- Written by Tarun Jaswanth LNU
- Posted on August 24, 2020
- Updated on October 17, 2024
- 26200 Views
802.1X is an IEEE standard protocol that prevents unauthorized devices from gaining access to the network.
- Written by Jason Shamberger
- Posted on March 11, 2020
- Updated on November 14, 2024
- 16164 Views
EOS 4.21.3F introduces support for BGP Flowspec, as defined in RFC5575 and RFC7674. The typical use case is to filter or redirect DDoS traffic on edge routers.
- Written by Soumya S Acharya
- Posted on September 24, 2024
- Updated on November 14, 2024
- 653 Views
Class Based Forwarding (CBF) provides a means for forwarding traffic through selected tunnels based on the traffic class of the incoming packet. Starting 4.32.2F CBF supports forwarding MPLS labeled traffic based on the EXP value in the incoming packet or the internal traffic class (TC) resolved from the parameters of the packet (e.g TC derived from EXP bits combined with port trust mode). Here, EXP bits refer to the Experimental bits in the MPLS header.
- Written by Tom Emmons
- Posted on October 22, 2024
- Updated on November 5, 2024
- 608 Views
Cluster Load Balancing is a feature designed to ensure optimal load balancing of flows used as part of GPU based cluster communication. When this feature is enabled, a TOR router monitors RoCE traffic flowing between the GPU servers and spine uplinks and ensures optimal load balancing in the network.
- Written by Radu Handolescu
- Posted on March 3, 2023
- Updated on November 15, 2024
- 6462 Views
Common Management Interface Specification (CMIS) defines, starting with revision 4.0, a standard mechanism for managing the firmware of compliant transceivers. This mechanism allows for transceivers’ firmware to be updated without having to remove the transceiver from the switch. Firmware updates may be necessary in a testing or production environment to resolve potential firmware bugs. Some transceivers may also support firmware management operations in a hitless manner (without impacting traffic).
- Written by Sunny Chaturvedi
- Posted on October 18, 2024
- Updated on October 18, 2024
- 516 Views
Transmit queues are logical partitions of an Ethernet port’s egress bandwidth. Data streams are assigned to queues based on their traffic class, then sent as scheduled by port and transmit settings. Sand platform switches have eight queues, 0 through 7, and all queues are exposed through the CLI. However, queue 7 is not user-configurable. Queue 7 is always mapped to traffic class 7, which is reserved for control plane traffic. This feature allows tx-queue 7 to be configurable. As of 4.33.0F, a limited set of features are configurable on tx-queue 7.
- Written by Vikas Hegde
- Posted on November 22, 2017
- Updated on November 15, 2024
- 17270 Views
Connectivity Monitor is an EOS feature that allows users to monitor their network resources from their Arista switches. The resources being monitored may or may not be Arista devices. Connectivity monitoring is unidirectional in nature.
- Written by Mohammad Umar
- Posted on November 13, 2024
- Updated on November 13, 2024
- 187 Views
This feature allows the user to define a custom DSCP-To-TC map and apply it to an interface. The custom DSCP-To-TC map would only be applicable when the interface is in DSCP trust mode. This feature allows the user to classify packets based on DSCP bits of the IP header. The exact mapping can be specified using a custom DSCP-To-TC map.
- Written by Fathima Thasneem
- Posted on April 25, 2022
- Updated on November 18, 2024
- 7386 Views
As Ethernet technologies made their way into the Metropolitan Area Networks ( MAN ) and the Wide Area Networks ( WAN ), from the conventional enterprise level usage, they are now widely being used by service providers to provide end-to-end connectivity to customers. Such service provider networks are typically spread across large geographical areas. Additionally, the service providers themselves may be relying on certain internet backbone providers, referred to as “operators”, to provide connectivity in case the geographical area to be covered is too huge.
- Written by Augusto Wong
- Posted on February 17, 2021
- Updated on November 6, 2024
- 11278 Views
DHCP Relay feature forwards DHCP packets between client and server when the DHCP Server is not in the same broadcast domain as the client. DHCP Relay should be configured on the gateway interface (SVI/ L3 interface ) for the clients.
