- Written by Tula Kraiser
- Posted on January 3, 2021
- Updated on June 24, 2022
- 7776 Views
The primary challenge with using a switching ASIC as a load balancer has been how to deal with changes in the network topology without disrupting existing TCP connections.
- Written by Digvijay Gahlot
- Posted on April 20, 2021
- Updated on January 23, 2023
- 12695 Views
The L2 EVPN MPLS feature is available when configuring BGP in the multi-agent routing protocol model. Ethernet VPN (EVPN) is an extension of the BGP protocol introducing a new address family: L2VPN (address family number 25) / EVPN (subsequent address family number 70). It is used to exchange overlay MAC and IP address reachability information between BGP peers.
- Written by Tarun Jaswanth LNU
- Posted on August 24, 2020
- Updated on October 17, 2024
- 26470 Views
802.1X is an IEEE standard protocol that prevents unauthorized devices from gaining access to the network.
- Written by Nandan Saha
- Posted on August 24, 2020
- Updated on May 22, 2024
- 11560 Views
The BGP-LS extension allows IGPs (OSPF/IS-IS) link state database information to be injected into BGP. This is typically used in deployments where some external component, (like a controller or Path Computation Engine) can do centralized path computations by learning the entire IGP topology through BGP-LS. The controller can then communicate the computed paths based on the BGP-LS updates to the head end device in the network. The mechanism used by the controller to communicate the computed TE paths is outside the scope of this document. Using BGP-LS instead of an IGP peering with the controller to distribute IGP link state information has the following advantages.
- Written by Dongliang Feng
- Posted on June 20, 2022
- Updated on July 1, 2022
- 8620 Views
When a Provider Edge (PE) device loses BGP connectivity to the core (uplink) devices, it may be unable to forward any traffic from its downlink devices, typically CE (Customer Edge) devices. It is beneficial to indicate this connectivity loss to these CE devices so that they may find alternative paths to forward traffic.
- Written by Bhavin Patel
- Posted on March 24, 2020
- Updated on February 15, 2024
- 10203 Views
This feature allows failover to the backup path to occur in constant time per interface going down for features such as RSVP link protection, RSVP node protection, TI-LFA link protection, and BGP PIC. Without this feature enabled, it would take time proportional to the number of paths going over the interface experiencing the link down event to failover to the backup path. With this feature enabled, the failover time would be constant regardless of the number of paths.
- Written by Andrew Tran
- Posted on June 20, 2022
- Updated on June 29, 2022
- 7183 Views
Routes covered by a resilient equal-cost multi-path (RECMP) prefix are types of routes that make use of hardware tables dedicated for equal-cost multi-path (ECMP) routing.
- Written by Saurav Arora
- Posted on June 20, 2022
- Updated on June 28, 2022
- 6553 Views
The “maximum-paths <m>” (default m=1) configuration that controls BGP’s multipath behavior, is available as a global knob, and not as a peer/peer-group knob today in EOS. When “maximum-paths” CLI is configured with m > 1, BGP starts forming ECMP groups for paths with similar attributes received from all configured neighbors.
- Written by Anand Narayanan Rao
- Posted on June 20, 2022
- Updated on July 3, 2023
- 6755 Views
In vEos/CloudEos deployed as a WAN router, when DPS (Dynamic Path Selection) is configured, all the user traffic coming from the LAN side and going to the WAN side gets load balanced on the DPS paths. This feature enables the automatic discovery of end to end Path MTU for a DPS Path through an internal probing mechanism.
- Written by AKSHAYA Sridharan
- Posted on December 17, 2020
- Updated on June 30, 2022
- 8269 Views
Egress traffic-policing can be applied on L3 Ethernet subinterfaces for outbound traffic.
- Written by Philip Bradish
- Posted on June 15, 2022
- Updated on January 24, 2023
- 6462 Views
This document describes the EOS SDK next hop group version number feature. The feature exposes a version number for each next hop group to clients interacting with EOS SDK. The version number is incremented when the next hop group is modified. The client can choose to receive the current version number when they modify a next hop group. Additionally, they can optionally receive it when the next hop group is programmed in hardware.
- Written by Roger Levesque
- Posted on June 20, 2022
- Updated on June 21, 2022
- 7124 Views
For a wide range of features such as MPLS, MPLS-over-GRE, nexthop-groups, VPN, EVPN, BGP-LU, etc, the kernel injects CPU-generated packets into the hardware pipeline as a result of fwd*/txfwd kernel interfaces being used as next-hop devices on kernel routes.
