- Written by Digvijay Gahlot
- Posted on April 20, 2021
- Updated on January 23, 2023
- 12683 Views
The L2 EVPN MPLS feature is available when configuring BGP in the multi-agent routing protocol model. Ethernet VPN (EVPN) is an extension of the BGP protocol introducing a new address family: L2VPN (address family number 25) / EVPN (subsequent address family number 70). It is used to exchange overlay MAC and IP address reachability information between BGP peers.
- Written by Tarun Jaswanth LNU
- Posted on August 24, 2020
- Updated on October 17, 2024
- 26442 Views
802.1X is an IEEE standard protocol that prevents unauthorized devices from gaining access to the network.
- Written by Tarun Jaswanth LNU
- Posted on October 20, 2022
- Updated on November 3, 2022
- 6623 Views
As per the mechanism suggested for MKA protocol, a new SAK generation, distribution and installation in all members of a connectivity association ( CA ) can be thought of happening in a number of steps
- Written by Neil Jarvis
- Posted on March 6, 2020
- Updated on October 27, 2022
- 11277 Views
Ingress policing provides the ability to monitor the data rates for a particular class of traffic and perform action when traffic exceeds user-configured values. This allows users to control ingress bandwidth based on packet classification. Ingress policing is done by a policing meter which marks incoming traffic and performs actions based on the results of policing meters.
- Written by Jason Shamberger
- Posted on March 11, 2020
- Updated on November 14, 2024
- 16333 Views
EOS 4.21.3F introduces support for BGP Flowspec, as defined in RFC5575 and RFC7674. The typical use case is to filter or redirect DDoS traffic on edge routers.
- Written by Bharath Somayaji
- Posted on April 25, 2022
- Updated on September 8, 2023
- 8841 Views
Class Based Forwarding (CBF) is a means for steering IP traffic into colored tunnels based on the ingress DSCP values. CBF may be used with SR-TE Policy or RSVP-TE colored tunnels.
- Written by Augusto Wong
- Posted on February 17, 2021
- Updated on November 6, 2024
- 11379 Views
DHCP Relay feature forwards DHCP packets between client and server when the DHCP Server is not in the same broadcast domain as the client. DHCP Relay should be configured on the gateway interface (SVI/ L3 interface ) for the clients.
- Written by Huong Nguyen
- Posted on November 13, 2019
- Updated on October 12, 2023
- 13697 Views
Support for DHCPv4 (RFC 2131) and DHCPv6 Server (RFC 8415) was added to EOS-4.22.1 and EOS-4.23.0 respectively. EOS DHCP server leverages ISC Kea as backend. The router with DHCP Server enabled acts as a server that allocates and delivers network addresses with desired configuration parameters to its hosts.
- Written by Praveen Kumar Yadav
- Posted on October 20, 2022
- Updated on June 13, 2024
- 6408 Views
In the 7280R3/7500R3/7800R3 platform, EXP rewrite for IP-MPLS routed flows is derived from the DSCP of the packet. Using Qos Policy map , DSCP can be set as needed. But in this process, the egress IP TOS was also changed, which may cause issues later at customer edge.
- Written by Sahil Midha
- Posted on June 14, 2019
- Updated on October 25, 2022
- 8490 Views
This feature can be divided into 3 parts. Enable support for different threshold per Color per TX queue We
- Written by Jeevan Kamisetty
- Posted on August 23, 2022
- Updated on November 30, 2023
- 9823 Views
NDR switch sensor aka “monitor security awake” feature provides deep network analysis by doing deep packet inspection of some or all packets of traffic that's forwarded by the switch.
- Written by Dylan Walsh
- Posted on October 20, 2022
- Updated on June 10, 2024
- 7584 Views
EosSdkRpc is an agent built on top of the Arista EOS SDK. It uses gRPC as a mechanism to provide remote access to the EOS SDK. The gRPC interface that EosSdkRpc supports closely matches the interface provided by EOS SDK, and the intent is that the .proto interface can be publically supported. EosSdkRpc allows for remote access and using protobuf to specify the interface isolates user code from the Linux ABI issues that come with building C++ applications on different compiler, libc, and kernel versions. EosSdkRpc is built using C++ but supports clients written in any of the languages currently supported by the gRPC framework.
- Written by Vamsi Anne
- Posted on October 20, 2022
- Updated on November 19, 2024
- 7788 Views
As Ethernet technologies made their way into the Metropolitan Area Networks (MAN) and the Wide Area Networks (WAN) from the conventional enterprise level usage, they are now widely being used by service providers to provide end-to-end connectivity to customers. Such service provider networks are typically spread across large geographical areas. Additionally, the service providers themselves may be relying on certain internet backbone providers, referred to as “operators”, to provide connectivity in case the geographical area to be covered is too huge.