- Written by Rabi Narayan
- Posted on June 28, 2024
- Updated on November 7, 2024
- 1794 Views
Until EOS release 4.32.0F, EOS allows users to statically configure link min-delay and max-delay used for IS-IS FlexAlgo. This feature adds support for dynamic measurement of link delay using the TWAMP Light protocol described in RFC 8186 and provides it to IS-IS FlexAlgo dynamically.
This document describes how to configure and monitor this feature.
- Written by Sriharsha J
- Posted on May 1, 2015
- Updated on November 11, 2024
- 6502 Views
This feature allows generating the syslog message for the packets matching deny rules in egress ACLs. This can be enabled using the log keyword when configuring a deny ACL rule. A copy of the packet matching such deny ACL rule is sent to the control plane, where a syslog entry for the packet header is generated.
- Written by Denis Evoy
- Posted on October 24, 2024
- Updated on October 24, 2024
- 382 Views
Normally, an ingress router has no control over an autonomous system border router’s (ASBR) selection of inter-AS links. In the example below, Peer 2 and Peer 3 both advertise reachability to some remote network to ASBR 1 (e.g. service route 172.16.1.0/24). ASBR 1 would then use normal bestpath selection rules to select a preferred egress path (for traffic flowing to that service route). However, this means that the ingress router has no control over which egress path is chosen.
- Written by Reji Thomas
- Posted on October 16, 2024
- Updated on October 16, 2024
- 475 Views
RFC 5837 describes extensions to the Internet Control Message Protocol (ICMP) that enable network devices to identify incoming and outgoing interfaces and next-hop addresses via extensions to specific ICMP error messages. These extensions are particularly useful for network diagnostics and troubleshooting applications.
- Written by Vamsi Anne
- Posted on December 29, 2021
- Updated on November 19, 2024
- 10389 Views
As Ethernet technologies made their way into the Metropolitan Area Networks (MAN) and the Wide Area Networks (WAN), from the conventional enterprise level usage, they are now widely being used by service providers to provide end-to-end connectivity to customers. Such service provider networks are typically spread across large geographical areas. Additionally, the service providers themselves may be relying on certain internet backbone providers, referred to as “operators”, to provide connectivity in case the geographical area to be covered is too huge. This mode of operation makes the task of Operations, Administration and Maintenance (OAM) of such networks to be far more challenging, and the ability of service providers to respond to such network faults swiftly directly impacts their competitiveness.
- Written by Vamsi Anne
- Posted on October 20, 2022
- Updated on November 19, 2024
- 7707 Views
As Ethernet technologies made their way into the Metropolitan Area Networks (MAN) and the Wide Area Networks (WAN) from the conventional enterprise level usage, they are now widely being used by service providers to provide end-to-end connectivity to customers. Such service provider networks are typically spread across large geographical areas. Additionally, the service providers themselves may be relying on certain internet backbone providers, referred to as “operators”, to provide connectivity in case the geographical area to be covered is too huge.
- Written by Mihyar Baroudi
- Posted on October 24, 2024
- Updated on October 24, 2024
- 418 Views
The EOS Event Manager feature provides the ability to specify a condition and an action to be carried out when that condition is detected. It is a flexible and configurable way to automate the reaction to conditions without the need for a system operator to observe and apply the desired actions manually.
- Written by Aaron Bamberger
- Posted on April 23, 2020
- Updated on November 7, 2024
- 10147 Views
E-Tree is an L2 EVPN service (defined in RFC8317) in which each attachment circuit (AC) is assigned the role of Root or Leaf. Once roles are assigned, the following forwarding rules are enforced:
- Written by Mitchell Jameson
- Posted on August 24, 2020
- Updated on November 18, 2024
- 8636 Views
Typical WiFi networks utilize a single, central Wireless LAN Controller (WLC) to act as a gateway between the wireless APs and the wired network. Arista differentiates itself by allowing the wireless network to utilize a distributed set of aggregation switches to connect APs to the wired network. This feature allows a decentralized and distributed set of aggregation switches to bridge wireless traffic on behalf of the set of APs configured to VXLAN tunnel all traffic to those aggregation switches, or their “local” APs.
