Tag :: TOI

Today in any WAN deployment, customers are required to configure path metrics in load balance policy to program a set of best paths in dataplane. Path metrics are multi-dimensional, it include loss, latency, jitter, and load of path. It is not very intuitive to come up with exact values for these metrics as they are highly dependent on the type of application and geographical locations of routers. Also these path metrics keep changing and except for a few apps that require strict max characteristics on latency, jitter or loss, the other apps are able to tolerate variances in metrics.

Overlay IPv6 routing over VXLAN Tunnel is simply routing IPv6 packets in and out of VXLAN Tunnels, similar to

This document describes a few enhancements done in Wireless Manager (WM) release 8.8 in respect of  AP firmware

Packet trimming is a novel method for end-to-end congestion notification. When a packet is dropped in the MMU due to congestion, the dropped packet is trimmed and forwarded to the intended receiver with a new configured DSCP value. Upon receiving a trimmed packet, the receiver can perform appropriate handling to reduce transmission rate or retransmit any lost packets. The feature supports matching criteria via ingress traffic policy for selecting which packets should be trimmed when they get dropped in the MMU. Similarly, the rewritten DSCP is specified on a per egress port basis for trimmed packets egressing out of the switch to the intended destination.This feature is supported for protocols IPv4, IPv6 and SRv6. 

By default, the scheduling between parent interfaces and the attached shaped subinterfaces is done in strict priority mode where the parent interface has higher priority than shaped subinterfaces. Subinterfaces that are not shaped use the same queues as the parent so the traffic on these subinterfaces will also have strict priority over shaped subinterfaces.

With the 14.0 release, you can add device passwords and AP-Server Key passphrase as defined in the password policy. The passwords are based on the password policy and password settings that you configure in CV-CUE.

This feature provides the capability to mirror special L2 control frames, called the Pause or Priority Flow Control

Policy Based Routing (PBR) provides the flexibility of routing according to custom defined policies in a way that

Prior to EOS 14.15.0F, if a single packet hit both a PBR and an ACL rule, then only the hardware counters corresponding

On MLAG devices, flood traffic over the peer link follows split-horizon rules to avoid duplicate delivery of packets on MLAG interfaces. However, when one of the MLAG devices becomes inactive, peer-link flooding can cause double delivery or Layer 2 loops. To mitigate this risk, peer-link forwarding restriction was introduced. As of 4.34.0F, support was added for peer-link forwarding restriction when MLAG is enabled but not fully formed to the primary or secondary role. In this transitional state, only MLAG VLANs carrying MLAG control (PDU) traffic are allowed over the peer link. As of 4.34.2F, peer-link forwarding restriction is enabled by default. Users may still disable the feature manually as needed.

The per port per VLAN feature allows application of QoS policies for IP, IPv6 and non IP traffic on a per port per VLAN

DCS 7010T. DCS 7050X. DCS 7250X. DCS 7260X. DCS 7280E, DCS 7280R. DCS 7300X. DCS 7320X. DCS 7500E,

This feature enables per port TC-To-COS mapping, where TC represents Traffic-Class and COS represents Vlan tag PCP bits. While at present there is a global TC-To-COS mapping, we can use the TC-To-COS feature to create custom profiles which can be applied to the required interfaces. 

Per VLAN MAC Learning is a feature to enable/disable mac learning per vlan instead of per port. Using this feature with

Policy-map counters can be configured to display per-interface counters for all class-maps attached to all successfully programmed policy-maps. The feature is not enabled by default and has to be configured through the command line interface. When enabled, the output of the show command will display both per-interface and aggregate counters.

The Per-MAC ACL feature provides the functionality to apply an IPv4/IPv6 ACL to a 802.1x supplicant instead of applying them on the port that the supplicant is behind. This allows for more flexible and specific traffic policies to be defined for supplicants trying to access certain resources on the network.

This feature introduces per-nexthop MPLS label allocation for the IPv4-unicast default-route and the IPv6-unicast default-route. Previously, BGP-VPN VRFs only supported a per-VRF label scheme. With a per-VRF label scheme, each BGP-VPN supported AFI-SAFI (i.e. IPv4-unicast and IPv6-unicast) in the BGP-VPN VRF is allocated a single "per-VRF" label that will be shared by all the AFI-SAFI’s routes. When the routes are exported as BGP-VPN routes, all the routes will be exported with the same "per-VRF" VPN label. In the Label FIB (LFIB), each allocated "per-VRF" label is associated with an ip-lookup action inside their corresponding BGP-VPN VRF.

The software for Syslog, NTP and SNMP used in EOS resolves hostnames at service start-up. It’s possible that during service operation, the configured host becomes unavailable and the configuration needs to be set to a different host to continue the service. The problem is that such change requires manual restart of the service. Even if the hostname doesn’t change and only the underlying address is updated at the DNS server, the administrator has to manually reset service configuration.

If Dot1x Mac based authentication ( MBA ) is disabled, supplicant discovery is attempted by sending periodic multicast identity requests. These requests are transmitted at a fixed interval, which is 60 seconds. This transmission continues until a successful authentication of an EAPOL supplicant is achieved. With MBA enabled, supplicant discovery also relies on multicast identity requests. However, the transmission interval is set to 30 seconds and the transmission count is set to 3.

Permitting traffic during ACL updates has been available for traffic steering in tap aggregation mode since EOS

Hosts in a branch need to access internet bound services. In traditional deployments, edge routers in branches are connected to the internet via WAN port. To secure the internal network from the internet we have ACLs( Access Control Lists ) to filter the traffic in/out from the WAN port. If we want to filter the traffic into the port we have ingress ACL, egress ACL filters the traffic out of the port. By default, without any ACL configuration present on the WAN port, we accept every traffic coming to the WAN port.

