- Written by Digvijay Gahlot
- Posted on 4月 20, 2021
- Updated on 1月 23, 2023
- 12823 Views
The L2 EVPN MPLS feature is available when configuring BGP in the multi-agent routing protocol model. Ethernet VPN (EVPN) is an extension of the BGP protocol introducing a new address family: L2VPN (address family number 25) / EVPN (subsequent address family number 70). It is used to exchange overlay MAC and IP address reachability information between BGP peers.
- Written by Tarun Jaswanth LNU
- Posted on 8月 24, 2020
- Updated on 10月 17, 2024
- 26833 Views
802.1X is an IEEE standard protocol that prevents unauthorized devices from gaining access to the network.
- Written by Pawel Kurdybacha
- Posted on 8月 23, 2022
- Updated on 9月 12, 2022
- 5940 Views
Feature provides a way to set the Passive role in BFD session initialization. A system taking the Passive role does not begin sending BFD control packets for a particular session until it has received a BFD packet for that session, and thus has learned the remote system's discriminator value.
- Written by Pauric Ward
- Posted on 8月 23, 2022
- Updated on 9月 12, 2022
- 6133 Views
Stale routes are learned routes from adjacent BGP neighbors whose neighborship has been interrupted by session instability. This feature adds a mechanism to specify a stale policy route-map for which the stale routes from a gracefully restarting, or depending on the configuration of the feature, a non-gracefully restarting BGP peer will be processed.
- Written by Joseph Swaminathan
- Posted on 8月 23, 2022
- Updated on 9月 6, 2022
- 5603 Views
This feature allows customers to make the status of a MPLS static route dependent on the state of a BGP peer. When this feature is enabled for a static route, it will be programmed only if the monitored BGP peer session is up.
- Written by Vu Nguyen
- Posted on 8月 23, 2022
- Updated on 11月 22, 2023
- 7918 Views
EOS currently supports BGP message authentication via the TCP MD5 Signature (TCP MD5) option (RFC 2385) to protect the BGP sessions from spoofed TCP segments. However, research has shown many concerns that the TCP MD5 algorithm is cryptographically ineffective with a just simple keyed hash for authentication.
- Written by Arup Raton Roy
- Posted on 11月 2, 2020
- Updated on 7月 21, 2023
- 11235 Views
This document presents Arista Macro-Segmentation Service - Firewall (MSS-FW) deployment in a network with multiple Virtual Routing and Forwarding (VRF) instances.
- Written by Deepak Sebastian
- Posted on 8月 18, 2022
- Updated on 10月 9, 2024
- 7568 Views
Arista’s DCS-7130LBR series of switches are powerful network devices designed for ultra latency applications along with a wealth of networking features.
- Written by Huong Nguyen
- Posted on 11月 13, 2019
- Updated on 10月 12, 2023
- 13841 Views
Support for DHCPv4 (RFC 2131) and DHCPv6 Server (RFC 8415) was added to EOS-4.22.1 and EOS-4.23.0 respectively. EOS DHCP server leverages ISC Kea as backend. The router with DHCP Server enabled acts as a server that allocates and delivers network addresses with desired configuration parameters to its hosts.
- Written by Jammala Vinod Kumar
- Posted on 8月 23, 2022
- Updated on 9月 12, 2022
- 6330 Views
This feature allows users to change the scale of IPV6 and MAC subinterface ACLs by changing the port qualifier size (range used for ACL label allocation) through the tcam profile. Increasing the port qualifier size increases the ACL label range, thus allowing more number of ACLs vice versa.
- Written by Krzysztof Gongolewski
- Posted on 9月 11, 2022
- Updated on 8月 30, 2024
- 7111 Views
Dynamic NAT connection limit is a feature which allows to limit the number of dynamic NAT connections.
- Written by Alfaz Ahmed
- Posted on 8月 23, 2022
- Updated on 8月 24, 2022
- 6202 Views
The SRTE Policy metric is used as a tie-breaker when picking two policies with the same cost value, otherwise the cost determines the preferred policy, currently there are commands to manually configure metrics for each SRTE Policy as described in Configurable IGP Preference and Metric for SR-TE Policies
- Written by Kulwinder Singh
- Posted on 8月 16, 2018
- Updated on 9月 12, 2024
- 8392 Views
The feature allows to create a named TC to DSCP mapping that can be applied on an interface.DSCP of routed packets egressing out of the interface will be rewritten according to the map.
