- Written by David Cronin
- Posted on March 3, 2022
- Updated on May 28, 2024
- 9745 Views
Routing Control Functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.The document covers: Configurations of a RCF function for BGP points of application
- Written by Sergiu Stambolian
- Posted on March 31, 2017
- Updated on June 5, 2024
- 5769 Views
Sampled Mirroring is an extension of the Mirroring feature and sampling is a property of the individual mirroring session: when the session's sample rate N is specified, a packet eligible for mirroring will have a 1/N chance of being mirrored, that is, 1 packet is mirrored for every N packets.
- Written by Haotian Zhang
- Posted on June 4, 2020
- Updated on May 31, 2024
- 6843 Views
This article describes the support for Filtered Mirroring using security ACL. The user can selectively mirror packets based on the statement in the configured IPv4, IPv6 or MAC ACL.
- Written by Athish Rao
- Posted on March 5, 2021
- Updated on May 30, 2024
- 9636 Views
Segment Routing Traffic Engineering Policy (SR-TE) aka SR Policy makes use of Segment Routing (SR) to allow a headend to steer traffic along any path without maintaining per flow state in every node. A headend steers traffic into an SR Policy.
- Written by Gokul Unnikrishnan
- Posted on May 7, 2024
- Updated on May 7, 2024
- 430 Views
The sFlow VPLS extension adds support for providing VPLS-related information to sFlow packet samples, for VPLS forwarded traffic. Specifically, for customer traffic ingressing on a CE-facing PE interface in a VPLS deployment that uses statically configured LDP pseudowires, information such as the name of the VPLS instance and the ID of the pseudowire that the packet will egress over will be included in the sFlow datagram.
- Written by Thejesh Panchappa
- Posted on May 1, 2015
- Updated on May 13, 2024
- 6052 Views
This is an infrastructure that provides management of SSL certificates, keys and profiles. SSL/TLS is an application-layer protocol that provides secure transport between client and server through a combination of authentication, encryption and data integrity. SSL/TLS uses certificates and private-public key pairs to provide this security.
- Written by Fathima Thasneem
- Posted on August 23, 2022
- Updated on May 30, 2024
- 4868 Views
Interface reflectors are useful to make sure a service provided to customers is working as expected and it's within SLA constraints. Now, we are extending the support to configure subinterfaces as ethernet reflector. The Subinterface Interface Reflector feature allows performing certain actions (such as source/destination MAC address swap) on packets reaching subinterfaces patched to Pseudowire that are reflected back to the source interface. It is useful to test properties and SLAs before deploying the service for a customer.
- Written by Josh Pfosi
- Posted on June 11, 2019
- Updated on April 22, 2024
- 9853 Views
This feature adds support for CPU traffic policy capable of matching and acting on IP traffic which would otherwise
- Written by Deepanshu Shukla
- Posted on August 21, 2020
- Updated on June 3, 2024
- 10573 Views
This feature adds support for “Dynamic Load Balancing (DLB)” on Equal Cost Multi Path (ECMP) groups.
It is intended to help overcome the potential shortcomings of traditional hash-based load balancing by considering the traffic load of members of ECMP groups. DLB considers the state of the port while assigning egress ports to packets, resulting in a more even flow. The state of each port member is determined by measuring the amount of data transmitted from a given port and total number of packets enqueued to a given port.
- Written by Brian Neville
- Posted on November 8, 2023
- Updated on May 17, 2024
- 2451 Views
gNSI (gRPC Network Security Interface) defines a set of gRPC-based microservices for executing security-related operations on network devices.
- Written by Brian Hsieh
- Posted on May 7, 2024
- Updated on May 7, 2024
- 420 Views
IPv6 Duplicate Address Detection Proxy is a proxy-based mechanism allowing the use of Duplicate Address Detection (DAD) by IPv6 nodes in a point-to-multipoint architecture with a "split-horizon" forwarding scheme. In Split-horizon scenario where the hosts can not directly communicate with each other, but only through a BNG (Broadband Network Gateway).
- Written by Adrian Fettes
- Posted on June 5, 2020
- Updated on May 20, 2024
- 5992 Views
GRE ( Generic Routing Encapsulation ) packet header has a Key extension which is used by Arista to carry packet metadata. Currently packets mirrored at egress to a GRE tunnel destination do not have this information. This feature could be used to enable metadata in egress mirrored packets to GRE destinations.
- Written by Basil Saji
- Posted on November 9, 2020
- Updated on May 21, 2024
- 8720 Views
Private VLAN is a feature that segregates a regular VLAN broadcast domain while maintaining all ports in the same IP subnet. There are three types of VLAN within a private VLAN
- Written by David Jowett
- Posted on April 18, 2024
- Updated on April 18, 2024
- 678 Views
This feature extends sampled flow tracker to support the selective sampling of certain traffic types (specified globally), such as routed IPv4, routed IPv6, and MPLS pop and route IPv4, per interface. The feature is applicable on interfaces, subinterfaces, port channels, and port channel subinterfaces.