- Written by Chris Hydon
- Posted on October 20, 2022
- Updated on April 13, 2023
- 7780 Views
In EVPN, an overlay index is a field in type-5 IP Prefix routes that indicates that they should resolve indirectly rather than using resolution information contained in the type-5 route itself. Depending on the type of overlay index, this resolution information may come from type-1 auto discovery or type-2 MAC+IP routes. For this feature the gateway IP address field of the type-5 NLRI is used as the overlay index, which matches the target IPv4 / IPv6 address in the type-2 NLRI.
- Written by Christoph Schwarz
- Posted on August 23, 2022
- Updated on October 21, 2022
- 8759 Views
Flexible cross-connect service is an extension of EVPN MPLS Virtual Private Wire Service (VPWS) (RFC 8214). It allows for multiplexing multiple attachment circuits across different Ethernet Segments and physical interfaces into a single EVPN VPWS service tunnel while still providing single-active and all-active multi-homing.
- Written by Xuan Qi
- Posted on October 20, 2022
- Updated on September 19, 2024
- 6765 Views
EVPN gateway support for all-active (A-A) multihoming adds a new redundancy model to our multi-domain EVPN solution introduced in [1]. This deployment model introduces the concept of a WAN Interconnect Ethernet Segment identifier (WAN I-ESI). The WAN I-ESI allows the gateway’s EVPN neighbors to form L2 and L3 overlay ECMP on routes re-exported by the gateways. The identifier is shared by gateway nodes within the same domain (site) and set in MAC-IP routes that cross domain boundaries.
- Written by Edwin Tambi
- Posted on August 19, 2020
- Updated on July 3, 2024
- 20508 Views
EOS supports the ability to match on a single VLAN tag (example: encapsulation dot1q vlan 10) or a VLAN tag pair (example: encapsulation dot1q vlan 10 inner 20) to map matching packets to an interface. In this case, the encapsulation string is considered consumed by the mapped interface before forwarding, which means that the tags are effectively removed from the incoming packet for the purposes of any downstream forwarding.
- Written by Gowtham Rameshkumar
- Posted on June 10, 2019
- Updated on October 31, 2022
- 8214 Views
An introduction to Nexthop-groups can be seen in the Nexthop-Group section of eos.With this feature, IP packets matching a static Nexthop-Group route can be encapsulated with a GRE tunnel and forwarded.
- Written by Ashwani Deva Kumar
- Posted on October 20, 2022
- Updated on October 17, 2024
- 7019 Views
This feature allows the logging of the packets matching rules in ingress ACLs. This behavior can be enabled by using the log keyword when configuring an ACL rule. A copy of the packet matching those ACL rules is sent to the control plane, where a syslog entry of the packet header is being generated.
- Written by Tanuj Kumar Jhamb
- Posted on October 20, 2022
- Updated on July 11, 2023
- 8303 Views
sFlow is a sampling technique which monitors the incoming traffic on all the interfaces without affecting the network performance.
- Written by Neel Neogi
- Posted on December 30, 2020
- Updated on June 8, 2023
- 12517 Views
The document describes the support for dedicated and group ingress policing on interfaces without using QoS policy-maps to match on the traffic and apply policing.
- Written by Jyothish Kunkumath
- Posted on January 6, 2022
- Updated on December 2, 2024
- 11560 Views
IPSec tunnel mode support allows the customer to encrypt traffic transiting between two tunnel endpoints.
- Written by Soumya S Acharya
- Posted on October 20, 2022
- Updated on April 21, 2023
- 4432 Views
This feature helps in figuring out if there are multiple nodes in the network with the same System-ID. A non-unique node leads to the failure of all subsequent functions of the IS-IS protocol, like LSP origination (leading to LSP constant flooding issue), SPF calculation and so on.
- Written by Navneet Sinha
- Posted on June 29, 2016
- Updated on November 18, 2024
- 14285 Views
Segment Routing provides mechanism to define end-to-end paths within a topology by encoding paths as sequences of sub-paths or instructions. These sub-paths or instructions are referred to as “segments”. IS-IS Segment Routing (henceforth referred to as IS-IS SR) provides means to advertise such segments through IS-IS protocol.
- Written by Prakrati Vidyarthi
- Posted on August 16, 2018
- Updated on November 5, 2024
- 15515 Views
Normally, a switch traps L2 protocol frames to the CPU. However, certain use-cases may require these frames to be forwarded or dropped. And in cases where the L2 protocol frames are forwarded (eg: Pseudowire), we may require the frames to be trapped to the CPU or dropped. The L2 Protocol Forwarding feature provides a mechanism to control the behavior of L2 protocol frames received on a port or subinterface.
