Tag :: TOI

Link Aggregation Group (LAG) or port channel interfaces comprise multiple member interfaces. Network devices typically distribute packets across the member interfaces using a hash computed from packet header fields. The Round-Robin LAG Distribution feature introduces a new packet distribution method: the round-robin method. A round-robin LAG configuration balances packets evenly across all member interfaces in a sequential, round-robin fashion.

EOS 4.35.2F introduces support to configure tag at interface level configuration to add a route tag attribute for connected routes. These tags are optionally configured per address.This feature adds the ability to define tags for local/directly connected prefixes as part of ‘ip address’ command. These tags can then be used in a RCF function or route-map for policy decision and route filtering as opposed to maintaining prefix-list when redistributing routes between protocols.

Beginning with DMF version 8.9, the action keyword is required to add or modify actions within a managed service. This keyword is a mandatory token across all managed service submodes, providing a consistent way to define service behaviors.

The broadcast queue towards the CPU is shared among all interfaces of the forwarding chip. So broadcast storm on a

This feature allows routing traffic across two Vrf domains on the same switch using an external loopback cable

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion. This document serves as a reference guide for Routing protocol attributes, Operators for comparing and modifying attributes, built-in functions provided in RCF

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion. This document serves as a reference guide for Bgp agent points of application Configuration of RCF.

Routing Control Functions (RCF) is a language that can express route filtering and attribute modification logic in a powerful and programmatic fashion.

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion. This document serves as a reference guide for Isis agent points of application Configuration of RCF.

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.This document serves as a reference guide for KernelFib agent points of application:

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion. 

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.

In an MLAG setup, routing on a switch (MLAG peer) is possible using its own bridge/system MAC, VARP MAC or VRRP MAC.

RSVP-TE, the Resource Reservation Protocol (RSVP) for Traffic Engineering (TE), is used to distribute MPLS labels for steering traffic and reserving bandwidth. The Label Edge Router (LER) feature implements the headend functionality, i.e., RSVP-TE tunnels can originate at an LER which can steer traffic into the tunnel.

RSVP-TE applies the Resource Reservation Protocol (RSVP) for Traffic Engineering (TE), i.e., to distribute MPLS labels for steering traffic and reserving bandwidth.

RSVP-TE P2MP LER adds ingress and egress support for Point-to-Multipoint (P2MP) LSPs to be used in Multicast Virtual Private Network (MVPN) as an extension to the LSR support which adds transit support.

RSVP-TE P2MP LSR adds transit support for Point-to-Multipoint (P2MP) LSPs. Specifically the feature adds protocol support for the transit role as described in RFC 4875.

The Rule Groups Dashboard aligns with modern DMF User Interface (UI) standards. This view maintains full functional parity with the previous version while delivering a consistent and unified user experience.

With the 13.0 release, you can integrate SAML SSO with a captive portal for authentication. The SAML integration functionality is only available for captive portals hosted on the Arista Cloud. It is not available if the captive portal is hosted on third-party servers or on the access point.

Network administrators require access to flow information that passes through various network elements, for the purpose of analyzing and monitoring their networks. This feature provides access to IP flow information by sampling traffic flows in ingress and/or egress directions on the interfaces on which it is configured. The samples are then used to create flow records, which are exported to the configured collectors in the IPFIX format. Egress Flow tracking is supported from EOS-4.29.0F on the DCS-7170B-64C series and supported on 7280, 7500 and 7800 series platforms from EOS-4.31.1"

Sampled Mirroring is an extension of the Mirroring feature and sampling is a property of the individual mirroring session: when the session's sample rate N is specified, a packet eligible for mirroring will have a 1/N chance of being mirrored, that is, 1 packet is mirrored for every N packets.

With the 17.0 release, CloudVision Cognitive Unified Edge (CV-CUE) introduces the ability to schedule the generation of Client Visibility and Client Association reports. You can schedule report generation on a one-time basis or recurring basis.  Note: Users with Admin or Operator roles only can schedule a report.

With the 13.0 release, you can schedule the Automatic Channel Selection (ACS) to run at a specific time of the day and minimize service disruption.

Secondary private VLAN trunk ports are introduced in the EOS 4.15.2F release. This feature can

Secure boot is a security feature available in Aboot (Arista bootloader) that verifies the cryptographic signature of the EOS SWI (software image) before it is booted. Aboot embeds certificates that allow it to recognize and validate official EOS releases from Arista. If the signature verification is successful, the secure boot check passes and Aboot proceeds to boot the SWI. If the signature verification fails, the boot is aborted.

With the 16.0.1 release, clients connecting to the 6 GHz band can seamlessly connect to OWE-enabled SSIDs having Transition Mode. Arista APs support the Enhanced Open security protocol with Transition Mode built for open networks. Enhanced Open is based on Opportunistic Wireless Encryption (OWE). It is supported only in WiFi 6 and higher AP models. A few examples are C-360, C-260, C-250, C-230, O-235, etc.

This feature introduces a command to enable or disable USB ports, specifically designed to address strict security requirements in hardened environments. By restricting port functionality, administrators can prevent unauthorized access or booting from external USB storage.

