TOI Author

Media Access Control Security (MACSec) is an industry standard encryption mechanism to protect all traffic flowing on Ethernet links. Mac Security is described in IEEE 802.1X and IEEE 802.1AE standards.

Access Control Lists (ACL) use packet classification to mark certain packets going through the packet processor pipeline and then take configured action against them. Rules are defined based on various fields of packets and usually TCAM is used to match packets to rules. For example, there can be a rule to match the packet source IP address against a list of IP addresses, and drop the packet if there is a match. This will be expressed in TCAM with multiple entries matching the list of IP addresses. The number of entries is reduced by masking off bits, if possible. TCAM is a limited resource, so with classifiers having a large number of rules and a big field list, TCAM runs out of resources.

Until now, all PTP packets received on Arista switches with PTP boundary mode enabled will automatically be sent to

Previously, EOS only supported the two-step variation of the transparent clock as described in the IEEE 1588 Specification. In this release, we now support one-step end-to-end transparent clock on certain platforms.The main advantage of a one-step end-to-end transparent clock is that all PTP packets are completely handled in the forwarding plane, whereas in the two-step variation, PTP messages need to be handled in the control plane. This removes scaling limitations such as packet drops due to high packet intervals and reduces CPU utilization.

Delay request messages can now be set from log 7 to 8. To configure: switch(config)#interface Et5/1.