Configuring the TTL for PTP Packets
To set the Time To Live (TTL) of PTP packets, use the ptp ttl command. TTL is the maximum number of hops that a PTP packet may make.
Example
switch(config)# ptp ttl 64
switch(config)#
To set the Time To Live (TTL) of PTP packets, use the ptp ttl command. TTL is the maximum number of hops that a PTP packet may make.
Example
switch(config)# ptp ttl 64
switch(config)#
PTP monitoring records PTP information including offset from master, mean path delay, and skew values, which can then be viewed using a show command. When this feature is enabled, PTP Syslog messages will also be generated for those metrics for which threshold values have been configured on the switch. PTP monitoring is enabled by default.
Use the ptp monitor command to enable PTP monitoring on the device (it is enabled by default). The no form of the command disables PTP monitoring and clears all the recorded PTP data.
Example
switch(config)# no ptp monitor
The offset is the difference in nanoseconds between master and slave time. Use the ptp monitor threshold offset-from-master command to specify the offset-from-master threshold in nanoseconds. A Syslog message is generated if the most recently calculated time offset from the PTP master is outside of the range (-<threshold>, <threshold>). The maximum offset threshold is one second. The no form of the command clears the threshold value and prevents further Syslog messages from being generated for this parameter.
Example
switch(config)# ptp monitor threshold offset-from-master 500
Example
switch(config)# ptp monitor threshold mean-path-delay 2000
PTP skew is the clock frequency difference between master and slave. Use the ptp monitor threshold skew command to configure the value of the skew-threshold percentage. A Syslog message is generated if the value of the most recently calculated skew is not in the range (1/(1+<threshold>), 1*(1+<threshold>)). Skew threshold percentage is represented a double precision (16 digit) real number ranging from 0 (0%) to 10 (1000%). The no form of the command clears the threshold value and prevents further Syslog messages from being generated for this parameter.
Example
switch(config)# ptp monitor threshold skew 5
To set the interval at which an interface sends PTP announce messages, use the ptp announce interval command. The interval is measured in log seconds. This value also affects the timeout interval.
switch(config)# interface ethernet 5
switch(config-if-Et5)# ptp announce interval 2
switch(config-if-Et5)#
The first three procedures require Aboot Shell access through the console port. If the console port is not accessible, use the last procedure in the list to replace the configuration file through the USB Flash Drive.
1 describes the switch booting process and includes descriptions of the Aboot shell, Aboot boot loader, and required configuration files.
The enable password controls access to Privileged EXEC mode. To prevent unauthorized disclosure, the switch stores the enable password as an encrypted string that it generates from the clear-text password. When the switch authentication mode is local and an enable password is configured, the CLI prompts the user to enter the clear-text password after the user types enable at the EXEC prompt.
The startup-config file stores the encrypted enable password to ensure that the switch loads it when rebooting. If the text version of the enable password is lost or forgotten, access to enable mode is restored by removing the encrypted enable password from the startup configuration file.
This procedure restores access to enable mode without changing any other configuration settings.
The startup-config file contains configuration parameters that the switch uses during a boot. Parameters that do not appear in startup-config are set to their factory defaults when the switch reloads. The process requires the Aboot password if Aboot is password protected.
This procedure reverts EOS configuration settings to the default state through bypassing the startup-config file during a switch boot.
A fullrecover command removes all internal flash contents (including configuration files, EOS image files, and user files), then restores the factory default EOS image and startup-config. A subsequent installation of the current EOS image may be required if the default image is outdated. This process requires Aboot shell access through the console port.
This procedure restores the factory default EOS image and startup configuration.
Use Arista’s Zero Touch Provisioning to configure a switch without user intervention. The USB adds another way to provide the bootstrap-name and to verify the authenticity of the file-server.
A USB containing a yaml configuration file is plugged into the Arista EOS switch before powering on the switch.
"bootstrapUrl"
"serverCaCertificate"
"enrollmentToken"
"version": "1.0"
"bootstrapUrl"
"serverCaCertificate"
"enrollmentToken"
"version": "1.0"
"bootstrapUrl"
"serverCaCertificate"
"enrollmentToken"
"version": "1.0"
"bootstrapUrl"
"serverCaCertificate"
"enrollmentToken"
"version": "1.0"
The USB flash drive port can be used to restore an original configuration when you cannot establish a connection to the console port. This process removes the contents of the internal flash drive, restores the factory default configuration, and installs a new EOS image from the USB flash drive.
This procedure restores the factory default configuration and installs an EOS image stored on a USB flash drive.
The configure replace command replaces the current configuration with the new configuration from the specified source.
Command Mode
Privileged EXEC
Command Syntax
configure replace {source_file_path:source_file_name | boot-extensions | clean-config | installed-extensions | running-config | startup-config}[ignore-errors] [md5 md5sum] [skip-checkpoint]
switch(config)# configure replace start-config
! Preserving static routes. Use 'no ip routing delete-static-routes' to clear
them.
switch#
The configure session command allows a series of configuration changes to be made in a temporary location, then commited to running-config later by issuing the commit command.An uncommitted configuration session will be discarded if the switch reboots and will time out after 24 hours.
