- Written by Digvijay Gahlot
- Posted on 4月 20, 2021
- Updated on 1月 23, 2023
- 12035 Views
The L2 EVPN MPLS feature is available when configuring BGP in the multi-agent routing protocol model. Ethernet VPN (EVPN) is an extension of the BGP protocol introducing a new address family: L2VPN (address family number 25) / EVPN (subsequent address family number 70). It is used to exchange overlay MAC and IP address reachability information between BGP peers.
- Written by Tarun Jaswanth LNU
- Posted on 8月 24, 2020
- Updated on 10月 15, 2024
- 24871 Views
802.1X is an IEEE standard protocol that prevents unauthorized devices from gaining access to the network.
- Written by Tarun Jaswanth LNU
- Posted on 10月 20, 2022
- Updated on 11月 3, 2022
- 6142 Views
As per the mechanism suggested for MKA protocol, a new SAK generation, distribution and installation in all members of a connectivity association ( CA ) can be thought of happening in a number of steps
- Written by Neil Jarvis
- Posted on 3月 6, 2020
- Updated on 10月 27, 2022
- 10637 Views
Ingress policing provides the ability to monitor the data rates for a particular class of traffic and perform action when traffic exceeds user-configured values. This allows users to control ingress bandwidth based on packet classification. Ingress policing is done by a policing meter which marks incoming traffic and performs actions based on the results of policing meters.
- Written by Jason Shamberger
- Posted on 3月 11, 2020
- Updated on 4月 18, 2024
- 15370 Views
EOS 4.21.3F introduces support for BGP Flowspec, as defined in RFC5575 and RFC7674. The typical use case is to filter or redirect DDoS traffic on edge routers.
- Written by Bharath Somayaji
- Posted on 4月 25, 2022
- Updated on 9月 8, 2023
- 8189 Views
Class Based Forwarding (CBF) is a means for steering IP traffic into colored tunnels based on the ingress DSCP values. CBF may be used with SR-TE Policy or RSVP-TE colored tunnels.
- Written by Augusto Wong
- Posted on 2月 17, 2021
- Updated on 10月 21, 2022
- 10698 Views
DHCP Relay feature forwards DHCP packets between client and server when the DHCP Server is not in the same broadcast domain as the client. DHCP Relay should be configured on the gateway interface (SVI/ L3 interface ) for the clients. DHCP Relay agent creates a new unicast DHCP packet and sets the giaddr field to the ‘primary’ IP address of the interface on which DHCP request packet is received. The modified request packet is then relayed to one or more configured DHCP servers. DHCP server assigns ip address to client from the pool corresponding to giaddr field.
- Written by Huong Nguyen
- Posted on 11月 13, 2019
- Updated on 10月 12, 2023
- 13077 Views
Support for DHCPv4 (RFC 2131) and DHCPv6 Server (RFC 8415) was added to EOS-4.22.1 and EOS-4.23.0 respectively. EOS DHCP server leverages ISC Kea as backend. The router with DHCP Server enabled acts as a server that allocates and delivers network addresses with desired configuration parameters to its hosts.
- Written by Praveen Kumar Yadav
- Posted on 10月 20, 2022
- Updated on 6月 13, 2024
- 5916 Views
In the 7280R3/7500R3/7800R3 platform, EXP rewrite for IP-MPLS routed flows is derived from the DSCP of the packet. Using Qos Policy map , DSCP can be set as needed. But in this process, the egress IP TOS was also changed, which may cause issues later at customer edge.
- Written by Sahil Midha
- Posted on 6月 14, 2019
- Updated on 10月 25, 2022
- 7988 Views
This feature can be divided into 3 parts. Enable support for different threshold per Color per TX queue We
- Written by Jeevan Kamisetty
- Posted on 8月 23, 2022
- Updated on 11月 30, 2023
- 9285 Views
NDR switch sensor aka “monitor security awake” feature provides deep network analysis by doing deep packet inspection of some or all packets of traffic that's forwarded by the switch.
