Tag :: EOS 4.33.2F

802.1X is an IEEE standard protocol that prevents unauthorized devices from gaining access to the network.

Agile ports allow users to connect 40G interfaces on 7130 products utilizing multiple SFP ports per 40G capable interface. This enables 40G capable applications, such as MetaConnect and MetaWatch, to operate at that speed.

The automatic Route Distinguisher (auto RD) feature is designed to simplify customer configuration by automating RD assignment. This feature is supported for the following address families.

BGP Monitoring Protocol (BMP) allows a monitoring station to connect to a router and collect all of the BGP announcements received from the router’s BGP peers. The announcements are sent to the station in the form of BMP Route Monitoring messages generated from path information in the router’s BGP internal tables. A BMP speaker may choose to send either Adj-Rib-In routes, or Loc-Rib routes (as defined by RFC9069), or both.

This feature adds support for user-configured BGP Nexthop Resolution RIB profiles for various BGP-based services e.g. IP unicast, L3 VPN, EVPN, etc. The feature allows an administrator to customize the next hop resolution semantics of BGP routes with an ordered list, or profile, of resolution RIB domains (i.e., either tunnel or IP domain). This allows EOS to direct specific services over the specified RIB domains, overriding the default behavior.

RPKI provides a mechanism to validate the originating AS of an advertised prefix. Using the result of the validation to apply inbound policy in a route map.

When a Provider Edge (PE) device loses BGP connectivity to the core (uplink) devices, it may be unable to forward any traffic from its downlink devices, typically CE (Customer Edge) devices. It is beneficial to indicate this connectivity loss to these CE devices so that they may find alternative paths to forward traffic.

Bidirectional Protocol Independent Multicast (PIM) allows routers to build trees to deliver multicast traffic from sources to receivers. It is a variant of sparse-mode PIM that efficiently addresses the use case where receivers for a multicast group are also sources for that group. While sparse-mode PIM builds shared trees and source-specific trees, bidirectional PIM only builds shared trees. A shared tree for a multicast group is rooted at the Rendezvous Point (RP) for that group. The RP for a bidirectional group is an IP address, which may or may not be real, but is reachable via all routers in the multicast domain. There may be multiple RPs in a multicast domain.

This feature allows failover to the backup path to occur in constant time per interface going down for features such as RSVP link protection, RSVP node protection, TI-LFA link protection, and BGP PIC. Without this feature enabled, it would take time proportional to the number of paths going over the interface experiencing the link down event to failover to the backup path. With this feature enabled, the failover time would be constant regardless of the number of paths.

Arista CloudEOS provides optimized routing and security functionality by connecting different enterprise branches, DCs and head office across different geographical regions, zones and sites. It uses traffic engineering to leverage the best paths across a bunch of Dynamic Path Selection( DPS ) tunnels which are used to carry the overlay data traffic. It uses the concept of AVT( Adaptive Virtual Topology) to map any given VRF traffic into a specific subsets of traffic each of which is treated uniformly for the routing/security perspective.

Cluster Load Balancing is a feature designed to ensure optimal load balancing of flows used as part of GPU based cluster communication. When this feature is enabled, a TOR router monitors RoCE traffic flowing between the GPU servers and spine uplinks and ensures optimal load balancing in the network.

Currently when programming ECMP routes only one path is programmed in the kernel. There exists an environment variable (KERNELFIB_PROGRAM_ALL_ECMP) that allows users to program all paths from an ECMP route in the kernel. However, setting the variable requires restarting the KernelFib agent. This restart then reprograms all the routes.

Arista’s DCS-7130LBR series of switches are powerful network devices designed for ultra latency applications along with a wealth of networking features.

Arista’s DCS-7135LB series of switches are network devices designed for ultra low-latency applications along with a suite of networking features. It combines the following functionality on a single device

This feature introduces a configurable delay for flushing the MAC address when the network interface goes down, reducing unnecessary MAC address flushing during transient link failures. By default, when the link goes down MAC addresses associated with the link are flushed immediately. With this feature MAC address flushing is delayed by the configured time when the link goes down and if the link comes up before the configured timer elapses MAC addresses won’t be flushed from the forwarding table and the timer is cancelled. 

IPsec control packets are generally sent out of any of the egress interfaces based on the ECMP IP route that covers the remote IP address of the IPsec connection. This is not suited in some deployments. For example, when an IPsec end device is establishing connections with another device across more than one ISP (Internet Service Provider) and the control packets may get different NAT treatment based on which ISP they are going over.

Precision Time Protocol (PTP) management messages are general PTP messages sent to PTP-enabled switches on the data plane. On Arista switches, its behavior depends on the configured PTP mode. In Boundary Clock mode, they are handled by the control plane. In Transparent Clock mode, they are forwarded in the data plane. PTP management messages can be sent through the PTP network either in a multicast or unicast fashion (by using ptp forward unicast, see Forwarding Unicast PTP Packets in Boundary Mode).