The no configure session session_name and default configure session session_name commands delete the specified configuration session.
Command Mode
Privileged EXEC
Command Syntax
configure session [session_name]
no configure session session_name
default configure session session_name
Parameter
session_name session name.
Guidelines
switch(config)# configure session
switch(config-s-sess-1)# no username kevin
switch(config-s-sess-1)# aaa authentication dot1x default group radius
switch(config-s-sess-1)# dot1x system-auth-control
switch(config-s-sess-1)# copy running-config startup-config
switch(config-s-sess-1)# reload all now
switch(config-s-sess-1)#
The domain command configures the switchs XMPP domain name. Only messages using a domain matching the locally configured one are accepted by the XMPP client. The switch's domain name is used if none is specified.
Management over XMPP is disabled by default. To enable it, you must provide the location of the server along with the domain, username and password for the switch.
Arista recommends configuring the XMPP domain before the username, because it will provide shortcuts for the switch-group and username so they can be configured without the domain attached to it (e.g., USERNAME instead of USERNAME@DOMAIN).
The no domain and default domain commands delete the domain name by removing the domain command from running-config.
Command Mode
Mgmt-xmpp Configuration
Command Syntax
domain string
no domain
default domain
Parameters
string domain name (text string).
switch(config)# management xmpp
test1(config-mgmt-xmpp)# server arista-xmpp
test1(config-mgmt-xmpp)# domain test.aristanetworks.com
test1(config-mgmt-xmpp)# username This email address is being protected from spambots. You need JavaScript enabled to view it. password 0 arista
test1(config-mgmt-xmpp) #no shutdown
switch(config-mgmt-xmpp)# no domain
switch(config-mgmt-xmpp)#
The idle-timeout (Console Management) command configures the idle-timeout period for console connection sessions. The idle timeout is the interval that the connection waits after a users most recent command before shutting down the connection. Automatic connection timeout is disabled by setting the idle-timeout to zero, which is the default setting.
The no idle-timeout and default idle-timeout commands disables the automatic connection timeout by removing the idle-timeout statement from running-config.
Command Mode
Mgmt-console
Command Syntax
idle-timeout idle_period
no idle-timeout
default idle-timeout
Parameters
switch(config)# management console
switch(config-mgmt-console)# idle-timeout 180
switch(config-mgmt-console)# exit
switch(config)#
switch(config)# management console
switch(config-mgmt-console)# idle-timeout 0
switch(config-mgmt-console)#
The idle-timeout (SSH Management) command configures the idle-timeout period for SSH connection sessions. The idle timeout is the interval that the connection waits after a users most recent command before shutting down the connection. Automatic connection timeout is disabled by setting the idle-timeout to zero, which is the default setting.
The no idle-timeout and default idle-timeout commands disables the automatic connection timeout by removing the idle-timeout statement from running-config.
Command Mode
Mgmt-ssh Configuration
Command Syntax
idle-timeout idle_period
no idle-timeout
default idle-timeout
Parameters
switch(config)# management ssh
switch(config-mgmt-ssh)# idle-timeout 180
switch(config-mgmt-ssh)# exit
switch(config)#
switch(config)# management ssh
switch(config-mgmt-ssh)# idle-timeout 0
switch(config-mgmt-ssh)#
The idle-timeout (Telnet Management) command configures the idle-timeout period for Telnet connection sessions. The idle timeout is the interval that the connection waits after a users most recent command before shutting down the connection. Automatic connection timeout is disabled by setting the idle-timeout to zero, which is the default setting.
The no idle-timeout and default idle-timeout commands disables the automatic connection timeout by removing the idle-timeout statement from running-config.
Command Mode
Mgmt-telnet
Command Syntax
idle-timeout idle_period
no idle-timeout
default idle-timeout
Parameters
switch(config)# management telnet
switch(config-mgmt-telnet)# idle-timeout 180
switch(config-mgmt-telnet)# exit
switch(config)#
switch(config)# management telnet
switch(config-mgmt-telnet)# idle-timeout 0
switch(config-mgmt-telnet)#
The management api eos-sdk-rpc command places the switch in EOS SDK RPC API management configuration mode.
The no management api eos-sdk-rpc and default management api eos-sdk-rpc commands delete the mgmt-api-eos-sdk-rpc configuration mode statements from running-config.
EOS SDK RPC API management configuration mode is not a group change mode; running-config is changed immediately upon entering commands. Exiting EOS SDK RPC API management configuration mode does not affect running-config. The exit command returns the switch to global configuration mode.
Command Mode
Global Configuration
Command Syntax
management api eos-sdk-rpc
no management api eos-sdk-rpc
default management api eos-sdk-rpc
switch(config)#management api eos-sdk-rpc
switch(config-mgmt-api-eos-sdk-rpc)#
switch(config-mgmt-api-eos-sdk-rpc)#exit
switch(config)#
The management api external-services command places the switch in External Services API configuration mode.
