Tag :: EOS 4.36.0F

Dynamic NAT Priority feature, which extends the Dynamic NAT feature,  allows you to configure the order in which dynamic NAT rules are evaluated by the switch.

enrollz/attestz defines a set of gRPC-based services for TPM enrollment and attestation of network devices. Enrollz: provides the capability to verify the switch’s TPM-rooted identities and rotate switch owner certificates on the device. Attestz: provides the capability to attest the device by inspecting the contents of the different PCR ensuring no malicious tampering.

In the realm of network service level agreements (SLAs), a customer often commits to a certain level of service for their clients. This may necessitate limiting bandwidth at the Layer 3 sub-interface level. Currently, egress service policies can achieve bandwidth control, but ingress control lacks a similar mechanism.

Generic UDP Encapsulation (GUE) is a general method for encapsulating packets of arbitrary IP or MPLS protocols within a UDP tunnel. While GUE supports an extensible header format with optional data, currently we only support the variant 1 header format, which directly encapsulates the IPv4/IPv6 or MPLS payload without a GUE header.

The latency monitor feature allows measurement and display of end-to-end packet latency as seen at egress interfaces. Packet latency is measured from switch ingress to switch egress, but does not include latency due to front-panel PHYs.

Linear pluggable optics (LPO) represent a significant advancement in transceiver technology. These modules are designed to reduce costs, power consumption, and latency compared to traditional Digital Signal Processing (DSP) based transceivers.

The feature allows setting the Forwarding Address field for OSPFv2 Type 5 External LSAs. By default, OSPFv2 populates the FA based on the next-hop value of the redistributed source route, regardless of the outgoing interface type.

Access Control Lists (ACL) use packet classification to mark certain packets going through the packet processor pipeline and then take configured action against them. Rules are defined based on various fields of packets and usually TCAM is used to match packets to rules. For example, there can be a rule to match the packet source IP address against a list of IP addresses, and drop the packet if there is a match. This will be expressed in TCAM with multiple entries matching the list of IP addresses. The number of entries is reduced by masking off bits, if possible. TCAM is a limited resource, so with classifiers having a large number of rules and a big field list, TCAM runs out of resources.

This TOI supplements the Ingress Traffic Policy applied on ingress port interfaces. Please refer to that document for a description of Traffic Policies and field-sets. This TOI explains the Traffic Policies as applied in the ingress direction on VLAN interfaces. For Traffic Policies on the egress direction of VLAN interfaces, see the Egress Traffic Policy TOI.

This feature allows the export of IP FIB (Forwarding Information Base) through the OpenConfig AFT YANG models.

SWitch Aggregation Group (SWAG) is a feature in EOS that supports combining multiple physical switches into a single, powerful virtual switch, simplifying network management and increasing scalability. This document describes how to configure and troubleshoot a SWAG.

SwitchApp is an FPGA-based feature available on compatible Arista 7130 devices. It performs ultra low latency Ethernet packet switching. Its packet switching feature set, port count, and port to port latency are a function of the selected SwitchApp profile. Detailed latency measurements are available in the user guide on the Arista Support site.

As of EOS-4.36.0F, a configurable user session timeout is supported for console, SSH, and telnet management sessions. This feature closes the user session (interactive) once the specified duration has been reached, regardless of user activity and independent of any configured idle-timeout. Upon session termination, a system message is generated to indicate the session’s closure. This feature is disabled by default.

Tx-Queues are usually assigned to subinterfaces only when explicit shaping or scheduling is configured. Without this feature, unshaped or unscheduled subinterfaces might continue to use the parent interface's Tx-Queues. This capability enables the allocation of a set of Tx-Queues to the subinterface, with the Tx-Queues operating at the maximum shaping rate derived from the parent interface. This feature is only supported in conjunction with Priority Aware Subinterface Scheduling.

The Unified Forwarding Table (UFT) is a group of memories that is shared between Layer2 and Layer3 lookup tables with capabilities for variable partitions. Rather than separate Layer2 and Layer3 lookup tables of fixed size, the UFT may be partitioned to support user-requested combinations of Layer2 and Layer3 lookup tables of varying sizes. The new UFT partitioning CLI has capabilities to reconfigure individual forwarding table scales (Layer2, Layer3 Unicast, Layer3 Multicast) according to the user’s input. The CLI provides an interface for granular control of the underlying UFT resources.

This article describes how to customize TCAM ( Ternary Content Addressable Memory ) lookup for each feature which uses TCAM. The lookup is composed of fields, in the packet header / forwarding chip pipeline decisions, that are of interest to a feature. Size of the lookup determines the number of banks to be used by a feature. Traditionally, any feature uses a predefined TCAM lookup.

Arista’s DCS-7130LBR series of switches (https://www.arista.com/en/support/toi/eos-4-30-2f/15900-dcs-7130lbr-48s6qd-series) are capable of supporting SwitchApp, which is an FPGA-based L2/L3 switch. However, as the switch would then contain two switch ASICs (one traditional switch ASIC, and one FPGA-based switch) physically upon loading the SwitchApp application, there are certain limitations and nuances along with its usage. This document intends to explain some of the details.

Virtual Private LAN Service (VPLS) appears in (almost) all respects as an Ethernet type service to customers of a Service Provider (SP). A VPLS glues together several individual LANs across a packet switched network to appear and function as a single bridged LAN. This is accomplished by incorporating MAC address learning, flooding, and forwarding functions in the context of pseudowires that connect these individual LANs across the packet switched network. LDP signaling is used for the setup and teardown of the mesh of pseudowires that constitute a given VPLS instance.