Dynamic NAT connection limit is a feature that provides the functionality to limit the number of dynamic NAT connections.

This feature enables users to configure MPLS EXP rewrite behavior on the egress interface based upon the global TC-to-EXP mapping. Starting from software version 4.33.2F, the CLI configuration to enable or disable EXP rewrite on the egress interface introduces a clear distinction in the behavior of MPLS EXP processing during POP and SWAP operations.

Event monitor is extended to support new event types that continuously synchronize their contents with the sqlite database (in contrast with event monitor’s current behavior of synchronizing event state only when cli commands are run.)

RFC7432 defines the MAC/IP advertisement NLRI (route type 2) for exchanging EVPN overlay end-hosts’ MAC and IP address reachability information. When an EVPN MAC/IP route contains more than one path to the same destination, the EVPN MAC/IP best-path selection algorithm determines which of these paths should be considered as the best path.

E-Tree is an L2 EVPN service (defined in RFC8317) in which each attachment circuit (AC) is assigned the role of Root or Leaf. In this implementation, ACs are configured at the VLAN level, and the forwarding rules are enforced using a combination of local configuration of leaf VLANs (for local hosts), and asymmetric route targets (for remote hosts).

EVPN MPLS VPWS (RFC 8214) provides the ability to forward customer traffic to / from a given attachment circuit (AC) without any MAC lookup / learning. The basic advantage of VPWS over an L2 EVPN is the reduced control plane signalling due to not exchanging MAC address information. In contrast to LDP pseudowires, EVPN MPLS VPWS uses BGP for signalling. Port based and VLAN based services are supported.

Administrative Groups (AG) provide a way to associate certain attributes or policies with links, enabling network administrators to control the routing decisions based on specific criteria. Extended Administrative Groups (EAG) are an extension of AG which allow a larger range of admin groups to be utilized for various Traffic Engineering (TE) purposes within a network. EAGs are defined in a new sub-TLV for IS-IS link attributes, separate to AGs, however they are considered as one within EOS. The EAG feature in EOS allows the range of administrative color to be increased from 0-31 to 0-127.

Filtered mirroring allows certain packets to be selected for mirroring, rather than all packets ingressing or egressing a mirror source port.

The agent DmaQueueMonitor provides visibility into packets coming up to the CPU via CPU queues. Packets are continuously sampled on monitored queues and kept available for reporting when a CPU congestion event occurs. When a queue that leads to CPU processing is congested a PCAP file may be created from the sampled packets that were captured from before and after the congestion event.  The PCAP file is written to the file system for off-line examination.

gRIBI (gRPC Routing Information Base Interface) defines an interface through which OpenConfig AFT (Abstract Forwarding Table) entries can be injected from an external client to a network element.

This feature enables the user to configure a list or range of BGP attributes to be ignored by the router on receipt of a BGP update message. The BGP attributes are discarded from the BGP update message, and unless the action of discarding an attribute causes the update message to trigger error handling, then the update message is parsed as normal.

For network monitoring and troubleshooting flow related issues, it is desirable to know the path, latency, queue and congestion information for flows at different times. The inband telemetry feature(INT), based on Inband Flow Analyzer RFC draft -IFA 2.0 and IFA 1.0(on some platforms) , is used to gather per flow telemetry information like path, per hop latency and congestion. INT is supported for both IPv4 and IPv6 traffic.

This feature provides support for per-interface ingress/egress packet/byte counters for both IPv4 and IPv6.

IPv6 multicast routing protocols are used to distribute IPv6 datagrams to one or more recipients. IPv6 PIM builds and maintains multicast routing using reverse path forwarding (RPF) based on the unicast routing table. IPv6 PIM is protocol-independent and can use routing tables consisting of OSPFv3, IPv6 BGP or static routes, for RPF lookup. MLD is used to discover multicast hosts and maintain group membership on a directly attached link.

When the next hop of an IP route (hereafter referred to as the dependent route) resolves over another IP route (hereafter referred to as the resolving route), the adjacency information of the resolving route’s FEC is typically duplicated into the dependent route’s FEC. With this feature, we prevent the duplication of the adjacency information. Instead, the dependent route’s FEC points to the resolving route’s FEC, forming a hierarchical FEC for the dependent route.

IPSec tunnel mode support allows the customer to encrypt traffic transiting between two tunnel endpoints.

This feature enhances IPv4 VRF scale to 1024 VRFs on AWE-7230R and AWE-7250R, and 64 VRFs on AWE-7220R.On CloudEOS, the VRF scale is as follows

This feature introduces a way for IS-IS to advertise its IP reachability and SID for loopback interfaces only when routes matching an RCF function are present. One example use-case is to use IS-IS Segment Routing to attract traffic to a router only when routes towards the ultimate destination are present. The RCF function is matched against winning routes in the Unicast RIB (seen with 'show rib route …').

