- Written by Digvijay Gahlot
- Posted on 4月 20, 2021
- Updated on 1月 23, 2023
- 11909 Views
The L2 EVPN MPLS feature is available when configuring BGP in the multi-agent routing protocol model. Ethernet VPN (EVPN) is an extension of the BGP protocol introducing a new address family: L2VPN (address family number 25) / EVPN (subsequent address family number 70). It is used to exchange overlay MAC and IP address reachability information between BGP peers.
- Written by Tarun Jaswanth LNU
- Posted on 8月 24, 2020
- Updated on 7月 3, 2024
- 24550 Views
802.1X is an IEEE standard protocol that prevents unauthorized devices from gaining access to the network.
- Written by Pawel Kurdybacha
- Posted on 8月 23, 2022
- Updated on 9月 12, 2022
- 5261 Views
Feature provides a way to set the Passive role in BFD session initialization. A system taking the Passive role does not begin sending BFD control packets for a particular session until it has received a BFD packet for that session, and thus has learned the remote system's discriminator value.
- Written by Pauric Ward
- Posted on 8月 23, 2022
- Updated on 9月 12, 2022
- 5440 Views
Stale routes are learned routes from adjacent BGP neighbors whose neighborship has been interrupted by session instability. This feature adds a mechanism to specify a stale policy route-map for which the stale routes from a gracefully restarting, or depending on the configuration of the feature, a non-gracefully restarting BGP peer will be processed.
- Written by Joseph Swaminathan
- Posted on 8月 23, 2022
- Updated on 9月 6, 2022
- 4932 Views
This feature allows customers to make the status of a MPLS static route dependent on the state of a BGP peer. When this feature is enabled for a static route, it will be programmed only if the monitored BGP peer session is up.
- Written by Vu Nguyen
- Posted on 8月 23, 2022
- Updated on 11月 22, 2023
- 7027 Views
EOS currently supports BGP message authentication via the TCP MD5 Signature (TCP MD5) option (RFC 2385) to protect the BGP sessions from spoofed TCP segments. However, research has shown many concerns that the TCP MD5 algorithm is cryptographically ineffective with a just simple keyed hash for authentication.
- Written by Arup Raton Roy
- Posted on 11月 2, 2020
- Updated on 7月 21, 2023
- 10505 Views
This document presents Arista Macro-Segmentation Service - Firewall (MSS-FW) deployment in a network with multiple Virtual Routing and Forwarding (VRF) instances.
- Written by Deepak Sebastian
- Posted on 8月 18, 2022
- Updated on 6月 7, 2023
- 6790 Views
Arista’s DCS-7130LBR series of switches are powerful network devices designed for ultra latency applications along with a wealth of networking features.
- Written by Huong Nguyen
- Posted on 11月 13, 2019
- Updated on 10月 12, 2023
- 12939 Views
Support for DHCPv4 (RFC 2131) and DHCPv6 Server (RFC 8415) was added to EOS-4.22.1 and EOS-4.23.0 respectively. EOS DHCP server leverages ISC Kea as backend. The router with DHCP Server enabled acts as a server that allocates and delivers network addresses with desired configuration parameters to its hosts.
- Written by Jammala Vinod Kumar
- Posted on 8月 23, 2022
- Updated on 9月 12, 2022
- 5648 Views
This feature allows users to change the scale of IPV6 and MAC subinterface ACLs by changing the port qualifier size (range used for ACL label allocation) through the tcam profile. Increasing the port qualifier size increases the ACL label range, thus allowing more number of ACLs vice versa.
- Written by Krzysztof Gongolewski
- Posted on 9月 11, 2022
- Updated on 8月 30, 2024
- 6364 Views
Dynamic NAT connection limit is a feature which allows to limit the number of dynamic NAT connections.
- Written by Alfaz Ahmed
- Posted on 8月 23, 2022
- Updated on 8月 24, 2022
- 5537 Views
The SRTE Policy metric is used as a tie-breaker when picking two policies with the same cost value, otherwise the cost determines the preferred policy, currently there are commands to manually configure metrics for each SRTE Policy as described in Configurable IGP Preference and Metric for SR-TE Policies
- Written by Kulwinder Singh
- Posted on 8月 16, 2018
- Updated on 9月 12, 2024
- 7656 Views
The feature allows to create a named TC to DSCP mapping that can be applied on an interface.DSCP of routed packets egressing out of the interface will be rewritten according to the map.
