Tag :: TOI

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.This document serves as a reference guide for Routing protocol attributes, Operators for comparing and modifying attributes, built-in functions provided in RCF

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.This document serves as a reference guide for Bgp agent points of application:

Routing Control Functions (RCF) is a language that can express route filtering and attribute modification logic in a powerful and programmatic fashion.

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.This document serves as a reference guide for KernelFib agent points of application:

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion. 

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.

Routing control functions (RCF) is a language that can be used to express route filtering and attribute modification logic in a powerful and programmatic fashion.

In an MLAG setup, routing on a switch (MLAG peer) is possible using its own bridge/system MAC, VARP MAC or VRRP MAC.

RSVP-TE, the Resource Reservation Protocol (RSVP) for Traffic Engineering (TE), is used to distribute MPLS labels for steering traffic and reserving bandwidth. The Label Edge Router (LER) feature implements the headend functionality, i.e., RSVP-TE tunnels can originate at an LER which can steer traffic into the tunnel.

RSVP-TE applies the Resource Reservation Protocol (RSVP) for Traffic Engineering (TE), i.e., to distribute MPLS labels for steering traffic and reserving bandwidth.

RSVP-TE P2MP LER adds ingress and egress support for Point-to-Multipoint (P2MP) LSPs to be used in Multicast Virtual Private Network (MVPN) as an extension to the LSR support which adds transit support.

RSVP-TE P2MP LSR adds transit support for Point-to-Multipoint (P2MP) LSPs. Specifically the feature adds protocol support for the transit role as described in RFC 4875.

With the 13.0 release, you can integrate SAML SSO with a captive portal for authentication. The SAML integration functionality is only available for captive portals hosted on the Arista Cloud. It is not available if the captive portal is hosted on third-party servers or on the access point.

Network administrators require access to flow information that passes through various network elements, for the purpose of analyzing and monitoring their networks. This feature provides access to IP flow information by sampling traffic flows in ingress and/or egress directions on the interfaces on which it is configured. The samples are then used to create flow records, which are exported to the configured collectors in the IPFIX format. Egress Flow tracking is supported from EOS-4.29.0F on the DCS-7170B-64C series and supported on 7280, 7500 and 7800 series platforms from EOS-4.31.1"

Sampled Mirroring is an extension of the Mirroring feature and sampling is a property of the individual mirroring session: when the session's sample rate N is specified, a packet eligible for mirroring will have a 1/N chance of being mirrored, that is, 1 packet is mirrored for every N packets.

With the 17.0 release, CloudVision Cognitive Unified Edge (CV-CUE) introduces the ability to schedule the generation of Client Visibility and Client Association reports. You can schedule report generation on a one-time basis or recurring basis.  Note: Users with Admin or Operator roles only can schedule a report.

With the 13.0 release, you can schedule the Automatic Channel Selection (ACS) to run at a specific time of the day and minimize service disruption.

Secondary private VLAN trunk ports are introduced in the EOS 4.15.2F release. This feature can

Secure boot is a security feature available in Aboot (Arista bootloader) that verifies the cryptographic signature of the EOS SWI (software image) before it is booted. Aboot embeds certificates that allow it to recognize and validate official EOS releases from Arista. If the signature verification is successful, the secure boot check passes and Aboot proceeds to boot the SWI. If the signature verification fails, the boot is aborted.

With the 16.0.1 release, clients connecting to the 6 GHz band can seamlessly connect to OWE-enabled SSIDs having Transition Mode. Arista APs support the Enhanced Open security protocol with Transition Mode built for open networks. Enhanced Open is based on Opportunistic Wireless Encryption (OWE). It is supported only in WiFi 6 and higher AP models. A few examples are C-360, C-260, C-250, C-230, O-235, etc.

This feature introduces a command to enable or disable USB ports, specifically designed to address strict security requirements in hardened environments. By restricting port functionality, administrators can prevent unauthorized access or booting from external USB storage.

VXLAN UDP-ESP support allows the customer to encrypt traffic between two VXLAN VTEPs. The frame format looks like: NOTE, Secure VXLAN is s~upported with both the sectag2 and UDP-ESP format in 4.27.1, where sectag2 is the default encapsulation format. However, the sectag2 format is deprecated and should not be used.

The Dynamic Load Balancing (DLB) feature is currently supported in the DCS-7060 Arista switches in order to provide an alternative to the hash-based ECMP load balancing, which selects the next hop for routed packets using a static hash algorithm. DLB considers the state and quality of the port while assigning egress ports to packets, resulting in a more even flow. The state of each port member is determined by measuring the amount of data transmitted from a given port and the total number of packets enqueued to a given port.

Selective Q in Q tunneling feature allows a set of customer VLANs (hereafter referred to as c vlan(s)) to be tunneled

This document outlines a new CLI command, send security-bundle. This feature is motivated by the need for a streamlined way to collect forensic and security-related artifacts from a switch for analysis by security teams. It parallels the existing send support-bundle command, which is used to gather troubleshooting data. It is suggested to use the security-bundle together with the support-bundle command in order to obtain all data necessary to support an incident.

