- Written by Tarun Jaswanth LNU
- Posted on 8月 24, 2020
- Updated on 10月 17, 2024
- 26593 Views
802.1X is an IEEE standard protocol that prevents unauthorized devices from gaining access to the network.
- Written by Forhad Ahmed
- Posted on 9月 11, 2023
- Updated on 11月 22, 2023
- 4381 Views
Starting from 4.27.2F, IPFIX sampling introduced the capability to report BGP metadata for routes resolving over various tunnel types (ISIS-SR tunnels, NexthopGroups, etc). For example BGP over ISIS-SR - BGP nexthop reported: 100.0.0.1
- Written by Ruoyi Wang
- Posted on 8月 31, 2023
- Updated on 9月 5, 2023
- 5050 Views
This feature allows the logging of packets matching deny rules in ingress ACLs applied on subinterfaces. This behavior can be enabled by using the log keyword when configuring an ACL deny rule. A copy of the packet matching those ACL rules is sent to the control plane, where a syslog entry of the packet header is being generated.
- Written by Deepak Sebastian
- Posted on 8月 31, 2023
- Updated on 10月 9, 2024
- 5273 Views
Agile ports allow users to connect 40G interfaces on 7130 products utilizing multiple SFP ports per 40G capable interface. This enables 40G capable applications, such as MetaConnect and MetaWatch, to operate at that speed.
- Written by Kumaran Narayanan
- Posted on 9月 11, 2023
- Updated on 9月 11, 2023
- 4147 Views
Arista’s WAN routing solution comes with a suite of features. The network can spread across multiple geographical locations and make use of multiple types of service providers. One particular routing feature of this WAN network is called Adaptive virtual topology ( AVT ). Using AVT, the network operator can segment the physical topology into various virtual topologies based on certain constraints such as latency, jitter or packet loss.
- Written by Dongliang Feng
- Posted on 9月 11, 2023
- Updated on 9月 11, 2023
- 4954 Views
This is achieved by using the next-hop of the static route as the peer IP address for the BFD session. The static route is either installed or removed based on the status of the underlying BFD session. A static route whose next-hop is configured to be tracked by BFD is referred to as a ‘BFD tracked static route’ in the context of this document. This feature is supported for both IPv4 and IPv6 static routes.
- Written by Jason Shamberger
- Posted on 3月 11, 2020
- Updated on 11月 14, 2024
- 16423 Views
EOS 4.21.3F introduces support for BGP Flowspec, as defined in RFC5575 and RFC7674. The typical use case is to filter or redirect DDoS traffic on edge routers.
- Written by Andrew Li
- Posted on 8月 31, 2023
- Updated on 4月 10, 2024
- 5546 Views
This feature enables Flowspec rules to be leaked from one VRF to another. When combined with the ability to apply Flowspec rules from one VRF to interfaces in another VRF, this feature makes it possible to combine rules from different source VRFs into a target VRF, and apply the target VRF’s rules on the interfaces of the source VRFs.
- Written by Bhavin Patel
- Posted on 3月 24, 2020
- Updated on 2月 15, 2024
- 10320 Views
This feature allows failover to the backup path to occur in constant time per interface going down for features such as RSVP link protection, RSVP node protection, TI-LFA link protection, and BGP PIC. Without this feature enabled, it would take time proportional to the number of paths going over the interface experiencing the link down event to failover to the backup path. With this feature enabled, the failover time would be constant regardless of the number of paths.
- Written by Ravi Verman
- Posted on 8月 31, 2023
- Updated on 8月 31, 2023
- 4012 Views
Class Based Forwarding (CBF) is a way of steering IP traffic into specific tunnels based on the ingress DSCP values.CBF is implemented in the hardware using an override model.
- Written by Diego Asturias
- Posted on 4月 7, 2021
- Updated on 9月 13, 2023
- 9266 Views
CLI extension allows for custom CLIs commands/modes to be defined in EOS. It also integrates with EOS SDK to be able to control a daemon’s configuration and read a daemon’s status from the CLI command handlers. This feature is intended to have more customization compared to the “daemon cli” feature, which only allows for key/value pairs as cli commands, and doesn’t allow for custom CLI commands. It does this by using a statically defined YAML file that contains the daemon definition (EOS SDK or not), CLI mode, and CLI commands, very much akin to what is provided by the via configuration in the daemon cli mode.
