Caveats and Limitations

  • This feature was introduced in EOS release 4.20.5F which uses /mnt/flash/cloud_ha_config.json file for Cloud HA configuration without any CLI support. Starting from release 4.20.5.A1 onwards, Cloud HA feature supports CLI based configuration only. Deployments using JSON based configurations are not supported and will not work when the image is upgraded or downgraded. To upgrade image, the administrator must configure Cloud HA feature manually by converting the JSON configuration to equivalent CLI configuration. Downgrading will work as long as the older JSON file is still present in /mnt/flash directory.
  • Only a single resource-group is supported across all routing entries for Azure under Cloud specific config HA configuration.
  • The Cloud HA feature currently supports only a single peer.
  • The AWS IAM role or Azure MSI needs to be configured properly using cloud provider's management tools and should give sufficient permissions to CloudEOS and vEOS instance to access and update route table entries.
  • The CloudEOS and vEOS instance should have connectivity to the cloud provider's web services. The access can also be via proxy or using feature like AWS private-link.
  • The recovery wait-time should not be configured less than 10 seconds to avoid unnecessary route flapping when experiencing periodic instabilities.
  • The Cloud HA feature completely validates all the provided cloud configuration to make sure it is consistent and has all required permissions. However, the administrator should not change the provider's network configuration afterwards to avoid any issues during fail-over.
  • When there are BFD connectivity issues between the two CloudEOS and vEOS peers, each instance will take over the other's traffic. This cross traffic forwarding on provider's network should not have any adverse affect and still work as active-active even though both of the instance will report as fail-over. After the network connectivity is resolved, the traffic pattern reverts to the normal active-active mode.
  • The user can adjust the BFD specific parameters for the session used by Cloud HA feature using normal BFD commands such as multiplier, tx/rx intervals, etc. The Cloud HA fail-over and traffic takeover time is directly correlated with BFD failure detection time. However, when using an overly aggressive BFD, the failover time may incur higher overhead as well may result in greater instability during traffic bursts. Arista recommends using the use default BFD interval which is currently 300 msec with a multiplier of 3.
  • The bfd source-interface used in Cloud HA configuration should not belong and/or routable via the route-tables controlled by the CloudEOS and vEOS router instance itself to avoid traffic looping issues.
  • If the Cloud HA is in an invalid configuration state due to erroneous/mismatched configuration in the provider's cloud, the administrator has to force update the Cloud HA configuration (for example, by shut/no shut under Cloud HA mode) after updating the provider's cloud configuration. In other words, by itself, the Cloud HA feature will not retry the back-end configuration check if it is found to be invalid at the time of configuration.