VXLAN UDP-ESP support allows the customer to encrypt traffic between two VXLAN VTEPs. The frame format looks like: NOTE, Secure VXLAN is s~upported with both the sectag2 and UDP-ESP format in 4.27.1, where sectag2 is the default encapsulation format. However, the sectag2 format is deprecated and should not be used.

The Dynamic Load Balancing (DLB) feature is currently supported in the DCS-7060 Arista switches in order to provide an alternative to the hash-based ECMP load balancing, which selects the next hop for routed packets using a static hash algorithm. DLB considers the state and quality of the port while assigning egress ports to packets, resulting in a more even flow. The state of each port member is determined by measuring the amount of data transmitted from a given port and the total number of packets enqueued to a given port.

Selective Q in Q tunneling feature allows a set of customer VLANs (hereafter referred to as c vlan(s)) to be tunneled

This document outlines a new CLI command, send security-bundle. This feature is motivated by the need for a streamlined way to collect forensic and security-related artifacts from a switch for analysis by security teams. It parallels the existing send support-bundle command, which is used to gather troubleshooting data. It is suggested to use the security-bundle together with the support-bundle command in order to obtain all data necessary to support an incident.

The send support bundle feature adds a new CLI command which creates a ZIP file containing a useful set of logs and

Arista has built the link qualification functionality utilizing the SAT engine. There will be 2 sides of the link, the generator port and the reflector port. The generator port will be put in generator mode and the reflector port will be put into reflector mode and then the test will be started on the generator port. Traffic will be transmitted on the generator port and reflected back to the generator port at the reflector port.

Load Balancing on Service Leaf MLAG is a feature designed to support optimal load balancing of traffic sent to a ZTX Monitor Node cluster. The load balance functionality is essential to ensure that bi-directional flows land on the same ZTX Monitor Node in the cluster as all members of the ZTX Monitor Node cluster advertise a common anycast GRE endpoint.

Session templates allow supported DANZ Monitoring Fabric (DMF) managed service actions to specify a selection of keys for matching packet fields and classifying flows. If an action lacks a defined session template, the system applies the default template appropriate for that action. Specified keys provide valid values for the IPFIX record. As of release 8.10, session template support includes TCP Analysis, Flow Diff, and Session Slice.

The sFlow EVPN MPLS extension adds support for providing information related to the bridging domain in sFlow packet samples, for traffic forwarded through L2 EVPN MPLS.

sFlow independent configuration allows the user to configure the sFlow source and agent addresses independently of one another. This feature fixes the limitations of “sflow source-interface” where the address it uses is indeterminate when the interface has multiple addresses assigned.

On 7500E, sFlow output interface feature enables sFlow to use the hardware provided output interface and

Packets sampled for sFlow are packaged in a flow sample structure containing, amongst other things, input and output

The sFlow VLAN forwarding feature adds support for providing the VLAN by which the packet is bridged as opposed to the VLAN that is decoded from the Ethernet frame. The VLANs are reported in the sFlow extended switch header’s input VLAN and output VLAN fields, as defined in the sFlow extended switch data.

The sFlow VXLAN extension adds support for providing VXLAN-related information to sFlow packet samples, for VXLAN forwarded traffic. Specifically, for customer traffic ingressing on a CE-facing PE interface and forwarded into a VXLAN tunnel, the IP address of the source VTEP, the IP address of the destination VTEP and the VNI will be included in the sFlow datagram.

Add support for configuring SHA-256 for NTP keys used in NTP server authentication.

The SHA-256 Support for SNMPv3 feature implements 256-bit encryption for SNMPv3 interactions on the DMF Controller and managed devices. Configuring the SHA-256 authentication protocol option enhances the User-based Security Model (USM) by enforcing 256-bit encryption standards.

ACL based QoS programmed on SVIs can share hardware resources starting from EOS 4.17.0F. This results in

OpenStack has a concept of shared tenant networks which let the admin can create a network which can be shared by all the

With the DANZ Monitoring Fabric (DMF) 8.7 release, a DMF Controller will allow multiple managed services to share a delivery interface with an IP address, commonly called an L3 delivery interface. These interfaces redirect the packets processed by managed services to the required tool nodes for further analysis. Sharing an L3 delivery interface is useful when applying different actions to a packet that otherwise cannot be chained together in one managed service when sending it to the same destination.

With the DANZ Monitoring Fabric (DMF) 8.7 release, a DMF Controller will allow sharing of managed services utilizing L3 delivery interfaces (e.g., NetFlow, IPFIX, app ID, etc.) across multiple policies. In prior releases, DMF did not support managed service sharing because the L3 delivery interface was an optional setting in a policy configuration. However, sharing is now supported because the managed service configuration must now specify the L3 delivery interface.

The show command 'show qos interface fabric' was introduced for DCS 7250QX and DCS 7300X series starting EOS

The command provides a summary of the number of used hardware entries versus the total available capacity for various Layer 3 features, such as next-hops and ECMP groups. Network operators run this to quickly assess the health of the forwarding plane and determine if the device is approaching its resource limits. This command also details the usage of different levels of the ALPM tables and TCAMs.