Tag :: TOI

DirectFlow runs alongside the existing layer 2/3 forwarding plane, enabling a network architecture that

The following new enhancements to DirectFlow and/or OpenFlow are added in EOS 4.15.0F:. DirectFlow

With the 19.0 release, network administrators can turn off 802.11b rates on SSIDs operating in the 2.4 GHz band. Turning off these legacy rates enhances overall network performance and prevents the association from outdated 802.11b clients.

IEEE802.1D 2004, Section 7.12.6 specifies destination MAC addresses that are normally trapped (not forwarded) by

The Switch detail page in the DMF GUI has a new Inventory tab displaying information about optics, cables, and transceivers.

This document describes the updates to the DANZ Monitoring Fabric (DMF) 8.7 release verified scale and performance numbers.

The hardware support update details newly supported hardware and other changes in the DANZ Monitoring Fabric (DMF) release 8.7.0.

This document describes the updates to the DANZ Monitoring Fabric (DMF) 8.8 release verified scale and performance numbers. Verified scale values for “DCA-DM-RN760” and “DCA-DM-RN760L” Recorder Nodes.

The hardware support update details newly supported hardware and other changes in the DANZ Monitoring Fabric (DMF) release 8.8.0.

Egress Filtering is an option to send different traffic to each tool attached to the policy's delivery setting. It provides additional filtering at the delivery ports based on the egress filtering rules specified at the interface.

As of DMF version 8.7.0, all DMF appliances will operate on the AlmaLinux 9.4 operating system, replacing the previous Ubuntu 20.04 LTS. This migration of the underlying operating system will not impact any currently supported features.

The DMF Recorder Node now supports deployment as a Virtual Machine (VM) for functional testing in Proof of Concept (POC) environments. Performance is limited and will vary based on allocated VM resources. DMF 8.7.0 and later Recorder Node images support being deployed as a VM.

This feature provides a method to rename a DMF object. DMF 8.7 Controllers support the Policy rename feature.

The DANZ Monitoring Fabric (DMF) allows the integration and monitoring of virtual machines in a VMware NSX fabric deployed in a vSphere environment. The DMF Controller communicates with NSX to retrieve its managed inventory and configures port mirroring sessions for selected virtual machines managed by the NSX fabric.

The DANZ Monitoring Fabric (DMF) allows the integration and monitoring of virtual machines in a VMware NSX fabric deployed in a vSphere environment. The DMF Controller communicates with NSX to retrieve its managed inventory and configures port mirroring sessions for selected virtual machines managed by the NSX fabric.

Currently data packets going over a DPS+IPsec tunnel have a fixed source IP, destination IP, protocol, source port and destination port after encapsulation for a given DPS path. Because of this, there is no good way to load-balance the tunneled traffic. However, to improve performance there is a need to load-balance the tunneled traffic. 

With this feature, user can fetch various internal hardware drops info from each switch and isolate the switch or

Precision Time Protocol (PTP) management messages are general PTP messages sent to PTP-enabled switches on the data plane. On Arista switches, its behavior depends on the configured PTP mode. In Boundary Clock mode, they are handled by the control plane. In Transparent Clock mode, they are forwarded in the data plane. PTP management messages can be sent through the PTP network either in a multicast or unicast fashion (by using ptp forward unicast, see Forwarding Unicast PTP Packets in Boundary Mode).

DCS 7280E. Arad QOS MAP:. This command assigns the DSCP rewrite value of 37 to traffic classes 2, 4, and 6.

Dual Tag VLAN mapping feature defines mapping between (outer VID and inner VID of double tagged packet) and bridging

Starting with EOS4.15.0F, dynamic and symmetric LAG hashing policies are supported on the 7500E platform. Dynamic

Dynamic Explicit Congestion Notification (D-ECN) configures an ECN marking threshold that changes dynamically based on a transmit queue’s available shared buffers. A D-ECN offset and D-ECN floor is configured per unicast transmit queue which defines how the ECN marking threshold will change as the queue’s shared buffer limit changes.

Until EOS release 4.32.0F, EOS allows users to statically configure link min-delay and max-delay used for IS-IS FlexAlgo. This feature adds support for dynamic measurement of link delay using the TWAMP Light protocol described in RFC 8186 and provides it to IS-IS FlexAlgo dynamically.

This document describes how to configure and monitor this feature.

Dynamic NAT connection limit is a feature that provides the functionality to limit the number of dynamic NAT connections.

Dynamic resizing of nexthop groups, as the name suggests, is a feature that enables a nexthop group to dynamically

This feature allows eAPI to run in multiple non default VRFs on the same physical router. In this way, users can

ECMP Hash visibility CLI determines the output interface for an ECMP set based on the flow parameters supplied by the user. Ingress interface, source IP address, destination IP address and IP protocol are the required parameters. L4 source and destination ports and VLAN identifier are optional, but should be specified if the packet has them.