- Written by Jeevan Kamisetty
- Posted on 8月 23, 2022
- Updated on 11月 30, 2023
- 9184 Views
NDR switch sensor aka “monitor security awake” feature provides deep network analysis by doing deep packet inspection of some or all packets of traffic that's forwarded by the switch.
- Written by Joseph Swaminathan
- Posted on 8月 18, 2022
- Updated on 8月 22, 2022
- 5669 Views
This feature allows BGP speakers that support L2 EVPN to exchange system router MAC addresses of virtual gateway IP addresses configured on a SVI interface. The receiving device will treat these MAC addresses as local system router MAC addresses, if it has the same IP addresses configured as virtual IP addresses on the corresponding (Bridge ID) SVI interfaces.
- Written by Aaron Bamberger
- Posted on 4月 23, 2020
- Updated on 2月 13, 2024
- 9446 Views
E-Tree is an L2 EVPN service (defined in RFC8317) in which each attachment circuit (AC) is assigned the role of Root or Leaf. Once roles are assigned, the following forwarding rules are enforced:
- Written by Christoph Schwarz
- Posted on 8月 23, 2022
- Updated on 10月 21, 2022
- 8049 Views
Flexible cross-connect service is an extension of EVPN MPLS Virtual Private Wire Service (VPWS) (RFC 8214). It allows for multiplexing multiple attachment circuits across different Ethernet Segments and physical interfaces into a single EVPN VPWS service tunnel while still providing single-active and all-active multi-homing.
- Written by Edwin Tambi
- Posted on 8月 19, 2020
- Updated on 7月 3, 2024
- 19169 Views
EOS supports the ability to match on a single VLAN tag (example: encapsulation dot1q vlan 10) or a VLAN tag pair (example: encapsulation dot1q vlan 10 inner 20) to map matching packets to an interface. In this case, the encapsulation string is considered consumed by the mapped interface before forwarding, which means that the tags are effectively removed from the incoming packet for the purposes of any downstream forwarding.
- Written by James Shephard
- Posted on 8月 25, 2019
- Updated on 7月 5, 2023
- 10394 Views
Forwarding destination prediction enables visibility into how a packet is forwarded through the switch, allowing you to determine which interfaces a packet would egress out of. Typical use cases include, but are not limited to, determining egress members for Port-Channels and ECMPs.
- Written by Vishal Bandekar
- Posted on 8月 23, 2022
- Updated on 8月 21, 2024
- 5677 Views
This document is an extension to the decap group feature, that allows IPv4 addresses to be configured and used as part of a group. Now we will be able to configure IPv4 prefixes as a decap group.
- Written by Marc Laprade
- Posted on 11月 3, 2021
- Updated on 6月 13, 2023
- 9767 Views
This feature will allow the user to select whether port mirror destinations of type GRE tunnel include the optional “key” field in the GRE header on certain platforms. The key field allows the user to uniquely identify a particular packet flow. The feature also allows the user to specify the value of the 32 bit key field.
- Written by Athichart Tangpong
- Posted on 10月 22, 2018
- Updated on 10月 1, 2024
- 13044 Views
A L2 sub-interface is a logical bridging endpoint associated with traffic on an interface distinguished by 802.1Q tags, where each <interface, 802.1q tag> tuple is treated as a first class bridging interface.
- Written by John Clarke
- Posted on 12月 20, 2021
- Updated on 3月 19, 2024
- 10568 Views
Arista's 7130 Connect Series of Layer 1+ switches are powerful network devices designed for ultra low latency and offer a wealth of integrated management features and functionalities.
- Written by Alejandro Schwoykoski
- Posted on 12月 22, 2021
- Updated on 11月 6, 2023
- 10842 Views
MetaMux is an FPGA-based feature available on Arista’s 7130 platforms. It performs ultra-low latency Ethernet packet multiplexing with or without packet contention queuing. The port to port latency is a function of the selected MetaMux profile, front panel ingress port, front panel egress port, FPGA connector ingress port, and platform being used.
- Written by David Mirabito
- Posted on 12月 30, 2021
- Updated on 7月 30, 2024
- 14113 Views
MetaWatch is an FPGA-based feature available for Arista 7130 Series platforms. It provides precise timestamping of packets, aggregation and deep buffering for Ethernet links. Timestamp information and other metadata such as device and port identifiers are appended to the end of the packet as a trailer.