- Written by Pauric Ward
- Posted on March 13, 2024
- Updated on November 6, 2024
- 2949 Views
Administrative Groups (AG) provide a way to associate certain attributes or policies with connections between nodes , enabling network administrators to control the routing decisions based on specific criteria. Extended Administrative Groups (EAG) are an extension of AG which allow a larger range of admin groups to be utilized for various Traffic Engineering (TE) purposes within a network. EAGs are defined in a new sub-TLV for IS-IS link attributes, separate to AGs, however they are considered as one within EOS. The EAG feature in EOS allows the range of administrative color to be increased from 0-31 to 0-127.
- Written by Shubhangi Singh
- Posted on October 24, 2024
- Updated on October 24, 2024
- 342 Views
This is an extension to the IKE policy and SA policy configuration options available in EOS. The key lifetimes for IKE policies and SA policies are specifiable in hours. This feature allows specifying the key lifetimes in minutes as well.
- Written by Prajul Sreedharan
- Posted on January 22, 2019
- Updated on November 7, 2024
- 8617 Views
This feature introduces the support for IPv4 ACL configuration under GRE and IPsec tunnel interfaces and IPv6 ACL configuration under GRE tunnel interfaces. The configured ACL rules are applied to a tunnel terminated GRE packet i.e. any IPv4/v6-over-GRE-over-IPv4 that is decapsulated by the GRE tunnel-interface on which the ACL is applied, or a packet terminated on IPsec tunnel i.e, IPv4-over-ESP-over-encrypted-IPv4 packet that is decapsulated and decrypted by the IPsec tunnel interface on which the ACL is applied.
- Written by Abhiram Kalluru
- Posted on December 20, 2019
- Updated on November 20, 2024
- 7975 Views
gRIBI (gRPC Routing Information Base Interface) defines an interface through which OpenConfig AFT (Abstract Forwarding Table) entries can be injected from an external client to a network element.
- Written by Scott Smith
- Posted on October 18, 2024
- Updated on October 18, 2024
- 433 Views
This feature allows capturing packets and byte counts at high resolution on physical interfaces, down to 1 ms granularity. Allows for detecting anomalous packet flows, or confirming the expected bandwidth usage. Requires selecting a set of interfaces to sample, a time resolution, and sampling duration.
- Written by Alexandru Bran
- Posted on October 24, 2024
- Updated on October 24, 2024
- 361 Views
This is an extension to BGP EVPN VPNs that allow us to use iBGP as the PE-CE protocol. This feature also provides a way to isolate the customer’s network BGP attributes from the SP backbone’s attributes, by saving them into a special attribute called ATTR_SET, code 128. This separation introduces a “route server” model that allows the customer’s BGP path attributes to be stored in the SP backbone along with the VPN-IPv4/v6 paths.
- Written by Bill Fenner
- Posted on October 24, 2024
- Updated on October 24, 2024
- 400 Views
ICMP Probe allows querying of interface status and ARP or Neighbor Discovery table status remotely. It is a request/response protocol, similar to ping, but instead of simply responding to the request, it responds with information about a local interface or a remote neighbor. The node being queried is called the "proxy node"
- Written by Jyothish Kunkumath
- Posted on January 6, 2022
- Updated on December 2, 2024
- 11386 Views
IPSec tunnel mode support allows the customer to encrypt traffic transiting between two tunnel endpoints.
- Written by Shelly Chang
- Posted on October 24, 2024
- Updated on October 24, 2024
- 404 Views
This solution allows delivery of both IPv4 and IPv6 multicast traffic in an IP-VRF using an IPv6 multicast in the underlay network. The protocol used to build multicast trees in the underlay network is IPv6 PIM-SSM.
- Written by Madhu Sudan
- Posted on June 21, 2020
- Updated on November 5, 2024
- 10012 Views
Several customers have expressed interest in using IPv6 addresses for VXLAN underlay in their Data Centers (DC). Prior to 4.24.1F, EOS only supported IPv4 addresses for VXLAN underlay, i.e., VTEPs were reachable via IPv4 addresses only.