- Written by Ajay Kumar
- Posted on June 20, 2022
- Updated on July 12, 2023
- 6627 Views
In a typical 802.1X + MAC Security, CAK/CKN for Macsec Key Agreement (MKA) protocol are derived from the key material of a successful 802.1X session. Currently, if an 802.1X authenticator can’t authenticate 802.1X supplicant successfully because of an unreachable AAA Server/Radius server, by default, the authenticator blocks all traffic on the port and keeps the port as “unauthorized”.
- Written by Sushmitha Guruprasad
- Posted on June 19, 2022
- Updated on June 20, 2022
- 6686 Views
Directed broadcast ACL allows inbound broadcast IP packets with source IP address as one of the permitted hosts and denies the rest of the directed broadcast traffic. Destination broadcast address of the IP packet should be the broadcast address of an interface with directed broadcast enabled. This feature gives a global command to configure sets of the permitted hosts via field-set.
- Written by Edwin Tambi
- Posted on August 19, 2020
- Updated on July 3, 2024
- 20529 Views
EOS supports the ability to match on a single VLAN tag (example: encapsulation dot1q vlan 10) or a VLAN tag pair (example: encapsulation dot1q vlan 10 inner 20) to map matching packets to an interface. In this case, the encapsulation string is considered consumed by the mapped interface before forwarding, which means that the tags are effectively removed from the incoming packet for the purposes of any downstream forwarding.
- Written by Surapaneni Venkata Gopi Krishna
- Posted on June 16, 2022
- Updated on October 11, 2024
- 8789 Views
Flow control is a data transmission option that temporarily stops a device from sending data because of a peer data overflow condition. If a device sends data faster than the receiver can accept it, the receiver's buffer can overflow. The receiving device then sends a PAUSE frame, instructing the sending device to halt transmission for a specified period.
- Written by Gowtham Rameshkumar
- Posted on December 18, 2019
- Updated on June 24, 2022
- 9479 Views
Hardware counter feature allows enabling counters for features using programmable hardware counter resources. This feature can be used to count the following feature specific counters.
- Written by Padmanabh Ratnakar
- Posted on October 7, 2021
- Updated on October 14, 2024
- 12652 Views
For network monitoring and troubleshooting flow related issues, it is desirable to know the path, latency, queue and congestion information for flows at different times. The inband telemetry feature(INT), based on Inband Flow Analyzer RFC draft -IFA 2.0 and IFA 1.0(on some platforms) , is used to gather per flow telemetry information like path, per hop latency and congestion. INT is supported for both IPv4 and IPv6 traffic.
- Written by Marc Laprade
- Posted on November 3, 2021
- Updated on June 13, 2023
- 10377 Views
This feature will allow the user to select whether port mirror destinations of type GRE tunnel include the optional “key” field in the GRE header on certain platforms. The key field allows the user to uniquely identify a particular packet flow. The feature also allows the user to specify the value of the 32 bit key field.
- Written by Ramakrishnan G
- Posted on April 18, 2018
- Updated on June 22, 2022
- 9196 Views
The L2EVPN MPLS feature is available when configuring BGP in the multi agent routing protocol model.
- Written by Ramakrishnan G
- Posted on February 23, 2021
- Updated on June 22, 2022
- 7270 Views
In a multihomed EVPN MPLS configuration, BUM packets sent from a non-designated forwarder (Non-DF) PE to a designated forwarder (DF) PE must carry ESI label advertised by the egress DF PE.
- Written by Nicholas Tan
- Posted on June 15, 2022
- Updated on June 17, 2023
- 7452 Views
The alternate LDP pseudowire feature enables users to configure an alternate pseudowire to the existing (primary) pseudowire for a given patch. Preference is initially given to the primary pseudowire.
- Written by Kewei Shi
- Posted on November 4, 2020
- Updated on June 23, 2022
- 9267 Views
Logical ports are hardware resources that are required to activate interfaces.
- Written by Trevor Yu
- Posted on February 23, 2022
- Updated on November 26, 2024
- 13450 Views
Media Access Control Security (MACSec) is an industry standard encryption mechanism that protects all traffic flowing on the Ethernet links. MACSec is based on IEEE 802.1X and IEEE 802.1AE standards.
