Tag :: TOI

When configuring or modifying a RACL applied to a VLAN interface, the VLAN will be blocked while applying the updated

VXLAN tunneling requires that the switch where the tunnel terminates is configured with a VTEP that matches the configuration on the AP. CV-CUE now provides an easier way to match configurations on both AP and the switch. By having the same VXLAN configuration for access points (APs) and switches, you can aggregate all wireless traffic from the same VXLAN to a single wired destination for better traffic management and visibility.

SwitchApp is an FPGA-based feature available on Arista’s 713x-Series platforms. It performs ultra low latency Ethernet packet switching. Its packet switching feature set, port count, and port to port latency are a function of the selected SwitchApp profile. Detailed latency measurements are available in the userguide on the Arista Support site.

As a result of upgrading the Debian distribution to Bookworm, the original Python CLI (based on python2) was removed, as the interaction with the DANZ Monitoring Fabric (DMF) and CCF is performed mainly from the Controller. However, several customer operations involve some of the commands used on the switch. These commands are implemented in the new CLI (based on python3) in Switchlight in the Bookworm Debian distribution.

For modular systems operating under the SSO redundancy policy, if  the system database agent (Sysdb) on the

With the 13.0 release, CloudVision Cognitive Unified Edge (CV-CUE) introduces system backup and restore capability. You can back up the entire system or only the configuration files, and restore them when needed.

Role based access control (RBAC) is an approach to regulating access to network resources based on the roles of

The tag matcher is a new simple input in Studios that allows you to specify a list of devices to be passed as the value for another input field. It is similar to the resolver input in that it allows users to specify a set of devices or interfaces using tag queries, but unlike the resolver, the tag matcher doesn’t require a member input to be configured.

In TAP Aggregation mode, when receiving a packet whose Frame Check Sequence (FCS) is corrupted, the default behavior

This article describes the Tap Aggregation MPLS Pop feature. The purpose of this feature is to support tools that do not parse MPLS labels and therefore need the switch to remove (pop) the MPLS header.

The traffic steering policies used in tap aggregation mode allow steering traffic from tap to tool ports using ‘set

This article describes a new TAP Aggregation TCAM profile and a corresponding enhancement to the TAP Aggregation

This article describes the Tap Aggregation Traffic Steering on MPLS Labels feature. The purpose of this feature is to

This TOI briefs the commands related to the traffic steering policies used in Tap Aggregation. These commands

As of EOS 4.15.0F, there are two general enhancements to Tap Aggregation on the 7500E platform in 4.15.0F:

As of 4.15.0F, tap aggregation can be configured in conjunction with other switching and routing features.  This

The Tap Aggregation Manager (TAM) is a GUI front end for configuring and monitoring Tap Aggregation features of

In TAP Aggregation mode, configuration options are provided to handle special packet types. When receiving a packet whose Frame Check Sequence (FCS) is corrupted, the default behavior is to replace the bad FCS with the correct value and forward it. Configuration options are available to control the FCS behavior, such as to discard errors, pass through the bad FCS, or append a new FCS.

This feature comprises two parts:

To extend Traffic Steering to Nexthop Groups (GRE) by allowing us to specify one or more nexthop groups of type DzGRE (DANZ GRE) as the destination for a TAP aggregation steering policy. A DzGRE header will be encapsulated to the packets sending out a nexthop group of type DZGRE.

Traffic steering to nexthop groups allows specifying one or more nexthop groups as the destination, either by default for a TAP port or for a TAP aggregation steering policy. Traffic steering is a TAP aggregation process that uses class maps and policy maps to direct data streams received on TAP ports. A nexthop group is a data structure that defines a list of nexthop addresses and a tunnel type for packets routed to the specified address.

This article describes the addition of a show command to display the mapping between tap and tool ports on a per

Media Access Control Security (MACsec) is an industry standard security technology that provides secure

This document describes the truncation capability for Tap Aggregation, which allows tapped traffic to be truncated to a smaller size before being transmitted.

With the 13.0 release, you can enable Target Wake Time(TWT) from CloudVision Cognitive Unified Edge (CV-CUE). TWT is one of the advanced features of Wi-Fi 6. It enables access points (AP) and stations (STAs) to negotiate schedules for active and sleep durations.

Topology Independent Fast Reroute, or TI-LFA, uses OSPF SR to build loop-free alternate paths along the post-convergence path. These loop-free alternates provide fast convergence.

This feature enables applying traffic policies on incoming traffic and redirecting the traffic to a nexthop other than the one the routing logic would choose. This essentially overrides the routing logic decision. If there is no rule matching the packet, the packet is sent to the routing logic to be routed.

This article describes the TAP Aggregation User Defined Fields feature. The purpose of the User Defined

This feature adds support for viewing the Digital Optical Monitoring (DOM) parameters for the optics that support

As of EOS 4.15.2F, the support for the tuning of tunable DWDM 10G SFP+ transceivers (10GBASE DWDM) is added.