- Written by Vijaikumar M
- Posted on 9月 8, 2023
- Updated on 9月 8, 2023
- 4105 Views
Software Forwarding Engine (SFE) is a DPDK-based packet processing software and forwarding agent, which is being used in the CloudEOS and AWE 5000 series platforms. The SFE forwarding agent supports IPFIX hardware flow tracking.
- Written by Alex Volinsky
- Posted on 9月 11, 2023
- Updated on 9月 11, 2023
- 4343 Views
Coherent transceivers, compliant with Coherent Common Management Interface Specification (C-CMIS) maintain two sets of thresholds to detect and report two types of link degradation: FEC excessive degrade (FED) and FEC detected degrade (FDD).
- Written by Ajay Kini
- Posted on 8月 31, 2023
- Updated on 9月 8, 2023
- 4743 Views
BGP VPN routes today advertise a label by dynamically allocating it from a dynamic label range block without providing the user any control over the label value that is allocated per VRF’s address Family - VPNv4 or VPNv6. This feature allows the user to configure a unique label per VRF’s configured address-family, VPNv4 or VPNv6, thereby allowing the user granular control over the label value advertised with VPN routes exported from a VRF.
- Written by David Joseph
- Posted on 8月 31, 2023
- Updated on 10月 9, 2024
- 4625 Views
Arista’s DCS-7130B series of switches are network devices designed for ultra low-latency applications along with a suite of networking features.
- Written by Harish Prabhu
- Posted on 8月 31, 2023
- Updated on 9月 12, 2023
- 5610 Views
By default, the DSCP and ECN bits of VXLAN bridged packets are not rewritten. Currently, for bridged packets undergoing VXLAN encapsulation, the DSCP in the outer IP header is derived from TC and the ECN bits are set to zero. The desired behavior is that the outer IP header should be remarked with ingress packet DSCP and ingress packet ECN. Also, local congestion should be handled correctly.
- Written by Jacob Sword
- Posted on 2月 16, 2022
- Updated on 3月 7, 2024
- 9764 Views
Multiple dynamic counter features may be enabled simultaneously, primarily configured using the [no] hardware counter feature [feature] CLI commands. Compatibility of these features has been enhanced to allow for greater flexibility in simultaneously enabled counter features. Changes in counter feature compatibility across EOS releases is detailed below.
- Written by Jeevan Kamisetty
- Posted on 8月 23, 2022
- Updated on 11月 30, 2023
- 9889 Views
NDR switch sensor aka “monitor security awake” feature provides deep network analysis by doing deep packet inspection of some or all packets of traffic that's forwarded by the switch.
- Written by Leighton Carmichael-Powell
- Posted on 8月 31, 2023
- Updated on 9月 8, 2023
- 4563 Views
This document describes the on_nexthop_group_programmed event within the context of both the EOS SDK and the EOS SDK RPC agent. This event is triggered when there is an update to the state of a watched nexthop group. These state updates include both the hardware programming of the group itself, as well as the hardware status of any counters associated with the group.
- Written by Dylan Walsh
- Posted on 10月 20, 2022
- Updated on 6月 10, 2024
- 7645 Views
EosSdkRpc is an agent built on top of the Arista EOS SDK. It uses gRPC as a mechanism to provide remote access to the EOS SDK. The gRPC interface that EosSdkRpc supports closely matches the interface provided by EOS SDK, and the intent is that the .proto interface can be publically supported. EosSdkRpc allows for remote access and using protobuf to specify the interface isolates user code from the Linux ABI issues that come with building C++ applications on different compiler, libc, and kernel versions. EosSdkRpc is built using C++ but supports clients written in any of the languages currently supported by the gRPC framework.
