Tag :: TOI

The feature adds support for dynamic prefix-list to match on all protocol routes, and not just BGP. Dynamic prefix-list policy construct is similar to the traditional IP and IPv6 prefix-list, except that they have an additional state associated. This state associated with the dynamic prefix-lists, is determined on the basis of the route entries in FIB, and hence as and when the FIB changes, the state also changes dynamically. 

Currently data packets going over a DPS+IPsec tunnel have a fixed source IP, destination IP, protocol, source port and destination port after encapsulation for a given DPS path. Because of this, there is no good way to load-balance the tunneled traffic. However, to improve performance there is a need to load-balance the tunneled traffic. 

With this feature, user can fetch various internal hardware drops info from each switch and isolate the switch or

Precision Time Protocol (PTP) management messages are general PTP messages sent to PTP-enabled switches on the data plane. On Arista switches, its behavior depends on the configured PTP mode. In Boundary Clock mode, they are handled by the control plane. In Transparent Clock mode, they are forwarded in the data plane. PTP management messages can be sent through the PTP network either in a multicast or unicast fashion (by using ptp forward unicast, see Forwarding Unicast PTP Packets in Boundary Mode).

DCS 7280E. Arad QOS MAP:. This command assigns the DSCP rewrite value of 37 to traffic classes 2, 4, and 6.

Dual Tag VLAN mapping feature defines mapping between (outer VID and inner VID of double tagged packet) and bridging

Starting with EOS4.15.0F, dynamic and symmetric LAG hashing policies are supported on the 7500E platform. Dynamic

Dynamic Explicit Congestion Notification (D-ECN) configures an ECN marking threshold that changes dynamically based on a transmit queue’s available shared buffers. A D-ECN offset and D-ECN floor is configured per unicast transmit queue which defines how the ECN marking threshold will change as the queue’s shared buffer limit changes.

Until EOS release 4.32.0F, EOS allows users to statically configure link min-delay and max-delay used for IS-IS FlexAlgo. This feature adds support for dynamic measurement of link delay using the TWAMP Light protocol described in RFC 8186 and provides it to IS-IS FlexAlgo dynamically.

This document describes how to configure and monitor this feature.

Dynamic NAT connection limit is a feature that provides the functionality to limit the number of dynamic NAT connections.

Dynamic resizing of nexthop groups, as the name suggests, is a feature that enables a nexthop group to dynamically

This feature allows eAPI to run in multiple non default VRFs on the same physical router. In this way, users can

ECMP Hash visibility CLI determines the output interface for an ECMP set based on the flow parameters supplied by the user. Ingress interface, source IP address, destination IP address and IP protocol are the required parameters. L4 source and destination ports and VLAN identifier are optional, but should be specified if the packet has them.

By default EOS does not perform Overlay ECMP for hosts connecting to a Multihoming Ethernet segment in an Asymmetric-IRB setup. Instead it picks one of the paths statically for sending the traffic. This feature enables ECMP for the multihomed hosts connected in an EVPN VXLAN all active multihoming Asymmetric-IRB setup.

This feature supports counting ECN-marked packets (ECN = Explicit Congestion Notification) on a per egress port per tx-queue basis. The feature can be used to gather these packet counts via CLI or SNMP.

Explicit Congestion Notification (ECN) is an extension to the Internet Protocol and to the Transmission Control Protocol which allows end-to-end notification of network congestion without dropping packets. ECN is an optional feature that is only used when both endpoints support it and are willing to use it. ECN operates over an active queue management algorithm.

This feature provides the capability to count the number of packets hitting rules associated to egress ACLs applied

This feature allows generating the syslog message for the packets matching rules in egress ACLs. This can be enabled using the log keyword when configuring an ACL rule. A copy of the packet matching such an ACL rule is sent to the control plane, where a syslog entry for the packet header is generated.

This feature enables users to configure MPLS EXP rewrite behavior on the egress interface based upon the global TC-to-EXP mapping. Starting from software version 4.33.2F, the CLI configuration to enable or disable EXP rewrite on the egress interface introduces a clear distinction in the behavior of MPLS EXP processing during POP and SWAP operations.

Egress filtered mirroring enables the selective mirroring of packets exiting a port, offering more precise control compared to mirroring all egress traffic. It is possible to selectively mirror egress packets based on the permit statements in the configured ACLs.

IPv4/IPv6 over MPLS packets are now eligible for ACLs at egress stage by default. The feature is applicable only to

EOS-4.35.1F adds support for egress IPv4/IPv6/MAC PACL. So, by default, egress IPv4/IPv6 ACL enabled on default profile and for MAC ACL to enable, it is required to add its support directly to the current tcam profile or create a new tcam profile based on the default profile and disable egress IPv4 and IPv6 ACL features.

Normally, an ingress router has no control over an autonomous system border router’s (ASBR) selection of inter-AS links. In the example below, Peer 2 and Peer 3 both advertise reachability to some remote network to ASBR 1 (e.g. service route 172.16.1.0/24). ASBR 1 would then use normal bestpath selection rules to select a preferred egress path (for traffic flowing to that service route). However, this means that the ingress router has no control over which egress path is chosen.

Egress Priority Tagging is a feature that allows a switch to send out priority tagged ethernet frames in place of untagged frames. Priority tagged frames are sent with the VLAN ID set to zero allowing downstream devices to read the 802.1p priority bits set in the VLAN header.

sFlow is a sampling technique which monitors incoming traffic on all interfaces without affecting network performance. Egress sFlow is a feature which samples the packets in the egress pipeline for analytical purposes. Currently egress sFlow is only software based on Arista switches.

Egress traffic-policing can be applied on L3 Ethernet subinterfaces for outbound traffic.

This feature optimizes the utilization of hardware resources by sharing tcam entries for a group of SVIs on which an

RadSec or RADIUS over TLS is a protocol for secure communication between a client and the RADIUS server. RadSec uses TCP and TLS protocols to form a secure tunnel between the client and the server.

The BGP implementation now provides the ability to display the age of paths received for a given prefix using the

Multiple dynamic counter features may be enabled simultaneously, primarily configured using the ‘[no] hardware counter feature [feature]’ CLI commands. Compatibility of these features has been enhanced to allow for greater flexibility in simultaneously enabled counter features. Changes in counter feature compatibility across EOS releases is detailed below.

EOS 4.20.1F introduces expanded VRRP, VARP and MLAG Peer Gateway virtual MAC capabilities on the 7500R, 7280R,

IP in IP decapsulation was first introduced for the supported platforms(below) in EOS version 4.15.0F (IP in IP

DANZ provides a set of features and tools to enhance instrumentation and network/ application performance monitoring with the following key functional areas.

Measured boot is an anti-tamper mechanism. It calculates the cryptographic signatures for software system components and extends the signatures into the Trusted Platform Module (TPM) security chip. Upon startup, with the feature turned on, the Aboot bootloader and EOS calculate the hash of various system components and extend the hashes into the Platform Configuration Registers (PCRs), which is one of the resources of the Trusted Platform Module (TPM) security chip. The calculation and extension event is called the measured boot event, which is associated with a revision number to help the user identify changes to the event.

The FIB contains mappings between a prefix (identifying a destination network) and its associated Forwarding Equivalence Class (FEC), with the FEC containing one or more resolved Vias defining how traffic should be forwarded towards that destination network.

RFC 5837 describes extensions to the Internet Control Message Protocol (ICMP) that enable network devices to identify incoming and outgoing interfaces and next-hop addresses via extensions to specific ICMP error messages. These extensions are particularly useful for network diagnostics and troubleshooting applications.

EosSdkRpc is an agent built on top of the Arista EOS SDK. It uses gRPC as a mechanism to provide remote access to the EOS SDK. The gRPC interface that EosSdkRpc supports closely matches the interface provided by EOS SDK, and the intent is that the .proto interface can be publicly supported. EosSdkRpc allows for remote access and using protobuf to specify the interface isolates user code from the Linux ABI issues that come with building C++ applications on different compiler, libc, and kernel versions. EosSdkRpc is built using C++ but supports clients written in any of the languages currently supported by the gRPC framework.