The no management api external-services and default management api external-services commands delete the mgmt-api-external-services configuration mode statements from running-config.
External Services API configuration mode is not a group change mode; running-config is changed immediately upon entering commands. Exiting External Services API configuration mode does not affect running-config. The exit command returns the switch to global configuration mode.
Command Mode
Global Configuration
Command Syntax
management api external-services
no management api external-services
default management api external-services
switch(config)# management api external-services
switch(config-mgmt-api-external-services)#
switch(config-mgmt-api-external-services)# exit
switch(config)#
The management api gnmi command places the switch in GNMI API Management configuration mode.
The no management api gnmi and default management api gnmi commands delete the mgmt-api-gnmi configuration mode statements from running-config.
GNMI API Management configuration mode is not a group change mode; running-config is changed immediately upon entering commands. Exiting GNMI API Management configuration mode does not affect running-config. The exit command returns the switch to global configuration mode.
Command Mode
Global Configuration
Command Syntax
management api gnmi
no management api gnmi
default management api gnmi
switch(config)# management api gnmi
switch(config-mgmt-api-gnmi)#
switch(config-mgmt-api-gnmi)# exit
switch(config)#
The management api gnsi command places the switch in GNSI API management configuration mode.
The no management api gnsi and default management api gnsi commands delete the mgmt-api-gnsi configuration mode statements from running-config.
GNSI API Management configuration mode is not a group change mode; running-config is changed immediately upon entering commands. Exiting GNSI API Management configuration mode does not affect running-config. The exit command returns the switch to global configuration mode.
Command Mode
Global Configuration
Command Syntax
management api gnsi
no management api gnsi
default management api gnsi
switch(config)# management api gnsi
switch(config-mgmt-api-gnsi)#
switch(config-mgmt-api-gnsi)# exit
switch(config)#
The management api gribi command places the switch in gRIBI API Management configuration mode.
The no management api gribi and default management api gribi commands delete the mgmt-api-gribi configuration mode statements from running-config.
gRIBI API Management configuration mode is not a group change mode; running-config is changed immediately upon entering commands. Exiting gRIBI API Management configuration mode does not affect running-config. The exit command returns the switch to global configuration mode.
Command Mode
Global Configuration
Command Syntax
management api gribi
no management api gribi
default management api gribi
switch(config)# management api gribi
switch(config-mgmt-api-gribi)#
switch(config-mgmt-api-gribi)# exit
switch(config)#
The management api http-commands command places the switch in HTTP Commands API Management configuration mode.
The no management api http-commands and default management api http-commands commands delete the mgmt-api-http-command configuration mode statements from running-config.
HTTP Commands API Management configuration mode is not a group change mode; running-config is changed immediately upon entering commands. Exiting HTTP Commands API Management configuration mode does not affect running-config. The exit command returns the switch to global configuration mode.
Command Mode
Global Configuration
Command Syntax
management api http-commands
no management api http-commands
default management api http-commands
switch(config)# management api http-commands
switch(config-mgmt-api-http-cmds)#
switch(config-mgmt-api-http-cmds)# exit
switch(config)#
The management api models command places the switch in Models API Management configuration mode.
The no management api models and default management api models commands delete the mgmt-api-models configuration mode statements from running-config.
Models API Management configuration mode is not a group change mode; running-config is changed immediately upon entering commands. Exiting Models API Management configuration mode does not affect running-config. The exit command returns the switch to global configuration mode.
Command Mode
Global Configuration
Command Syntax
management api models
no management api models
default management api models
switch(config)# management api models
switch(config-mgmt-api-models)#
switch(config-mgmt-api-models)# exit
switch(config)#
The management api netconf command places the switch in Netconf API Management configuration mode.
The no management api netconf and default management api netconf commands delete the mgmt-api-netconf configuration mode statements from running-config.
Netconf API Management configuration mode is not a group change mode; running-config is changed immediately upon entering commands. Exiting Netconf API Management configuration mode does not affect running-config. The exit command returns the switch to global configuration mode.
Command Mode
Global Configuration
Command Syntax
management api netconf
no management api netconf
default management api netconf
switch(config)# management api netconf
switch(config-mgmt-api-netconf)#
switch(config-mgmt-api-netconf)# exit
switch(config)#
The management api restconf command places the switch in Restconf API Management configuration mode.
The no management api restconf and default management api restconf commands delete the mgmt-api-restconf configuration mode statements from running-config.
Restconf API Management configuration mode is not a group change mode; running-config is changed immediately upon entering commands. Exiting Restconf API Management configuration mode does not affect running-config. The exit command returns the switch to global configuration mode.
Command Mode
Global Configuration
Command Syntax
management api restconf
no management api restconf
default management api restconf
switch(config)# management api restconf
switch(config-mgmt-api-restconf)#
switch(config-mgmt-api-restconf)# exit
switch(config)#
The management console command places the switch in mgmt-console configuration mode to adjust the idle-timeout period for console connection sessions. The idle-timeout period determines the inactivity interval that terminates a connection session.
