With the 17.0 release, CloudVision Cognitive Unified Edge (CV-CUE) introduces the ability to schedule the generation of Client Visibility and Client Association reports. You can schedule report generation on a one-time basis or recurring basis.  Note: Users with Admin or Operator roles only can schedule a report.

With the 13.0 release, you can schedule the Automatic Channel Selection (ACS) to run at a specific time of the day and minimize service disruption.

Secondary private VLAN trunk ports are introduced in the EOS 4.15.2F release. This feature can

With the 16.0.1 release, clients connecting to the 6 GHz band can seamlessly connect to OWE-enabled SSIDs having Transition Mode. Arista APs support the Enhanced Open security protocol with Transition Mode built for open networks. Enhanced Open is based on Opportunistic Wireless Encryption (OWE). It is supported only in WiFi 6 and higher AP models. A few examples are C-360, C-260, C-250, C-230, O-235, etc.

VXLAN UDP ESP support allows the customer to encrypt traffic between two VXLAN VTEPs. The frame

The Dynamic Load Balancing (DLB) feature is currently supported in the DCS-7060 Arista switches in order to provide an alternative to the hash-based ECMP load balancing, which selects the next hop for routed packets using a static hash algorithm. DLB considers the state and quality of the port while assigning egress ports to packets, resulting in a more even flow. The state of each port member is determined by measuring the amount of data transmitted from a given port and the total number of packets enqueued to a given port.

Selective Q in Q tunneling feature allows a set of customer VLANs (hereafter referred to as c vlan(s)) to be tunneled

On 7500E, sFlow output interface feature enables sFlow to use the hardware provided output interface and

The sFlow VXLAN extension adds support for providing VXLAN-related information to sFlow packet samples, for VXLAN forwarded traffic. Specifically, for customer traffic ingressing on a CE-facing PE interface and forwarded into a VXLAN tunnel, the IP address of the source VTEP, the IP address of the destination VTEP and the VNI will be included in the sFlow datagram.

ACL based QoS programmed on SVIs can share hardware resources starting from EOS 4.17.0F. This results in

TOI 4.17.0F QoS

OpenStack has a concept of shared tenant networks which let the admin can create a network which can be shared by all the

The show command 'show qos interface fabric' was introduced for DCS 7250QX and DCS 7300X series starting EOS

TOI 4.17.0F QoS

Delay request messages can now be set from log 7 to 8. To configure: switch(config)#interface Et5/1.

Nexthop groups is an existing feature which allows users to manually configure a set of tunnels with nexthops.

Hardware Table Capacity Monitoring is an existing feature to keep track of the capacity and utilization of various

Starting 8.8 release, Cloud customers can receive all events/alerts as SNMP traps. While configuring an SNMP trap

The Software Management Studio is used to manage EOS images and extensions and assign them to devices. You’ll use the studio’s Software Repository to upload EOS images, Streaming Agents, and extensions. You’ll then  assign software from the Software Repository to devices using a new or open workspace.

 The Software Management Studio is used to manage EOS images and extensions and assign them to devices. You’ll use the studio’s Software Repository to upload EOS images, Streaming Agents, and extensions. You’ll then create or edit a workspace in Studios to assign software from the Software Repository to devices.

Source ARP with a virtual IP is a new VARP feature. The purpose of this feature is to change the ARP request header's sender IP and sender MAC address to the virtual IP and virtual MAC addresses. This change occurs for all the ARP request packets originating from the router that match a configured virtual subnet.

With the 13.0 release, you can enable spatial reuse from CloudVision Cognitive Unified Edge (CV-CUE) to improve the spectral efficiency and optimally allocate resources to meet the Quality of Service (QoS). With spatial reuse, two or more Wi-Fi devices (AP or client) that support 802.11ax protocols can send transmissions simultaneously without any significant data loss.

Spectrum analysis is a tool to analyze the RF environment for interference. For monitoring and troubleshooting of wireless networks, you must be aware of the RF environment in which the  APs operate.

This document describes the support for performing SSH authentication with X.509 certificates. Authentication to SSH can be completed using a number of different methods. Public key, password and keyboard interactive are supported in EOS. Certificate login is a type of public key authentication in which the public key does not have to be stored on the server. Instead certificates belonging to trusted certificate authorities (CAs) are installed.

This is an infrastructure that provides management of SSL certificates, keys and profiles. SSL/TLS is an application-layer protocol that provides secure transport between client and server through a combination of authentication, encryption and data integrity. SSL/TLS uses certificates and private-public key pairs to provide this security.

Before this feature was introduced, any daemon agent needing to interface with Sysdb for configuration retrieval and status updates had to go through the agent manager within the EOS SDK. Usage of the EOS SDK introduced various ABI issues due to constraints on which compiler, libc and kernel versions the daemon must be built with. This feature offers an alternative mechanism via gRPC, providing more flexibility in how daemon executables are built and used to programmatically interact with and monitor the EOS device.

Stateful switchover is a redundancy mode available on systems with 2 supervisor cards. One supervisor card is active

TOI 4.20.6F

Static ARP inspection is a security feature that verifies the source IP and the source MAC addresses of each received

The Static Configuration Studio is used to manage static configuration for devices, provide configuration not created by any other studio, and reconcile differences between CloudVision’s designed configuration and device running configuration. Devices are assigned to containers using tags that can identify one or more devices by hostname, role, or location in the network. Each container has configlets of EOS configuration, which are pushed to the EOS devices.

Currently, EOS supports the receiving and transmitting of BGP Flowspec rules. Rules received can be installed locally as ACLs and/or transmitted to other BGP peers/route reflectors. EOS relies on external controllers to inject these flowspec rules. The feature will allow flowspec rules to be defined via CLI in a similar fashion as traffic-policies is currently done. These policies would then be redistributed into BGP. Once redistributed, the rules can be advertised to other BGP peers and optionally installed locally on the configured system.

This feature enables configuring static IPv4 routes that specify the next hop by using an IPv6 address instead of an

Static multicast feature brings in capability to statically configure multicast routes on any Arista platform

A number of L4 7 appliances use the same MAC address to load balance services across two or more appliances that form the

Packet counters for Static and Twice NAT connections are now supported on the DCS 7150 series. This is a debug

Storm control enables traffic policing on floods of packets on L2 switching networks. Support for counting dropped packets and bytes on interfaces where storm control metering is provisioned. Both packet and bytes count are supported and will be displayed. Drop logging on storm-control discards is also supported.

The existing storm control interface configuration mode CLI commands have been extended to support the new

A traffic storm is a flood of packets entering a network, resulting in excessive traffic and degraded performance. Storm control prevents network disruptions by limiting traffic beyond specified thresholds on individual physical LAN interfaces. Storm control monitors inbound traffic levels over one-second intervals and compares the traffic level with a specified benchmark. The storm-control command configures and enables storm control on the configuration mode physical interface.

A traffic storm is a flood of packets entering a network, resulting in excessive traffic and degraded performance.

This feature introduces a new type of action that can be created and configured under Provisioning > Actions. These actions automate the process of assigning values to inputs in a studio and allow users to input data that originates from outside a studio.

These updates improve the layout of the Studios landing page by emphasizing essential studios and structuring all other studios in a more comprehensive, user-friendly way.

This feature enables ACL functionality on subinterfaces. ACLs on subinterfaces are configured using the

TOI 4.17.0F

Subinterfaces are logical L3 interfaces that enable the division of a single Ethernet or Port-channel interface into multiple logical L3 interfaces based on the incoming 802.1q tag.  They are commonly used in the L2/L3 boundary.  They can also be used in the context of VRF-lite, by configuring each subinterface in a different VRF.

The guaranteed bandwidth feature ensures minimum bandwidth for outgoing lower priority traffic from a

TOI 4.17.0F

This feature extends the existing UDP payload hashing support to allow an alternative set of bytes to be used in the calculation of the LAG and ECMP hash if an 16 bit field of the payload matches a provided pattern.

This feature adds support for configurable max sFlow datagram size. The current default max datagram size is 1400 bytes, which can cause some sFlow datagrams to be dropped when there is an MTU set. This feature enables the configuration of the max datagram payload size within the range of 200 to 1500 bytes to help avoid fragmentation. Note that this feature only configures software sFlow and is not supported on hardware-accelerated sFlow.

This feature adds support for CPU traffic policy capable of matching and acting on IP traffic which would otherwise

Prior to 4.32.2F, the “reset system storage secure” CLI command can be used to perform a best-effort storage device wipe of all sensitive data. However, this command has the limitation that it wipes EOS from the storage device, leaving the system “stuck” in Aboot. The “reset system storage secure rollback” command provides the same secure erase functionality, but additionally allows the user to preserve a subset of files on the main flash device by copying them into RAM during the secure erase procedure. The set of files that are preserved is configurable. After a successful wipe, the system will return to EOS after the erase is complete if the EOS SWI image and adequate configuration files are preserved (such as boot-config and startup-config).

This feature adds support for “Dynamic Load Balancing (DLB)” on Equal Cost Multi Path (ECMP) groups.
It is intended to help overcome the potential shortcomings of traditional hash-based load balancing by considering the traffic load of members of ECMP groups. DLB considers the state of the port while assigning egress ports to packets, resulting in a more even flow. The state of each port member is determined by measuring the amount of data transmitted from a given port and total number of packets enqueued to a given port.

This document describes the support for user-defined fields (UDF) acl rules in QoS policy feature. This feature is an extension of QoS policy to allow increased flexibility of the match criteria by using user-defined fields which will help customers control traffic based on other parts of the packet header and payload that is not supported by the other key-fields.

IS-IS SR Stateful Switchover (SSO) support allows for a switchover from an active supervisor to a standby supervisor where MPLS traffic remains undisrupted during switchover. This involves reconciliation of all Segment Routing related information in the network using IS-IS Graceful Restart procedures. And also installing the same in forwarding hardware in a manner that does not disrupt the ongoing traffic.

This feature provides a CLI command showing the list of mac addresses that could not be learned due to hash collision in the hardware table. A hash collision occurs when two or more distinct pieces of data map to the same entry ( or slot ) in the hardware table. It can happen when the hash function used to calculate the index for a given mac address results in the already occupied index, resulting in the failure of inserting the later mac address to the hardware table.

This document describes the OSPFv2 and OSPFv3 feature that allows enabling or disabling the inclusion of LSAs having “Down” (DN) bit set in SPF calculations. The DN Bit is a loop prevention mechanism implemented when OSPF is used as CE - PE IGP protocol.