- Written by Abhiram Kalluru
- Posted on 8月 31, 2023
- Updated on 9月 12, 2023
- 4704 Views
This feature allows exporting IP-in-IP tunnel counters through the OpenConfig AFT YANG models.This exporting IP-in-IP counters feature is supported on all platforms, however counting the IP-in-IP tunnel packets is supported only on DCS-7500R3, DCS-7280R3 and DCS-7800R3 series.
- Written by Yongxiang Chen
- Posted on 8月 31, 2023
- Updated on 9月 8, 2023
- 5290 Views
In EVPN VXLAN context, binding a VRF to a VNI usually consumes a dynamic VLAN as shown in the following sample CLI configuration. The usable range of dynamic VLANs is from 1 to 4094, which is also shared by other features such as internal VLANs. The document describes the extended VLAN support for EVPN VXLAN, which increases the number of usable dynamic VLANs. The extended VLAN range is from 4101 to 8191.
- Written by Edwin Tambi
- Posted on 8月 19, 2020
- Updated on 7月 3, 2024
- 20660 Views
EOS supports the ability to match on a single VLAN tag (example: encapsulation dot1q vlan 10) or a VLAN tag pair (example: encapsulation dot1q vlan 10 inner 20) to map matching packets to an interface. In this case, the encapsulation string is considered consumed by the mapped interface before forwarding, which means that the tags are effectively removed from the incoming packet for the purposes of any downstream forwarding.
- Written by Kaushik Kumar Ram
- Posted on 8月 21, 2020
- Updated on 10月 17, 2024
- 9384 Views
Generic UDP Encapsulation (GUE) is a general method for encapsulating packets of arbitrary IP protocols within a UDP tunnel. GUE provides an extensible header format with optional data. In this release, decap capability of GUE packets of variant 1 header format has been added. This variant allows direct encapsulation using the UDP header without the GUE header. The inner payload could be one of IPv4, IPv6, or MPLS.
- Written by Zhuang Liu
- Posted on 8月 22, 2023
- Updated on 8月 25, 2023
- 5213 Views
This feature is used to send gratuitous ARPs and NDs to update the mac address in neighbors’ mac address table when the users configure to change the mac address in the routed interface.
- Written by Sudheer Y R
- Posted on 10月 9, 2018
- Updated on 12月 5, 2023
- 19607 Views
This feature introduces the hardware forwarding support for IPv4 over IPv4, GRE-Tunnel interfaces on Arista Switches. A GRE-Tunnel interface acts as a logical interface which performs the GRE encapsulation or decapsulation.
- Written by Vivek Dua
- Posted on 9月 15, 2023
- Updated on 9月 15, 2023
- 3944 Views
Current behavior for IPv4 Options packets is to let Kernel do the forwarding. Strata Platforms do this by setting the action of drop=1 and CPU=1 in the IP_OPTION_CONTROL_PROFILE_TABLE Hardware table so that all IPv4 options packets reach the CPU for forwarding in the Kernel.
- Written by Jyothish Kunkumath
- Posted on 1月 6, 2022
- Updated on 12月 2, 2024
- 11646 Views
IPSec tunnel mode support allows the customer to encrypt traffic transiting between two tunnel endpoints.
- Written by Bharathram Pattabhiraman
- Posted on 8月 31, 2023
- Updated on 9月 4, 2023
- 5783 Views
This solution allows delivery of IPv6 multicast traffic in an IP-VRF using an IPv4 multicast in the underlay network. The protocol used to build multicast trees in the underlay network is PIM Sparse Mode.
- Written by Sarah Chen
- Posted on 1月 12, 2022
- Updated on 10月 30, 2023
- 10519 Views
IS-IS flexible algorithm (FlexAlgo) provides a lightweight, simplified mechanism for performing basic traffic engineering functions within a single IS-IS area. FlexAlgo requires the cooperation of all nodes within the IS-IS area but does not require an external controller. Paths are computed by each node within the area, resulting in an MPLS switched forwarding path to nodes that are advertising a node Segment Identifier (SID) for the algorithm. The results of the path computation are placed in the colored tunnel RIB or system tunnel RIB, which simplifies route resolution.