- Written by Jeevan Kamisetty
- Posted on 8月 23, 2022
- Updated on 11月 30, 2023
- 9961 Views
NDR switch sensor aka “monitor security awake” feature provides deep network analysis by doing deep packet inspection of some or all packets of traffic that's forwarded by the switch.
- Written by Joseph Swaminathan
- Posted on 8月 18, 2022
- Updated on 8月 22, 2022
- 6421 Views
This feature allows BGP speakers that support L2 EVPN to exchange system router MAC addresses of virtual gateway IP addresses configured on a SVI interface. The receiving device will treat these MAC addresses as local system router MAC addresses, if it has the same IP addresses configured as virtual IP addresses on the corresponding (Bridge ID) SVI interfaces.
- Written by Aaron Bamberger
- Posted on 4月 23, 2020
- Updated on 11月 7, 2024
- 10381 Views
E-Tree is an L2 EVPN service (defined in RFC8317) in which each attachment circuit (AC) is assigned the role of Root or Leaf. Once roles are assigned, the following forwarding rules are enforced:
- Written by Christoph Schwarz
- Posted on 8月 23, 2022
- Updated on 10月 21, 2022
- 8892 Views
Flexible cross-connect service is an extension of EVPN MPLS Virtual Private Wire Service (VPWS) (RFC 8214). It allows for multiplexing multiple attachment circuits across different Ethernet Segments and physical interfaces into a single EVPN VPWS service tunnel while still providing single-active and all-active multi-homing.
- Written by Edwin Tambi
- Posted on 8月 19, 2020
- Updated on 7月 3, 2024
- 20763 Views
EOS supports the ability to match on a single VLAN tag (example: encapsulation dot1q vlan 10) or a VLAN tag pair (example: encapsulation dot1q vlan 10 inner 20) to map matching packets to an interface. In this case, the encapsulation string is considered consumed by the mapped interface before forwarding, which means that the tags are effectively removed from the incoming packet for the purposes of any downstream forwarding.
- Written by James Shephard
- Posted on 8月 25, 2019
- Updated on 7月 5, 2023
- 11232 Views
Forwarding destination prediction enables visibility into how a packet is forwarded through the switch, allowing you to determine which interfaces a packet would egress out of. Typical use cases include, but are not limited to, determining egress members for Port-Channels and ECMPs.
- Written by Vishal Bandekar
- Posted on 8月 23, 2022
- Updated on 8月 21, 2024
- 6372 Views
This document is an extension to the decap group feature, that allows IPv4 addresses to be configured and used as part of a group. Now we will be able to configure IPv4 prefixes as a decap group.
- Written by Marc Laprade
- Posted on 11月 3, 2021
- Updated on 6月 13, 2023
- 10496 Views
This feature will allow the user to select whether port mirror destinations of type GRE tunnel include the optional “key” field in the GRE header on certain platforms. The key field allows the user to uniquely identify a particular packet flow. The feature also allows the user to specify the value of the 32 bit key field.
- Written by Athichart Tangpong
- Posted on 10月 22, 2018
- Updated on 10月 1, 2024
- 14060 Views
A L2 sub-interface is a logical bridging endpoint associated with traffic on an interface distinguished by 802.1Q tags, where each <interface, 802.1q tag> tuple is treated as a first class bridging interface.
- Written by Trevor Yu
- Posted on 2月 23, 2022
- Updated on 11月 26, 2024
- 13570 Views
Media Access Control Security (MACSec) is an industry standard encryption mechanism that protects all traffic flowing on the Ethernet links. MACSec is based on IEEE 802.1X and IEEE 802.1AE standards.
- Written by Jeff Chan
- Posted on 6月 16, 2022
- Updated on 8月 24, 2022
- 7696 Views
Media Access Control Security (MACSec) is an industry standard encryption mechanism to protect all traffic flowing on Ethernet links. Mac Security is described in IEEE 802.1X and IEEE 802.1AE standards.
- Written by John Clarke
- Posted on 12月 20, 2021
- Updated on 10月 9, 2024
- 11499 Views
Arista's 7130 Connect Series of Layer 1+ switches are powerful network devices designed for ultra low latency and offer a wealth of integrated management features and functionalities.