- Written by Michael Chin
- Posted on February 22, 2021
- Updated on October 28, 2024
- 8092 Views
Line system commands are used to apply configuration and query the status of line system modules in EOS. The supported line system modules are the OSFP-AMP-ZR and the QSFP-AMP-ZR.
- Written by John Clarke
- Posted on December 20, 2021
- Updated on October 9, 2024
- 11352 Views
Arista's 7130 Connect Series of Layer 1+ switches are powerful network devices designed for ultra low latency and offer a wealth of integrated management features and functionalities.
- Written by Alejandro Schwoykoski
- Posted on December 22, 2021
- Updated on November 14, 2024
- 11784 Views
MetaMux is an FPGA-based feature available on Arista’s 7130 platforms. It performs ultra-low latency Ethernet packet multiplexing with or without packet contention queuing. The port to port latency is a function of the selected MetaMux profile, front panel ingress port, front panel egress port, FPGA connector ingress port, and platform being used.
- Written by Kevin Amiraux
- Posted on September 30, 2015
- Updated on August 16, 2024
- 11918 Views
Arista switches provide several mirroring features. Filtered mirroring to CPU adds a special destination to the mirroring features that allows the mirrored traffic to be sent to the switch supervisor. The traffic can then be monitored and analyzed locally without the need of a remote port analyzer. Use case of this feature is for debugging and troubleshooting purposes.
- Written by Ryan Megathlin
- Posted on October 20, 2022
- Updated on July 3, 2023
- 6854 Views
In order to achieve split horizon and prevent double-delivery of packets in an MLAG setup, egress ACLs are installed on all active MLAG interfaces so that BUM traffic received on the MLAG peer-link cannot get forwarded out any MLAG interfaces. When only one half of an MLAG interface is active, this egress ACL is removed to allow BUM traffic from the peer-link to be forwarded out MLAG interfaces.
- Written by Anil Joshi
- Posted on June 29, 2016
- Updated on November 3, 2022
- 8631 Views
MPLS-over-GRE encapsulation support in EOS 4.17.0 enables tunneling IPv4 packets over MPLS over GRE tunnels. This feature leverages next-hop group support in EOS. With this feature, IPv4 routes may be resolved via MPLS-over-GRE next-hop group to be able to push one MPLS label and then GRE encapsulate the resulting labelled IPv4 packet before sending out of the egress interface.
- Written by Marius
- Posted on October 20, 2022
- Updated on January 13, 2023
- 5707 Views
Before 4.29.0F, the next hop self option could only be configured for a neighbor in global router mode and would apply to all address families. Attempting to configure next-hop-self in address family mode would silently move the configuration to global mode (for the specified neighbor).
- Written by Ethan Vadai
- Posted on March 6, 2020
- Updated on March 14, 2024
- 17302 Views
Policy-based routing (PBR) is a feature that is applied on routable ports, to preferentially route packets. Forwarding is based on a policy that is enforced at the ingress of the applied interface and overrides normal routing decisions. In addition to matches on regular ACLs, PBR policy-maps can also include “raw match” statements that look like a single entry of an ACL as a convenience for users.
- Written by Padmanabh Ratnakar
- Posted on April 20, 2021
- Updated on July 15, 2024
- 13821 Views
The postcard telemetry (GreenT - GRE Encapsulated Telemetry) feature is used to gather per flow telemetry information like path and per hop latency. For network monitoring and troubleshooting flow related issues, it is desirable to know the path, latency and congestion information for flows at different times.
- Written by Fathima Thasneem
- Posted on June 20, 2022
- Updated on September 27, 2024
- 8058 Views
RFC2544 defines a number of benchmark tests that may be used to describe the performance characteristics of a network interconnecting device(s). Starting from 4.28.1F, Arista switches support throughput test belonging to a set of benchmark tests as defined in RFC2544. Starting from 4.29.0F, Arista switches support frame loss rate test.
- Written by David Cronin
- Posted on March 4, 2022
- Updated on April 16, 2024
- 17208 Views
Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.
- Written by Jeevan Kamisetty
- Posted on February 26, 2021
- Updated on July 18, 2023
- 11264 Views
Sampled flow tracking with IPFIX export is supported on most of the Arista platforms. User configured sampling rate is used for sampling in ingress and/or egress direction on the configured interfaces. An EOS software agent on CPU processes samples received from hardware, samples are used to create flow records that are exported to IPFIX collectors. Refer to Sampled flow tracking TOI for additional details.
