Tag :: TOI

Data center switches and servers have traditionally been managed by separate teams using different tools creating complexity in setting up and maintaining the end to end network in the datacenter.

In an AI network, the nature of the workload amplifies the effect of a single server’s network failure or network misconfiguration impacting the work of large numbers of machines in the network. This is costly both in lost productivity and in the high level of support required to fix network errors that can occur in the compute and network domains.

This feature provides protocol independent UCMP support for all the routes which follow the IGP path provided there is no UCMP computation done at the protocol level itself. Enabling this feature allows for optimal bandwidth utilization over the links by considering link capacity for rationalizing weight among the nexthop members for all the routes which follow the IGP path.

For a pair of QSFP100 ports grouped together on a gearbox, it is possible to enable a 10G or 25G link on the first primary port while maintaining the usage of the secondary port at any speed. For two QSFP100 ports on a gearbox, the primary port allows for breakout speeds 4x10G and 4x25G, while the secondary does not. The configuration of the primary port determines whether the secondary port can be used since in a full breakout mode such as 4x10G the secondary port is forced inactive.

In EOS 4.18.1, support for 25G/50G is added on 7500R, 7280R, 7500R2 and 7280R2 series. This feature provides forced

The BGP extended communities support within EOS has been enhanced to include support for 4 octet AS Extended BGP

The 400GBASE ZRP (also known as ZR+) is a transceiver that follows the OpenZR+ MSA (Multi Source Agreement)

Starting EOS release 4.15.2F, the ability to re number front panel ports of 7050QX 32S is supported.

This document provides information on how to configure static NAT with selective VXLAN encapsulation using policy-based routing (PBR) and debug related issues on Arista 7170 switches.

Newly supported Features, Ingress IPv4/IPv6 and MAC ACL on FPP ( routed/switched ), Port-Channel, L3 subInterfaces ,Ingress IPv4/IPv6 and MAC ACL counters , Ingress IPv4/IPv6 and MAC ACL deny logging

This TOI supplements the Ingress Traffic Policy applied on ingress port interfaces. Please refer to that document for a description of Traffic Policies and field-sets. This TOI explains the Traffic Policies as applied in the ingress direction on VLAN interfaces. For Traffic Policies on the egress direction of VLAN interfaces, see the Egress Traffic Policy TOI.

The 7500E 6CFPX LC linecard with ACO CFP2 optics provides connectivity over DWDM systems and links. 7500E 6CFPX LC

The 802.11be standards build on 802.11ax by providing ultra-high throughput, improved resource utilization, and interference mitigation. The 320 MHz support increases the throughput and performance in the 6GHz band. The improved resource utilization is attributed to the introduction of Multiple Resource Units (MRU) in Orthogonal Frequency Division Multiple Access (OFDMA) transmission and Multi-Link Operation (MLO).

This article describes a feature for Tap Aggregation mode, which strips IEEE 802.1BR E-Tag and Cisco VN-Tag headers from all tagged packets received on tap interface before delivering them out of tool interfaces.

802.1X dynamic interface configuration allows for dynamic interface configuration on the 802.1X authenticator based on device profiling performed by a Network Access Controller (NAC). Traditionally, 802.1X authenticators require static interface configuration. This enhancement extends dynamic capabilities beyond existing features like dynamic VLAN assignment and ACL programming, enabling any type of interface configuration to be applied dynamically via the CLI.

802.1X is an IEEE standard protocol that prevents unauthorized devices from gaining access to the network. We support dot1x protocol standard 802.1X-2004 (version=2)

This feature allows a user to adjust the MTU of radius requests for 802.1x supplicants. Currently this feature only adjusts the MTU size of radius requests for supplicants undergoing EAP TLS authentication.  This can be useful in scenarios where hops between the switch and RADIUS doesn’t support IP MTU discovery and the switch ends up sending Access Requests based on the interface MTU size which get dropped at such hops. With this feature, a user has the flexibility to experiment and choose a MTU setting that works for such a topology forcing the Dot1x agent to send the Access Requests with the configured MTU.

802.1X port security controls who can send traffic through and receive traffic from the individual switch ports. A

802.1X supplicant feature supports different Extensible Authentication Protocol( EAP ) methods for 802.1X authentication. This document specifically talks about support for supplicants doing EAP Password ( EAP-PWD ) based authentication. Defined in RFC5931, EAP-PWD is an EAP method that uses a shared password for authentication. Furthermore, this feature allows EOS devices to interoperate with systems that rely on EAP-PWD for deriving MACsec CAK/CKN from the EAP Master Session Key (MSK) and EAP Session ID as per 802.1X-2020.