- Written by Alejandro Schwoykoski
- Posted on 12月 22, 2021
- Updated on 11月 14, 2024
- 11945 Views
MetaMux is an FPGA-based feature available on Arista’s 7130 platforms. It performs ultra-low latency Ethernet packet multiplexing with or without packet contention queuing. The port to port latency is a function of the selected MetaMux profile, front panel ingress port, front panel egress port, FPGA connector ingress port, and platform being used.
- Written by David Mirabito
- Posted on 12月 30, 2021
- Updated on 12月 12, 2024
- 16003 Views
MetaWatch is an FPGA-based feature available for Arista 7130 Series platforms. It provides precise timestamping of packets, aggregation and deep buffering for Ethernet links. Timestamp information and other metadata such as device and port identifiers are appended to the end of the packet as a trailer.
- Written by Shriprama Rao
- Posted on 8月 23, 2022
- Updated on 6月 21, 2023
- 7168 Views
This feature allows users to preserve IP TTL and MPLS EXP (also known as TC) value on MPLS routers, as well as add a user-specified TTL/EXP value when pushing new MPLS labels in pipe mode.
- Written by Xuan Qi
- Posted on 8月 23, 2022
- Updated on 4月 4, 2024
- 9515 Views
This feature extends the multi-domain EVPN VXLAN feature introduced to support interconnect with EVPN MPLS networks. The following diagram shows a multi-domain deployment with EVPN VXLAN in the data center and EVPN MPLS in the WAN. Note that this is the only supported deployment model, and that an EVPN MPLS network cannot peer with an EVPN MPLS network.
- Written by Nikhil Goyal
- Posted on 8月 18, 2022
- Updated on 8月 19, 2022
- 5874 Views
This feature adds streaming support for the IS-IS Link State Database OpenConfig model via gNMI. The current implementation supports a limited number of IS-IS TLVs and subTLVs.
- Written by Terence Hui
- Posted on 8月 18, 2022
- Updated on 8月 19, 2022
- 6208 Views
Configure trust mode for trusting traffic from phone’s, but not any other traffic coming from the same interface.
- Written by Rahul Kumar Singh
- Posted on 8月 18, 2022
- Updated on 10月 11, 2024
- 8560 Views
This article is intended to discuss how to configure the Phone VLAN on an Arista switch.
- Written by Shelly Chang
- Posted on 8月 23, 2022
- Updated on 8月 29, 2022
- 6272 Views
This feature allows PIMv4 to work with Multiprotocol BGP (MP-BGP), where IPv4 prefix routes are reachable via IPv6 next-hops.
- Written by Akanksha Gottipati
- Posted on 8月 23, 2022
- Updated on 9月 2, 2022
- 6214 Views
Allows the user to configure explicit QoS trust settings viz. trust mode, default cos and default dscp on subinterfaces, which may or may not be the same as the parent interface.
- Written by Fathima Thasneem
- Posted on 6月 20, 2022
- Updated on 9月 27, 2024
- 8199 Views
RFC2544 defines a number of benchmark tests that may be used to describe the performance characteristics of a network interconnecting device(s). Starting from 4.28.1F, Arista switches support throughput test belonging to a set of benchmark tests as defined in RFC2544. Starting from 4.29.0F, Arista switches support frame loss rate test.
- Written by Arun Ajith S
- Posted on 8月 18, 2022
- Updated on 8月 23, 2022
- 5811 Views
The original IPv6 Neighbor Discovery specification in RFC4861 instructs all devices to discard any neighbor-advertisement (NA) message received from a neighbor, if there is no existing entry already present in the neighbor cache.
- Written by David Cronin
- Posted on 3月 3, 2022
- Updated on 12月 19, 2024
- 20133 Views
Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.
- Written by David Cronin
- Posted on 3月 3, 2022
- Updated on 12月 2, 2024
- 12407 Views
Routing Control Functions (RCF) is a language that can express route filtering and attribute modification logic in a powerful and programmatic fashion.The document covers: Configurations of a RCF function for BGP points of application
- Written by Kalash Nainwal
- Posted on 12月 14, 2020
- Updated on 7月 31, 2024
- 12588 Views
RSVP-TE, the Resource Reservation Protocol (RSVP) for Traffic Engineering (TE), is used to distribute MPLS labels for steering traffic and reserving bandwidth. The Label Edge Router (LER) feature implements the headend functionality, i.e., RSVP-TE tunnels can originate at an LER which can steer traffic into the tunnel.