This feature allows configuring backup entries for static MPLS LFIB routes via EOS SDK RPC to be activated if its corresponding primary entries are unable to forward traffic due to next hops being unresolved or its corresponding interface being down. Any backup entries will not be activated to forward traffic until all primary entries are unviable. Thereby, backup entries configured for the Static MPLS routes are a mechanism to achieve fast failover when the primary path fails.

This feature prevents policy churn by automatically placing switch interfaces with frequent flapping into an error-disabled state, effectively performing an automatic administrative shutdown. The feature also allows for automatically recovering these interfaces after a specified time. This feature reduces the risk of lost packets caused by continuous recomputation of DANZ Monitoring Fabric (DMF) policies due to flapping interfaces.

Traffic policies applied to interfaces are used to match traffic based on packet header fields or their summarized counterparts and take configured actions against them. The match rules configured in these policies are usually installed in a prioritized hardware table (i.e., TCAM) where the action of the first-hit filter is taken. The summarized fields are also installed in various hardware tables. The hardware utilization of traffic policies is very much dependent not only in the number of configured match rules but also in how the set of values are distributed for each field.

This feature is an extension of ZTX monitor mode functionality to virtual machines where a virtual machine running on a hypervisor(ESXi/KVM) will facilitate the generation of MSS policies by exporting flow telemetry to CloudVision Portal. vZTX will primarily focus on the use cases where the data traffic in the customer sites are limited(<10Gbps). This will help the customer to reduce the capital expenditure costs by avoiding the need of purchasing a dedicated hardware box. So, this product can cater to the needs of small to medium size enterprise customers.

As Ethernet technologies made their way into the Metropolitan Area Networks (MAN) and the Wide Area Networks (WAN), from the conventional enterprise level usage, they are now widely being used by service providers to provide end-to-end connectivity to customers. Such service provider networks are typically spread across large geographical areas. Additionally, the service providers themselves may be relying on certain internet backbone providers, referred to as “operators”, to provide connectivity in case the geographical area to be covered is too huge. This mode of operation makes the task of Operations, Administration and Maintenance (OAM) of such networks to be far more challenging, and the ability of service providers to respond to such network faults swiftly directly impacts their competitiveness.

As Ethernet technologies made their way into the Metropolitan Area Networks (MAN) and the Wide Area Networks (WAN) from the conventional enterprise level usage, they are now widely being used by service providers to provide end-to-end connectivity to customers. Such service provider networks are typically spread across large geographical areas. Additionally, the service providers themselves may be relying on certain internet backbone providers, referred to as “operators”, to provide connectivity in case the geographical area to be covered is too huge. 

As Ethernet technologies made their way into the Metropolitan Area Networks (MAN) and the Wide Area Networks (WAN) from the conventional enterprise level usage, they are now widely being used by service providers to provide end-to-end connectivity to customers. Such service provider networks are typically spread across large geographical areas. Additionally, the service providers themselves may be relying on certain internet backbone providers, referred to as “operators”, to provide connectivity in case the geographical area to be covered is too huge.

This feature adds support for using the management port on AWE-7220RP-5TH-2S alternately as Ethernet8 port.

The EOS Event Manager feature provides the ability to specify a condition and an action to be carried out when that

The EOS Event Manager feature provides the ability to specify a condition and an action to be carried out when that condition is detected. It is a flexible and configurable way to automate the reaction to conditions without the need for a system operator to observe and apply the desired actions manually.

The EOS Event Manager feature, introduced in 4.17.0F,  provides the ability to specify a condition and an action

The EOS Event Manager feature provides the ability to specify a condition and an action to be carried out when that

This feature stores events describing changes to IS-IS IP routes into a SQL. These events are intended to be used to debug convergence issues and understand the impact changes elsewhere in the network have on an EOS device. When an IS-IS IP route changes due to an IS-IS SPF calculation and this feature is enabled, the feature tracks the time the route change is reflected at various "layers" of the route processing pipeline.