This feature adds support in AAA using the LDAP protocol. LDAP can be used for authentication and

Measured boot is an anti-tamper mechanism. It calculates the cryptographic signatures for software system components and extends the signatures into the Trusted Platform Module (TPM) security chip. Upon startup, with the feature turned on, the Aboot bootloader and EOS calculate the hash of various system components and extend the hashes into the Platform Configuration Registers (PCRs), which is one of the resources of the Trusted Platform Module (TPM) security chip. The calculation and extension event is called the measured boot event, which is associated with a revision number to help the user identify changes to the event.

Measured boot is an anti-tamper mechanism. It calculates the cryptographic signatures for software system components and extends the signatures into the Trusted Platform Module (TPM) security chip. Upon startup, with the feature turned on, the Aboot bootloader and EOS calculate the hash of various system components and extend the hashes into the Platform Configuration Registers (PCRs), which is one of the resources of the Trusted Platform Module (TPM) security chip. The calculation and extension event is called the measured boot event, which is associated with a revision number to help the user identify changes to the event.

Measured boot is an anti-tamper mechanism. It calculates the cryptographic signatures for software system components and extends the signatures into the Trusted Platform Module (TPM) security chip. Upon startup, with the feature turned on, the Aboot bootloader and EOS calculate the hash of various system components and extend the hashes into the Platform Configuration Registers (PCRs), which is one of the resources of the Trusted Platform Module (TPM) security chip. The calculation and extension event is called the measured boot event, which is associated with a revision number to help the user identify changes to the event.

Measured boot is an anti-tamper mechanism. It calculates the cryptographic signatures for software system components and extends the signatures into the Trusted Platform Module (TPM) security chip. Upon startup, with the feature turned on, the Aboot bootloader and EOS calculate the hash of various system components and extend the hashes into the Platform Configuration Registers (PCRs), which is one of the resources of the Trusted Platform Module (TPM) security chip. The calculation and extension event is called the measured boot event, which is associated with a revision number to help the user identify changes to the event.

Measured boot is an anti-tamper mechanism. It calculates the cryptographic signatures for software system components and extends the signatures into the Trusted Platform Module (TPM) security chip. Upon startup, with the feature turned on, the Aboot bootloader and EOS calculate the hash of various system components and extend the hashes into the Platform Configuration Registers (PCRs), which is one of the resources of the Trusted Platform Module (TPM) security chip. The calculation and extension event is called the measured boot event, which is associated with a revision number to help the user identify changes to the event.

Measured boot is an anti-tamper mechanism. It calculates the cryptographic signatures for software system components and extends the signatures into the Trusted Platform Module (TPM) security chip. Upon startup, with the feature turned on, the Aboot bootloader and EOS calculate the hash of various system components and extend the hashes into the Platform Configuration Registers (PCRs), which is one of the resources of the Trusted Platform Module (TPM) security chip. The calculation and extension event is called the measured boot event, which is associated with a revision number to help the user identify changes to the event.

Measured boot is an anti-tamper mechanism. It calculates the cryptographic signatures for software system components and extends the signatures into the Trusted Platform Module (TPM) security chip. Upon startup, with the feature turned on, the Aboot bootloader and EOS calculate the hash of various system components and extend the hashes into the Platform Configuration Registers (PCRs), which is one of the resources of the Trusted Platform Module (TPM) security chip. The calculation and extension event is called the measured boot event, which is associated with a revision number to help the user identify changes to the event.

Measured boot is an anti-tamper mechanism. It calculates the cryptographic signatures for software system components and extends the signatures into the Trusted Platform Module (TPM) security chip. Upon startup, with the feature turned on, the Aboot bootloader and EOS calculate the hash of various system components and extend the hashes into the Platform Configuration Registers (PCRs), which is one of the resources of the Trusted Platform Module (TPM) security chip. The calculation and extension event is called the measured boot event, which is associated with a revision number to help the user identify changes to the event.

Measured boot is an anti-tamper mechanism. It calculates the cryptographic signatures for software system components and extends the signatures into the Trusted Platform Module (TPM) security chip. Upon startup, with the feature turned on, the Aboot bootloader and EOS calculate the hash of various system components and extend the hashes into the Platform Configuration Registers (PCRs), which is one of the resources of the Trusted Platform Module (TPM) security chip. The calculation and extension event is called the measured boot event, which is associated with a revision number to help the user identify changes to the event.

