This document describes the configuration and behavior of physical interfaces on the 7368 series switches and

7368X4 EOS 4.24.2F

802.1X is an IEEE standard protocol that prevents unauthorized devices from gaining access to the network.

Filtered Mirroring allows certain packets to be selected for mirroring, rather than all packets ingressing or egressing a particular port.

This feature adds support for “Enhanced Route Refresh” capability (RFC7313). An enhanced route refresh is,

The BGP-LS extension allows IGPs (OSPF/IS-IS) link state database information to be injected into BGP. This is typically used in deployments where some external component, (like a controller or Path Computation Engine) can do centralized path computations by learning the entire IGP topology through BGP-LS. The controller can then communicate the computed paths based on the BGP-LS updates to the head end device in the network. The mechanism used by the controller to communicate the computed TE paths is outside the scope of this document. Using BGP-LS instead of an IGP peering with the controller to distribute IGP link state information has the following advantages.

The BGP graceful restart mechanism has a limitation that the graceful restart time cannot exceed 4095 seconds as per

Generic UDP Encapsulation (GUE) is a general method for encapsulating packets of arbitrary IP protocols within a UDP tunnel. GUE provides an extensible header format with optional data. In this release, decap capability of GUE packets of variant 1 header format has been added. This variant allows direct encapsulation using the UDP header without the GUE header. The inner payload could be one of IPv4, IPv6, or MPLS.

Route Cache is a feature where users can configure Static EVPN VXLAN routes beyond the hardware capacity. The

7170 4.24.2F EOS 4.24.2F RouteCache

This article describes the support for Filtered Mirroring using security ACL. The user can selectively mirror packets based on the statement in the configured IPv4, IPv6 or MAC ACL.

Dynamic NAT is a feature which dynamically allocates an IP address to an incoming or outgoing flow. This address will replace source or destination IP for all packets of the flow.

IPv6 Unicast Reverse Path Forwarding (uRPF) can help limit malicious IPv6  traffic on a network. uRPF works by

This feature adds support for a selected set of configured interfaces to collect egress flow samples. Egress sFlow can be configured on ethernet and port-channel interfaces.