EOS 4.25.0F TOI

Filtered Mirroring allows certain packets to be selected for mirroring, rather than all packets ingressing or egressing a particular port.

This feature adds support for a dynamic configuration model to eliminate the need for the network administrator to

This feature adds a configuration option which provides a CLI error if a reference is made to an unconfigured policy

This document presents Arista Macro-Segmentation Service - Firewall (MSS-FW) deployment in a network with multiple Virtual Routing and Forwarding (VRF) instances.

To use IPv6 addresses for VXLAN underlay, there are two different approaches.  The first approach is to make use of

A dynamic ACL is dynamically created on a switch based on the contents of NAS Filter Rule AVP attributes sent from a

This feature provides the capability to count the number of packets hitting rules associated with egress ACLs

Security MAC ACLs can be used to permit and/or deny ethernet packets on the egress port by matching on the following

Normally the ingress router in the following diagram has no control over an autonomous system border router’s

This feature adds control plane support for inter subnet forwarding between EVPN networks. This support is achieved

In a traditional EVPN VXLAN centralized anycast gateway deployment, multiple L3 VTEPs serve the role of the

This feature introduces the hardware forwarding support for IPv4 over IPv4, GRE-Tunnel interfaces on Arista Switches. A GRE-Tunnel interface acts as a logical interface which performs the GRE encapsulation or decapsulation.

This feature adds support for PIM SM (Sparse Mode) for IPv6 Multicast Routing on platforms listed below. 

Normally, a switch traps L2 protocol frames to the CPU. However, certain use-cases may require these frames to be forwarded or dropped. And in cases where the L2 protocol frames are forwarded (eg: Pseudowire), we may require the frames to be trapped to the CPU or dropped. The L2 Protocol Forwarding feature provides a mechanism to control the behavior of L2 protocol frames received on a port or subinterface.

A L2 sub-interface is a logical bridging endpoint associated with traffic on an interface distinguished by 802.1Q tags, where each <interface, 802.1q tag> tuple is treated as a first class bridging interface.

LANZ is the EOS Latency and congestion ANalyZer. On DCS-7280, DCS-7020, DCS-7500 and DCS-7800 series, it allows monitoring congestion and transmit latencies on both front panel and CPU ports.

Logical ports are hardware resources that are required to activate interfaces.

The multicast keyword extends the accounting group to send Accounting Request packets to all servers in a group at the

Previously, the maximum valid port channel ID was equal to the maximum number of port channels configurable on the

When the MLAG peer link goes down, the secondary peer assumes the primary peer is down/dead, and takes over the primary

MLDv2 Snooping optimizes the transmission of multicast packets in Layer 2 by using Layer 3 information contained in

MRU (maximum receive unit) enforcement provides the ability to drop frames that exceed a configured threshold on the ingress interface.

When a static route is configured with a nexthop group, by default the static route is eligible for FIB insertion

In a symmetric network topology, for the same ECMP (Equal Cost Multi Path) route programmed at different devices in a switch layer, the various devices can program ECMP next hops in the FEC (Forwarding Equivalence Class) for that route in varying orders.

BFD sessions are only established for OSPFv2 and OSPFv3 adjacencies that are in the FULL state.  In a LAN environment

This feature provides isolation and allows segregating/dividing the link state database based on interface. 

QinQ L3 subinterfaces divide a single ethernet or port channel interface into multiple logical L3 interfaces based

This feature adds support to match against nexthop address for VPNV4/V6 routes. This support allows

RSVP TE, the Resource Reservation Protocol (RSVP) for Traffic Engineering (TE), is used to distribute MPLS labels

Network administrators require access to flow information that passes through various network elements, for the purpose of analyzing and monitoring their networks. This feature provides access to IP flow information by sampling traffic flows in ingress and/or egress directions on the interfaces on which it is configured. The samples are then used to create flow records, which are exported to the configured collectors in the IPFIX format. Egress Flow tracking is supported from EOS-4.29.0F on the DCS-7170B-64C series and supported on 7280, 7500 and 7800 series platforms from EOS-4.31.1".

The NTP service in EOS may be configured to act as an NTP server for other devices as clients.  Previously, all clients

The feature allows modification of the egress TTL of packets routed via PBR, and  to modify the TTL of naked IP/IPv6

This feature enables ACL functionality on subinterfaces. Release. Update. 4.17.0F . Support for

This feature extends link bandwidth extended community deletion mechanism, which previously always required

A Management VRF instance allows network operators to separate their management traffic from the rest of the

This feature supports IPv6 link local nexthops belonging to a Nexthop Groups (NHG). Only nexthop

This document describes the OSPFv2 and OSPFv3 feature that allows enabling or disabling the inclusion of LSAs having “Down” (DN) bit set in SPF calculations. The DN Bit is a loop prevention mechanism implemented when OSPF is used as CE - PE IGP protocol.

Private VLAN is a feature that segregates a regular VLAN broadcast domain while maintaining all ports in the same IP subnet. There are three types of VLAN within a private VLAN

4.25.0F adds support to use large community lists in the ‘set large community’ route map set clause.

Access Control Lists (ACL) use packet classification to mark certain packets going through the packet processor pipeline and then take configured action against them. Rules are defined based on various fields of packets and usually TCAM is used to match packets to rules. For example, there can be a rule to match the packet source IP address against a list of IP addresses, and drop the packet if there is a match. This will be expressed in TCAM with multiple entries matching the list of IP addresses. Number of entries is reduced by masking off bits, if possible. TCAM is a limited resource, so with classifiers having a large number of rules and a big field list, TCAM runs out of resources.

WRED stands for Weighted Random Early Detection for congestion avoidance. A queue can differentiate certain

TAP Aggregation support for the DCS 7280R3 and DCS 7500R3 series is documented below, including the release in which a

BGP routing information often contains more than one path to the same destination network. The BGP best-path selection algorithm determines which of these paths should be considered as the best path to that network.

This document details how to use the Zero Touch Provisioning (ZTP) USB configuration feature. Arista’s Zero Touch