- Written by Zeyad Tamimi
- Posted on 3月 3, 2023
- Updated on 12月 17, 2024
- 8515 Views
At a high level, L1 profiles are a set of configurations which allow EOS users to change the numbering scheme and default L1 configurations of all front panel interfaces across their network switch. On Arista network switches, front panel transceiver cages are exposed as ports which are numbered sequentially: 1, 2, 3, 4, etc. These identifiers are usually marked on the front panel to allow for easier identification.
- Written by Ferenc Janky
- Posted on 9月 11, 2023
- Updated on 9月 12, 2023
- 4379 Views
Configuring loopback is a vital tool in troubleshooting physical layer issues in computer networks. It enables the creation of a closed environment for self-verification and testing. It is essential for isolating problems related to cabling, hardware, and network interfaces. Loopback tests confirm the integrity of physical interconnections by sending traffic back to the source device. [This traffic can be injected, or a generated test pattern]. This can help to locate the source of issues in the physical layer.
- Written by Alejandro Schwoykoski
- Posted on 12月 22, 2021
- Updated on 11月 14, 2024
- 11874 Views
MetaMux is an FPGA-based feature available on Arista’s 7130 platforms. It performs ultra-low latency Ethernet packet multiplexing with or without packet contention queuing. The port to port latency is a function of the selected MetaMux profile, front panel ingress port, front panel egress port, FPGA connector ingress port, and platform being used.
- Written by David Mirabito
- Posted on 12月 30, 2021
- Updated on 12月 12, 2024
- 15849 Views
MetaWatch is an FPGA-based feature available for Arista 7130 Series platforms. It provides precise timestamping of packets, aggregation and deep buffering for Ethernet links. Timestamp information and other metadata such as device and port identifiers are appended to the end of the packet as a trailer.
- Written by Abdul Haseeb Jehangir
- Posted on 3月 12, 2020
- Updated on 11月 20, 2024
- 11577 Views
Mirror on drop is a network visibility feature which allows monitoring of MPLS or IP flow drops occurring in the ingress pipeline. When such a drop is detected, it is sent to the control plane where it is processed and then sent to configured collectors. Additionally, CLI show commands provide general and detailed statistics and status.
- Written by Dickson Chum
- Posted on 1月 3, 2023
- Updated on 9月 25, 2024
- 7801 Views
Mirroring to a GRE tunnel allows mirrored packets to transit to a L3 network using GRE encapsulation.
- Written by Johnny Chen
- Posted on 9月 15, 2023
- Updated on 6月 12, 2024
- 4882 Views
For traffic mirroring, Arista switches support several types of mirroring destinations. This document describes a new type of mirroring destination in which mirrored traffic is tunneled over VXLAN as the inner packet to a remote VTEP. This feature is useful for when the traffic analyzer is a VTEP reachable over a VXLAN tunnel.
- Written by Jonathan Ho
- Posted on 8月 31, 2023
- Updated on 9月 5, 2023
- 5013 Views
In networks where source and destination of multicast traffic all reside in the same VLAN, IPv6 multicast traffic is flooded to all ports in the VLAN by default. MLD snooping can be enabled to optimize the inefficient transmission, pruning out ports with no receivers.
- Written by Bharathram Pattabhiraman
- Posted on 8月 31, 2023
- Updated on 9月 4, 2023
- 5228 Views
This solution optimizes the delivery of multicast to a VLAN over an Ethernet VPN (EVPN) network. Without this solution IPv6 multicast traffic in a VLAN is flooded to all Provider Edge(PE) devices which contain the VLAN.
- Written by Tanushree Bansal
- Posted on 8月 31, 2023
- Updated on 9月 4, 2023
- 4734 Views
This feature adds the support for OSPF multi-site domains described in RFC 4577(OSPF as the Provider/Customer Edge Protocol for BGP/MPLS IP Virtual Private Networks (VPNs) ) and enables routes BGP VPN routes to retain their original route type if they are in the same OSPF domain. Two sites are considered to be in the same OSPF domain if it is intended that routes from one site to the other be considered intra-network routes.
