This document describes the configuration and behavior of physical interfaces on the 7388-series switches and Linecards (LC)

EOS 4.27.2F 7388X5

802.1X is an IEEE standard protocol that prevents unauthorized devices from gaining access to the network.

AAA accounting records can be enabled for OpenConfig gNMI/gNOI RPCs. Accounting records can be logged to the TACACS+ server, RADIUS server, or to syslog.

This feature adds support for sending and receiving BGP IPv6 labeled-unicast routes with IPv4-mapped IPv6 next hops. With this feature enabled, when a BGP speaker receives a next hop with IPv4-mapped IPv6 address,

BGP EOS 4.27.2F EOS 4.30.0F

Cable diagnostics is a feature to detect faults with twisted pair copper cables and measure the cable length.

EOS 4.27.2F Baset TDR

EOS supports the DHCP Relay feature, which relays DHCP Requests/Responses between DHCP clients and DHCP servers in different subnets. 

DHCP Snooping EOS 4.25.2F EOS 4.27.2F

Multiprotocol Label Switching (MPLS) is a networking process that replaces complete network addresses with shortest path labels for directing data packets to network nodes.

Multiple dynamic counter features may be enabled simultaneously, primarily configured using the [no] hardware counter feature [feature] CLI commands. Compatibility of these features has been enhanced to allow for greater flexibility in simultaneously enabled counter features. Changes in counter feature compatibility across EOS releases is detailed below.

Interfaceful IP-VRF to IP-VRF communication uses a pair of routes to distribute IP subnet information, rather than a single EVPN type-5 route. 

EOS 4.27.2F

Forwarding destination prediction enables visibility into how a packet is forwarded through the switch, allowing you to determine which interfaces a packet would egress out of. Typical use cases include, but are not limited to, determining egress members for Port-Channels and ECMPs.

Forwarding destination prediction enables visibility into how a packet is forwarded through the switch, allowing you to determine which interface(s) a packet would egress out of. This feature has been expanded upon with support for packets specified as a byte stream, allowing you to fully specify the packet.

4.23.2F EOS 4.27.2F

gRIBI (gRPC Routing Information Base Interface) defines an interface through which OpenConfig AFT (Abstract Forwarding Table) entries can be injected from an external client to a network element.

In a typical switch deployment, multiple ports can have the same configuration, such as description and access VLAN.

This feature allows the user to match the 20 bit IPV6 flow label using the Qos Policy Map and allows to classify the flow-label controlled traffic.

This feature provides support for packet and byte ingress counters for IPv6 multicast routes.

Multicast Counters EOS 4.27.2F

A L2 sub-interface is a logical bridging endpoint associated with traffic on an interface distinguished by 802.1Q tags, where each <interface, 802.1q tag> tuple is treated as a first class bridging interface.

 

LANZ adds support for configuring global thresholds for Ethernet ports on DCS 7020, DCS 7050TX, DCS 7050X2, DCS

EOS 4.20.5F EOS 4.27.2F

LANZ is the EOS Latency and congestion ANalyZer. On DCS-7280, DCS-7020, DCS-7500 and DCS-7800 series, it allows monitoring congestion and transmit latencies on both front panel and CPU ports.

LDP per-neighbor authentication provides greater flexibility in the authentication of LDP routers in a network. Individual routers or groups of routers may be configured with different passwords to enhance security and to ensure certain routers do not exchange MPLS

This TOI describes the MAC limit per VLAN feature which can be used to limit the number of locally learned MAC addresses per VLAN.

This document explains how to configure and deploy Arista MSS-FW with Palo Alto Networks firewalls and Panorama in a Layer 3 deployment with HA (High Availability) support. The Panorama management server can be deployed as either a virtual or a hardware appliance.

Media Access Control Security (MACSec) is an industry standard encryption mechanism that protects all traffic flowing on the Ethernet links. MACSec is based on IEEE 802.1X and IEEE 802.1AE standards.

MacSec EOS 4.27.2F EOS 4.28.1F

MAC security uses MACsec Key Agreement ( MKA ) protocol for negotiation between peers using pre-shared key or 802.1X based CAK/CKN and eventually derives Secure Association Key ( SAK ).

EOS 4.27.2F

Multiprotocol Label Switching (MPLS) is a networking process that replaces complete network addresses with short

The TCP MSS clamping feature involves clamping the maximum segment size (MSS) in the TCP header of TCP SYN packets if it exceeds the configured MSS ceiling limit for the interface. Clamping MSS value helps in avoiding IP fragmentation in tunnel scenarios by ensuring that MSS is small enough to accommodate the extra overhead of GRE and tunnel outer IP headers.