This feature supports counting ECN-marked packets (ECN = Explicit Congestion Notification) on a per egress port per tx-queue basis.

The feature can be used to gather these packet counts via CLI or SNMP.

Explicit Congestion Notification (ECN) is an extension to the Internet Protocol and to the Transmission Control Protocol which allows end-to-end notification of network congestion without dropping packets. ECN is an optional feature that is only used when both endpoints support it and are willing to use it. ECN operates over an active queue management algorithm.

This feature provides the capability to count the number of packets hitting rules associated to egress ACLs applied

This feature allows generating the syslog message for the packets matching rules in egress ACLs. This can be enabled using the log keyword when configuring an ACL rule. A copy of the packet matching such an ACL rule is sent to the control plane, where a syslog entry for the packet header is generated.

The feature allows to create a named TC to DSCP mapping that can be applied on an interface.DSCP of routed packets egressing out of the interface will be rewritten according to the map.

This feature enables users to configure MPLS EXP rewrite behavior on the egress interface based upon the global TC-to-EXP mapping. Starting from software version 4.33.2F, the CLI configuration to enable or disable EXP rewrite on the egress interface introduces a clear distinction in the behavior of MPLS EXP processing during POP and SWAP operations.

Egress filtered mirroring enables the selective mirroring of packets exiting a port, offering more precise control compared to mirroring all egress traffic. It is possible to selectively mirror egress packets based on the permit statements in the configured ACLs.

IPv4/IPv6 over MPLS packets are now eligible for ACLs at egress stage by default. The feature is applicable only to

Normally, an ingress router has no control over an autonomous system border router’s (ASBR) selection of inter-AS links. In the example below, Peer 2 and Peer 3 both advertise reachability to some remote network to ASBR 1 (e.g. service route 172.16.1.0/24). ASBR 1 would then use normal bestpath selection rules to select a preferred egress path (for traffic flowing to that service route). However, this means that the ingress router has no control over which egress path is chosen.

Egress Priority Tagging is a feature that allows a switch to send out priority tagged ethernet frames in place of untagged frames. Priority tagged frames are sent with the VLAN ID set to zero allowing downstream devices to read the 802.1p priority bits set in the VLAN header.

sFlow is a sampling technique which monitors incoming traffic on all interfaces without affecting network performance. Egress sFlow is a feature which samples the packets in the egress pipeline for analytical purposes. Currently egress sFlow is only software based on Arista switches.

Egress traffic-policing can be applied on L3 Ethernet subinterfaces for outbound traffic.

This feature optimizes the utilization of hardware resources by sharing tcam entries for a group of SVIs on which an

RadSec or RADIUS over TLS is a protocol for secure communication between a client and the RADIUS server. RadSec uses TCP and TLS protocols to form a secure tunnel between the client and the server.

The BGP implementation now provides the ability to display the age of paths received for a given prefix using the

Multiple dynamic counter features may be enabled simultaneously, primarily configured using the ‘[no] hardware counter feature [feature]’ CLI commands. Compatibility of these features has been enhanced to allow for greater flexibility in simultaneously enabled counter features. Changes in counter feature compatibility across EOS releases is detailed below.

EOS 4.20.1F introduces expanded VRRP, VARP and MLAG Peer Gateway virtual MAC capabilities on the 7500R, 7280R,

IP in IP decapsulation was first introduced for the supported platforms(below) in EOS version 4.15.0F (IP in IP

DANZ provides a set of features and tools to enhance instrumentation and network/ application performance monitoring with the following key functional areas.

Measured boot is an anti-tamper mechanism. It calculates the cryptographic signatures for software system components and extends the signatures into the Trusted Platform Module (TPM) security chip. Upon startup, with the feature turned on, the Aboot bootloader and EOS calculate the hash of various system components and extend the hashes into the Platform Configuration Registers (PCRs), which is one of the resources of the Trusted Platform Module (TPM) security chip. The calculation and extension event is called the measured boot event, which is associated with a revision number to help the user identify changes to the event.

Measured boot is an anti-tamper mechanism. It calculates the cryptographic signatures for software system components and extends the signatures into the Trusted Platform Module (TPM) security chip. Upon startup, with the feature turned on, the Aboot bootloader and EOS calculate the hash of various system components and extend the hashes into the Platform Configuration Registers (PCRs), which is one of the resources of the Trusted Platform Module (TPM) security chip. The calculation and extension event is called the measured boot event, which is associated with a revision number to help the user identify changes to the event.

The FIB contains mappings between a prefix (identifying a destination network) and its associated Forwarding Equivalence Class (FEC), with the FEC containing one or more resolved Vias defining how traffic should be forwarded towards that destination network.

RFC 5837 describes extensions to the Internet Control Message Protocol (ICMP) that enable network devices to identify incoming and outgoing interfaces and next-hop addresses via extensions to specific ICMP error messages. These extensions are particularly useful for network diagnostics and troubleshooting applications.