The no management console and default management console commands delete mgmt-console configuration mode statements from running-config.
The mgmt-console configuration mode is not a group change mode; running-config is changed immediately upon entering commands. Exiting the mgmt-console configuration mode does not affect running-config. The exit command returns the switch to global configuration mode.
Command Mode
Global Configuration
Command Syntax
management console
no management console
default management console
Commands Available in mgmt-console Configuration Mode
switch(config)# management console
switch(config-mgmt-console)#
switch(config-mgmt-console)# exit
switch(config)#
The management ssh command places the switch in mgmt-ssh configuration mode to adjust SSH session connection parameters.
The no management ssh and default management ssh commands delete the mgmt-ssh configuration mode statements from running-config.
The mgmt-ssh configuration mode is not a group change mode; running-config is changed immediately upon entering commands. Exiting the mgmt-ssh configuration mode does not affect running-config. The exit command returns the switch to global configuration mode.
Command Mode
Global Configuration
Command Syntax
management ssh
no management ssh
default management ssh
switch(config)# management ssh
switch(config-mgmt-ssh)#
switch(config-mgmt-ssh)# exit
switch(config)#
The management telnet command places the switch in mgmt-telnet configuration mode to adjust telnet session connection parameters.
The no management telnet and default management telnet commands delete the mgmt-telnet configuration mode statements from running-config.
The mgmt-telnet configuration mode is not a group change mode; running-config is changed immediately upon entering commands. Exiting the mgmt-telnet configuration mode does not affect running-config. The exit command returns the switch to global configuration mode.
Command Mode
Global Configuration
Command Syntax
management telnet
no management telnet
default management telnet
switch(config)# management telnet
switch(config-mgmt-telnet)#
switch(config-mgmt-telnet)# exit
switch(config)#
The management xmpp command places the switch in mgmt-xmpp configuration mode. Management over XMPP is disabled by default. To enable XMPP, you must provide the location of the XMPP server along with the username and password for the switch.
The no management xmpp and default management xmpp commands delete the mgmt-xmpp configuration mode statements from running-config.
The mgmt-xmpp configuration mode is not a group change mode; running-config is changed immediately upon entering commands. Exiting the mgmt-xmpp configuration mode does not affect running-config. The exit command returns the switch to global configuration mode.
Command Mode
Global Configuration
Command Syntax
management xmpp
no management xmpp
default management xmpp
switch(config)# management xmpp
switch(config-mgmt-xmpp)#
switch(config-mgmt-xmpp)#exit
switch(config-mgmt-xmpp)#
The protocol http command enables the hypertext transfer protocol (HTTP) server.
The no protocol http and default protocol http commands disable the HTTP server by removing the protocol http statement from running-config.
Command Mode
Mgmt-API Configuration
Command Syntax
protocol http [TCP_PORT]
no protocol http
default protocol http
Related Commands
management api http-commands places the switch in mgmt-api configuration mode.
switch(config)# management api http-commands
switch(config-mgmt-api-http-cmds)#
The protocol https command enables the HTTP secure server. The HTTP secure server is active by default.
The default protocol https command restores the default setting by removing the no protocol https statement from running-config. The no protocol https command disables the HTTP secure server.
Command Mode
Mgmt-API Configuration
Command Syntax
protocol https [TCP_PORT]
no protocol https
default protocol https
Related Commands
management api http-commands places the switch in mgmt-api configuration mode.
switch(config)# management api http-commands
switch(config-mgmt-api-http-cmds)# protocol https
switch(config-mgmt-api-http-cmds)# no shutdown
switch(config)# management api http-commands
switch(config-mgmt-api-http-cmds)# protocol https port 52
switch(config-mgmt-api-http-cmds)# no shutdown
The protocol https certificate command configures the HTTP secure server to request an X.509 certificate from the client. The client then authenticates the certificate with a public key.
The no protocol https certificate and default protocol https certificate commands restore default behavior by removing the protocol https certificate statement from running-config.
Command Mode
Mgmt-API Configuration
Command Syntax
protocol https certificate
no protocol https certificate
default protocol https certificate
Related Command
management api http-commands places the switch in mgmt-api configuration mode.
switch(config)# management api http-commands
switch(config-mgmt-api-http-cmds)# protocol https certificate
switch(config-mgmt-api-http-cmds)#
Use the reset system storage secure command to trigger the secure erase mechanism. A secure erase is generally defined as a command that deliberately, permanently, and irreversibly removes/destroys the data stored on a storage device, rendering that data unrecoverable.
Command Mode
EXEC
Command Syntax
reset system storage secure
switch# reset system storage secure
WARNING! This will destroy all
data and will NOT be recoverable.
Device will reboot into Aboot, and
execution may take up to one hour.
Would you like to proceed? [y/N]
switch# reset system storage secure
% Unavailable command (not supported on this hardware platform)
The server command adds a XMPP server to running-config. Multiple XMPP servers can be set up for redundancy. For redundant configurations, the XMPP server location should be a DNS name and not a raw IP address. The DNS server is responsible for returning the list of available XMPP servers, which the client can go through until an accessible server is found.
