VRF leak allows multicast traffic from a sender in one domain or VRF to be forwarded to a different domain or VRF, in which the receivers are connected. In the rest of this document, the VRF to which the multicast sender belongs to is referred to as the “source VRF” and the VRF that the multicast receiver belongs to is referred to as the “receiver VRF”.

This feature adds support for specifying Resolution Rib Profile as system-connected per-via (next-hop) for static routes. System-connected means that a static route is only resolved if the next-hop is reachable over a connected route. If system-connected is not specified, it means that the static route is resolved if the next-hop is reachable over any kind of route in the routing FIB, including a connected route as well as a tunnel rib.

In some situations, packets received by an ASIC need to be redirected to the control plane: packets that have the destination address of the router or packets that need special handling from the CPU for example. The control plane cannot handle as many packets as the ASIC. A system that protects the control plane against DOS and prioritizes packets to send to the CPU is needed.  This is accomplished by CoPP (control-plane policing). CoPP is already functioning, however, the CPU queues are statically allocated to a specific feature. If a feature is not used, the CPU queue statically allocated to the feature is not used either. This is a loss of resources.

EOS 4.32.1F CPU Queue

Configuring OSPF as PE-CE protocol enables us to distinguish between the “real external routes” and intra network routes between the sites that are stretched across VPN.  But the problem arises when VPN sites are in the same area and have a backdoor connection. With OSPFv3 as PE-CE protocol redistribution, CE routers end up getting inter-area routes (assuming the VRFs on the PE devices that connect the CE sites, are configured with the same OSPFv3 domain id) that actually belong to the same area and just happen to be multihomed to the backbone.

OSPFv3 OSPF PE-CE EOS 4.32.1F Sham link

This feature enables per port TC-To-COS mapping, where TC represents Traffic-Class and COS represents Vlan tag PCP bits. While at present there is a global TC-To-COS mapping, we can use the TC-To-COS feature to create custom profiles which can be applied to the required interfaces. 

This feature provides a continuous, live, stream of ingress counters for Policy-Based Routing (PBR) rules in terms of bytes and packets. It is implemented as a special call in EosSdkRpc and follows this definition:

The postcard telemetry (GreenT - GRE Encapsulated Telemetry) feature is used to gather per flow telemetry information like path and per hop latency. For network monitoring and troubleshooting flow related issues, it is desirable to know the path, latency and congestion information for flows at different times.

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.

Routing Control Functions (RCF) is a language that can express route filtering and attribute modification logic in a powerful and programmatic fashion.The document covers: Configurations of a RCF function for BGP points of application

RSVP-TE, the Resource Reservation Protocol (RSVP) for Traffic Engineering (TE), is used to distribute MPLS labels for steering traffic and reserving bandwidth. The Label Edge Router (LER) feature implements the headend functionality, i.e., RSVP-TE tunnels can originate at an LER which can steer traffic into the tunnel.

RSVP-TE applies the Resource Reservation Protocol (RSVP) for Traffic Engineering (TE), i.e., to distribute MPLS labels for steering traffic and reserving bandwidth.

The sFlow VPLS extension adds support for providing VPLS-related information to sFlow packet samples, for VPLS forwarded traffic. Specifically, for customer traffic ingressing on a CE-facing PE interface in a VPLS deployment that uses statically configured LDP pseudowires, information such as the name of the VPLS instance and the ID of the pseudowire that the packet will egress over will be included in the sFlow datagram.

Sflow VPLS EOS 4.32.0F EOS 4.32.1F

Priority-based flow control (PFC) buffer counters track ingress port buffer usage for each packet priority. This feature displays the high watermark buffer usage over two time intervals: a polling interval (by default 2 seconds) and the encompassing interval since the counters were cleared. The PFC buffer counter watermarks can be used to expose bursty and transient ingress buffer resource usage. High watermark values indicate congestion conditions that could explain packet loss.

Counters PFC EOS 4.32.1F Buffers

Split horizon groups (SHG) may be used to divide all subinterfaces and VPLS pseudowires in a VLAN to different bridging groups so that bridging is prevented between members of the same SHG. Bridging is allowed between members of different SHGs and subinterfaces which don’t belong to any SHG.

This feature adds support for Static Route UCMP local forwarding in the multi-agent routing protocol model. Unequal Cost Multi Path (UCMP) for Static Route is a mechanism for forwarding traffic from a device for an ECMP route in the ratio of the weights with which the next hops of that route are programmed in the FIB.

UCMP Static Route EOS 4.32.1F

This feature adds support for CPU traffic policy capable of matching and acting on IP traffic which would otherwise

The Command-tag feature adds support for grouping multiple configuration units/commands across features using a single command-tag, which is essentially a string. This tag can then be used to enable/disable/remove/disassociate all the associated commands with the tag, using a single CLI command, instead of performing the operation individually for each configuration command.

Fail-To-Wire feature enables monitoring for software failures. Fail-To-Wire is a hardware supported feature. Since some agents are considered critical for the system, following events are tracked:

EOS 4.32.1F FailToWire Fail Wire

gNSI (gRPC Network Security Interface) defines a set of gRPC-based microservices for executing security-related operations on network devices.

The new feature maintains STP restartability while a portfast-enabled port’s link status changes. In older releases, when portfast is enabled on an interface and the interface is flapping, i.e., going up and down, STP becomes non-restartable. After the new feature is introduced, STP remains restartable during port flapping. This may be applicable in several scenarios, but the most common usage is to keep STP restartable after endpoints are connected and disconnected. This feature is important for SSU because an SSU can only be performed while STP is restartable. After the portfast port's link status changes, SSU can still be conducted.

STP EOS 4.32.1F Portfast