- Written by Shriprama Rao
- Posted on 8月 23, 2022
- Updated on 6月 21, 2023
- 6345 Views
This feature allows users to preserve IP TTL and MPLS EXP (also known as TC) value on MPLS routers, as well as add a user-specified TTL/EXP value when pushing new MPLS labels in pipe mode.
- Written by Xuan Qi
- Posted on 8月 23, 2022
- Updated on 4月 4, 2024
- 8611 Views
This feature extends the multi-domain EVPN VXLAN feature introduced to support interconnect with EVPN MPLS networks. The following diagram shows a multi-domain deployment with EVPN VXLAN in the data center and EVPN MPLS in the WAN. Note that this is the only supported deployment model, and that an EVPN MPLS network cannot peer with an EVPN MPLS network.
- Written by Nikhil Goyal
- Posted on 8月 18, 2022
- Updated on 8月 19, 2022
- 5221 Views
This feature adds streaming support for the IS-IS Link State Database OpenConfig model via gNMI. The current implementation supports a limited number of IS-IS TLVs and subTLVs.
- Written by Terence Hui
- Posted on 8月 18, 2022
- Updated on 8月 19, 2022
- 5539 Views
Configure trust mode for trusting traffic from phone’s, but not any other traffic coming from the same interface.
- Written by Rahul Kumar Singh
- Posted on 8月 18, 2022
- Updated on 2月 7, 2024
- 7621 Views
This article is intended to discuss how to configure the Phone VLAN on an Arista switch.
- Written by Shelly Chang
- Posted on 8月 23, 2022
- Updated on 8月 29, 2022
- 5594 Views
This feature allows PIMv4 to work with Multiprotocol BGP (MP-BGP), where IPv4 prefix routes are reachable via IPv6 next-hops.
- Written by Akanksha Gottipati
- Posted on 8月 23, 2022
- Updated on 9月 2, 2022
- 5528 Views
Allows the user to configure explicit QoS trust settings viz. trust mode, default cos and default dscp on subinterfaces, which may or may not be the same as the parent interface.
- Written by Fathima Thasneem
- Posted on 6月 20, 2022
- Updated on 9月 27, 2024
- 7378 Views
RFC2544 defines a number of benchmark tests that may be used to describe the performance characteristics of a network interconnecting device(s). Starting from 4.28.1F, Arista switches support throughput test belonging to a set of benchmark tests as defined in RFC2544. Starting from 4.29.0F, Arista switches support frame loss rate test.
- Written by Arun Ajith S
- Posted on 8月 18, 2022
- Updated on 8月 23, 2022
- 5141 Views
The original IPv6 Neighbor Discovery specification in RFC4861 instructs all devices to discard any neighbor-advertisement (NA) message received from a neighbor, if there is no existing entry already present in the neighbor cache.
- Written by Kalash Nainwal
- Posted on 12月 14, 2020
- Updated on 7月 31, 2024
- 11659 Views
RSVP-TE, the Resource Reservation Protocol (RSVP) for Traffic Engineering (TE), is used to distribute MPLS labels for steering traffic and reserving bandwidth. The Label Edge Router (LER) feature implements the headend functionality, i.e., RSVP-TE tunnels can originate at an LER which can steer traffic into the tunnel.
- Written by Tanuj Kumar Jhamb
- Posted on 12月 16, 2021
- Updated on 9月 2, 2022
- 7639 Views
This feature allows the user to configure upto 1023 unique QoS Policy-maps per chip.
- Written by Philip Bradish
- Posted on 8月 18, 2022
- Updated on 8月 23, 2022
- 5902 Views
This document describes the support for authenticating users using SSH certificates and the authorized principals command in EOS. SSH certificate authentication was previously restricted to just using the authorized principals file. This file is populated by configuring authorized principals for each user. In order to login with a SSH certificate a user must present a certificate that includes at least one of their configured principals. The authorized principals command allows this list of configured principals to be generated by an executable dynamically at runtime. This provides a more flexible and scalable way to perform SSH certificate authentication.