User authentication is provided by the XMPP server. Command authorization can be provided by EOS local configuration or TACACS+. The XMPP server should use the same authentication source as the switches. RADIUS is not supported as an XMPP authorization mechanism.
Theno server and default server commands remove the specified XMPP server from running-config.
Command Mode
Mgmt-xmpp Configuration
Command Syntax
server SERVER_NAME [SERVER_PORT]
no server
default server
switch(config)# management xmpp
switch(config-mgmt-xmpp)# server arista-xmpp port 1
switch(config-mgmt-xmpp)# no server
The session privilege command will place the user in EXEC mode. The initial privilege level is meaningless by default. However, with the configuration of roles, users can add meaning to the different privilege levels. By default, XMPP does not limit access to any command.
Level 1-15: Commands accessible from EXEC Mode.
If AAA is not configured and the switch is configured to connect to the XMPP client, any message received is executed with privilege level 1 by default.
The no session privilege and default session privilege commands revert the list contents to none for the specified privilege levels.
Command Mode
Mgmt-xmpp Configuration
Command Syntax
session privilege PRIV_LEVEL
no session privilege
default session privilege
Parameter
PRIV_LEVEL Privilege levels of the commands. Value ranges from 0 and 15.
switch(config)#(config)# management xmpp
switch(config-mgmt-xmpp)# session privilege 5
switch(config-mgmt-xmpp)#
switch(config)# management xmpp
switch(config-mgmt-xmpp)# no session privilege
The show inventory command displays the hardware components installed in the switch. Serial numbers and a description is also provided for each component.
Command Mode
EXEC
Command Syntax
show inventory
switch> show inventory
System information
Model Description
------------------------ ----------------------------------
DCS-7150S-52-CL 52-port SFP+ 10GigE 1RU + Clock
HW Version Serial Number Mfg Date
----------- -------------- ----------
02.00 JPE13120702 2013-03-27
System has 2 power supply slots
Slot Model Serial Number
---- ---------------- ----------------
1 PWR-460AC-F K192KU00241CZ
2 PWR-460AC-F K192L200751CZ
System has 4 fan modules
Module Number of Fans Model Serial Number
------- --------------- ---------------- ----------------
1 1 FAN-7000-F N/A
2 1 FAN-7000-F N/A
3 1 FAN-7000-F N/A
4 1 FAN-7000-F N/A
System has 53 ports
Type Count
---------------- ----
Management 1
Switched 52
System has 52 transceiver slots
Port Manufacturer Model Serial Number Rev
---- ---------------- ---------------- ---------------- ----
1 Arista Networks SFP-10G-SR XCW1225FD753 0002
2 Arista Networks SFP-10G-SR XCW1225FD753 0002
51 Arista Networks SFP-10G-SR XCW1225FD753 0002
52 Arista Networks SFP-10G-SR XCW1225FD753 0002
switch>
The show xmpp neighbors command displays all neighbors and their connection status. The XMPP server keeps track of all relationships between its users.
Command Mode
EXEC
Command Syntax
show xmpp neighbors
switch# show xmpp neighbors
Neighbor State Last Seen Login Time
------------------------------ --------------- ---------------------
This email address is being protected from spambots. You need JavaScript enabled to view it. present 0:01:40 ago
This email address is being protected from spambots. You need JavaScript enabled to view it. present 20:29:39 ago
Neighbor Status Message
------------------------------ -------------------------------------
This email address is being protected from spambots. You need JavaScript enabled to view it.
This email address is being protected from spambots. You need JavaScript enabled to view it. Arista Networks DCS-7048T-4S
switch#
The show xmpp status command displays the current XMPP connection status to the server.
The XMPP server keeps track of all relationships between its users. In order for two users to directly communicate, this relationship must first be established and confirmed by the other party.
Switches automatically confirm requests from outside parties as long as they are a user from the same domain name, for example when you chat with your switch from your own XMPP chat client.
Command Mode
EXEC
Command Syntax
show xmpp status
switch# show xmpp status
XMPP Server: port 5222
Client username: This email address is being protected from spambots. You need JavaScript enabled to view it.
Default domain: test.aristanetworks.com
Connection status: connected
switch#
The show xmpp switch-group command displays the configured and active switch groups for the switch.
Command Mode
EXEC
Command Syntax
show xmpp switch-group
switch# show xmpp switch-group
This email address is being protected from spambots. You need JavaScript enabled to view it.
switch#
The shutdown command, in mgmt-api configuration mode, disables management over API on the switch. API is disabled by default.
The no shutdown command, in mgmt-api configuration mode, enables the management API access.
The default shutdown command, in mgmt-api configuration mode, disables the management API access.