- Written by Tanuj Kumar Jhamb
- Posted on 12月 16, 2021
- Updated on 9月 2, 2022
- 8340 Views
This feature allows the user to configure upto 1023 unique QoS Policy-maps per chip.
- Written by Philip Bradish
- Posted on 8月 18, 2022
- Updated on 8月 23, 2022
- 6631 Views
This document describes the support for authenticating users using SSH certificates and the authorized principals command in EOS. SSH certificate authentication was previously restricted to just using the authorized principals file. This file is populated by configuring authorized principals for each user. In order to login with a SSH certificate a user must present a certificate that includes at least one of their configured principals. The authorized principals command allows this list of configured principals to be generated by an executable dynamically at runtime. This provides a more flexible and scalable way to perform SSH certificate authentication.
- Written by Fathima Thasneem
- Posted on 8月 23, 2022
- Updated on 5月 30, 2024
- 6623 Views
Interface reflectors are useful to make sure a service provided to customers is working as expected and it's within SLA constraints. Now, we are extending the support to configure subinterfaces as ethernet reflector. The Subinterface Interface Reflector feature allows performing certain actions (such as source/destination MAC address swap) on packets reaching subinterfaces patched to Pseudowire that are reflected back to the source interface. It is useful to test properties and SLAs before deploying the service for a customer.
- Written by Kaustav Majumdar
- Posted on 8月 23, 2022
- Updated on 9月 12, 2022
- 6575 Views
Support for Media Access Control Security ( MACsec ) was added in EOS-4.15.4. MACsec defines a secure channel ( SC ) from one peer to another peer as a security relationship which provides security guarantees for the frames transmitted from the first peer to the second peer.
- Written by Kundan Sen
- Posted on 8月 18, 2022
- Updated on 8月 22, 2022
- 5927 Views
This feature adds support for configuring multiple area addresses in an IS-IS instance.
- Written by Harsis Yadav
- Posted on 8月 18, 2022
- Updated on 8月 22, 2022
- 6450 Views
The feature allows the user to determine the rate of ingress packets on a class-map over a span of a specified interval. This specified interval is the global load-interval (default value is 5 minutes).
- Written by Gaofeng Yue
- Posted on 12月 20, 2021
- Updated on 9月 7, 2022
- 8000 Views
Currently EOS supports redistribution into BGP at the global (instance) level. Also EOS supports redistribution in
- Written by Prateek Mali
- Posted on 8月 19, 2020
- Updated on 11月 14, 2024
- 21764 Views
Access Control Lists (ACL) use packet classification to mark certain packets going through the packet processor pipeline and then take configured action against them. Rules are defined based on various fields of packets and usually TCAM is used to match packets to rules. For example, there can be a rule to match the packet source IP address against a list of IP addresses, and drop the packet if there is a match. This will be expressed in TCAM with multiple entries matching the list of IP addresses. Number of entries is reduced by masking off bits, if possible. TCAM is a limited resource, so with classifiers having a large number of rules and a big field list, TCAM runs out of resources.
- Written by Kallol Mandal
- Posted on 4月 25, 2022
- Updated on 9月 25, 2024
- 8806 Views
Overlay IPv6 routing over VXLAN tunnel using an anycast gateway (direct routing) has been previously supported using the “ipv6 virtual-router” configuration for both the data-plane and EVPN (or CVX) control-plane learning environments.
- Written by Xiaoman Chu
- Posted on 8月 18, 2022
- Updated on 6月 6, 2023
- 11440 Views
This feature allows customers to configure BFD intervals on a per BGP neighbor basis. We also have existing support for the configuration of BFD intervals on a per interface basis and the configuration of BFD intervals globally on the entire device.
- Written by James Brinkley
- Posted on 4月 25, 2022
- Updated on 1月 5, 2023
- 10355 Views
SWIM (SWI Modularized) is a change to the format of EOS.swi. It is a feature that is mostly internal, but has a few customer visible side-effects one should be mindful of.