- Written by Yongxiang Chen
- Posted on 2月 19, 2021
- Updated on 6月 26, 2023
- 8667 Views
Storm control enables traffic policing on floods of packets on L2 switching networks. The documentation describes
- Written by Fathima Thasneem
- Posted on 8月 23, 2022
- Updated on 5月 30, 2024
- 5921 Views
Interface reflectors are useful to make sure a service provided to customers is working as expected and it's within SLA constraints. Now, we are extending the support to configure subinterfaces as ethernet reflector. The Subinterface Interface Reflector feature allows performing certain actions (such as source/destination MAC address swap) on packets reaching subinterfaces patched to Pseudowire that are reflected back to the source interface. It is useful to test properties and SLAs before deploying the service for a customer.
- Written by Kaustav Majumdar
- Posted on 8月 23, 2022
- Updated on 9月 12, 2022
- 5869 Views
Support for Media Access Control Security ( MACsec ) was added in EOS-4.15.4. MACsec defines a secure channel ( SC ) from one peer to another peer as a security relationship which provides security guarantees for the frames transmitted from the first peer to the second peer.
- Written by Kundan Sen
- Posted on 8月 18, 2022
- Updated on 8月 22, 2022
- 5269 Views
This feature adds support for configuring multiple area addresses in an IS-IS instance.
- Written by Harsis Yadav
- Posted on 8月 18, 2022
- Updated on 8月 22, 2022
- 5752 Views
The feature allows the user to determine the rate of ingress packets on a class-map over a span of a specified interval. This specified interval is the global load-interval (default value is 5 minutes).
- Written by Gaofeng Yue
- Posted on 12月 20, 2021
- Updated on 9月 7, 2022
- 7330 Views
Currently EOS supports redistribution into BGP at the global (instance) level. Also EOS supports redistribution in
- Written by Prateek Mali
- Posted on 8月 19, 2020
- Updated on 9月 25, 2024
- 19759 Views
Access Control Lists (ACL) use packet classification to mark certain packets going through the packet processor pipeline and then take configured action against them. Rules are defined based on various fields of packets and usually TCAM is used to match packets to rules. For example, there can be a rule to match the packet source IP address against a list of IP addresses, and drop the packet if there is a match. This will be expressed in TCAM with multiple entries matching the list of IP addresses. Number of entries is reduced by masking off bits, if possible. TCAM is a limited resource, so with classifiers having a large number of rules and a big field list, TCAM runs out of resources.
- Written by Xiaoman Chu
- Posted on 8月 18, 2022
- Updated on 6月 6, 2023
- 10553 Views
This feature allows customers to configure BFD intervals on a per BGP neighbor basis. We also have existing support for the configuration of BFD intervals on a per interface basis and the configuration of BFD intervals globally on the entire device.
- Written by Daria Tsaregorodtseva
- Posted on 8月 23, 2022
- Updated on 7月 13, 2023
- 5286 Views
A QoS Policy-maps policer is said to be shared when “set-policer” action is present under the qos features ( qos ip, qos ipv6, qos mac ) of a TCAM profile. When such shared QoS policy-map with policer action is configured on multiple interfaces, the policer instance is shared among all the interfaces, the policy-map is applied on. If in case, a unique policer instance is required per interface, a duplicate policy-map needs to be created for each interface, which will require additional TCAM resources.
- Written by Bharadwaj Gosukonda
- Posted on 6月 20, 2022
- Updated on 2月 15, 2024
- 6011 Views
Unicast Reverse Path Forwarding (uRPF) can help limit malicious IPv4/IPv6 traffic on a network. uRPF works by enabling the router to verify reachability (routing) of the source IP address (SIP) in the packet being forwarded. If the SIP is determined to be an invalid address, the packet is dropped.
- Written by Isidor Kouvelas
- Posted on 2月 28, 2022
- Updated on 7月 29, 2024
- 13788 Views
Virtual Private LAN Service (VPLS) appears in (almost) all respects as an Ethernet type service to customers of a Service Provider (SP). A VPLS glues together several individual LANs across a packet switched network to appear and function as a single bridged LAN. This is accomplished by incorporating MAC address learning, flooding, and forwarding functions in the context of pseudowires that connect these individual LANs across the packet switched network. LDP signaling is used for the setup and teardown of the mesh of pseudowires that constitute a given VPLS instance.
- Written by Nikhil Satish Pai
- Posted on 8月 18, 2022
- Updated on 8月 22, 2022
- 5020 Views
The feature will provide the ability to error disable local interfaces in a BGP VPWS pseudowire when the remote interface is shutdown or whenever we do not receive a response from BGP.