- Written by Jeff Chan
- Posted on June 16, 2022
- Updated on August 24, 2022
- 7587 Views
Media Access Control Security (MACSec) is an industry standard encryption mechanism to protect all traffic flowing on Ethernet links. Mac Security is described in IEEE 802.1X and IEEE 802.1AE standards.
- Written by Tanuj Kumar Jhamb
- Posted on June 20, 2022
- Updated on June 29, 2022
- 6454 Views
With the use of MAC ACL configuration, match on ethertype can be programmed under QoS class-map configuration which will help customers to classify the control traffic based on ethertype (e.g. PPPoE discovery (0x8863) / session (0x8864) stage ) along with match on sub protocol (LCP/IPCP/PAP/CHAP) which is present in the payload.
- Written by Shimang Kumar
- Posted on June 19, 2022
- Updated on June 20, 2022
- 6237 Views
This feature enables the support of maximum SID depth advertisement by the IS-IS protocol in its LSPDB as defined in RFC8491, with this feature adding support for one type of MSD: Base MPLS Imposition (BMI-MSD).
- Written by Alejandro Schwoykoski
- Posted on December 22, 2021
- Updated on November 14, 2024
- 11805 Views
MetaMux is an FPGA-based feature available on Arista’s 7130 platforms. It performs ultra-low latency Ethernet packet multiplexing with or without packet contention queuing. The port to port latency is a function of the selected MetaMux profile, front panel ingress port, front panel egress port, FPGA connector ingress port, and platform being used.
- Written by Binoshmon T B
- Posted on July 22, 2020
- Updated on June 27, 2022
- 12191 Views
The TCP MSS clamping feature involves clamping the maximum segment size (MSS) in the TCP header of TCP SYN packets if it exceeds the configured MSS ceiling limit for the interface. Clamping MSS value helps in avoiding IP fragmentation in tunnel scenarios by ensuring that MSS is small enough to accommodate the extra overhead of GRE and tunnel outer IP headers.
- Written by Swati Patel
- Posted on October 27, 2021
- Updated on September 4, 2024
- 18294 Views
[L2 EVPN] and [Multicast EVPN IRB] solutions allow for the delivery of customer BUM (Broadcast, Unknown unicast and Multicast) traffic in a L2VPN and L3VPNs respectively using multicast in the underlay network.
- Written by Shyam Kota
- Posted on June 20, 2022
- Updated on June 30, 2022
- 6804 Views
The NAT Flow feature is an unusual NAT feature that allows the translation of traffic streams in ways that go beyond the typical translations achieved with NAT. In that sense, the feature is not strictly a standard NAT feature; it can be seen as a combination of NAT and DirectFlow.
- Written by Jikai Yin
- Posted on June 29, 2016
- Updated on December 11, 2023
- 9246 Views
NAT Peer State Synchronization feature provides redundancy and resiliency for Dynamic NAT across a pair of devices in an attempt to mitigate the risk of single NAT device failure. Each switch advertises connection state updates to its peer. State update consists of connection creation, connection state change (TCP mostly) or connection tear down
- Written by Patrick Long
- Posted on June 15, 2022
- Updated on June 16, 2022
- 6009 Views
The per-CoS (Class of Service) discard counters allow the device to count discarded packets on the switch extender based on the packet COS. For ingress, there are three categories of traffic: regular traffic, control plane traffic, and flow-control traffic (used for end-to-end congestion control).
- Written by Mukund PB
- Posted on June 20, 2022
- Updated on June 21, 2022
- 7025 Views
Priority Flow Control (PFC) Watchdog feature monitors interfaces for priority-flow-control Pause storm. If such a storm is detected on no-drop enabled priorities, it takes actions such as:
- Written by David Cronin
- Posted on March 3, 2022
- Updated on March 14, 2024
- 9692 Views
This document describes a new CLI command to help debug how and why policy permits and denies paths. The aim of this CLI command is for the user to debug a route map or RCF (Routing Control Functions) function by specifying as input a prefix for which BGP has reachability for, either via a BGP peer or a redistribute source.
- Written by Ethan Vadai
- Posted on March 6, 2020
- Updated on March 14, 2024
- 17319 Views
Policy-based routing (PBR) is a feature that is applied on routable ports, to preferentially route packets. Forwarding is based on a policy that is enforced at the ingress of the applied interface and overrides normal routing decisions. In addition to matches on regular ACLs, PBR policy-maps can also include “raw match” statements that look like a single entry of an ACL as a convenience for users.
