This feature enables the user to configure PBR policy on an interface in any VRF, to match and forward incoming packets

TOI 4.20.6F

In order to support PIM/IPv4 multicast routing on EOS switches with Broadcom Tomahawk4 ASICs, multicast support using ALPM is required. This works in both 3-level Algorithmic Longest Prefix Match (ALPM) capabilities and 2-level ALPM.

Private VLAN is a feature that segregates a regular VLAN broadcast domain while maintaining all ports in the same IP subnet. There are three types of VLAN within a private VLAN

A remark is a user specified comment that is written within an IP prefix-list. Remarks allow documentation to be added directly into the configuration of an IP prefix-list. Both IPv4 and IPv6 prefix-lists are supported.

There are two types of reload on a switch running EOS, normal reload and Smart System Upgrade (SSU). Scheduled normal reload is supported via ‘reload in’ command, to perform a normal reload after a specified delay. It asks for saving unsaved configuration changes and confirmation in order to schedule the reload. Scheduled SSU is supported via ‘reload fast-boot in’ command. However, after scheduling an SSU reload, if there are unsaved configuration changes, or saved configuration changes which block an SSU reload, the scheduled reload will be aborted at scheduled time.

The S-BFD hold down timer feature enables delaying the steering of traffic to a previously preferred SR-TE Down path that came back Up. This delay period is configurable. Using this functionality allows time for the path to stabilize (by avoiding potential further path flaps) and allows the user to debug and diagnose the failure state.

Topology Independent Fast Reroute, or TI-LFA, uses IS-IS SR to build loop-free alternate paths along the post-convergence path. These loop-free alternates provide fast convergence.

Access Control Lists (ACL) use packet classification to mark certain packets going through the packet processor pipeline and then take configured action against them. Rules are defined based on various fields of packets and usually TCAM is used to match packets to rules. For example, there can be a rule to match the packet source IP address against a list of IP addresses, and drop the packet if there is a match. This will be expressed in TCAM with multiple entries matching the list of IP addresses. Number of entries is reduced by masking off bits, if possible. TCAM is a limited resource, so with classifiers having a large number of rules and a big field list, TCAM runs out of resources.

This feature introduces the support for Traffic Policy on VLANs. Traffic Policy allows the user to configure rules to match on certain packets through the packet processing pipeline. The user can also place actions to match packets.

This document describes the support for user-defined fields (UDF) ACL rules in egress mac/IPv4/IPv6 access lists. This feature is an extension of egress ACL to allow increased flexibility of the match criteria by using user-defined fields which will help customers control traffic based on other parts of the packet header and payload that is not supported by the other key-fields.

This supports checking that the value of a given x509 certificate OID matches a user-provided value during the TLS handshake in OpenConfig. If the value does not match, no connection will be established.

This document describes the availability of VLAN ingress and egress counters on R Series platforms. VLAN counters provide the ability to count packets and bytes ingressing or egressing a bridge domain (VLAN).

This feature allows the export of IP FIB (Forwarding Information Base) through the OpenConfig AFT YANG models.

This feature enables the support of applying a policy-map in egress direction on an SVI interface. A policy-map is a QoS feature in which we have multiple class-maps each with a match criteria and an action. These class-maps match on the given criteria and the configured action is applied on the traffic which matches. We can apply these policy-maps on interfaces in both input and output directions which match on ingress and egress traffic respectively. This feature adds the support of applying such output policy-map on an SVI( Switch Virtual Interface ).

This feature enables the user to configure PBR policy on an interface in the default VRF to match and forward

TOI 4.17.0F PBR

This feature adds support for standard BGP GSHUT (0xFFFF0000) community. GSHUT community is the community used in

When configuring or modifying a RACL applied to a VLAN interface, the VLAN will be blocked while applying the updated

VXLAN tunneling requires that the switch where the tunnel terminates is configured with a VTEP that matches the configuration on the AP. CV-CUE now provides an easier way to match configurations on both AP and the switch. By having the same VXLAN configuration for access points (APs) and switches, you can aggregate all wireless traffic from the same VXLAN to a single wired destination for better traffic management and visibility.

SwitchApp is an FPGA-based feature available on Arista’s 7130LB-Series and 7132LB-Series platforms. It performs ultra low latency Ethernet packet switching. Its packet switching feature set, port count, and port to port latency are a function of the selected SwitchApp profile. Detailed latency measurements are available in the userguide on the Arista Support site.

As a result of upgrading the Debian distribution to Bookworm, the original Python CLI (based on python2) was removed, as the interaction with the DANZ Monitoring Fabric (DMF) and CCF is performed mainly from the Controller. However, several customer operations involve some of the commands used on the switch. These commands are implemented in the new CLI (based on python3) in Switchlight in the Bookworm Debian distribution.