At a high level, L1 profiles are a set of configurations which allow EOS users to change the numbering scheme and default L1 configurations of all front panel interfaces across their network switch. On Arista network switches, front panel transceiver cages are exposed as ports which are numbered sequentially: 1, 2, 3, 4, etc. These identifiers are usually marked on the front panel to allow for easier identification.

Arista’s 7135 Connect Series of Layer 1+ switches are powerful network devices that allow for dynamic connections between various layer 1 components on the system, such as the front panel and FPGA. These connections are driven by an underlying CLOS network of crossbar switches. The following commands provide the ability to configure middle stage crossbar switches within the system to create dynamic layer 1 connections.

This feature allows transport of multicast frames to an endpoint across an IP network by tunneling them through MPLSoGRE or MPLSoGUE. The tunneling of multicast frames is achieved with a traffic policy applied on the ingress interface which will match on all packets destined to a multicast IP address and redirect that traffic to a MoG nexthop group. The traffic policy will also specify “forced routing” in order to set the fwd_layer_index to 1 so that the L2 header is removed before encapsulation.

Normally, a switch traps L2 protocol frames to the CPU. However, certain use-cases may require these frames to be forwarded or dropped. In cases where the L2 protocol frames are forwarded (eg: Pseudowire), we may require the frames to be trapped to the CPU or dropped. The L2 Protocol Forwarding feature provides a mechanism to control the behavior of L2 protocol frames received on a port or subinterface.

This feature adds support for Layer1-only front panel Ethernet ports on 7130 devices (containing a layer1 crosspoint chip) to participate in LLDP. As of 4.33.1F only internal Switch interfaces on ASICs/FPGAs participate in the LLDP protocol. The neighbor also only sees these internal ports from the switch. Customers who really care about/rely on LLDP information of  the front panel Ethernet ports, especially for making cabling changes, would need to translate the internal interface to the appropriate Ethernet port using the show l1 path output.

EVPN VXLAN all-active multihoming (AA-MH) provides redundancy to reduce or eliminate the impact of outages and maintenance. The objective of Maintenance Mode on AA-MH is to gracefully drain away the traffic from the EVPN core flowing through a switch that is part of multihoming while the switch is put into maintenance, and to gracefully add it back into the network and attract traffic again once the switch is out of maintenance. During the maintenance cycle any customer edge Ethernet or Port-Channel interfaces, whether they are participating as ethernet segments or not, can also be put into maintenance mode. Doing so eliminates the northbound traffic from the customer edge from flowing through the switch under maintenance. The traffic will instead take a path through other available multi-homing peers.

This feature allows classification of packets on QoS policy-maps based on the Class of Service (CoS), VLAN, Drop Eligible Indicator (DEI) in the 802.1q header of the packet. CoS (Class of Service) corresponds to the Priority code point (PCP) bits in the 802.1q header.

This feature allows setting the desired maximum VOQ latency. Drop probabilities are adjusted in hardware to meet this limit.

MetaMux is an FPGA-based feature available on Arista’s 7130 platforms. It performs ultra-low latency Ethernet packet multiplexing with or without packet contention queuing. The port to port latency is a function of the selected MetaMux profile, front panel ingress port, front panel egress port, FPGA connector ingress port, and platform being used.

MetaWatch is an FPGA-based feature available for Arista 7130 Series platforms. It provides precise timestamping of packets, aggregation and deep buffering for Ethernet links. Timestamp information and other metadata such as device and port identifiers are appended to the end of the packet as a trailer.

MLAG will support the following features Bridging, Routing, STP, VARP

The main objective of this feature is to prevent modular systems from being shut down due to insufficient power by powering off cards if there is not enough power in the system at card startup.

MultiAccess is an FPGA-based feature available on certain Arista 7130 platforms. It performs low-latency Ethernet multiplexing with optional packet contention queuing, storm control, VLAN tunneling, and packet access control. The interface to interface latency is a function of the selected MultiAccess profile, front panel interfaces, MultiAccess interfaces, configuration settings, and platform being used.

This solution allows delivery of multicast traffic in an IP-VRF using multicast in the underlay network. It builds on top of L2-EVPN, adding support for L3 VPNs and Integrated Routing and Bridging (IRB). The protocol used to build multicast trees in the underlay network is PIM Sparse Mode.

Nexthop Group Event Monitoring in the RPC layer on Arista switches allows for quick and filterable viewing of Nexthop Group events, i.e., addition or deletion or callbacks associated with hardware programming of Nexthop Groups configured through the EosSdkRpc agent.