Tag :: TOI

This feature adds support for using the management port on AWE-7220RP-5TH-2S alternately as Ethernet8 port.

The EOS Event Manager feature provides the ability to specify a condition and an action to be carried out when that

The EOS Event Manager feature provides the ability to specify a condition and an action to be carried out when that condition is detected. It is a flexible and configurable way to automate the reaction to conditions without the need for a system operator to observe and apply the desired actions manually.

The EOS Event Manager feature, introduced in 4.17.0F,  provides the ability to specify a condition and an action

The EOS Event Manager feature provides the ability to specify a condition and an action to be carried out when that

This feature stores events describing changes to IS-IS IP routes into a SQL. These events are intended to be used to debug convergence issues and understand the impact changes elsewhere in the network have on an EOS device. When an IS-IS IP route changes due to an IS-IS SPF calculation and this feature is enabled, the feature tracks the time the route change is reflected at various "layers" of the route processing pipeline.

Event monitor is extended to support new event types that continuously synchronize their contents with the sqlite database (in contrast with event monitor’s current behavior of synchronizing event state only when cli commands are run.)

CloudVision allows you to generate event notifications so that you can stay up to date on your network's status and performance. Notification configuration involves formatting notifications, configuring notification platforms, assigning notification receivers, and configuring notification rules.

The ability to monitor and react to Syslog messages provides a powerful and flexible tool that can be used to apply self

In order to minimize the volume of change control events, CloudVision has introduced a new event, Change Control Events. Change Control Events is generated when 2 or more of the following events are triggered for the same change control:

CloudVision will generate a Disk Utilization on CloudVision Node Breached Threshold event when disk utilization for a CloudVision node has either exceeded the default threshold or breached the user-configured threshold set in event rules.

Event Rollup allows you to manage the volume of identical events and can be used to flag when an event is recurring. Event Rollup groups together events that are identical except for their timestamps. It does so in two ways: dynamically via the Event List and according to a 24-hour window via the detailed event view. It can be enabled or disabled at will, using the Roll Up toggle.

RFC7432 defines the MAC/IP advertisement NLRI (route type 2) for exchanging EVPN overlay end-hosts’ MAC and IP address reachability information. When an EVPN MAC/IP route contains more than one path to the same destination, the EVPN MAC/IP best-path selection algorithm determines which of these paths should be considered as the best path.

In the Centralized Anycast Gateway configuration, the Spines are configured with EVPN-IRB and are used as the IP Default Gateway(DWG), whereas the Top of rack switches perform L2 EVPN Routing.

This new feature explains the use of the BGP Domain PATH (D-PATH) attribute that can be used to identify the EVPN domain(s) through which the EVPN MAC-IP routes have passed. EOS DCI Gateway provides new mechanisms for users to specify the EVPN Domain Identifier for its local and remote domains.   DCI Gateways sharing the same redundancy group should share the same local domain identifier and same remote domain identifier.

E-Tree is an L2 EVPN service (defined in RFC8317) in which each attachment circuit (AC) is assigned the role of Root or Leaf. Root ACs can communicate with leaf ACs and other root ACs. Leaf ACs can only communicate with root ACs. Leaf AC to leaf AC traffic is blocked. In this implementation, ACs are configured at the VLAN level, and the forwarding rules are enforced using a combination of local configuration of leaf VLANs (for local hosts), and asymmetric route targets (for remote hosts).

Ethernet VPN (EVPN) is an extension of the BGP protocol introducing a new address family: L2VPN (address family number 25) / EVPN (subsequent address family number 70). It is used to exchange overlay MAC and IP address reachability information between BGP peers within a tunnel

In the traditional data center design, inter-subnet forwarding is provided by a centralized router, where traffic traverses across the network to a centralized routing node and back again to its final destination. In a large multi-tenant data center environment this operational model can lead to inefficient use of bandwidth and sub-optimal forwarding.

In the traditional data center design, inter-subnet forwarding is provided by a centralized router, where traffic traverses across the network to a centralized routing node and back again to its final destination. In a large multi-tenant data center environment this operational model can lead to inefficient use of bandwidth and sub-optimal forwarding.

This feature adds control plane support for inter subnet forwarding between EVPN networks. This support is achieved

This feature is available when configuring Layer2 EVPN or EVPN IRB.As described in RFC7432 section 15 [1], “MAC Mobility” or “MAC move” occurs when a Customer Edge (CE) moves from one Ethernet segment to another, resulting in two EVPN MAC/IP (Type 2) routes being advertised -- one route with the previous Ethernet segment ID (ESI) and the other with the new Ethernet segment ID. MAC mobility also happens when a CE moves from a single-homed provider edge (PE) to a different PE.