Command Mode
Mgmt-API Configuration
Command Syntax
shutdown
no shutdown
default shutdown
Related Command
management api http-commands places the switch in mgmt-api configuration mode.
switch(config)# management api http-commands
switch(config-mgmt-api-http-cmds)# shutdown
switch(config-mgmt-api-http-cmds)#
switch(config)# management api http-commands
switch(config-mgmt-api-http-cmds)# no shutdown
switch(config-mgmt-api-http-cmds)#
Command Mode
Management-Telnet Configuration
Command Syntax
shutdown
no shutdown
switch(config)# management telnet
switch(config-mgmt-telnet)# no shutdown
switch(config-mgmt-telnet)# exit
switch(config)#
switch(config-mgmt-telnet)# shutdown
The shutdown command, in mgmt-xmpp mode, disables or enables management over XMPP on the switch. XMPP is disabled by default.
The no shutdown and default shutdown commands re-enable XMPP by removing the shutdown command from running-config.
Command Mode
Mgmt-xmpp Configuration
Command Syntax
shutdown
no shutdown
default shutdown
switch(config-mgmt-xmpp)# no shutdown
switch(config-mgmt-xmpp)# exit
switch(config)#
switch(config-mgmt-xmpp)# shutdown
switch(config-mgmt-xmpp)#
The switch-group command allows you to configure each switch to join specified chat rooms on startup. In order for the switch to participate in a chat group, the switch has to be configured to belong to the specified chat room.
The no switch-group and default switch-group commands delete the specified switch-group configuration (or all switch-group configurations if no name is specified) by removing the corresponding switch-group statement from running-config.
Command Mode
Mgmt-xmpp Configuration
Command Syntax
switch-group name SECURITY
no switch-group
default switch-group
Valid usernames begin with A-Z, a-z, or 0-9 and may also contain any of these characters:
@ # $ % ^ & * - _ = + ; < > ,. ~ |
switch(config)# management xmpp
switch(config-mgmt-xmpp)# switch-group
This email address is being protected from spambots. You need JavaScript enabled to view it. password 0 arista
switch# show xmpp switch-group
This email address is being protected from spambots. You need JavaScript enabled to view it.
The username command configures the switch's username and password on the XMPP server.
The no username and default username commands delete the specified username by removing the corresponding username statement from running-config.
Command Mode
Mgmt-xmpp Configuration
Command Syntax
username name SECURITY
no username
default username
Valid usernames begin with A-Z, a-z, or 0-9 and may also contain any of these characters:
@ # $ % ^ & * ( ) - _ = + { } [ ] ; < > ,. ~ |
Guidelines
Encrypted strings entered through this parameter are generated elsewhere. The password 7 option (SECURITY) is typically used to enter a list of username-passwords from a script.
switch(config)# management xmpp
switch(config-mgmt-xmpp)# server arista-xmpp
switch(config-mgmt-xmpp)# domain test.aristanetworks.com
switch(config-mgmt-xmpp)# username This email address is being protected from spambots. You need JavaScript enabled to view it. password 0
arista
switch(config-mgmt-xmpp)# no shutdown
switch(config-mgmt-xmpp)# no username
switch(config-mgmt-xmpp)#
The vrf command places the switch in VRF configuration mode for the server. If the named VRF does not already exist, this command creates it.
Command Mode
Mgmt-API Configuration
Command Syntax
vrf VRF_INSTANCE
Parameters
Related Command
management api http-commands places the switch in mgmt-api configuration mode.
switch(config)# management api http-commands
switch(config-mgmt-api-http-cmds)# vrf management-vrf
switch(config-mgmt-api-http-cmds-vrf-management-vrf)#
The vrf command places the switch in VRF configuration mode for the XMPP server. If the named VRF does not already exist, this command creates it.
The VRF configuration for the client is for the entire XMPP service, rather than per server. All servers resolving on a particular hostname must be reachable in the same VRF.
Command Mode
Mgmt-xmpp Configuration
Command Syntax
vrf [VRF_INSTANCE]
Parameters
switch(config)# management xmpp
switch(config-mgmt-xmpp)# vrf management-vrf
switch(config-mgmt-xmpp)
The xmpp send command can be used to connect to the XMPP server and send messages to switches or switch groups within the network.
Before switches can send messages to each other, they must friend each other. An easy way to have them auto friend each other is to have them join the same chat room. The friendship between switches can be verified by using the show xmpp neighbor command.
Command Mode
Privileged EXEC
Command Syntax
xmpp send to neighbor XMIT_TYPE content
switch# xmpp send test2 command show version
message from user: This email address is being protected from spambots. You need JavaScript enabled to view it.
--------------------------------------------------
Hardware version: 04.40
Serial number: JFL08432083
System MAC address: 001c.7301.7d69
Software image version: 4.12.3
Architecture: i386
Internal build version: 4.12.3
Internal build ID: f5ab5f57-9c26-4fe4-acaa-fb60fa55d01d
Uptime: 2 hours and 38 minutes
Total memory: 1197548 kB
Free memory: 182452 kB
The xmpp session command is similar to running SSH from the switch. The user is required to input their username (default is to USER@DEFAULTDOMAIN) and password in order to connect to the XMPP server. This command allows you to interact in the enable mode with a switch or switch group over XMPP using the standard CLI, with access to help and tab completion. All commands are then executed remotely and only the non-empty results are displayed on the screen.
