Tag :: TOI

The default behavior of a level 1 router running IS IS is to install a default route to a level 1 2 router present in a

This feature adds Intermediate System to Intermediate System (IS IS) support for IP version 6 (IPv6) address family

This feature provides a way to export non ISIS routes into level 1, level 2 or both by using route map's set clause. The

This feature extends the IS IS set overload bit command to support wait for BGP option. In scenarios

At a high level, L1 profiles are a set of configurations which allow EOS users to change the numbering scheme and default L1 configurations of all front panel interfaces across their network switch. On Arista network switches, front panel transceiver cages are exposed as ports which are numbered sequentially: 1, 2, 3, 4, etc. These identifiers are usually marked on the front panel to allow for easier identification.

This feature allows transport of multicast frames to an endpoint across an IP network by tunneling them through MPLSoGRE or MPLSoGUE. The tunneling of multicast frames is achieved with a traffic policy applied on the ingress interface which will match on all packets destined to a multicast IP address and redirect that traffic to a MoG nexthop group. The traffic policy will also specify “forced routing” in order to set the fwd_layer_index to 1 so that the L2 header is removed before encapsulation.

Normally, a switch traps L2 protocol frames to the CPU. However, certain use-cases may require these frames to be forwarded or dropped. In cases where the L2 protocol frames are forwarded (eg: Pseudowire), we may require the frames to be trapped to the CPU or dropped. The L2 Protocol Forwarding feature provides a mechanism to control the behavior of L2 protocol frames received on a port or subinterface.

L2 protocol packets - LLDP, LACP and STP are trapped to the CPU by default. This feature allows for disabling the per protocol trap on a given set of interfaces.

In our current implementation, on a switch with default startup config or no config, all ports come up in access

This feature is used to connect a Layer 3 EVPN VXLAN network to an Adaptive Virtual Topology (AVT) WAN network using dynamic path selection (DPS) tunnels. One or a pair of WAN routers are configured to serve as the VXLAN gateway. On the control plane, the configured VXLAN gateway handles EVPN IP-PREFIX route exchanges between the VXLAN network and the WAN network. On the data plane, the configured VXLAN gateway decapsulates the VXLAN packets received from the VXLAN network and encapsulates them into the DPS tunnels and sends them to the AVT WAN network. 

This feature is available when configuring BGP in the multi agent routing protocol model. Ethernet

L3 interface ingress counters can be used to count routable traffic coming into the box on sub interfaces and vlan

LACP on Loopback Interfaces allows for Active Port Channels on one or more interfaces whose link endpoints terminate

LACP State Transition Event Monitoring on Arista switches allows for quick and filterable viewing of LACP state

LAGs are allocated hardware resources on transition from one member (software LAG) to two members (hardware LAG) and

Switches can now use two LAG partitions (A and B) to support double the number of available Port Channels dictated by the chosen LAG mode. This is useful if the selected LAG mode does not allow the creation of the desired number of Port Channels on a single partition.

Arista switches use the hashing algorithm to load balance traffic among LAG (Link Aggregation Group) members

This document describes the current status of LANZ on DCS 7500R, DCS 7280R and DCS 7020R, for both polling and

LANZ on 7160S 32CQ, 7160 48YC6 and 7160 48TC6 adds support for monitoring congestion on front panel ports with Start,

Loop protection is a loop detection and prevention method which is independent of Spanning Tree Protocol (STP) and is not disabled when the switch is in switchport backup mode or port is in discarding state. The LoopProtect agent has a method to detect loops and take action based on the configuration by the user. In order to find loops in the system, a loop detection frame is sent out periodically on each interface that loop protection is enabled on. The frame carries broadcast destination MAC address, bridge MAC source address, OUI Extended EtherType 0x88b7 as well as information to specify the origins of the packet.

The Label Distribution Protocol (LDP) is a protocol in the Multiprotocol Label Switching (MPLS) context that allows

The LDP pseudowire feature provides support for emulating Ethernet connections over a Multiprotocol Label

Leaf Smart System Upgrade (SSU) provides the ability to upgrade the EOS image with minimal traffic disruption.Note: It is possible that SSU shutdown and bootup are not supported in the same image. If a product has shutdown support in image A and bootup support in a later image B, then SSU upgrade cannot be performed from image A to any images earlier than image B, including image A itself. However, upgrading from image A to image B onwards is allowed.

Line system commands are used to apply configuration and query the status of line system modules in EOS. The supported line system modules are the OSFP-AMP-ZR and the QSFP-AMP-ZR.

Link Fault Signalling (LFS) is a mechanism by which remote link faults are asserted over a link experiencing

This feature adds support for Layer1-only front panel Ethernet ports on 7130 devices (containing a layer1 crosspoint chip) to participate in LLDP. As of 4.33.1F only internal Switch interfaces on ASICs/FPGAs participate in the LLDP protocol. The neighbor also only sees these internal ports from the switch. Customers who really care about/rely on LLDP information of  the front panel Ethernet ports, especially for making cabling changes, would need to translate the internal interface to the appropriate Ethernet port using the show l1 path output.

