- Written by Tarun Jaswanth LNU
- Posted on 8月 24, 2020
- Updated on 10月 17, 2024
- 26833 Views
802.1X is an IEEE standard protocol that prevents unauthorized devices from gaining access to the network.
- Written by Kallol Mandal
- Posted on 3月 3, 2023
- Updated on 3月 7, 2023
- 6352 Views
In a VXLAN routing setup using VXLAN Controller Service (VCS), this feature will enable the following on a switch that is running as a VCS client.
- Written by Nathan Kitchen
- Posted on 4月 25, 2024
- Updated on 4月 25, 2024
- 2478 Views
EOS devices can accept gNMI Get requests with CLI commands as paths. Such requests must have the "origin" field of the path set to “cli”. When the “encoding” field of a Get request is set to “JSON” or “JSON_IETF”, or is not set, the output is returned as the eAPI model of the command, serialized as JSON. For example (using the command “show interfaces Ethernet1/1 status”):
- Written by Peter Friend
- Posted on 3月 3, 2023
- Updated on 3月 16, 2023
- 5400 Views
Creating Traffic Policies that regulate control plane traffic from BGP peers by writing the list of BGP peer addresses statically in a field-set is error prone and difficult to update. Selecting only internal or external peers requires additional care. This feature automatically populates a field-set with IPv4 or IPv6 prefixes corresponding to iBGP or eBGP peers.
- Written by Sameer Shah
- Posted on 3月 3, 2023
- Updated on 3月 16, 2023
- 6247 Views
This feature provides a mechanism to mark specific routes as resilient ECMP (RECMP) eligible using BGP RCF policies. A policy based mechanism provides a lot of flexibility in choosing the RECMP eligible routes using criteria such as:
- Written by Rashid Akhtar
- Posted on 3月 3, 2023
- Updated on 3月 17, 2023
- 5496 Views
This document describes the CLI introduced to change the default hardware FEC allocation scheme for IPv4/IPv6 attached routes. By default, level2 hardware FECs are allocated for attached IPv4/IPv6 routes. To change the default hardware FEC allocation scheme, this CLI can be used.
- Written by Radu Handolescu
- Posted on 3月 3, 2023
- Updated on 11月 15, 2024
- 6673 Views
Common Management Interface Specification (CMIS) defines, starting with revision 4.0, a standard mechanism for managing the firmware of compliant transceivers. This mechanism allows for transceivers’ firmware to be updated without having to remove the transceiver from the switch. Firmware updates may be necessary in a testing or production environment to resolve potential firmware bugs. Some transceivers may also support firmware management operations in a hitless manner (without impacting traffic).
- Written by Bharath Somayaji
- Posted on 11月 22, 2017
- Updated on 3月 3, 2023
- 8467 Views
DHCPv6 Prefix Delegation support enables a DHCP relay agent to program routes for addresses assigned by a DHCP server. The assigned prefixes could either be DHCPv6 IA_PD prefix delegation addresses, or DHCPv6 IA_NA global /128 addresses.
- Written by Jeevan Kamisetty
- Posted on 8月 23, 2022
- Updated on 11月 30, 2023
- 9961 Views
NDR switch sensor aka “monitor security awake” feature provides deep network analysis by doing deep packet inspection of some or all packets of traffic that's forwarded by the switch.
- Written by Dylan Walsh
- Posted on 10月 20, 2022
- Updated on 12月 20, 2024
- 7715 Views
EosSdkRpc is an agent built on top of the Arista EOS SDK. It uses gRPC as a mechanism to provide remote access to the EOS SDK. The gRPC interface that EosSdkRpc supports closely matches the interface provided by EOS SDK, and the intent is that the .proto interface can be publicly supported. EosSdkRpc allows for remote access and using protobuf to specify the interface isolates user code from the Linux ABI issues that come with building C++ applications on different compiler, libc, and kernel versions. EosSdkRpc is built using C++ but supports clients written in any of the languages currently supported by the gRPC framework.
- Written by Vamsi Anne
- Posted on 12月 29, 2021
- Updated on 12月 20, 2024
- 10630 Views
As Ethernet technologies made their way into the Metropolitan Area Networks (MAN) and the Wide Area Networks (WAN), from the conventional enterprise level usage, they are now widely being used by service providers to provide end-to-end connectivity to customers. Such service provider networks are typically spread across large geographical areas. Additionally, the service providers themselves may be relying on certain internet backbone providers, referred to as “operators”, to provide connectivity in case the geographical area to be covered is too huge. This mode of operation makes the task of Operations, Administration and Maintenance (OAM) of such networks to be far more challenging, and the ability of service providers to respond to such network faults swiftly directly impacts their competitiveness.
- Written by Mason Rumuly
- Posted on 3月 3, 2023
- Updated on 11月 13, 2024
- 8138 Views
Multihoming in EVPN allows a single customer edge (CE) to connect to multiple provider edges (PE or tunnel endpoint). In any multihoming EVPN instance (EVI), for each ethernet segment a designated forwarder is elected using EVPN type 4 Ethernet Segment (ES) routes sent through BGP. In single-active mode, the designated forwarder (DF) is responsible for sending and receiving all traffic. In all-active mode, the DF is only used to determine whether broadcast, unknown
- Written by Jeff Wen
- Posted on 1月 21, 2019
- Updated on 11月 30, 2023
- 10308 Views
In the traditional data center design, inter-subnet forwarding is provided by a centralized router, where traffic traverses across the network to a centralized routing node and back again to its final destination. In a large multi-tenant data center environment this operational model can lead to inefficient use of bandwidth and sub-optimal forwarding.
- Written by Joshua Boe
- Posted on 3月 3, 2023
- Updated on 3月 7, 2023
- 4764 Views
This feature adds an “exec” command for tracing that incorporates a time limit. Such time limited traces can be executed like so: start trace AGENT setting TRACE timeout TIME ( seconds | minutes | hours ). This is in contrast to the “config” commands for tracing, which do not have a time limit.
- Written by Kaushik Kumar Ram
- Posted on 8月 21, 2020
- Updated on 10月 17, 2024
- 9448 Views
Generic UDP Encapsulation (GUE) is a general method for encapsulating packets of arbitrary IP protocols within a UDP tunnel. GUE provides an extensible header format with optional data. In this release, decap capability of GUE packets of variant 1 header format has been added. This variant allows direct encapsulation using the UDP header without the GUE header. The inner payload could be one of IPv4, IPv6, or MPLS.
- Written by Aman Aman-Ul-Haq
- Posted on 3月 9, 2021
- Updated on 12月 1, 2023
- 11518 Views
The Segment security feature provides the convenience of applying policies on segments rather than interfaces or subnets. Hosts/networks are classified into segments based on prefixes. Grouping prefixes into segments allows for definition of policies that govern flow of traffic between segments.
- Written by Pauric Ward
- Posted on 3月 3, 2023
- Updated on 5月 30, 2024
- 5392 Views
This feature enables the user to configure a list or range of BGP attributes to be ignored by the router on receipt of a BGP update message. The BGP attributes are discarded from the BGP update message, and unless the action of discarding an attribute causes the update message to trigger error handling, then the update message is parsed as normal.
- Written by Padmanabh Ratnakar
- Posted on 10月 7, 2021
- Updated on 10月 14, 2024
- 12790 Views
For network monitoring and troubleshooting flow related issues, it is desirable to know the path, latency, queue and congestion information for flows at different times. The inband telemetry feature(INT), based on Inband Flow Analyzer RFC draft -IFA 2.0 and IFA 1.0(on some platforms) , is used to gather per flow telemetry information like path, per hop latency and congestion. INT is supported for both IPv4 and IPv6 traffic.