The send support bundle feature adds a new CLI command which creates a ZIP file containing a useful set of logs and

Arista has built the link qualification functionality utilizing the SAT engine. There will be 2 sides of the link, the generator port and the reflector port. The generator port will be put in generator mode and the reflector port will be put into reflector mode and then the test will be started on the generator port. Traffic will be transmitted on the generator port and reflected back to the generator port at the reflector port.

Load Balancing on Service Leaf MLAG is a feature designed to support optimal load balancing of traffic sent to a ZTX Monitor Node cluster. The load balance functionality is essential to ensure that bi-directional flows land on the same ZTX Monitor Node in the cluster as all members of the ZTX Monitor Node cluster advertise a common anycast GRE endpoint.

The sFlow EVPN MPLS extension adds support for providing information related to the bridging domain in sFlow packet samples, for traffic forwarded through L2 EVPN MPLS.

sFlow independent configuration allows the user to configure the sFlow source and agent addresses independently of one another. This feature fixes the limitations of “sflow source-interface” where the address it uses is indeterminate when the interface has multiple addresses assigned.

On 7500E, sFlow output interface feature enables sFlow to use the hardware provided output interface and

Packets sampled for sFlow are packaged in a flow sample structure containing, amongst other things, input and output

The sFlow VLAN forwarding feature adds support for providing the VLAN by which the packet is bridged as opposed to the VLAN that is decoded from the Ethernet frame. The VLANs are reported in the sFlow extended switch header’s input VLAN and output VLAN fields, as defined in the sFlow extended switch data.

The sFlow VXLAN extension adds support for providing VXLAN-related information to sFlow packet samples, for VXLAN forwarded traffic. Specifically, for customer traffic ingressing on a CE-facing PE interface and forwarded into a VXLAN tunnel, the IP address of the source VTEP, the IP address of the destination VTEP and the VNI will be included in the sFlow datagram.

The AES-256 Support for SNMPv3 feature implements 256-bit encryption for SNMPv3 interactions on the DMF Controller and managed devices. Configuring the AES-256 privacy protocol option enhances the User-based Security Model (USM) by enforcing 256-bit encryption standards.

ACL based QoS programmed on SVIs can share hardware resources starting from EOS 4.17.0F. This results in

OpenStack has a concept of shared tenant networks which let the admin can create a network which can be shared by all the

With the DANZ Monitoring Fabric (DMF) 8.7 release, a DMF Controller will allow multiple managed services to share a delivery interface with an IP address, commonly called an L3 delivery interface. These interfaces redirect the packets processed by managed services to the required tool nodes for further analysis. Sharing an L3 delivery interface is useful when applying different actions to a packet that otherwise cannot be chained together in one managed service when sending it to the same destination.

With the DANZ Monitoring Fabric (DMF) 8.7 release, a DMF Controller will allow sharing of managed services utilizing L3 delivery interfaces (e.g., NetFlow, IPFIX, app ID, etc.) across multiple policies. In prior releases, DMF did not support managed service sharing because the L3 delivery interface was an optional setting in a policy configuration. However, sharing is now supported because the managed service configuration must now specify the L3 delivery interface.

The show command 'show qos interface fabric' was introduced for DCS 7250QX and DCS 7300X series starting EOS

The command provides a summary of the number of used hardware entries versus the total available capacity for various Layer 3 features, such as next-hops and ECMP groups. Network operators run this to quickly assess the health of the forwarding plane and determine if the device is approaching its resource limits. This command also details the usage of different levels of the ALPM tables and TCAMs.

Smart System Upgrade (SSU) provides the ability to upgrade the EOS image with minimal traffic disruption. This is an existing feature on many fixed system products. This resource will outline the SSU feature in reference to CCS-720DP, CCS-722XPM, CCS-720XP-96ZC2, CCS-720XP-48TXH-2C, and DCS-7010TX.

Delay request messages can now be set from log 7 to 8. To configure: switch(config)#interface Et5/1.

This feature allows users to configure SNMP’s context to provide a value from a default context when no such value is provided in the context queried.

This feature aims to solve two problems:

Nexthop groups is an existing feature which allows users to manually configure a set of tunnels with nexthops.

Hardware Table Capacity Monitoring is an existing feature to keep track of the capacity and utilization of various

Starting 8.8 release, Cloud customers can receive all events/alerts as SNMP traps. While configuring an SNMP trap

This feature gives users the ability to use Route Control Functions (RCFs) to create custom policies for deciding which routes with IP next-hops should be programmed into the kernel with fwd* next-hop devices so the associated kernel packets are inserted into the ingress pipeline of hardware forwarding instead of being software-forwarded by the kernel.

The Software Management Studio is used to manage EOS images and extensions and assign them to devices. You’ll use the studio’s Software Repository to upload EOS images, Streaming Agents, and extensions. You’ll then  assign software from the Software Repository to devices using a new or open workspace.