“MLAG Domain Shared Router MAC” is a new mechanism to introduce a new router MAC to be used for MLAG TOR Leaf pairs. The user can either explicitly configure the MAC address of their choice or use the system-generated MLAG system-id for this purpose.  

EVPN MPLS VPWS (RFC 8214) provides the ability to forward customer traffic to / from a given attachment circuit (AC) without any MAC lookup / learning. The basic advantage of VPWS over an L2 EVPN is the reduced control plane signalling due to not exchanging MAC address information. In contrast to LDP pseudowires, EVPN MPLS VPWS uses BGP for signalling. Port based and VLAN based services are supported.

In network deployments, where the border leaf or Superspine act as PEG and it is in the transit path to other multicast VTEPs, the multicast stream will not pass since the border leaf will decapsulate the packet even if it doesn't have a receiver. This transit node is called the Bud Node. The device should be able to send decapsulated packets to any local receivers as well as send the encapsulated packets to other VTEPs

Multihoming in EVPN allows a single customer edge (CE) to connect to multiple provider edges (PE or tunnel endpoint). These PE devices are all connected to the same Ethernet-Segment (ES). Multihoming is activated by assigning a unique Ethernet Segment Identifier (ESI) and ES-Import Route Target (RT) which enables all the PEs connected to the same multihomed site to import the Type 4 ES routes

In EVPN, an overlay index is a field in type-5 IP Prefix routes that indicates that they should resolve indirectly rather than using resolution information contained in the type-5 route itself. Depending on the type of overlay index, this resolution information may come from type-1 auto discovery or type-2 MAC+IP routes. For this feature the gateway IP address field of the type-5 NLRI is used as the overlay index, which matches the target IPv4 / IPv6 address in the type-2 NLRI. Other types of overlay index are described in RFC9136, but these are currently unsupported.

In EOS 4.22.0F, EVPN VXLAN all active multi homing L2 support is available. A customer edge (CE) device can connect to

Ethernet VPN (EVPN) networks normally require some measure of redundancy to reduce or eliminate the impact of outages and maintenance. RFC7432 describes four types of route to be exchanged through EVPN, with a built-in multihoming mechanism for redundancy. Prior to EOS 4.22.0F, MLAG was available as a redundancy option for EVPN with VXLAN, but not multihoming. EVPN multihoming is a multi-vendor standards-based redundancy solution that does not require a dedicated peer link and allows for more flexible configurations than MLAG, supporting peering on a per interface level rather than a per device level. It also supports a mass withdrawal mechanism to minimize traffic loss when a link goes down.

EVPN gateway support for all-active (A-A) multihoming adds a new redundancy model to our multi-domain EVPN solution introduced in [1]. This deployment model introduces the concept of a WAN Interconnect Ethernet Segment identifier (WAN I-ESI). The WAN I-ESI allows the gateway’s EVPN neighbors to form L2 and L3 overlay ECMP on routes re-exported by the gateways. The identifier is shared by gateway nodes within the same domain (site) and set in MAC-IP routes that cross domain boundaries.

The EVPN Gateway Data Center Interconnect (DCI) feature supports multihoming redundancy. This deployment model leverages a virtual Interconnect Ethernet Segment Identifier (I-ESI) to form an overlay ECMP across the EVPN DCI gateways. Recently, EOS added new features for managing the I-ES that improve traffic handling and convergence in certain failure scenarios:

This feature adds the ability for an L3 default gateway TEP in a Centralized Gateway topology to advertise its SVI virtual IP addresses to VARP MAC bindings and primary addresses to System MAC bindings using EVPN type-2 routes for EVPN VXLAN overlays. Two new commands, redistribute router-mac virtual-ip[next-hop vtep primary] and redistribute router-mac system ip are introduced to enable the redistributions. This would help the L2 TEP on the network to learn the default gateway IP without flooding an ARP request for the gateway IP. This feature is only intended for Centralized Gateway Topologies.

Smart System Upgrade (SSU) provides the ability to upgrade the EOS image with minimal traffic disruption.

If any two policies use the same filter interface and the same priority, then an additional dynamic policy will be created to ensure the delivery of packets matching both of the original policies. There is a limit on how many overlap policies can be created and it is configurable with a range between 0 to 10 with a default value of 4. Currently, we exclude policies configured as inactive in the overlap policy limit calculation. With this new feature, we exclude policies that have an expired duration from the overlap policies limit calculation.