For modular systems operating under the SSO redundancy policy, if  the system database agent (Sysdb) on the

With the 13.0 release, CloudVision Cognitive Unified Edge (CV-CUE) introduces system backup and restore capability. You can back up the entire system or only the configuration files, and restore them when needed.

Role based access control (RBAC) is an approach to regulating access to network resources based on the roles of

The tag matcher is a new simple input in Studios that allows you to specify a list of devices to be passed as the value for another input field. It is similar to the resolver input in that it allows users to specify a set of devices or interfaces using tag queries, but unlike the resolver, the tag matcher doesn’t require a member input to be configured.

In TAP Aggregation mode, when receiving a packet whose Frame Check Sequence (FCS) is corrupted, the default behavior

This article describes the Tap Aggregation MPLS Pop feature. The purpose of this feature is to support tools that do not parse MPLS labels and therefore need the switch to remove (pop) the MPLS header.

The traffic steering policies used in tap aggregation mode allow steering traffic from tap to tool ports using ‘set

This article describes a new TAP Aggregation TCAM profile and a corresponding enhancement to the TAP Aggregation

This article describes the Tap Aggregation Traffic Steering on MPLS Labels feature. The purpose of this feature is to

TOI 4.20.1F

This TOI briefs the commands related to the traffic steering policies used in Tap Aggregation. These commands

As of EOS 4.15.0F, there are two general enhancements to Tap Aggregation on the 7500E platform in 4.15.0F:

As of 4.15.0F, tap aggregation can be configured in conjunction with other switching and routing features.  This

The Tap Aggregation Manager (TAM) is a GUI front end for configuring and monitoring Tap Aggregation features of

In TAP Aggregation mode, configuration options are provided to handle special packet types. When receiving a packet whose Frame Check Sequence (FCS) is corrupted, the default behavior is to replace the bad FCS with the correct value and forward it. Configuration options are available to control the FCS behavior, such as to discard errors, pass through the bad FCS, or append a new FCS.

This article describes the addition of a show command to display the mapping between tap and tool ports on a per

Media Access Control Security (MACsec) is an industry standard security technology that provides secure

This document describes the truncation capability for Tap Aggregation, which allows tapped traffic to be truncated to a smaller size before being transmitted.

With the 13.0 release, you can enable Target Wake Time(TWT) from CloudVision Cognitive Unified Edge (CV-CUE). TWT is one of the advanced features of Wi-Fi 6. It enables access points (AP) and stations (STAs) to negotiate schedules for active and sleep durations.

Topology Independent Fast Reroute, or TI-LFA, uses OSPF SR to build loop-free alternate paths along the post-convergence path. These loop-free alternates provide fast convergence.

This feature enables applying traffic policies on incoming traffic and redirecting the traffic to a nexthop other than the one the routing logic would choose. This essentially overrides the routing logic decision. If there is no rule matching the packet, the packet is sent to the routing logic to be routed.

 

This article describes the TAP Aggregation User Defined Fields feature. The purpose of the User Defined

This feature adds support for viewing the Digital Optical Monitoring (DOM) parameters for the optics that support

As of EOS 4.15.2F, the support for the tuning of tunable DWDM 10G SFP+ transceivers (10GBASE DWDM) is added.

The BGP labeled unicast (LU) RFC is used to advertise BGP routes with a stack of MPLS labels, thereby allowing

TOI 4.20.1F

Trident2 is a Switch on Chip (SoC) single chip with support for up to 1280Gbps of forwarding capacity (oversubscribed

This feature provides a configuration option to disable egress IPv4 RACL sharing allowing for uRPF to be configured.

Unidirectional links is a feature that configures an Ethernet interface transmit and receive paths to be

The Unified Forwarding Table (UFT) is memory that is shared between Layer2 and Layer3 lookup tables with capabilities for variable partitions. Rather than separate Layer2 and Layer3 lookup tables of fixed size, the UFT may be partitioned to support user-requested combinations of Layer2 and Layer3 lookup table sizes.

With the 13.0 release, CloudVision Cognitive Unified Edge (CV-CUE) lets you configure Unique PSK (UPSK) for client authentication. UPSKs allow users  to connect to the same SSID using a unique PSK which is user specific. UPSK provides added security as compared to single PSK because single PSKs are easily compromised.

With the 15.0 release, CloudVision Cognitive Unified Edge (CV-CUE) introduces the following enhancements to the Unique-PSK(UPSK) workflow: