BGP Non Stop Forwarding (NSF) aims to minimize the traffic loss when the the following scenarios occur:

In the traditional data center design, inter-subnet forwarding is provided by a centralized router, where traffic traverses across the network to a centralized routing node and back again to its final destination. In a large multi-tenant data center environment this operational model can lead to inefficient use of bandwidth and sub-optimal forwarding.

This feature introduces the support for IPv4 ACL configuration under GRE and IPsec tunnel interfaces and IPv6 ACL configuration under GRE tunnel interfaces. The configured ACL rules are applied to a tunnel terminated GRE packet i.e. any IPv4/v6-over-GRE-over-IPv4 that is decapsulated by the GRE tunnel-interface on which the ACL is applied, or a packet terminated on IPsec tunnel i.e, IPv4-over-ESP-over-encrypted-IPv4 packet that is decapsulated and decrypted by the IPsec tunnel interface on which the ACL is applied.

This feature introduces the ability to match on 1) any BGP aggregate contributor or 2) a specific BGP aggregate’s

This feature implements RFC 5310 that allows IS-IS PDUs to be authenticated using following secure hash algorithms (SHA): SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512. The feature is supported in both default and non-default vrf. Unlike the existing authentication scheme based on MD5 and ClearText, with this feature two IS-IS nodes can be configured with different SHA algorithm and secret-key and can still exchange IS-IS PDUs. 

EOS 4.21.3F EOS 4.30.0F

The ‘clear isis instance’ command can be used to reset the ISIS instance that is running. All ISIS instance and interface states will be cleared and re-initialized from the configuration so that ISIS rediscovers neighbors and reconverges the different instances in the ISIS routing tables.

This feature allows a user to configure a mirror session with subinterface sources from the CLI. This feature is only available with ingress mirroring (rx direction)

Time stamping is an important tool for network engineering and performance analysis. EOS-4.21.3F adds support for payload timestamping of all GRE encapsulated mirrored packets at line rate (initially only supported on the 7500R/7280R/7500R2/7280R2 series). A timestamp is taken on ingress and inserted into the GRE encapsulated mirrored packet payload at egress.

EOS 4.21.3F EOS 4.30.1F EOS 4.32.0F

In conventional VXLAN deployments, each MLAG pair of switches are represented as a common logical VTEP. VXLAN traffic can be decapsulated on either switch. In some networks, there are hosts that are singly connected to one of the MLAG pair.

Mlag VXLAN EOS 4.21.3F Multi Vtep

Selective ARP install is the selective programming of remote ARPs in hardware as received through EVPN Type 2 MAC-IP routes in an EVPN VXLAN/ MPLS Integrated Routing and Bridging (IRB) scenario. Instead of installing every MAC+IP binding received from EVPN into the hardware, the switch installs them only when there is routed traffic destined to the IP, thereby saving TCAM space on the switch. However, there is a tradeoff as there is an initial one-time latency to install the hardware TCAM entry on the first flow of routed traffic to the IP.

RIB Route Control is a collection of mechanisms for controlling how IP routing table entries get used. Next hop

Routing BGP VRF EOS 4.21.3F

The ‘show interfaces interactions’ command aims to provide users a resource that explains various relationships between ethernet interfaces. It describes interactions in which a configuration on an interface causes another set of interfaces to become inactive or have reduced capabilities.Examples include a primary interface consuming subordinate interfaces to service a four-lane speed or platform restrictions that require four interfaces of a port to operate at the same speed.

EOS 4.21.3F EOS 4.30.2F

This feature enables support for hardware accelerated sFlow while running in Tap Aggregation exclusive mode. This

EOS 4.21.3F