- Written by Dylan Walsh
- Posted on 10月 20, 2022
- Updated on 6月 10, 2024
- 6832 Views
EosSdkRpc is an agent built on top of the Arista EOS SDK. It uses gRPC as a mechanism to provide remote access to the EOS SDK. The gRPC interface that EosSdkRpc supports closely matches the interface provided by EOS SDK, and the intent is that the .proto interface can be publically supported. EosSdkRpc allows for remote access and using protobuf to specify the interface isolates user code from the Linux ABI issues that come with building C++ applications on different compiler, libc, and kernel versions. EosSdkRpc is built using C++ but supports clients written in any of the languages currently supported by the gRPC framework.
- Written by Vamsi Anne
- Posted on 10月 20, 2022
- Updated on 1月 24, 2024
- 7240 Views
As Ethernet technologies made their way into the Metropolitan Area Networks (MAN) and the Wide Area Networks (WAN) from the conventional enterprise level usage, they are now widely being used by service providers to provide end-to-end connectivity to customers. Such service provider networks are typically spread across large geographical areas. Additionally, the service providers themselves may be relying on certain internet backbone providers, referred to as “operators”, to provide connectivity in case the geographical area to be covered is too huge.
- Written by Chris Hydon
- Posted on 10月 20, 2022
- Updated on 4月 13, 2023
- 7182 Views
In EVPN, an overlay index is a field in type-5 IP Prefix routes that indicates that they should resolve indirectly rather than using resolution information contained in the type-5 route itself. Depending on the type of overlay index, this resolution information may come from type-1 auto discovery or type-2 MAC+IP routes. For this feature the gateway IP address field of the type-5 NLRI is used as the overlay index, which matches the target IPv4 / IPv6 address in the type-2 NLRI.
- Written by Christoph Schwarz
- Posted on 8月 23, 2022
- Updated on 10月 21, 2022
- 8160 Views
Flexible cross-connect service is an extension of EVPN MPLS Virtual Private Wire Service (VPWS) (RFC 8214). It allows for multiplexing multiple attachment circuits across different Ethernet Segments and physical interfaces into a single EVPN VPWS service tunnel while still providing single-active and all-active multi-homing.
- Written by Xuan Qi
- Posted on 10月 20, 2022
- Updated on 9月 19, 2024
- 5819 Views
EVPN gateway support for all-active (A-A) multihoming adds a new redundancy model to our multi-domain EVPN solution introduced in [1]. This deployment model introduces the concept of a WAN Interconnect Ethernet Segment identifier (WAN I-ESI). The WAN I-ESI allows the gateway’s EVPN neighbors to form L2 and L3 overlay ECMP on routes re-exported by the gateways. The identifier is shared by gateway nodes within the same domain (site) and set in MAC-IP routes that cross domain boundaries.
- Written by Edwin Tambi
- Posted on 8月 19, 2020
- Updated on 7月 3, 2024
- 19384 Views
EOS supports the ability to match on a single VLAN tag (example: encapsulation dot1q vlan 10) or a VLAN tag pair (example: encapsulation dot1q vlan 10 inner 20) to map matching packets to an interface. In this case, the encapsulation string is considered consumed by the mapped interface before forwarding, which means that the tags are effectively removed from the incoming packet for the purposes of any downstream forwarding.
- Written by Gowtham Rameshkumar
- Posted on 6月 10, 2019
- Updated on 10月 31, 2022
- 7725 Views
An introduction to Nexthop-groups can be seen in the Nexthop-Group section of eos.With this feature, IP packets matching a static Nexthop-Group route can be encapsulated with a GRE tunnel and forwarded.
- Written by Ashwani Deva Kumar
- Posted on 10月 20, 2022
- Updated on 10月 20, 2022
- 6385 Views
This feature allows the logging of the packets matching permit rules in ingress ACLs. This behavior can be enabled by using the log keyword when configuring an ACL permit rule. A copy of the packet matching those ACL rules is sent to the control plane, where a syslog entry of the packet header is being generated.