- Written by Navneet Sinha
- Posted on June 29, 2016
- Updated on November 18, 2024
- 14163 Views
Segment Routing provides mechanism to define end-to-end paths within a topology by encoding paths as sequences of sub-paths or instructions. These sub-paths or instructions are referred to as “segments”. IS-IS Segment Routing (henceforth referred to as IS-IS SR) provides means to advertise such segments through IS-IS protocol.
- Written by Arpit Bansal
- Posted on April 23, 2018
- Updated on November 7, 2024
- 8058 Views
Traffic Engineering (TE) provides a mechanism to network administrators to control the path that a data packet takes, bypassing the standard routing model which uses routes along the shortest path. Traffic engineered paths are generally computed on the head-end routers of the topology based on various constraints (e.g. minimum bandwidth, affinity) configured for those paths and attributes (e.g available bandwidth, color) received from devices in the network topology. IS-IS Traffic Engineering (IS-IS TE) feature extends IS-IS protocol in EOS to carry TE attributes as part of its Link State Protocol Data Units (LSPs). Note that IS-IS in EOS only acts as a carrier for TE attributes and it is not used by any processing (e.g. SPF).
- Written by Prakrati Vidyarthi
- Posted on August 16, 2018
- Updated on November 5, 2024
- 15408 Views
Normally, a switch traps L2 protocol frames to the CPU. However, certain use-cases may require these frames to be forwarded or dropped. And in cases where the L2 protocol frames are forwarded (eg: Pseudowire), we may require the frames to be trapped to the CPU or dropped. The L2 Protocol Forwarding feature provides a mechanism to control the behavior of L2 protocol frames received on a port or subinterface.
- Written by Ajay Chhatwal
- Posted on May 15, 2020
- Updated on November 7, 2024
- 7767 Views
L2 protocol packets - LLDP, LACP and STP are trapped to the CPU by default. This feature allows for disabling the per protocol trap on a given set of interfaces.
- Written by Nathan Wolfe
- Posted on February 15, 2018
- Updated on November 7, 2024
- 12020 Views
Introduced in EOS-4.20.1F, “selectable hashing fields” feature controls whether a certain header’s field is used in the hash calculation for LAG and ECMP.
- Written by Shyam Kota
- Posted on November 6, 2019
- Updated on November 7, 2024
- 8754 Views
This feature allows setting the desired maximum VOQ latency. Drop probabilities are adjusted in hardware to meet this limit.
- Written by Alejandro Schwoykoski
- Posted on December 22, 2021
- Updated on November 14, 2024
- 11678 Views
MetaMux is an FPGA-based feature available on Arista’s 7130 platforms. It performs ultra-low latency Ethernet packet multiplexing with or without packet contention queuing. The port to port latency is a function of the selected MetaMux profile, front panel ingress port, front panel egress port, FPGA connector ingress port, and platform being used.
- Written by David Mirabito
- Posted on December 30, 2021
- Updated on November 19, 2024
- 15455 Views
MetaWatch is an FPGA-based feature available for Arista 7130 Series platforms. It provides precise timestamping of packets, aggregation and deep buffering for Ethernet links. Timestamp information and other metadata such as device and port identifiers are appended to the end of the packet as a trailer.
- Written by Abdul Haseeb Jehangir
- Posted on March 12, 2020
- Updated on November 20, 2024
- 11387 Views
Mirror on drop is a network visibility feature which allows monitoring of MPLS or IP flow drops occurring in the ingress pipeline. When such a drop is detected, it is sent to the control plane where it is processed and then sent to configured collectors. Additionally, CLI show commands provide general and detailed statistics and status.
- Written by Diego Asturias
- Posted on January 30, 2024
- Updated on November 13, 2024
- 3865 Views
MultiAccess is an FPGA-based feature available on certain Arista 7130 platforms. It performs low-latency Ethernet multiplexing with optional packet contention queuing, storm control, VLAN tunneling, and packet access control. The interface to interface latency is a function of the selected MultiAccess profile, front panel interfaces, MultiAccess interfaces, configuration settings, and platform being used.