Command Mode
Privileged EXEC
Command Syntax
xmpp session switchgroup
Parameters
switchgroup The option includes the switch group within the network that is connected as friends in a chat room.
switch# xmpp session This email address is being protected from spambots. You need JavaScript enabled to view it.
xmpp-all# show int Eth3 status
response from: This email address is being protected from spambots. You need JavaScript enabled to view it.
--------------------------------------------------
Port Name Status Vlan Duplex Speed Type
Et3 bs3 connected in Po3 a-full a-1000 10GBASE-SR
switch#
This chapter describes administrative tasks that are typically performed only after initially configuring the switch or after recovery procedures.
A Fully Qualified Domain Name (FQDN) labels the switch and defines its organization ID in the Domain Name System hierarchy. The switchs FQDN consists of a host name and domain name.
switch(config)# hostname main-host
main-host(config)#
switch(config)# dns domain aristanetworks.com
switch(config)#
switch(config)# dns domain samplecorp.org
switch(config)#
switch# show running-config
! Command: show running-config
! device: switch (DCS-7150S-64-CL, EOS-4.13.2F)
!
vlan 3-4
!
username john secret 5 $1$a7Hjept9$TIKRX6ytkg8o.ENja.na50
!
hostname sales1
ip name-server vrf default 172.17.0.22
dns domain samplecorp.org
!
end
switch#
The Domain Name Server (DNS) maps FQDN labels to IP addresses and provides addresses for network devices. Each network requires at least one server to resolve addresses. The configuration file can list a maximum of three server addresses.
To add name servers to the configuration, use the ip name-server command. Each command can add multiple servers. All server addresses support multiple VRFs and a priority may be specified for each name server. If all name servers have the default priority (0) the default DNSmasq behavior is followed for the configuration. It queries all name servers simultaneously and forwards the requests to the first name server for 50 queries or 20 seconds, whichever expires sooner for answering. If any priorities are non-zero, queries are issued in order with a five second timeout between unresponsive name servers.
switch(config)# show ip name-server
IP Address VRF Priority
---------- ------- --------
10.0.0.1 default 0
10.0.0.2 default 1
10.0.0.1 vrf1 2
10.0.0.2 vrf1 3
fc00::1 default 4
The switch assigns source IP addresses to outgoing DNS requests. To force the switch to use a single, user-defined source interface for all requests, use the ip domain lookup command.
switch(config)# ip domain lookup source-interface Vlan5
switch(config)#
switch(config)# ip domain lookup vrf purple source-interface Vlan10
switch(config)#
switch(config)# ip name-server vrf purple 10.1.1.24 priority 4
switch(config)#
switch(config)# no ip name-server vrf purple 10.1.1.24
switch(config)#
switch(config)# no ip name-server
switch(config)#
NXDOMAIN
is considered a valid reply for the query.
The switch uses the system clock for displaying the time and for time-stamping messages. The system clock is set to Coordinated Universal Time (UTC); the switch calculates local time based on the time zone setting. Time-stamps and time displays are in local time. The system clock can be set either manually or via Network Time Protocol (NTP); any NTP servers properly configured on the switch override time that is manually entered.
The time zone setting is used by the switch to convert the system time (UTC) to local time. To specify the time zone, use the clock timezone command.
switch(config)#clock timezone US/Central
switch(config)#show clock
Mon Jan 14 18:42:49 2013
timezone is US/Central
switch(config)#
switch(config)#clock timezone ?
Africa/Abidjan Africa/Accra
WET WET timezone
Zulu Zulu timezone
switch(config)#clock timezone
switch(config)#clock timezone AMERICA?
America/Adak America/Anchorage
America/Yellowknife
switch(config)#clock timezone AMERICA
The clock set command manually configures the system clock time and date, in local time. Any NTP servers properly configured on the switch override time that is manually entered.
switch#clock set 08:15:24 14 Jan 2013
Mon Jan 14 08:15:25 2013
timezone is US/Central
To display the local time and configured time zone, enter the show clock command.
switch(config)#show clock
Mon Jan 14 16:32:46 2013
timezone is America/Los_Angeles
Network Time Protocol (NTP) is enabled on the switch by default, and time settings from any properly configured NTP server will override manual setting of the system clock.
NTP servers synchronize time settings of systems running an NTP client. The switch supports NTP versions 1 through 4. The default is version 4. After configuring the switch to synchronize with an NTP server, it may take up to ten minutes for the switch to set its clock. The running-config lists NTP servers that the switch is configured to use.
The ntp server command adds a server to the list or modifies the parameters of a previously listed address. When the system contains multiple NTP servers, the prefer keyword can be used to specify a preferred NTP server, which will be used as the NTP server if not discarded by NTP.
Note that all NTP servers must be in the same VRF, and that they are added in the default VRF if no VRF is specified.