- Written by Tanuj Kumar Jhamb
- Posted on 10月 20, 2022
- Updated on 7月 11, 2023
- 7687 Views
sFlow is a sampling technique which monitors the incoming traffic on all the interfaces without affecting the network performance.
- Written by Neel Neogi
- Posted on 12月 30, 2020
- Updated on 6月 8, 2023
- 11768 Views
The document describes the support for dedicated and group ingress policing on interfaces without using QoS policy-maps to match on the traffic and apply policing.
- Written by Jyothish Kunkumath
- Posted on 1月 6, 2022
- Updated on 4月 29, 2024
- 10552 Views
IPSec tunnel mode support allows the customer to encrypt traffic transiting between two tunnel endpoints.
- Written by Soumya S Acharya
- Posted on 10月 20, 2022
- Updated on 4月 21, 2023
- 3984 Views
This feature helps in figuring out if there are multiple nodes in the network with the same System-ID. A non-unique node leads to the failure of all subsequent functions of the IS-IS protocol, like LSP origination (leading to LSP constant flooding issue), SPF calculation and so on.
- Written by Navneet Sinha
- Posted on 6月 29, 2016
- Updated on 7月 30, 2024
- 13501 Views
Segment Routing provides mechanism to define end-to-end paths within a topology by encoding paths as sequences of sub-paths or instructions. These sub-paths or instructions are referred to as “segments”. IS-IS Segment Routing (henceforth referred to as IS-IS SR) provides means to advertise such segments through IS-IS protocol.
- Written by Prakrati Vidyarthi
- Posted on 8月 16, 2018
- Updated on 9月 13, 2024
- 14702 Views
Normally, a switch traps L2 protocol frames to the CPU. However, certain use-cases may require these frames to be forwarded or dropped. And in cases where the L2 protocol frames are forwarded (eg: Pseudowire), we may require the frames to be trapped to the CPU or dropped. The L2 Protocol Forwarding feature provides a mechanism to control the behavior of L2 protocol frames received on a port or subinterface.
- Written by Michael Chin
- Posted on 2月 22, 2021
- Updated on 11月 7, 2022
- 7535 Views
Line system commands are used to apply configuration and query the status of line system modules in EOS. The supported line system modules are the OSFP-AMP-ZR and the QSFP-AMP-ZR.
- Written by John Clarke
- Posted on 12月 20, 2021
- Updated on 10月 9, 2024
- 10692 Views
Arista's 7130 Connect Series of Layer 1+ switches are powerful network devices designed for ultra low latency and offer a wealth of integrated management features and functionalities.
- Written by Alejandro Schwoykoski
- Posted on 12月 22, 2021
- Updated on 10月 9, 2024
- 11026 Views
MetaMux is an FPGA-based feature available on Arista’s 7130 platforms. It performs ultra-low latency Ethernet packet multiplexing with or without packet contention queuing. The port to port latency is a function of the selected MetaMux profile, front panel ingress port, front panel egress port, FPGA connector ingress port, and platform being used.
- Written by Kevin Amiraux
- Posted on 9月 30, 2015
- Updated on 8月 16, 2024
- 10556 Views
Arista switches provide several mirroring features. Filtered mirroring to CPU adds a special destination to the mirroring features that allows the mirrored traffic to be sent to the switch supervisor. The traffic can then be monitored and analyzed locally without the need of a remote port analyzer. Use case of this feature is for debugging and troubleshooting purposes.
- Written by Ryan Megathlin
- Posted on 10月 20, 2022
- Updated on 7月 3, 2023
- 6359 Views
In order to achieve split horizon and prevent double-delivery of packets in an MLAG setup, egress ACLs are installed on all active MLAG interfaces so that BUM traffic received on the MLAG peer-link cannot get forwarded out any MLAG interfaces. When only one half of an MLAG interface is active, this egress ACL is removed to allow BUM traffic from the peer-link to be forwarded out MLAG interfaces.
