The 400GBASE ZRP (also known as ZR+) is a transceiver that follows the OpenZR+ MSA (Multi Source Agreement)

Starting with 4.26.2F the platform default traffic class (TC) to network qos will be configurable via a CLI. The

802.1X is an IEEE standard protocol that prevents unauthorized devices from gaining access to the network.

BGP Monitoring Protocol (BMP) allows a monitoring station to connect to a router and collect all of the BGP

The route reflector, as described in RFC 4456, is a router allowed to advertise (reflect) iBGP learned routes to other

Routing changes in BGP can be caused by planned maintenance Operations. GRACEFUL SHUTDOWN community allows

Dynamic Path Selection (DPS) feature selects a path to deliver customer traffic to the destination that meets or

Routing control functions (RCF) is a new language, a different way of policy definition and application in a programmatic fashion (https://www.arista.com/en/support/toi/eos-4-27-2f/15102-routing-control-functions-language-and-configuration). EOS Application Programmable Interface (eAPI) is another means whereby commands are sent to the switch (i.e. aside from the switch’s command-line interface - CLI which has been the norm), which can be executed through various methods like web interface, shell or a program/script.

In order for forwarding equivalence classes (FECs) to get programmed in the ASIC, they must have some form of a

EOS supports the ability to match on a single VLAN tag (example: encapsulation dot1q vlan 10)  or a VLAN tag pair (example: encapsulation dot1q vlan 10 inner 20) to map matching packets to an interface. In this case, the encapsulation string is considered consumed by the mapped interface before forwarding, which means that the tags are effectively removed from the incoming packet for the purposes of any downstream forwarding.

This feature introduces the hardware forwarding support for IPv4 over IPv4, GRE-Tunnel interfaces on Arista Switches. A GRE-Tunnel interface acts as a logical interface which performs the GRE encapsulation or decapsulation.

NAT (Network Address Translation) is a feature that allows each packet's addresses to be rewritten according to the user configuration. The packet qualification happens within the ingress pipeline of the forwarding plane, then the egress pipeline uses a shared table memory to decide which fields to adapt.

For network monitoring and troubleshooting flow related issues, it is desirable to know the path, latency, queue and congestion information for flows at different times. The inband telemetry feature(INT), based on Inband Flow Analyzer RFC draft -IFA 2.0 and IFA 1.0(on some platforms) , is used to gather per flow telemetry information like path, per hop latency and congestion. INT is supported for both IPv4 and IPv6 traffic.

IPv6 routes of certain prefix lengths can be optimized for enhanced route scale on R3. This TOI explains the usage of these optimizations.

Normally, a switch traps L2 protocol frames to the CPU. However, certain use-cases may require these frames to be forwarded or dropped. And in cases where the L2 protocol frames are forwarded (eg: Pseudowire), we may require the frames to be trapped to the CPU or dropped. The L2 Protocol Forwarding feature provides a mechanism to control the behavior of L2 protocol frames received on a port or subinterface.

MAP T is a double stateless NAT64 translation technology. It allows an internet service provider to share IPv4

This feature allows classification of packets based on the inner CoS value in a double tagged packet.

Macro Segmentation Service with Layer 3 firewall (MSS FW) enforces all security policies bi directionally by

Multicast EVPN IRB solution allows for the delivery of customer BUM (Broadcast, Unknown unicast and Multicast)

A router keeps track of the total number of LSAs for each OSPFv3 instance. The LSA Limit feature provides a mechanism to

Policy-based routing (PBR) is a feature that is applied on routable ports, to preferentially route packets. Forwarding is based on a policy that is enforced at the ingress of the applied interface and overrides normal routing decisions. In addition to matches on regular ACLs, PBR policy-maps can also include “raw match” statements that look like a single entry of an ACL as a convenience for users.

The postcard telemetry (GreenT - GRE Encapsulated Telemetry) feature is used to gather per flow telemetry information like path and per hop latency. For network monitoring and troubleshooting flow related issues, it is desirable to know the path, latency and congestion information for flows at different times.

Line cards, fabric cards, and switch cards now alert the user whenever a card consumes excessive power. There are

Private VLAN is a feature that segregates a regular VLAN broadcast domain while maintaining all ports in the same IP

RADIUS over TLS provides secure and reliable transport for RADIUS clients. RADIUS over TLS allows RADIUS

RSVP TE, the Resource Reservation Protocol (RSVP) for Traffic Engineering (TE), is used to distribute MPLS labels

This feature extends the existing functionality to set explicit next hop addresses for vpn ipv4 and vpn ipv6 routes.

This feature adds a SNMP CLI knob to allow an interface’s speed, as shown in IF MIB, to reflect its shaped bandwidth.

Starting with 4.26.2F it is possible to assign costs to Shared Risk Link Groups (SRLGs) which will be taken into

This TOI describes details and limitations of Stateful Switchover on Modular chassis with 7500R3, 7800R3, 7800R3A based line cards.

Sub second switchcard failover is a redundancy mode available on systems with two switchcards. One switchcard is the

BGP address aggregation was previously only supported for IPv4 and IPv6 unicast address families. Equivalent BGP

Hardware accelerated NAT for transit fragmented traffic is enabled by default. It’s important to note that

Multicast NAT is a feature that performs NAT translations on multicast traffic. It can be configured under SVIs,

From the Precision Time Protocol (PTP) perspective, Multi Chassis Link Aggregation (MLAG) peers are two physical

This feature extends the capabilities of Tap Aggregation traffic steering to allow for using traffic policies.

This TOI supplements the Ingress Traffic Policy applied on ingress interfaces. Please refer to that document for a description of Traffic Policies and field-sets. This TOI explains the Traffic Policies as applied in the egress direction on interfaces

Access Control Lists (ACL) use packet classification to mark certain packets going through the packet processor pipeline and then take configured action against them. Rules are defined based on various fields of packets and usually TCAM is used to match packets to rules. For example, there can be a rule to match the packet source IP address against a list of IP addresses, and drop the packet if there is a match. This will be expressed in TCAM with multiple entries matching the list of IP addresses. Number of entries is reduced by masking off bits, if possible. TCAM is a limited resource, so with classifiers having a large number of rules and a big field list, TCAM runs out of resources.

Timestamping is an important tool for network engineering and performance analysis. The timestamp can be applied to a packet as either an inserted header or replacing the source MAC address of the original packet. Timestamps are recorded on ingress and applied on egress.

Common Management Interface Specification (CMIS) compliant transceivers are configured by selecting an

Unidirectional links is a feature that configures an Ethernet interface transmit and receive paths to be

This document describes the VRF selection policy and VRF fallback feature. A VRF selection policy contains match rules that specify certain criteria (e.g. DSCP, IP protocol) as well as a resulting action to select a VRF in which to do the FIB lookup. The VRF fallback feature is an extension of these policies which allows users to optionally specify a “fallback” VRF for each VRF. The behavior is such that if the FIB lookup fails in a match rule’s selected VRF, another lookup will be attempted in the configured fallback VRF. Additionally, the fallback VRF itself can have yet another fallback VRF, such that if the lookup in the VRF and fallback VRF fail, the fallback-of-the-fallback VRF will be looked up (see the Configuration section for an example of this).

Current VXLAN decapsulation logic requires the following hits on affected switches listed in the following