- Written by Neel Neogi
- Posted on 12月 30, 2020
- Updated on 6月 8, 2023
- 12710 Views
The document describes the support for dedicated and group ingress policing on interfaces without using QoS policy-maps to match on the traffic and apply policing.
- Written by Dhanashree Nagre
- Posted on 3月 16, 2022
- Updated on 3月 13, 2023
- 7150 Views
IPv6 routes of certain prefix lengths can be optimized for enhanced route scale on R/R2 series platforms. This TOI explains the usage of these optimizations.
- Written by Ramakrishnan G
- Posted on 9月 6, 2021
- Updated on 3月 16, 2023
- 6939 Views
IPv6 routes of certain prefix lengths can be optimized for enhanced route scale on R3. This TOI explains the usage of these optimizations.
- Written by Arpit Bansal
- Posted on 4月 23, 2018
- Updated on 11月 7, 2024
- 8257 Views
Traffic Engineering (TE) provides a mechanism to network administrators to control the path that a data packet takes, bypassing the standard routing model which uses routes along the shortest path. Traffic engineered paths are generally computed on the head-end routers of the topology based on various constraints (e.g. minimum bandwidth, affinity) configured for those paths and attributes (e.g available bandwidth, color) received from devices in the network topology. IS-IS Traffic Engineering (IS-IS TE) feature extends IS-IS protocol in EOS to carry TE attributes as part of its Link State Protocol Data Units (LSPs). Note that IS-IS in EOS only acts as a carrier for TE attributes and it is not used by any processing (e.g. SPF).
- Written by Zeyad Tamimi
- Posted on 3月 3, 2023
- Updated on 12月 19, 2024
- 8598 Views
At a high level, L1 profiles are a set of configurations which allow EOS users to change the numbering scheme and default L1 configurations of all front panel interfaces across their network switch. On Arista network switches, front panel transceiver cages are exposed as ports which are numbered sequentially: 1, 2, 3, 4, etc. These identifiers are usually marked on the front panel to allow for easier identification.
- Written by Andrei Dvornic
- Posted on 4月 2, 2015
- Updated on 2月 8, 2024
- 11837 Views
Loop protection is a loop detection and prevention method which is independent of Spanning Tree Protocol (STP) and is not disabled when the switch is in switchport backup mode or port is in discarding state. The LoopProtect agent has a method to detect loops and take action based on the configuration by the user. In order to find loops in the system, a loop detection frame is sent out periodically on each interface that loop protection is enabled on. The frame carries broadcast destination MAC address, bridge MAC source address, OUI Extended EtherType 0x88b7 as well as information to specify the origins of the packet.
- Written by Diksha Mahajan
- Posted on 3月 3, 2023
- Updated on 3月 7, 2023
- 6068 Views
A layer 3 subinterface is a logical endpoint associated with traffic on an interface distinguished by 802.1Q tags, where each interface, 802.1Q tag tuple, is treated as a routing interface.
- Written by Zhen Xue
- Posted on 3月 3, 2023
- Updated on 3月 28, 2023
- 5437 Views
A “boot extension” is an extension that gets installed automatically at switch boot time. This feature introduces a new CLI command boot extension <EXTENSION> to simplify the boot extension management and EOS upgrade/downgrade process.
- Written by Kevin Amiraux
- Posted on 9月 30, 2015
- Updated on 8月 16, 2024
- 12210 Views
Arista switches provide several mirroring features. Filtered mirroring to CPU adds a special destination to the mirroring features that allows the mirrored traffic to be sent to the switch supervisor. The traffic can then be monitored and analyzed locally without the need of a remote port analyzer. Use case of this feature is for debugging and troubleshooting purposes.
- Written by Dickson Chum
- Posted on 1月 3, 2023
- Updated on 9月 25, 2024
- 7902 Views
Mirroring to a GRE tunnel allows mirrored packets to transit to a L3 network using GRE encapsulation.