- Written by Anil Joshi
- Posted on 6月 29, 2016
- Updated on 11月 3, 2022
- 8122 Views
MPLS-over-GRE encapsulation support in EOS 4.17.0 enables tunneling IPv4 packets over MPLS over GRE tunnels. This feature leverages next-hop group support in EOS. With this feature, IPv4 routes may be resolved via MPLS-over-GRE next-hop group to be able to push one MPLS label and then GRE encapsulate the resulting labelled IPv4 packet before sending out of the egress interface.
- Written by Marius
- Posted on 10月 20, 2022
- Updated on 1月 13, 2023
- 5246 Views
Before 4.29.0F, the next hop self option could only be configured for a neighbor in global router mode and would apply to all address families. Attempting to configure next-hop-self in address family mode would silently move the configuration to global mode (for the specified neighbor).
- Written by Ethan Vadai
- Posted on 3月 6, 2020
- Updated on 3月 14, 2024
- 16117 Views
Policy-based routing (PBR) is a feature that is applied on routable ports, to preferentially route packets. Forwarding is based on a policy that is enforced at the ingress of the applied interface and overrides normal routing decisions. In addition to matches on regular ACLs, PBR policy-maps can also include “raw match” statements that look like a single entry of an ACL as a convenience for users.
- Written by Padmanabh Ratnakar
- Posted on 4月 20, 2021
- Updated on 7月 15, 2024
- 13129 Views
The postcard telemetry (GreenT - GRE Encapsulated Telemetry) feature is used to gather per flow telemetry information like path and per hop latency. For network monitoring and troubleshooting flow related issues, it is desirable to know the path, latency and congestion information for flows at different times.
- Written by Fathima Thasneem
- Posted on 6月 20, 2022
- Updated on 9月 27, 2024
- 7493 Views
RFC2544 defines a number of benchmark tests that may be used to describe the performance characteristics of a network interconnecting device(s). Starting from 4.28.1F, Arista switches support throughput test belonging to a set of benchmark tests as defined in RFC2544. Starting from 4.29.0F, Arista switches support frame loss rate test.
- Written by David Cronin
- Posted on 3月 4, 2022
- Updated on 4月 16, 2024
- 15955 Views
Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.
- Written by Jeevan Kamisetty
- Posted on 2月 26, 2021
- Updated on 7月 18, 2023
- 10603 Views
Sampled flow tracking with IPFIX export is supported on most of the Arista platforms. User configured sampling rate is used for sampling in ingress and/or egress direction on the configured interfaces. An EOS software agent on CPU processes samples received from hardware, samples are used to create flow records that are exported to IPFIX collectors. Refer to Sampled flow tracking TOI for additional details.
- Written by Jeevan Kamisetty
- Posted on 11月 4, 2020
- Updated on 10月 4, 2024
- 13758 Views
Network administrators require access to flow information that passes through various network elements, for the purpose of analyzing and monitoring their networks. This feature provides access to IP flow information by sampling traffic flows in ingress and/or egress directions on the interfaces on which it is configured. The samples are then used to create flow records, which are exported to the configured collectors in the IPFIX format. Egress Flow tracking is supported from EOS-4.29.0F on the DCS-7170B-64C series and supported on 7280, 7500 and 7800 series platforms from EOS-4.31.1".
- Written by Joseph Swaminathan
- Posted on 10月 20, 2022
- Updated on 10月 28, 2022
- 4884 Views
This feature allows a SBFD initiator to request a SBFD reflector to respond to the status of an auxiliary path. This is very useful when an SBFD session couldn’t be established with an endpoint. In such a case the SBFD initiator could establish a session to a router in the path ( ex. ASBR ) to respond to the health of the remaining path ( ex. endpoint connected to the ASBR ).