- Written by Saurabh Kumar
- Posted on October 24, 2024
- Updated on October 24, 2024
- 365 Views
Today in any WAN deployment, customers are required to configure path metrics in load balance policy to program a set of best paths in dataplane. Path metrics are multi-dimensional, it include loss, latency, jitter, and load of path. It is not very intuitive to come up with exact values for these metrics as they are highly dependent on the type of application and geographical locations of routers. Also these path metrics keep changing and except for a few apps that require strict max characteristics on latency, jitter or loss, the other apps are able to tolerate variances in metrics.
- Written by Vivek Ilangovan
- Posted on October 24, 2024
- Updated on October 24, 2024
- 355 Views
Proxy node segment helps in advertising segments in a segment-routing domain for prefixes that are originated outside the segment-routing domain. Node B in the SR domain can advertise proxy-segments to node A for the loopacks of C and D which are not present in the SR domain. This feature will help in creating mpls routes for those loopbacks on node B. Note that if C and D loopbacks have LDP enabled and if they have exchanged the LDP labels with B then B can by default create a SR to LDP stitched mpls route even without enabling this feature. This feature is specific to the case where such stitched routes cannot be created.
- Written by Prakhar Rastogi
- Posted on February 26, 2024
- Updated on November 19, 2024
- 3836 Views
RADIUS proxy feature enables proxying RADIUS requests from a RADIUS client and forwarding it to a remote RADIUS server. Similarly, RADIUS proxy receives the reply from the remote RADIUS server and forwards it to the client.
- Written by David Cronin
- Posted on March 3, 2022
- Updated on November 6, 2024
- 19657 Views
Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.
- Written by David Cronin
- Posted on March 3, 2022
- Updated on December 2, 2024
- 12104 Views
Routing Control Functions (RCF) is a language that can express route filtering and attribute modification logic in a powerful and programmatic fashion.The document covers: Configurations of a RCF function for BGP points of application
- Written by Ruoyi Wang
- Posted on October 18, 2024
- Updated on October 18, 2024
- 455 Views
The sFlow VXLAN extension adds support for providing VXLAN-related information to sFlow packet samples, for VXLAN forwarded traffic. Specifically, for customer traffic ingressing on a CE-facing PE interface and forwarded into a VXLAN tunnel, the IP address of the source VTEP, the IP address of the destination VTEP and the VNI will be included in the sFlow datagram.
- Written by Gary McCarthy
- Posted on October 18, 2024
- Updated on October 18, 2024
- 520 Views
Currently, EOS supports the receiving and transmitting of BGP Flowspec rules. Rules received can be installed locally as ACLs and/or transmitted to other BGP peers/route reflectors. EOS relies on external controllers to inject these flowspec rules. The feature will allow flowspec rules to be defined via CLI in a similar fashion as traffic-policies is currently done. These policies would then be redistributed into BGP. Once redistributed, the rules can be advertised to other BGP peers and optionally installed locally on the configured system.
- Written by Pankaj Srivastava
- Posted on October 24, 2024
- Updated on October 24, 2024
- 443 Views
Storm control enables traffic policing on floods of packets on L2 switching networks. Support for counting dropped packets and bytes on interfaces where storm control metering is provisioned. Both packet and bytes count are supported and will be displayed. Drop logging on storm-control discards is also supported.
- Written by Josh Pfosi
- Posted on June 11, 2019
- Updated on November 11, 2024
- 12172 Views
This feature adds support for CPU traffic policy capable of matching and acting on IP traffic which would otherwise
- Written by Denver Blake
- Posted on October 18, 2024
- Updated on October 18, 2024
- 404 Views
This document describes the support for user-defined fields (UDF) acl rules in QoS policy feature. This feature is an extension of QoS policy to allow increased flexibility of the match criteria by using user-defined fields which will help customers control traffic based on other parts of the packet header and payload that is not supported by the other key-fields.
- Written by Ioana Costea
- Posted on October 24, 2024
- Updated on October 24, 2024
- 347 Views
The S-BFD hold down timer feature enables delaying the steering of traffic to a previously preferred SR-TE Down path that came back Up. This delay period is configurable. Using this functionality allows time for the path to stabilize (by avoiding potential further path flaps) and allows the user to debug and diagnose the failure state.