- Written by Siddarth Karki
- Posted on 3月 3, 2023
- Updated on 6月 15, 2023
- 5778 Views
From the 4.29.2F release of EOS, proactive probing of servers is supported. Using this feature Arista switches can continuously probe configured servers to check their liveliness and use the information obtained from these probes while sending out requests to the servers.
- Written by Manvendra Pratap Singh
- Posted on 3月 3, 2023
- Updated on 3月 17, 2023
- 5308 Views
When a GRE tunnel is configured, and a GRE-encapped MPLS packet arrives on decap-groups, the traffic-class is derived based on the packet outer DSCP value. This feature aims to allow the user to derive the traffic-class based on the MPLS traffic-class from the payload of the IPv4 GRE packet, using the existing MPLS-exp to TC mapping defined in global QoS maps.
- Written by Anmol Mani Tejeswar Sarma
- Posted on 3月 3, 2023
- Updated on 3月 20, 2023
- 4660 Views
Dynamic resizing of nexthop groups, allows a nexthop group to adjust its size in the hardware based on tunnel resolution. When there is a change in tunnel resolution, the hardware is automatically programmed with only those entries that are fully resolved. However, if the tunnel endpoint corresponding to a nexthop group entry becomes unreachable, the entry remains in use and any traffic destined for the endpoint gets blackholed.
- Written by Manpreet
- Posted on 3月 3, 2023
- Updated on 5月 22, 2023
- 5362 Views
The on boot link override feature adds support for keeping interfaces down at switch boot until the correct interface state can be determined by feature agents. Keeping the interfaces down through device boot will protect against transient traffic loss by preventing downstream peers from detecting a transient interface up and sending traffic to the device.
- Written by Kaushik Kumar Ram
- Posted on 3月 3, 2023
- Updated on 3月 6, 2023
- 6511 Views
By default, when an SVI is configured on a VXLAN VLAN, then broadcast, unknown unicast, and unknown multicast (BUM) traffic received from the tunnel are punted to CPU. However, sending unknown unicast and unknown multicast traffic to CPU is unnecessary and could have negative side effects. Specifically, these packets take the L2Broadcast CoPP queue to the CPU.
- Written by Zetang Lei
- Posted on 3月 3, 2023
- Updated on 3月 6, 2023
- 5004 Views
This feature introduces metric profiles to OSPF metric configurations. Metric profiles allow multiple metric configurations to be applied on the interface at the same time. When the interface speed drops below certain thresholds, the interface will automatically change the metric it uses based on the configurations in the metric profile.
- Written by David Cronin
- Posted on 3月 3, 2022
- Updated on 3月 14, 2024
- 9809 Views
This document describes a new CLI command to help debug how and why policy permits and denies paths. The aim of this CLI command is for the user to debug a route map or RCF (Routing Control Functions) function by specifying as input a prefix for which BGP has reachability for, either via a BGP peer or a redistribute source.
- Written by Padmanabh Ratnakar
- Posted on 4月 20, 2021
- Updated on 7月 15, 2024
- 13955 Views
The postcard telemetry (GreenT - GRE Encapsulated Telemetry) feature is used to gather per flow telemetry information like path and per hop latency. For network monitoring and troubleshooting flow related issues, it is desirable to know the path, latency and congestion information for flows at different times.
- Written by Eric Lanini
- Posted on 3月 3, 2023
- Updated on 10月 11, 2024
- 5304 Views
Precoding is used to help reduce the burst error length of DFE (Decision Feedback Equalizer) error events with PAM-4 modulation
- Written by Atul Gupta
- Posted on 3月 3, 2023
- Updated on 3月 20, 2023
- 5110 Views
This feature allows the network administrator to set a flag to allow the Explicit Congestion Notification (ECN) headers of a packet be preserved and copied to inner or outer packets when the packet is decapsulated or encapsulated on a Vxlan Tunnel Endpoint (VTEP).