Local Authentication (also known as authentication survivability) is the ability of access points (AP) to authenticate and onboard clients to the network using root CA certificates through the integrated EAP server of the AP. Use Local Authentication when the RADIUS servers are not reachable to authenticate the clients. It is typically a temporary authentication mechanism; avoid using it as a primary authentication. If there are certificate chains, you must upload the root CA certificate along with the certificate chain.

With the 14.0 release, CloudVision Cognitive Unified Edge (CV-CUE) removes the Wireless Manager(WM) UI dependency for login and for applying the service license. You will no longer be redirected to WM and can now directly login to CV-CUE from the UI. 

The low latency tx-queue scheduler profile feature aims to provide an alternative operating mode for the queue that is fine-tuned for reduced latency. This involves a tradeoff between achieving lower latency and being able to sustain full throughput over a large number of flows.

Support for Media Access Control Security (MACsec) with static keys was added in EOS 4.15.4. This feature brings

Media Access Control Security (MACsec) is an industry standard encryption mechanism that protects all traffic flowing on the Ethernet links. MACsec is based on IEEE 802.1X and IEEE 802.1AE standards.

By default, the only visibility a user has into packets that are dropped due to errors with the MACsec/IPsec protocols is a set of counters, such as with show mac security counters detail. This feature enables redirecting such packets to the CPU for manual inspection; it is intended to assist with debugging unexpected packet drops.

Maintenance mode is a framework to allow for the easy removal of elements of a switch or the entire switch from

EVPN VXLAN all-active multihoming (AA-MH) provides redundancy to reduce or eliminate the impact of outages and maintenance. The objective of Maintenance Mode on AA-MH is to gracefully drain away the traffic from the EVPN core flowing through a switch that is part of multihoming while the switch is put into maintenance, and to gracefully add it back into the network and attract traffic again once the switch is out of maintenance. During the maintenance cycle any customer edge Ethernet or Port-Channel interfaces, whether they are participating as ethernet segments or not, can also be put into maintenance mode. Doing so eliminates the northbound traffic from the customer edge from flowing through the switch under maintenance. The traffic will instead take a path through other available multi-homing peers.

Maintenance mode with sub interfaces is an extension to the maintenance mode feature released in EOS 4 15 2F. With this

A server cluster or a cluster is a group of Wireless Manager (WM) servers. A cluster comprises a parent WM server and one or more child WM servers.  A cluster is created to manage multiple servers using a single server. 

The Management Connectivity Studio is used to configure out-of-band (OOB) management interfaces. You’ll create a profile of configured attributes for management interfaces, which can be assigned to multiple devices at once using tags.

MapReduce Tracer is an existing feature that monitors MapReduce nodes that are directly connected to Arista

Classification of MPLS packets based on traffic class bits in MPLS header for QoS Policy Maps. DCS

This feature allows classification of packets on QoS policy-maps based on the Class of Service (CoS), VLAN, Drop Eligible Indicator (DEI) in the 802.1q header of the packet. CoS (Class of Service) corresponds to the Priority code point (PCP) bits in the 802.1q header.

This feature allows setting the desired maximum VOQ latency. Drop probabilities are adjusted in hardware to meet this limit.

Currently, the 'maximum routes' knob allows one to set an upper bound on the number of routes that can be received from a

Measured boot is an anti-tamper mechanism. It calculates the cryptographic signatures for software system components and extends the signatures into the Trusted Platform Module (TPM) security chip. Upon startup, with the feature turned on, the Aboot bootloader and EOS calculate the hash of various system components and extend the hashes into the Platform Configuration Registers (PCRs), which is one of the resources of the Trusted Platform Module (TPM) security chip. The calculation and extension event is called the measured boot event, and the event is associated with a revision number to help the user identify changes to the event.

Media Access Control Security (MACSec) is an industry standard encryption mechanism to protect all traffic flowing

MetaMux is an FPGA-based feature available on Arista’s 7130 platforms. It performs ultra-low latency Ethernet packet multiplexing with or without packet contention queuing. The port to port latency is a function of the selected MetaMux profile, front panel ingress port, front panel egress port, FPGA connector ingress port, and platform being used.

MetaWatch is an FPGA-based feature available for Arista 7130 Series platforms. It provides precise timestamping of packets, aggregation and deep buffering for Ethernet links. Timestamp information and other metadata such as device and port identifiers are appended to the end of the packet as a trailer.

CloudVision provides support for microperimeter segmentation and enforcement as part of Arista’s Multi-Domain Segmentation Service (MSS) for Zero Trust Networking (ZTN).

ZTN works to reduce lateral movement into increasingly smaller areas where workloads are granularly identified and only approved connections are permitted.

Mirror on drop is a network visibility feature which allows monitoring of MPLS or IP flow drops occurring in the ingress pipeline. When such a drop is detected, it is sent to the control plane where it is processed and then sent to configured collectors. Additionally, CLI show commands provide general and detailed statistics and status.

This feature allows a user to configure a mirror session with subinterface sources from the CLI. This feature is only available with ingress mirroring (rx direction)

Port mirroring allows you to duplicate ethernet packets or frames on a source interface to send to a remote host, like DANZ Monitoring Fabric (DMF). The mirrored packets or frames can be sent via a SPAN interface dedicated for communication with the host or over an L2 Generic Routing Encapsulation (L2GRE) tunnel.