EOS 4.27.2F EOS 4.28.1F

This command configures the default speed on all of the OSFP and QSFP-DD ports on a system. It can be applied on ports without any transceivers inserted.

This feature provides support for SPIFFE-ID in OpenConfig. The SPIFFE-ID will take precedence over any metadata usernames or common name username found. This username will be used for all AAA operations. 

IPv4 routes of certain prefix lengths can be optimized for enhanced route scale on 7500R, 7280R, 7500R2 and 7280R2

EOS 4.27.2F

IPv4 routes of certain prefix lengths can be optimized for enhanced route scale using this feature. This feature is ideally suited to achieve route scale when route distribution has a large number of routes concentrated across the prefix-lengths 24, 23 and 22. EOS 4.27.2F offers 8-to-1 compression of routes as an enhancement.

This feature adds support for making the various OSPFv3 counters accessible via CLI.

CLI Ipv6 OSPFv3 EOS 4.27.2F

This document describes a new CLI command to help debug how and why policy permits and denies paths. The aim of this CLI command is for the user to debug a route map or RCF (Routing Control Functions) function by specifying as input a prefix for which BGP has reachability for, either via a BGP peer or a redistribute source.

Policy-based routing (PBR) is a feature that is applied on routable ports, to preferentially route packets. Forwarding is based on a policy that is enforced at the ingress of the applied interface and overrides normal routing decisions. In addition to matches on regular ACLs, PBR policy-maps can also include “raw match” statements that look like a single entry of an ACL as a convenience for users.

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion. 

RSVP-TE, the Resource Reservation Protocol (RSVP) for Traffic Engineering (TE), is used to distribute MPLS labels for steering traffic and reserving bandwidth. The Label Edge Router (LER) feature implements the headend functionality, i.e., RSVP-TE tunnels can originate at an LER which can steer traffic into the tunnel.

The CCS-750X-48ZXP is a 48 port 10GBASE-T linecard, capable of several full-duplex link speeds to support connecting to a variety of compatible devices of varying capabilities. All supported linkup speeds on this card can be automatically selected during the linkup process using IEEE 802.3 Clause 28 auto-negotiation. Note that IEEE 802.3 also allows for speeds lower than 1Gbps to link up without clause 28 auto-negotiation.

A L2 sub-interface is a logical bridging endpoint associated with traffic on an interface distinguished by 802.1Q tags, where each <interface, 802.1Q tag> tuple is treated as a first-class bridging interface. 

This TOI supplements the Ingress Traffic Policy applied on ingress interfaces. Please refer to that document for a description of Traffic Policies and field-sets. This TOI explains the Traffic Policies as applied in the egress direction on interfaces

Several customers have expressed interest in using IPv6 addresses for VxLAN underlay in their Data Centers (DC). Prior to 4.27.2F, only IPv4 addresses are supported for VxLAN underlay, i.e VTEPs are reachable via IPv4 addresses only. This feature enables a VTEP to send VxLAN Encapsulated packets using IPv6 underlay.

This feature introduces hardware forwarding support of IPv4 multicast traffic over IPv4 GRE tunnel interfaces in Arista Switches. Multicast source traffic can reach the receivers which are separated by an IP cloud which is not configured for IP multicast routing by utilizing a GRE tunnel.

This article describes the Tap Aggregation MAC Address Replacement feature. This feature provides the ability to configure user-specific values to replace the destination and source MAC addresses of packets forwarded by Tap Aggregation.

The Transceiver test pattern cli can be used to check the quality of the physical layer links starting or ending at a given module. This is done by transmitting or receiving a ‘test pattern’, a pseudo-random sequence of bits that two pieces of hardware can simultaneously generate.

EOS 4.27.2F

Virtual Private LAN Service (VPLS) appears in (almost) all respects as an Ethernet type service to customers of a Service Provider (SP). A VPLS glues together several individual LANs across a packet switched network to appear and function as a single bridged LAN. This is accomplished by incorporating MAC address learning, flooding, and forwarding functions in the context of pseudowires that connect these individual LANs across the packet switched network. LDP signaling is used for the setup and teardown of the mesh of pseudowires that constitute a given VPLS instance.

Prior to EOS 4.24.1F, per-destination steering into an SR Policy was only supported for IP unicast BGP routes in the default VRF. Support for additional AFI/SAFIs were added as follows: EOS 4.24.2F: L2 EVPN — EOS 4.27.2F: BGP Labeled Unicast