- Written by Patrick MacArthur
- Posted on February 23, 2021
- Updated on April 18, 2024
- 5849 Views
Sub-interfaces can be grouped into logical units called scheduling groups, which are shaped as a single unit. Each scheduling group may be assigned a scheduling policy which defines a shape rate in kbps and optionally a guaranteed bandwidth, also in kbps.
- Written by Krystian
- Posted on May 15, 2024
- Updated on May 15, 2024
- 334 Views
Support is added to use VRRP (Virtual Router Redundancy Protocol) virtual IP (Internet Protocol) address as an IPsec ( Internet Protocol Security) tunnel source or destination address. This allows for configurations that offer both security (provided by IPsec tunnels) and redundancy (provided by VRRP).
- Written by Sandeep Kopuri
- Posted on October 7, 2019
- Updated on May 17, 2024
- 8931 Views
Topology Independent Fast Reroute, or TI-LFA, uses IS-IS SR to build loop-free alternate paths along the post-convergence path. These loop-free alternates provide fast convergence.
- Written by Prateek Mali
- Posted on August 19, 2020
- Updated on May 22, 2024
- 16788 Views
Access Control Lists (ACL) use packet classification to mark certain packets going through the packet processor pipeline and then take configured action against them. Rules are defined based on various fields of packets and usually TCAM is used to match packets to rules. For example, there can be a rule to match the packet source IP address against a list of IP addresses, and drop the packet if there is a match. This will be expressed in TCAM with multiple entries matching the list of IP addresses. Number of entries is reduced by masking off bits, if possible. TCAM is a limited resource, so with classifiers having a large number of rules and a big field list, TCAM runs out of resources.
- Written by Eddie Xie
- Posted on January 31, 2024
- Updated on May 30, 2024
- 1053 Views
This TOI supplements the Ingress Traffic Policy applied on ingress port interfaces. Please refer to that document for a description of Traffic Policies and field-sets. This TOI explains the Traffic Policies as applied in the ingress direction on VLAN interfaces.
- Written by Matthew Carrington-Fair
- Posted on March 3, 2023
- Updated on May 21, 2024
- 3292 Views
This feature allows IP FIB (Forwarding Information Base) export through the OpenConfig AFT YANG models.
- Written by Prasanna Parthasarathy
- Posted on December 23, 2021
- Updated on June 10, 2024
- 10896 Views
SwitchApp is an FPGA-based feature available on Arista’s 7130LB-Series and 7132LB-Series platforms. It performs ultra low latency Ethernet packet switching. Its packet switching feature set, port count, and port to port latency are a function of the selected SwitchApp profile. Detailed latency measurements are available in the userguide on the Arista Support site.
- Written by Pierre
- Posted on May 30, 2024
- Updated on May 30, 2024
- 139 Views
User-defined recovery policy is a type of reset that allows the customer to rollback a device to a previously saved state. A state can be saved by taking a snapshot of the configuration files that the customer wants to save. Once a snapshot has been taken, the device can be reset either through push-button or through the command line interface. This feature provides a trivial way to get back to a tested and working version of EOS.swi with user-defined configs in case of failure.
- Written by Isidor Kouvelas
- Posted on February 28, 2022
- Updated on May 17, 2024
- 12156 Views
Virtual Private LAN Service (VPLS) appears in (almost) all respects as an Ethernet type service to customers of a Service Provider (SP). A VPLS glues together several individual LANs across a packet switched network to appear and function as a single bridged LAN.
- Written by Ronish Kalia
- Posted on June 12, 2019
- Updated on April 18, 2024
- 6341 Views
This feature enables policer (using policy-map) on a VTEP to rate limit traffic per VLAN/VNI. The policer can be applied in both input and output directions to rate limit decapsulated and encapsulated VXLAN traffic, respectively. Prior to EOS-4.32.0F, the policers are not applicable on multicast traffic through the VTEP. For platforms supporting rate limiting of both bridged and routed encapsulated traffic, the rate limiting would be done on common policer limits.
- Written by Simon Liang
- Posted on September 5, 2021
- Updated on May 30, 2024
- 7250 Views
This document describes the VRF selection policy and VRF fallback feature. A VRF selection policy contains match rules that specify certain criteria (e.g. DSCP, IP protocol) as well as a resulting action to select a VRF in which to do the FIB lookup. The VRF fallback feature is an extension of these policies which allows users to optionally specify a “fallback” VRF for each VRF. The behavior is such that if the FIB lookup fails in a match rule’s selected VRF, another lookup will be attempted in the configured fallback VRF. Additionally, the fallback VRF itself can have yet another fallback VRF, such that if the lookup in the VRF and fallback VRF fail, the fallback-of-the-fallback VRF will be looked up (see the Configuration section for an example of this).
- Written by Navlok Mishra
- Posted on February 8, 2017
- Updated on May 17, 2024
- 6023 Views
WRED ( Weighted Random Early Detection ) is one of the congestion management techniques.