Priority-Flow-Control (PFC) Fair Adaptive Dynamic Threshold (FADT) configuration facilitates efficient utilization of packet buffer resources for both lossy and lossless traffic. Reserve headroom buffer resources to absorb in-flight packets for congested, lossless flows. Assign default or user-defined PFC profiles to interface/PFC priority pairs, called Priority Groups (PG), to dynamically manage packet buffer usage and assertion of PFC pause.

PFC (Priority based Flow Control) is a flow control mechanism used in RDMA environments. PFC provides a link level

This feature enables detection of egress queues that are unable to transmit packets for prolonged periods of time

Priority Flow Control (PFC) Watchdog feature monitors interfaces for priority-flow-control Pause storm. If such a storm is detected on no-drop enabled priorities, it takes actions such as:

DCS 7050X/X2/X3 series. DCS 7060X/X2/X3 series. In previous releases, PFC Watchdog supported only queues

This article is intended to discuss how to configure the Phone VLAN on an Arista switch.

The PHY test pattern CLI can be used to check the quality of the physical layer for an Ethernet interface. This is done by

PIM External Gateways (PEGs) allow an EVPN overlay multicast network to interface with an external PIM domain. They can be used to interconnect two data centers using an external PIM domain in between them.

PIM VRF feature adds VRF support to these existing multicast protocols: PIM SM, PIM BSR, IGMP and MSDP.

PIM Static Source Discovery (SSD) is a feature implemented as part of PIM-SM. Familiarity with setting up and configuring PIM-SM (Sparse Mode) and PIM-SSM (Source-Specific Multicast) is assumed.

With the 19.0 release of CV-CUE, you can place the switches on the floor map by dragging them on the floor map.

Ingress policing on front panel ports is supported on DCS 7010X and DCS 7050X since EOS4.14.0F. When ingress policing

Traffic is managed through policy maps that apply data shaping methods to specific data streams. A policy map is a data

EOS provides support for the use of IPsec to establish and maintain IPsec tunnels. This feature adds support for redirecting traffic matching on traffic policy rules to an IPSec tunnel.

QoS profiles have been applicable on fabric and front panel ports across all platforms from EOS 4.17.0F release

Policy Based Routing (PBR) is a feature that is applied on routable ports, to preferentially route packets.  This is

This document covers the usage of port-breakout CLI to break a port evenly into multiple interfaces. In the context of this document, a port is a logical entity that holds a list of interfaces, in most cases this is equivalent to the front panel transceiver cage.

In previous versions, the DMF Controller had a hidden CLI command to change the log level from INFO to WARN for a particular port down log in the DMF Controller. This hidden command has been removed in DMF 8.7.0. The following is an example of the hidden command:

Port mirroring is used to send a copy of packets seen on one port to a network monitoring connection on another switch port. Port mirroring is commonly used with network probes or other monitoring devices; examples include intrusion detection devices, latency analyzers, or packet capture and protocol analysis tools.

Persistent port security is a feature which ensures that port-security MAC cache is preserved across link flap and system reload. The feature is useful when it is desired to have the same set of already allowed secure MAC addresses on a particular interface after system reload or link flaps. There are separate global configurations to enable persistent port-security for shutdown and protect mode. A command to clear the MAC entries and secure MAC cache for interfaces with port-security configured has been added.

Port Security: Protect mode (PortSec Protect) is newly added to the Port Security feature and is designed to restrict

Introduced in the 4.34.0F release, the maximum links feature allows users to specify the number of active members in both LACP and static port-channels. If active members become inactive due to configuration changes or link failure, previously restricted members can become active. This ensures the port-channel remains operational, preventing disruptions even if all initial active members fail.

Port Channel member status logging on Arista switches allows logging of Ethernet interfaces joining or leaving a

The postcard telemetry (GreenT - GRE Encapsulated Telemetry) feature is used to gather per flow telemetry information like path and per hop latency. For network monitoring and troubleshooting flow related issues, it is desirable to know the path, latency and congestion information for flows at different times.

Power management is a way to limit the total available power to be used for Power over Ethernet (PoE) ports. Without power management, the total amount of power that the power supply units (PSU) are able to provide is used. Power management can be used to create power redundancies. For example, if a system has 2 1050W PSUs, the feature can set the total available power to be 800W for PoE. With this configuration, 1 PSU is sufficient to power the system and the unused PSU acts as a backup source, thus giving the system a 1+1 redundancy.

View PTP counters to identify the types of messages being sent and received by PTP-enabled devices. Use this to troubleshoot issues with your network PTP configuration and connectivity. When announce and sync messages are present but delay request messages are missing, for instance, it may suggest that a host is having trouble locking to the boundary clock.

This article provides a general introduction to Precision Time Protocol (PTP) supported within EOS. PTP is aimed at distributing time with sub-microsecond accuracy. PTP support is based on the IEEE-1588 specification for version 2 of the protocol. 

Precision Time Protocol (PTP) is a protocol aimed at distributing time between devices with sub-microsecond accuracy. PTP support is based on the IEEE-1588 specification for version 2 of the protocol. cEOS-lab is a containerised image which provides a portable way to run EOS in a virtualised environment. With this support, multiple virtual labs can be spun up to be used for testing and learning of the PTP feature.

Precoding is used to help reduce the burst error length of DFE (Decision Feedback Equalizer) error events with PAM-4 modulation