When configuring the MAC address of a switch, CLI commands and REST endpoints will accept a MAC address formatted as three groups of four hexadecimal digits separated by periods (e.g. 1122.3344.5566) in addition to the already accepted form of six hexadecimal digit pairs separated by colons (e.g. 11:22:33:44:55:66). 

You can now enable CloudVision to combine the authentication and authorization requests that it sends to a RADIUS server into a single request. When RADIUS is configured as the AAA provider, CloudVision will send separate authentication and authorization requests by default. This can cause issues with One-Time Password (OTP) users, as issued passwords are only valid for one request. Note: Non-OTP RADIUS systems will be unaffected by the change. To combine authentication and authorization requests, navigate to Settings > Access Control and enable the Combine Login Auth Requests checkbox.

This studio enables you to quickly configure access interfaces towards endpoint devices in your campus network. This configuration relates to the devices in Access Pods deployed using the Campus Fabric (L2/L3/EVPN) Studio.

This studio enables you to quickly configure access interfaces towards endpoint devices in your campus network. This configuration relates to the devices in Access Pods deployed using the Campus Fabric (L2/L3/EVPN) Studio. The studio consists of port profiles and campus networks. You can create port profiles, which contain configuration for attributes like speed and MTU, which you can then assign to device interfaces in a campus fabric. Editing the profile will then affect all interfaces that the profile has been assigned to. You can also configure individual interfaces.

With the 12.0 release, CloudVision Cognitive Unified Edge (CV-CUE) introduces Access Points (AP) Explorer. AP Explorer helps you view the distribution of APs by various attributes such as Model, Software Version, Status, and so on.

This feature enables user to modify QoS parameters for SVI traffic (L3 VLAN) based on ACL classification. The QoS

The feature allows filtering on source and destination IP addresses within the VXLAN inner payload, on ingress port ACL. The feature can be configured using the inner keyword within the VXLAN ACL configuration. Because of some limitations, the feature should be utilized for debugging purposes.

Ingress policing provides the ability to monitor the data rates for a particular class of traffic and perform action

A new role permission, Action Execution, has been introduced to control the execution of custom actions when they are run in isolation, such as via Studio Autofill actions and standalone executions in the Action editor. A custom action is a user-created action that has either been installed via a package or has been created using python script and arguments.

The active active neutron controller support in CVX enables the deployment of highly available neutron service with

This feature gives AVT/DPS tunnels the ability to transport IPv6 overlay traffic. Formerly, such tunnels could only transport IPv4 overlay traffic.

Starting EOS 4.15.0F, users can configure NAT at IP address level with dynamically assigned one to one mapping

Adjacency sharing is a feature which deduplicates FEC to avoid installing identical FECs in hardware. Often this applies to Equal Cost Multi Path (ECMP) FECs, which are generally a much more scarce resource. Hierarchical FECs are not supported with adjacency sharing.

The following table describes the advanced mirroring features that are currently supported with links to their respective TOIs.

The DANZ Monitoring Fabric (DMF) Aggregate Arista GRE TAP action receives GRE-encapsulated packet samples from EOS switches, and generates an IPFIX report containing the flow 5-tuple, metadata, and timestamps from switches that the packet passed through.  Use the IPFIX report to determine the flows in a data fabric, monitor server session initialization delays, estimate the bandwidth of flows, and learn the path of packets through the fabric.

The AGM for ECMP feature allows monitoring the number of packets and bytes going through each member of the configured ECMP group on the system, with a high time resolution.

The DANZ Monitoring Fabric (DMF) Aggregate sFlow takes sFlow packet samples and generates an IPFIX report containing the flow 5-tuple, metadata, and timestamps from switches that the packet passed through.

Aggregate storm control with traffic class option provides the capability to rate limit BUM(Broadcast, Unknown

This article describes changes to the platform command 'show platform fm6000 agileports'. Earlier this command was

Agile ports allow users to connect 40G interfaces on 7130 products utilizing multiple SFP ports per 40G capable interface. This enables 40G capable applications, such as MetaConnect and MetaWatch, to operate at that speed.

Data center switches and servers have traditionally been managed by separate teams using different tools creating complexity in setting up and maintaining the end to end network in the datacenter.

The 40G only ports on Trident 2 switches may now be configured as 1 lane of 10G, 1G, or 100M*. This