STUN (Session Traversal Utilities for NAT) is a client-server protocol that can be used by a network endpoint to determine the IP address and port assigned to it by a NAT device. The protocol is defined in RFC8489.

This document describes the STUN client and server capabilities in CloudEOS, and how this is used by Dynamic Path Selection (DPS) feature.


STUN Debugging Guide Questions and Answers

EOS 4.30.0F

This feature adds support for “Dynamic Load Balancing (DLB)” on Equal Cost Multi Path (ECMP) groups.
It is intended to help overcome the potential shortcomings of traditional hash-based load balancing by considering the traffic load of members of ECMP groups. DLB considers the state of the port while assigning egress ports to packets, resulting in a more even flow. The state of each port member is determined by measuring the amount of data transmitted from a given port and total number of packets enqueued to a given port.

This feature adds support for configuring multiple authentication keys each with a specified lifetime using a shared secret profile. With a shared secret profile, a current key (key having the most recent start time) is automatically picked as per the lifetime specified. Authentication types supported are MD5 and SHA. The feature can be configured at both global and interface level. SHA algorithms supported are SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512.

Authentication Isis EOS 4.30.0F

A L2 sub-interface is a logical bridging endpoint associated with traffic on an interface distinguished by 802.1Q tags, where each <interface, 802.1Q tag> tuple is treated as a first-class bridging interface. 

Access Control Lists (ACL) use packet classification to mark certain packets going through the packet processor pipeline and then take configured action against them. Rules are defined based on various fields of packets and usually TCAM is used to match packets to rules. For example, there can be a rule to match the packet source IP address against a list of IP addresses, and drop the packet if there is a match. This will be expressed in TCAM with multiple entries matching the list of IP addresses. Number of entries is reduced by masking off bits, if possible. TCAM is a limited resource, so with classifiers having a large number of rules and a big field list, TCAM runs out of resources.

Several customers have expressed interest in using IPv6 addresses for VxLAN underlay in their Data Centers (DC). Prior to 4.27.2F, only IPv4 addresses are supported for VxLAN underlay, i.e VTEPs are reachable via IPv4 addresses only. This feature enables a VTEP to send VxLAN Encapsulated packets using IPv6 underlay.

SwitchApp is an FPGA-based feature available on Arista’s 7130LB-Series and 7132LB-Series platforms. It performs ultra low latency Ethernet packet switching. Its packet switching feature set, port count, and port to port latency are a function of the selected SwitchApp profile. Detailed latency measurements are available in the userguide on the Arista Support site.

Add the ability to generate SYSLOG messages when a transceiver's digital optical monitoring threshold is crossed.

This feature is disabled by default. It can be enabled by a CLI toggle "logging transceiver communication" under the "monitor layer1" config mode. Note that “logging transceiver” will enable SMBus communication failure and digital optical monitoring syslogs.  See under Resources for more information on digital optical monitoring syslogs.

This feature provides support for packet counters for Tap Aggregation on default forwarding, GRE tunnel termination, traffic steering based on policy map and traffic steering based on traffic policy (Aegis). For brevity, counters for policy-map traffic steering will be referred to as policy-map counters, and counters for traffic-policy traffic steering will be referred to as traffic-policy counters.

DANZ Tapagg EOS 4.28.1F EOS 4.30.0F

In an optical transceiver, electrical signals leaving the switch are converted to optical signals in the transmit path. Optical signals arriving at the transceiver are converted to electrical signals that enter the switch in the receive path. At the point of conversion, an automatic decision can be made to turn off (squelch) output when the input level drops below a certain threshold of usability (usually, LOS condition.) This is referred to as automatic squelching.

Transceiver CMIS EOS 4.30.0F

The new show command show configuration consistency adds the ability to check for “dangling” references in the configuration. For example, it is possible to configure an access-list, TEST-ACL, to an interface (ip access-group TEST-ACL in), without actually defining TEST-ACL (ip access-list TEST-ACL). This show command will list such “undefined” references.

This article describes how to customize TCAM ( Ternary Content Addressable Memory ) lookup for each feature which uses TCAM.

This article describes a set of CLI commands to create TCAM profiles. The profile is composed of a set of TCAM features, with each feature having customized lookup key, actions and packet types to hit.

Virtual Private LAN Service (VPLS) appears in (almost) all respects as an Ethernet type service to customers of a Service Provider (SP). A VPLS glues together several individual LANs across a packet switched network to appear and function as a single bridged LAN.

Wan Routing System solution provides connectivity between different enterprise branches, DCs and head office across different geographical regions, zones and sites by using the best optimal path available based on the type of application.

EOS 4.30.0F EOS 4.30.1F

A fundamental business requirement for any network operator is to reduce costs where possible. For network operators, deploying devices to many locations can be a significant cost as sending trained specialists to each site for installations is both time-consuming and expensive.

EOS 4.30.0F