- Written by Zhen Xue
- Posted on 6月 29, 2020
- Updated on 6月 5, 2023
- 10059 Views
Bidirectional Forwarding Detection (BFD) is a protocol that provides low-overhead, short-duration detection of failures of arbitrary paths between two systems.
- Written by Naina Jalan
- Posted on 10月 20, 2022
- Updated on 11月 3, 2022
- 6072 Views
Unicast Reverse Path Forwarding (uRPF) can help limit malicious IPv4/IPv6 traffic on a network. uRPF works by enabling the router to verify reachability (routing) of the source IP address (SIP) in the packet being forwarded. If the SIP is determined to be an invalid address, the packet is dropped.
- Written by Daniel Guerin
- Posted on 10月 20, 2022
- Updated on 11月 3, 2022
- 5615 Views
Spanning Tree Protocol requires each interface to have a unique port number ranging from 1 through 4095. Arista STP typically assigns port numbers to port-channel interfaces in the order in which they are configured.
- Written by Shamit Kapadia
- Posted on 10月 20, 2022
- Updated on 10月 26, 2022
- 5193 Views
BGP Monitoring Protocol (BMP) allows a monitoring station to connect to a router and collect all of the BGP announcements received from the router’s BGP peers. The announcements are sent to the station in the form of BMP Route Monitoring messages generated from path information in the router’s BGP Adj-Rib-In tables.
- Written by Surendra Mobiya
- Posted on 10月 20, 2022
- Updated on 10月 21, 2022
- 5055 Views
This feature adds support for “Dynamic Load Balancing (DLB)” on Link Aggregation Group (LAG). It is intended to help overcome the potential shortcomings of traditional hash-based load balancing by considering the traffic load of members of LAG groups.
- Written by Neil Jarvis
- Posted on 3月 2, 2022
- Updated on 6月 7, 2023
- 8644 Views
A L2 sub-interface is a logical bridging endpoint associated with traffic on an interface distinguished by 802.1Q tags, where each <interface, 802.1Q tag> tuple is treated as a first-class bridging interface.
- Written by Bidong Chen
- Posted on 10月 20, 2022
- Updated on 1月 17, 2023
- 6286 Views
This feature enables Tap Aggregation generic header removal on a tap port.
- Written by Sandeep Kopuri
- Posted on 10月 7, 2019
- Updated on 5月 17, 2024
- 10531 Views
Topology Independent Fast Reroute, or TI-LFA, uses IS-IS SR to build loop-free alternate paths along the post-convergence path. These loop-free alternates provide fast convergence.
- Written by Prateek Mali
- Posted on 8月 19, 2020
- Updated on 9月 25, 2024
- 19954 Views
Access Control Lists (ACL) use packet classification to mark certain packets going through the packet processor pipeline and then take configured action against them. Rules are defined based on various fields of packets and usually TCAM is used to match packets to rules. For example, there can be a rule to match the packet source IP address against a list of IP addresses, and drop the packet if there is a match. This will be expressed in TCAM with multiple entries matching the list of IP addresses. Number of entries is reduced by masking off bits, if possible. TCAM is a limited resource, so with classifiers having a large number of rules and a big field list, TCAM runs out of resources.
- Written by Graeme Rennie
- Posted on 10月 20, 2022
- Updated on 7月 12, 2023
- 6384 Views
Internal recirculation interfaces, IR interfaces, can be used to internally loop-back packets for a second pass through the packet forwarding pipeline. This is particularly useful with Tap Aggregation because some combinations of advanced Tap Aggregation features cannot be simultaneously applied to a packet. Using an IR interface however, a user can apply multiple Tap Aggregation egress editing features, overcoming previous limitations.
- Written by Anirudh Ramesh Iyer
- Posted on 5月 5, 2021
- Updated on 7月 19, 2024
- 16865 Views
This article describes how to customize TCAM ( Ternary Content Addressable Memory ) lookup for each feature which uses TCAM.