The system clock is set via NTP if NTP is enabled and there is at least one NTP server properly configured on the switch, and NTP overrides manual setting of the system clock. NTP is enabled by default. To disable NTP, use the no ntp command.
These commands add three NTP servers, designating the second server as preferred.
switch(config)#ntp server local-NTP
switch(config)#ntp server 172.16.0.23 Prefer
switch(config)#ntp server 172.16.0.25
To control the address to which NTP responses to the switch are sent, a local interface can be specified as the source in outgoing NTP packets using the ntp local-interface command. The IP address of that interface is then used as the source address in all outgoing NTP packets unless the switch is acting as an NTP server and a server-specific source is configured using the source option of the ntp server command.
switch(config)#ntp local-interface vlan 25
switch(config)#
To configure the switch to accept NTP requests on all interfaces, use the ntp serve all command to enable NTP server mode globally on the switch. To configure an individual interface to accept or deny NTP requests, use the ntp serve command. Interface level settings override the global settings, and changing the settings at either the global or interface level also causes the switch to re-synchronize with its upstream NTP server. NTP server mode is disabled by default.
switch(config)# ntp serve all
switch(config)#
switch(config)# interface ethernet 5
switch(config-if-Et5)#ntp serve
switch(config-if-Et5)#
The switch can be configured to accept NTP packets only from an authenticated server or client. NTP authentication is disabled by default.
To configure the switch to authenticate NTP packets, create one or more authentication keys using the ntp authentication-key command, specify which keys are trusted by using the ntp trusted-key command, use the ntp authenticate command to enable NTP authentication, and specify to use the trusted-key for a specific server. The NTP server must be configured to use the same authentication key and key ID number.
These commands configure the switch to authenticate NTP packets using key 328 with the plaintext password timeSync.
switch(config)#ntp authentication-key 328 md5 timeSync
switch(config)#ntp trusted key 328
switch(config)#ntp authenticate
switch(config)#
To display the status of Network Time Protocol (NTP) on the switch, use the show ntp status command. To display the status of connections to NTP servers, use the show ntp associations command.
switch# show ntp status
synchronised to NTP server (192.168.78.62) at stratum 3
time correct to within 66 ms
polling server every 1024 s
switch #
switch# show ntp associations
remote refid st t when poll reach delay offset jitter
==============================================================================
+l.ntp.arista.co 125.157.10.11 2 u 539 1024 377 121.748 -0.345 0.893
-3.ntp.arista.co 127.31.152.34 2 u 868 1024 377 101.671 2.434 1.529
+2.ntp.arista.co 176.131.12.185 2 u 676 1024 377 116.505 0.03 0.768
*4.ntp.arista.co 120.181.192.192 2 u 696 1024 377 48.431 -0.416 0.15
switch#
Display commands control the content of the banner and the command line prompt.
This output displays both banners in bold:
This is a login banner
switch login: john
Password:
Last login: Mon Jan 14 09:24:36 2013 from adobe-wrks.aristanetworks.com
This is an motd banner
switch>
These commands create the login and motd banner shown earlier in this section.
switch(config)#banner login
Enter TEXT message. Type 'EOF' on its own line to end.
This is a login banner
EOF
switch(config)#banner motd
Enter TEXT message. Type 'EOF' on its own line to end.
This is an motd banner
EOF
switch(config)#
To create a banner:
The prompt provides an entry point for EOS commands. The prompt command configures the contents of the prompt. The no prompt command returns the prompt to the default of %H%P.
Characters allowed in the prompt include A-Z, a-z, 0-9, and these punctuation marks:
! @ # $ % ˆ & * ( ) - = + f g [ ] ; : < > , . ? / ˜ n
switch(config)# prompt system%s1%P
system 1(config)#
switch(config)# prompt %p
(config)#
% prompt %H%P
host-name.dut103(config)#
%no prompt
host-name.dut103(config)#
Arista switches log event notifications using the Syslog protocol. By default, event notifications are logged internally to /var/log/messages, but they can also be displayed on the console or logged to an external server. Severity levels and log message destinations can be configured via the CLI, and individual processes and protocols can also be configured to adjust or limit the messages that they log. Details of the current logging configuration may be viewed using the show logging command.
For a full list of Syslog messages, visit the Arista website.
Strata chipsets (present in the 7010, 7050X, 7060X, 7250X, 7260X, and 7300X series) provide event logging for the hardware capacity of TCAM tables on a per-slice basis, triggering a capacity warning by default whenever any TCAM slice exceeds 90% capacity. As a result, default TCAM logging can generate high levels of syslog messages on these platforms. If this presents a problem, the hardware capacity alert table command can be used to adjust the capacity levels at which warnings occur to above the 90% default; this adjustment can be made per TCAM resource and per slice. The command can also be used to disable TCAM hardware capacity messages of level “Warning” and below entirely for a given slice. To disable messages, set the threshold to 0 or use the no version of the command.
switch(config)#hardware capacity alert table EFP feature Slice-2 threshold 99
switch(config)#hardware capacity alert table IFP feature Slice-5 threshold 0
switch(config)#no hardware capacity alert table VFP