This enhancement is to display the number of packets that were ECN (Explicit Congestion Notification) marked by the

Administrative Groups (AG) provide a way to associate certain attributes or policies with links, enabling network administrators to control the routing decisions based on specific criteria. Extended Administrative Groups (EAG) are an extension of AG which allow a larger range of admin groups to be utilized for various Traffic Engineering (TE) purposes within a network. EAGs are defined in a new sub-TLV for IS-IS link attributes, separate to AGs, however they are considered as one within EOS. The EAG feature in EOS allows the range of administrative color to be increased from 0-31 to 0-127.

Use an External Certification Authority (ECA) to ensure secure communication and authentication with CloudVision..By default, Streaming Agent and other applications communicate with CloudVision using mutual-TLS certificates signed by a local certificate authority (CA). You now have the option to integrate CloudVision with Venafi,  an external CA, to sign and verify these certificates.

Starting EOS 4.15.0F, EOS can monitor (for long durations) low error rate errors on all fabric links. It

The 7250X and 7300 series use an optimized internal CLOS design with multiple port ASICs interconnected via Fabric

With the 18.0 release, Access Points (AP) can also use LAN2 as the Uplink Port. If both the LAN Ports are available as Uplink, the AP monitors both ports equally. Only on the first AP boot will AP consider LAN1 as the default Uplink, and LAN2 will be the failover. If LAN1 and LAN2 are connected and LAN1 fails to receive any packets, the AP can fail over to LAN2 as the Uplink Port and will continue to operate on the same uplink even if LAN1 is active again. 

With the 19.0 release, Access Points (AP) can seamlessly switch between LAN 1 and LAN 2 as the Uplink Port without disturbing the client connectivity and without any reboot. For the list of enhancements done for the same feature in the previous release, see the 18.0 TOI.

Fair Adaptive Dynamic thresholds (FADT) provides efficient allocation of shared packet buffer resources amongst various virtual output queues. FADT is useful when queues are getting congested and buffer resources should be allocated in a way tdat prioritizes certain queues while avoiding starvation of lower priority queues. the scheme works on each incoming packet by calculating instantaneous queue threshold based on available free resources. Queue buffer threshold is calculated as:

The 7280E and 7500E series are Virtual Output Queues (VOQs) based multi chip systems where there is a VOQ for all the

Fallback PBR policy enables an alternate policy to be active when PBR policy attached to an interface is being

Fast poll counters allow for rapid collection of a basic set of MAC counters on supported platforms at a very high frequency.

This feature is to permit rapid restoration of outbound traffic on ECMP groups that have a mix of ports from Supervisor1(Linecard1) and Supervisor2(Linecard2) cards. In the context of the supported platforms, these are referred to as Uplink ports and have names starting with Eth1/ or Ethernet1/ (Linecard1) and Eth2 or Ethernet2/ (Linecard2).

This feature is to permit rapid restoration of outbound traffic on LAG (port-channel) groups that have a mix of ports from Supervisor1(Linecard1) and Supervisor2(Linecard2) cards. In the context of the supported platforms, these are referred to as Uplink ports and have names starting with Eth1/ or Ethernet1/ (Linecard1) and Eth2 or Ethernet2/ (Linecard2).

This document describes the Fec Dampening feature. When hardware FEC / ECMP resources usage go above the platform limit, Ale (HW Abstraction layer ) deletes some routes in the anticipation of freeing up some more hardware FEC resources to allow newly created FEC to get programmed. The above logic of deleting/unprogramming the route may lead to unnecessary traffic drop in the following cases of transient FEC resources overflow.

The FEC (Forward Error Correction) traffic analyzer is designed to estimate the performance of the FEC layer, identify error statistics, and the source of correlated errors on physical interfaces.

FIPS is a US federal standard for computer systems and data security that mandates only compliant cryptographic algorithms and their implementations be used in a product’s cryptographic operations. A product is considered FIPS compliant if it uses verified crypto modules that have been certified by a laboratory approved by the National Institute of Standards and Technology (NIST). CloudVision has completed the FIPS certification process to allow users with both single-node and multi-node clusters to operate in FIPS mode. Intra-node communication is not yet certified and will follow in Phase 2.

In the 17.0 release, CV-CUE introduces FEED. FEED is a network dashboard that presents a timeline view of all the detected anomalies in the network. CV-CUE curates the FEED by continuously monitoring and proactively detecting anomalies in the network. It also analyzes the cause of the anomaly and provides dynamic suggestions to mitigate the issue. The administrator can analyze the issue, the AI-based recommended action, and then decide on the best approach to mitigate the issue. Feed also lets administrators go back in time and understand anomalies that occurred in the past.