- Written by Jeevan Kamisetty
- Posted on November 4, 2020
- Updated on October 4, 2024
- 14633 Views
Network administrators require access to flow information that passes through various network elements, for the purpose of analyzing and monitoring their networks. This feature provides access to IP flow information by sampling traffic flows in ingress and/or egress directions on the interfaces on which it is configured. The samples are then used to create flow records, which are exported to the configured collectors in the IPFIX format. Egress Flow tracking is supported from EOS-4.29.0F on the DCS-7170B-64C series and supported on 7280, 7500 and 7800 series platforms from EOS-4.31.1".
- Written by Joseph Swaminathan
- Posted on October 20, 2022
- Updated on October 28, 2022
- 5362 Views
This feature allows a SBFD initiator to request a SBFD reflector to respond to the status of an auxiliary path. This is very useful when an SBFD session couldn’t be established with an endpoint. In such a case the SBFD initiator could establish a session to a router in the path ( ex. ASBR ) to respond to the health of the remaining path ( ex. endpoint connected to the ASBR ).
- Written by Zhen Xue
- Posted on June 29, 2020
- Updated on June 5, 2023
- 10647 Views
Bidirectional Forwarding Detection (BFD) is a protocol that provides low-overhead, short-duration detection of failures of arbitrary paths between two systems.
- Written by Naina Jalan
- Posted on October 20, 2022
- Updated on November 3, 2022
- 6609 Views
Unicast Reverse Path Forwarding (uRPF) can help limit malicious IPv4/IPv6 traffic on a network. uRPF works by enabling the router to verify reachability (routing) of the source IP address (SIP) in the packet being forwarded. If the SIP is determined to be an invalid address, the packet is dropped.
- Written by Daniel Guerin
- Posted on October 20, 2022
- Updated on November 3, 2022
- 6076 Views
Spanning Tree Protocol requires each interface to have a unique port number ranging from 1 through 4095. Arista STP typically assigns port numbers to port-channel interfaces in the order in which they are configured.
- Written by Shamit Kapadia
- Posted on October 20, 2022
- Updated on October 26, 2022
- 5712 Views
BGP Monitoring Protocol (BMP) allows a monitoring station to connect to a router and collect all of the BGP announcements received from the router’s BGP peers. The announcements are sent to the station in the form of BMP Route Monitoring messages generated from path information in the router’s BGP Adj-Rib-In tables.
- Written by Surendra Mobiya
- Posted on October 20, 2022
- Updated on October 21, 2022
- 5527 Views
This feature adds support for “Dynamic Load Balancing (DLB)” on Link Aggregation Group (LAG). It is intended to help overcome the potential shortcomings of traditional hash-based load balancing by considering the traffic load of members of LAG groups.
- Written by Neil Jarvis
- Posted on March 2, 2022
- Updated on June 7, 2023
- 9135 Views
A L2 sub-interface is a logical bridging endpoint associated with traffic on an interface distinguished by 802.1Q tags, where each <interface, 802.1Q tag> tuple is treated as a first-class bridging interface.
- Written by Bidong Chen
- Posted on October 20, 2022
- Updated on January 17, 2023
- 6807 Views
This feature enables Tap Aggregation generic header removal on a tap port.
- Written by Sandeep Kopuri
- Posted on October 7, 2019
- Updated on October 24, 2024
- 11280 Views
Topology Independent Fast Reroute, or TI-LFA, uses IS-IS SR to build loop-free alternate paths along the post-convergence path. These loop-free alternates provide fast convergence.
- Written by Prateek Mali
- Posted on August 19, 2020
- Updated on November 14, 2024
- 21346 Views
Access Control Lists (ACL) use packet classification to mark certain packets going through the packet processor pipeline and then take configured action against them. Rules are defined based on various fields of packets and usually TCAM is used to match packets to rules. For example, there can be a rule to match the packet source IP address against a list of IP addresses, and drop the packet if there is a match. This will be expressed in TCAM with multiple entries matching the list of IP addresses. Number of entries is reduced by masking off bits, if possible. TCAM is a limited resource, so with classifiers having a large number of rules and a big field list, TCAM runs out of resources.
- Written by Graeme Rennie
- Posted on October 20, 2022
- Updated on July 12, 2023
- 6941 Views
Internal recirculation interfaces, IR interfaces, can be used to internally loop-back packets for a second pass through the packet forwarding pipeline. This is particularly useful with Tap Aggregation because some combinations of advanced Tap Aggregation features cannot be simultaneously applied to a packet. Using an IR interface however, a user can apply multiple Tap Aggregation egress editing features, overcoming previous limitations.
- Written by Anirudh Ramesh Iyer
- Posted on May 5, 2021
- Updated on July 19, 2024
- 17847 Views
This article describes how to customize TCAM ( Ternary Content Addressable Memory ) lookup for each feature which uses TCAM.