- Written by Kieran Weaver
- Posted on 3月 3, 2023
- Updated on 2月 2, 2024
- 6619 Views
Media Access Control Security (MACsec) is an industry-standard encryption mechanism that protects all traffic flowing on the Ethernet links. MACsec is based on IEEE 802.1X and IEEE 802.1AE standards.
- Written by Yin Chen
- Posted on 3月 3, 2023
- Updated on 3月 7, 2023
- 5234 Views
This TOI document describes the supported Precision Time Protocol (PTP) functionality on the CCS-750X platforms. Due to the nature of the hardware for these products, the supported PTP functionality and interoperation with other features may differ from other Arista products.
- Written by David Cronin
- Posted on 3月 3, 2022
- Updated on 12月 19, 2024
- 20133 Views
Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.
- Written by David Cronin
- Posted on 3月 3, 2022
- Updated on 12月 2, 2024
- 12405 Views
Routing Control Functions (RCF) is a language that can express route filtering and attribute modification logic in a powerful and programmatic fashion.The document covers: Configurations of a RCF function for BGP points of application
- Written by Denny Hung
- Posted on 3月 3, 2023
- Updated on 3月 13, 2023
- 5669 Views
This feature adds support to interface traffic policies for routing matched unicast IPv4 or IPv6 traffic which ingresses on L3 interfaces according to the routing table of a secondary VRF.
- Written by Kalash Nainwal
- Posted on 12月 14, 2020
- Updated on 7月 31, 2024
- 12588 Views
RSVP-TE, the Resource Reservation Protocol (RSVP) for Traffic Engineering (TE), is used to distribute MPLS labels for steering traffic and reserving bandwidth. The Label Edge Router (LER) feature implements the headend functionality, i.e., RSVP-TE tunnels can originate at an LER which can steer traffic into the tunnel.
- Written by Ram Murthy
- Posted on 3月 3, 2023
- Updated on 8月 27, 2024
- 7258 Views
NAT has been supported in DCS-7150 for many years. Starting at EOS 4.21.6F, NAT functionality is supported on certain 7050X3 platforms.
- Written by Fathima Thasneem
- Posted on 8月 23, 2022
- Updated on 5月 30, 2024
- 6623 Views
Interface reflectors are useful to make sure a service provided to customers is working as expected and it's within SLA constraints. Now, we are extending the support to configure subinterfaces as ethernet reflector. The Subinterface Interface Reflector feature allows performing certain actions (such as source/destination MAC address swap) on packets reaching subinterfaces patched to Pseudowire that are reflected back to the source interface. It is useful to test properties and SLAs before deploying the service for a customer.
- Written by Adriana Costin
- Posted on 3月 3, 2023
- Updated on 3月 6, 2023
- 5031 Views
This feature introduces a new CLI command (agent Bgp snapshot mrt received routes [ VRF ] FILE) which generates an MRT file containing the peers, prefixes and path attributes received by a switch running multi-agent routing m
- Written by Rajiv Patil
- Posted on 9月 16, 2020
- Updated on 8月 30, 2024
- 15551 Views
Dynamic NAT is a feature which dynamically allocates an IP address to an incoming or outgoing flow. This address will replace source or destination IP for all packets of the flow.
- Written by Scott Bailey
- Posted on 3月 3, 2023
- Updated on 8月 30, 2023
- 5282 Views
This feature enables L3 reachability for the PTP on the switch using one or more shared “Loopback” interfaces.
- Written by Dongping Zhu
- Posted on 3月 3, 2023
- Updated on 8月 10, 2023
- 6063 Views
Leaf Smart System Upgrade (SSU) provides the ability to upgrade the EOS image with minimal traffic disruption. To perform the SSU, Spanning Tree Protocol (STP) should either be disabled or configured as MSTP. Meanwhile, all ports should be configured with admin edge ports (i.e., all ports are supposed to connect to host only) and the BPDU guard should be enabled for all edge ports.