The BGP labeled unicast (LU) RFC is used to advertise BGP routes with a stack of MPLS labels, thereby allowing

Trident2 is a Switch on Chip (SoC) single chip with support for up to 1280Gbps of forwarding capacity (oversubscribed

This feature provides a configuration option to disable egress IPv4 RACL sharing allowing for uRPF to be configured.

Unidirectional links is a feature that configures an Ethernet interface transmit and receive paths to be

The Unified Forwarding Table (UFT) is memory that is shared between Layer2 and Layer3 lookup tables with capabilities for variable partitions. Rather than separate Layer2 and Layer3 lookup tables of fixed size, the UFT may be partitioned to support user-requested combinations of Layer2 and Layer3 lookup table sizes.

With the 13.0 release, CloudVision Cognitive Unified Edge (CV-CUE) lets you configure Unique PSK (UPSK) for client authentication. UPSKs allow users  to connect to the same SSID using a unique PSK which is user specific. UPSK provides added security as compared to single PSK because single PSKs are easily compromised.

With the 15.0 release, CloudVision Cognitive Unified Edge (CV-CUE) introduces the following enhancements to the Unique-PSK(UPSK) workflow:

With the 12.0 release, you can check for available upgrades and upgrade your server to the latest version of CloudVision Cognitive Unified Edge (CV-CUE).  Only a Superuser  can initiate a server upgrade.

CVA 6.x may be upgraded to CVA 7.0 with an upgrade launcher. The launcher is an interactive executable that is run on the CVA system that is to be upgraded, and performs several functions Staging of an appropriate upgrade image for autoinstall

With the 16.0 release, you can authenticate edge devices from a centrally managed network access control server using the 802.1X authentication. As a network administrator, you want to authenticate the access points (APs), before the APs connect to the network. To enable the authentication, you need to first configure the uplink port on the AP using CV-CUE.

This feature adds the capability to import as path access-list from a URL, in release 4.20.1F. The file specified by the URL can contain one or more as-path access-list entries. All the entries that are in the file are added to the as-path access-list being configured. This feature gives the advantage of using one EOS CLI command to configure many as-path access-list entries, instead of adding each one of them line by line in the CLI.

Role based access control (RBAC) is an approach to regulating access to network resources based on the roles of

Packets which exceed the L2 Maximum Transmission unit (MTU) in EOS are dropped. The value of the L2 MTU is configurable for each Ethernet or Port-channel interface.

This feature expands Multi Domain EVPN VXLAN to support an Anycast Gateway model as the mechanism for gateway

EOS 4.15.0F added support for a CLI knob to determine whether the L3 forwarding agent (responsible for programming FECs and routes into hardware) would react to BFD status events for an interface to update next-hop programming for FECs programmed in hardware. This required two events, one for the BFD session to transition to an “Up” status and a subsequent transition to a “Down” status. This is identical to how various protocols in EOS (i.e. BGP, IS-IS) leverage BFD for faster down detection, and is useful to allow the L3 forwarding agent to preemptively remove next hops that would later be deprogrammed due to protocol session status state.

This feature enables exchanging IPv4 NLRI using MP BGP over an IPv6 TCP connection.  Additionally, this feature

The vertical navigation bar is an update to the layout of CloudVision. It replaces the existing horizontal header with a vertical navigation menu that lines the left side of the page. This allows for a cleaner horizontal header where key functions of CloudVision sections are highlighted.

Virtual Private LAN Service (VPLS) can be used when one wishes to connect several LANs dispersed across a packet switched network. VPLS can allow the dispersed LANs to act like a single bridged LAN by providing a service to connect the LANs. The service will appear like an Ethernet LAN (in almost all regards). VPLS achieves this by creating a mesh of pseudowires that connect the dispersed LANs, while also processing the traffic that moves through the pseudowires in a similar way to how a L2 service would. For example, MAC address learning, flooding and forwarding functions are applied to the pseudowire traffic in a VPLS. This allows  VPLS to mimic the functionality of an any-to-any L2 service when connecting dispersed LANs.

This article describes the support of a VLAN filter for IP, IPV6 and MAC ACLs on the ingress ports. The users will be able to filter the packets by specifying a VLAN id in the ACL rule. VLAN id specified in the ACL rule is internal broadcast domain VLAN id. 

The Tap Aggregation Traffic Steering feature provides support for filtering data streams received on tap ports and directing flows to tool ports based on user-configurable match rules, using either class maps and policy maps or traffic policies.

The VLAN mapping or translation feature provides the ability to map an arbitrary VLAN tag to a particular bridging VLAN on the switch. This mapping can be either bidirectional or applied only in one direction (incoming/outgoing).