- Written by Petr Budnik
- Posted on December 16, 2020
- Updated on June 23, 2022
- 8201 Views
ITU-T G8275.1 is a PTP profile defined by ITU-T for telecommunication applications. It defines a set of functions from the IEEE 1588 to achieve phase/time synchronization with full timing support from the network (meaning, all of the network devices support PTP).
- Written by Rohit Maurya
- Posted on June 21, 2021
- Updated on July 13, 2022
- 13893 Views
Private VLAN is a feature that segregates a regular VLAN broadcast domain while maintaining all ports in the same IP
- Written by Vivek Ilangovan
- Posted on June 19, 2022
- Updated on October 11, 2024
- 6275 Views
This feature allows redistribution of bgp unicast routes into multicast address families. Specifically it allows redistribution of ipv4 unicast routes into the ipv4 multicast address family and ipv6 unicast routes into the ipv6 multicast address family.
- Written by Fathima Thasneem
- Posted on June 20, 2022
- Updated on September 27, 2024
- 8074 Views
RFC2544 defines a number of benchmark tests that may be used to describe the performance characteristics of a network interconnecting device(s). Starting from 4.28.1F, Arista switches support throughput test belonging to a set of benchmark tests as defined in RFC2544. Starting from 4.29.0F, Arista switches support frame loss rate test.
- Written by David Cronin
- Posted on March 4, 2022
- Updated on April 16, 2024
- 17227 Views
Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.
- Written by Kalash Nainwal
- Posted on December 14, 2020
- Updated on July 31, 2024
- 12461 Views
RSVP-TE, the Resource Reservation Protocol (RSVP) for Traffic Engineering (TE), is used to distribute MPLS labels for steering traffic and reserving bandwidth. The Label Edge Router (LER) feature implements the headend functionality, i.e., RSVP-TE tunnels can originate at an LER which can steer traffic into the tunnel.
- Written by Martin Stigge
- Posted on October 22, 2018
- Updated on July 19, 2024
- 10497 Views
RSVP-TE applies the Resource Reservation Protocol (RSVP) for Traffic Engineering (TE), i.e., to distribute MPLS labels for steering traffic and reserving bandwidth.
- Written by Francesco Belletti
- Posted on June 20, 2022
- Updated on June 30, 2022
- 6904 Views
This feature enables the BGP additional-path send configuration only for routes whose prefixes match a prefix list. The goal is to advertise multiple paths for a specific set of routes.
- Written by Roger Levesque
- Posted on June 20, 2022
- Updated on August 2, 2023
- 7621 Views
This feature gives users the ability to use Route Control Functions (RCFs) to create custom policies for deciding which routes with IP next-hops should be programmed into the kernel with fwd* next-hop devices so the associated kernel packets are inserted into the ingress pipeline of hardware forwarding instead of being software-forwarded by the kernel.
- Written by Dan Cunningham
- Posted on April 18, 2022
- Updated on October 17, 2024
- 11373 Views
This feature introduces support for the SFP-10G-MRA-T SFP transceiver. This is a rate adapting transceiver, meaning it can convert the system side interface to a lower rate on the line side.
- Written by Deepanshu Shukla
- Posted on August 21, 2020
- Updated on June 3, 2024
- 13930 Views
This feature adds support for “Dynamic Load Balancing (DLB)” on Equal Cost Multi Path (ECMP) groups.
It is intended to help overcome the potential shortcomings of traditional hash-based load balancing by considering the traffic load of members of ECMP groups. DLB considers the state of the port while assigning egress ports to packets, resulting in a more even flow. The state of each port member is determined by measuring the amount of data transmitted from a given port and total number of packets enqueued to a given port.
- Written by Rajiv Patil
- Posted on September 16, 2020
- Updated on August 30, 2024
- 15387 Views
Dynamic NAT is a feature which dynamically allocates an IP address to an incoming or outgoing flow. This address will replace source or destination IP for all packets of the flow.
- Written by Yongguang Xu
- Posted on February 22, 2021
- Updated on September 23, 2024
- 7677 Views
The multicast route counters count packets and bytes per group, source and vrf. Every multicast route will be counted when the feature is turned on if there are sufficient hardware counter resources available.
- Written by Basil Saji
- Posted on November 9, 2020
- Updated on October 11, 2024
- 10997 Views
Private VLAN is a feature that segregates a regular VLAN broadcast domain while maintaining all ports in the same IP subnet. There are three types of VLAN within a private VLAN