Tag :: EOS 4.35.0F

The postcard telemetry (GreenT - GRE Encapsulated Telemetry) feature is used to gather per flow telemetry information like path and per hop latency. For network monitoring and troubleshooting flow related issues, it is desirable to know the path, latency and congestion information for flows at different times.

This article provides a general introduction to Precision Time Protocol (PTP) supported within EOS. PTP is aimed at distributing time with sub-microsecond accuracy. PTP support is based on the IEEE-1588 specification for version 2 of the protocol. 

Precision Time Protocol (PTP) is a protocol aimed at distributing time between devices with sub-microsecond accuracy. PTP support is based on the IEEE-1588 specification for version 2 of the protocol. cEOS-lab is a containerised image which provides a portable way to run EOS in a virtualised environment. With this support, multiple virtual labs can be spun up to be used for testing and learning of the PTP feature.

This feature allows a customer to configure a whitelist of acceptable grandmaster clocks per switch. When such a list is configured, announce messages from only the acceptable clocks are accepted and announce messages from all other clocks are rejected. If there is no such list configured, the default behaviour kicks in i.e. all potential grandmaster clocks are considered.

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.This document serves as a reference guide for Routing protocol attributes, Operators for comparing and modifying attributes, built-in functions provided in RCF

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.This document serves as a reference guide for Bgp agent points of application:

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion. 

Packets sampled for sFlow are packaged in a flow sample structure containing, amongst other things, input and output

The command provides a summary of the number of used hardware entries versus the total available capacity for various Layer 3 features, such as next-hops and ECMP groups. Network operators run this to quickly assess the health of the forwarding plane and determine if the device is approaching its resource limits. This command also details the usage of different levels of the ALPM tables and TCAMs.

"Micro segment" (SRv6 uSID or uSID for short) is an extension of SRv6 architecture, specifically designed to represent SRv6 SIDs in an extremely compact way. It addresses the overhead of using full 128-bit IPv6 SIDs for routing. Instead of using a 128-bit address for single SID, multiple uSIDs are packed into a single 128-bit address. Each 128-bit address comprises a block value representing the domain followed by multiple uSIDs, each of the same bit length. If there are bits left they are filled with trailing zeros. This allows for a complete SRv6 path to be represented by a 128-bit IPv6 address. Like a regular SID, each uSID is associated with a specific behavior on the SRv6 capable node. SRv6 uN refers to the End behavior with uSIDs.

This is an infrastructure that provides management of SSL certificates, keys and profiles. SSL/TLS is an application-layer protocol that provides secure transport between client and server through a combination of authentication, encryption and data integrity. SSL/TLS uses certificates and private-public key pairs to provide this security. A user can manage certificates, keys and also multiple SSL profiles. An SSL profile is a configuration which includes certificate, key and trusted CA certificates used in SSL/TLS communication. An SSL profile configuration can be attached to another EOS configuration which supports SSL/TLS communication. Individual EOS features that use this infrastructure will document the details of using an SSL profile in their configuration.

This feature allows a switch to statically modify the source or destination IP (and optionally the L4 port) for a transit packet. Static NAT support on 7050X3, 720XP and 720D platforms was first introduced in 4.21.6F. Starting at EOS 4.35.0F, NAT functionality is supported on certain 7050X4 and 7358X4 platforms.

Subinterfaces are logical L3 interfaces that enable the division of a single Ethernet or Port-channel interface into multiple logical L3 interfaces based on the incoming 802.1q tag.  They are commonly used in the L2/L3 boundary.  They can also be used in the context of VRF-lite, by configuring each subinterface in a different VRF.

Dynamic NAT Priority feature, which extends the Dynamic NAT feature,  allows you to configure the order in which dynamic NAT rules are evaluated by the switch.

gNSI (gRPC Network Security Interface) defines a set of gRPC-based microservices for executing security-related operations on network devices. Some of the RPCs that gNSI exposes are used to rotate security configurations on the switch.

Private VLAN is a feature that segregates a regular VLAN broadcast domain while maintaining all ports in the same IP subnet. There are three types of VLAN within a private VLAN

The feature adds support for redirecting traffic matching on traffic policy rules applied to an egress interface to a specified next-hop or next-hop group. This feature requires the packet to be recirculated a second time through the packet forwarding pipeline to get its configured single or multiple next-hops to be resolved. This is achieved by configuring traffic-policy with redirect interface action applied on egress interface in conjunction with ingress redirect next-hop action applied on the recirculation interface.

Topology Independent Fast Reroute, or TI-LFA, uses IS-IS SR to build loop-free alternate paths along the post-convergence path. These loop-free alternates provide fast convergence.

The Traffic Generator is an EOS feature that allows network traffic generation on Arista switches. It provides a simple and effective way to create high-speed traffic for testing and validation purposes. It can send a continuous stream of custom-defined packets at full speed to one or more destination interfaces

Access Control Lists (ACL) use packet classification to mark certain packets going through the packet processor pipeline and then take configured action against them. Rules are defined based on various fields of packets and usually TCAM is used to match packets to rules. For example, there can be a rule to match the packet source IP address against a list of IP addresses, and drop the packet if there is a match. This will be expressed in TCAM with multiple entries matching the list of IP addresses. The number of entries is reduced by masking off bits, if possible. TCAM is a limited resource, so with classifiers having a large number of rules and a big field list, TCAM runs out of resources.

This TOI supplements the Ingress Traffic Policy applied on ingress interfaces. Please refer to that document for a description of Traffic Policies and field-sets. This TOI explains the Traffic Policies as applied in the egress direction on interfaces

This feature enables the support of applying a policy-map in egress direction on an SVI interface. A policy-map is a QoS feature in which we have multiple class-maps each with a match criteria and an action. These class-maps match on the given criteria and the configured action is applied on the traffic which matches. We can apply these policy-maps on interfaces in both input and output directions which match on ingress and egress traffic respectively. This feature adds the support of applying such output policy-map on an SVI( Switch Virtual Interface ).

This feature allows the export of IP FIB (Forwarding Information Base) through the OpenConfig AFT YANG models.

SWitch Aggregation Group (SWAG) is a feature in EOS that supports combining multiple physical switches into a single, powerful virtual switch, simplifying network management and increasing scalability. This document describes how to configure and troubleshoot a SWAG.

SwitchApp is an FPGA-based feature available on Arista’s 7130LB-Series and 7132LB-Series platforms. It performs ultra low latency Ethernet packet switching. Its packet switching feature set, port count, and port to port latency are a function of the selected SwitchApp profile. Detailed latency measurements are available in the user guide on the Arista Support site.

Slice reservation can be used to solve TCAM resources limitations due to suboptimal group order in the TCAM because of the FCFS (First come first serve) nature of the TCAM. The user will be able to reserve a certain amount of entries in the TCAM for a specific feature. The configuration happens through a new keyword in feature mode when configuring a TCAM profile.

At its most basic level, as shown in Figure 1, the packet forwarding pipeline for a switch with an application-specific integrated circuit (ASIC) typically consists of ingress pipelines and egress pipelines, a memory management unit for storing and transmitting packets and metadata between the pipelines, and a path to punt packets and receive instructions from the central processing unit (CPU).

This feature allows selecting Differentiated Services Code Point (DSCP) and Traffic Class (TC) values for packets at VTEPs along VXLAN encapsulation and decapsulation directions respectively. DSCP is a field in IP Header and TC is a tag associated with a packet within the switch, both influence the Quality of Service the packet receives. This feature can be enabled via configuration as explained later in this document.