- Written by Bharathram Pattabhiraman
- Posted on 2月 11, 2021
- Updated on 9月 21, 2023
- 25468 Views
This solution allows delivery of multicast traffic in an IP VRF using multicast in the underlay network. It builds on
- Written by Brian Schuette
- Posted on 8月 22, 2023
- Updated on 8月 20, 2024
- 5558 Views
The Arista OSFP-400G-SRBD and QDD-400G-SRBD modules (Sometimes referred to as “400G-BIDI” or “400G-SR4.2”) may be used with other 400G-BIDI / 400G-SR4.2 modules, or connected to four 100G-BiDi modules indicated below.
- Written by Haris S M
- Posted on 8月 31, 2023
- Updated on 9月 4, 2023
- 4923 Views
Configuring OSPF as PE-CE protocol enables us to distinguish between the “real external routes” and intra network routes between the sites that are stretched across VPN. But the problem arises when VPN sites are in the same area and have a backdoor connection. With OSPF as PE-CE protocol redistribution, CE routers end up getting inter-area routes(assuming the VRFs on the PE devices that connect the CE sites, are configured with the same OSPF domain id) that actually belong to the same area and just happen to be multihomed to the backbone.
- Written by Ajay Seshadri
- Posted on 6月 29, 2023
- Updated on 9月 1, 2023
- 6388 Views
This document describes the PFC (priority-based flow control) history counters that are available to debug network oversubscription issues. These counters track statistics on the switch that is sending network traffic at a rate that is more than what its peer can handle.
- Written by Saravanan Balasubramanian
- Posted on 9月 11, 2023
- Updated on 9月 13, 2023
- 4795 Views
In a modular system there are two supervisors which ensures redundancy in event of Hardware and software failures. At any given time, only one supervisor is in control (managing most hardware, including all the linecards). We call it the active supervisor. The other supervisor is called standby supervisor, which serves as a backup in case the active supervisor fails. Stateful switchover is the transition when the standby supervisor takes over control of the entire system from the active supervisor (and therefore becomes the new active). This document describes PIM SSO works and its limitations.
- Written by Padmanabh Ratnakar
- Posted on 4月 20, 2021
- Updated on 7月 15, 2024
- 13887 Views
The postcard telemetry (GreenT - GRE Encapsulated Telemetry) feature is used to gather per flow telemetry information like path and per hop latency. For network monitoring and troubleshooting flow related issues, it is desirable to know the path, latency and congestion information for flows at different times.
- Written by Hillol Chakraborty
- Posted on 9月 15, 2023
- Updated on 9月 15, 2023
- 4309 Views
TStarting from EOS-4.17.0F, the capability of advertising IPv4 unicast Network Layer Reachability Information (NLRI) with IPv6 next-hops over IPv6 peering sessions, as described in the Extended Next Hop Encoding capability in RFC5549, is supported. This document describes the feature that allows the redistribution of such routes into OSPF.
- Written by Sabarinath Timma Mohan
- Posted on 8月 31, 2023
- Updated on 8月 31, 2023
- 4702 Views
PIM Reverse Path Forwarding (RPF) is a mechanism that allows the multicast routers to send the PIM control packets to the upstream routers via the shortest path to form the RP/Source Tree.
- Written by David Cronin
- Posted on 3月 3, 2022
- Updated on 12月 2, 2024
- 12312 Views
Routing Control Functions (RCF) is a language that can express route filtering and attribute modification logic in a powerful and programmatic fashion.The document covers: Configurations of a RCF function for BGP points of application
- Written by Kalash Nainwal
- Posted on 12月 14, 2020
- Updated on 7月 31, 2024
- 12520 Views
RSVP-TE, the Resource Reservation Protocol (RSVP) for Traffic Engineering (TE), is used to distribute MPLS labels for steering traffic and reserving bandwidth. The Label Edge Router (LER) feature implements the headend functionality, i.e., RSVP-TE tunnels can originate at an LER which can steer traffic into the tunnel.