• Author : Lavanya

 
 

Filtered Mirroring of MPLSoGRE Packets

MPLSoGRE Filtered Mirroring is a specialized version of Mirroring to GRE Tunnel and Filtered Mirroring in which IPv4oMPLSoGRE and IPv6oMPLSoGRE packets entering a GRE tunnel endpoint on which an MPLS lookup is performed may also be be selected for mirroring based on the destination IP address field in the inner IPv4 or IPv6 header. Packets selected for mirroring will have the following header format: The packets described above when forwarded based on either the L2 or outer L3 header destination address will not be subject to mirroring. When mirroring to a GRE tunnel, the payload of the outgoing GRE packet...
Continue reading →

EOS-4.18.2F Release – Transfer of Information

Arista Platform Independent Features BFD SSO Arista 7500E/7280E/7500R/7280R Features SNMP MIB for nexthop-group counters Filtered Mirroring of MPLSoGRE packets For a complete list of supported features on these platforms, please refer to the Supported Feature Matrix.

Tap Aggregation – Caveats and Limitations

Caveats and Limitations Platform List DCS-7280E/R series DCS-7500E/R series Truncation Truncation Size: Truncation size is not available per interface. Available only as a system-level configuration. The only truncation size currently supported is 169 bytes. Starting from EOS-4.20.5F, this limitation applies only for egress (Tool port) truncation. Tap ports can be configured independently to an arbitrary truncation size. Note: if both ingress and egress truncation are configured for a packet stream, and ingress truncation size is larger than egress truncation size then the packet will be truncated only once and the resulting packet will have the size configured on the Tap...
Continue reading →

SVI blocking for RACLs

When configuring or modifying a RACL applied to a VLAN interface, the VLAN will be blocked while applying the updated RACL.  This will prevent inconsistent forwarding of traffic to or from the VLAN interface while the RACL is being modified.  As with ACLs applied to ports, the default blocking behavior can be overridden using the hardware access-list update default-result permit command. Platform compatibility 7010T 7050Q 7050S 7050T 7050QX 7050SX 7050TX 7060CX 7060CX2 7250QX 7260CX 7260QX 7304 7308 7316 Configuration This feature is the default behavior for ACL configuration. In order to prevent any traffic from being dropped during RACL configuration...
Continue reading →

Overlay IPv6 routing over VXLAN

Overlay IPv6 routing over VXLAN Tunnel is simply routing IPv6 packets in and out of VXLAN Tunnels, similar to VXLAN overlay IPv4 routing. Underlay ( Outer IP Header ) in VXLAN still uses IPv4, and common for both overlay IPv4 and IPv6 . Hence VXLAN configuration remains exactly same for both IPv4 and IPv6 overlay routing support. This feature enables IPv6 networks/hosts get connected through VXLAN Tunnels. Following figure illustrates IPv6 routing followed by VXLAN encapsulation to reach a remote host across the VXLAN tunnel.   Following figure illustrates VXLAN decapsulation and routing of an IPv6 packet. Platform compatibility DCS-7050X DCS-7060X DCS7260X DCS-7050X2 DCS-7250X DCS-7304 / DCS-7308 /...
Continue reading →

OpenStack Enhancements

This release introduces enhancements to the CloudVision eXchange and OpenStack integration. The following features were added as part of this release: OpenStack Ironic Integration OpenStack Keystone v3 support OpenStack DVR support OpenStack Ironic Integration Through OpenStack Ironic integration with Neutron, it is possible to provision bare metal servers that are attached to Arista switches and connect them to tenant networks. All of the features that Arista supports for provisioning networks for VMs is extended to bare metal servers. This includes automatic VLAN-to-VNI mapping and Hierarchical Port Binding. Security groups can be applied as ACLs on switch interfaces connected to bare...
Continue reading →

IPv6 Support for Decap Groups

The document describes an extension of the decap group feature, that allows IPv6 addresses to be configured and used as part of a group. IP-in-IP packets with v6 destination matching a configured decap group IP will be decapsulated and forwarded based on the inner header. That will allow any IP-to-IP packet type to be decapsulated, i.e. v4 in v4, v4 in v6, v6 in v4 and v6 in v6. Platform compatibility DCS-7050X DCS-7500X DCS-7260X DCS-7500R DCS-7500E DCS-7280R DCS-7280E Configuration Configuration is similar to IPv4-only decap group. Additional option of configuring IPv6 address is now available after the “decap-ip” keyword. If...
Continue reading →

EVPN extension to BGP using VXLAN

Ethernet VPN (EVPN) is an extension of the BGP protocol introducing a new address family: L2VPN (address family number 25) / EVPN (subsequent address family number 70). It is used to exchange overlay MAC and IP address reachability information between BGP peers within a tunnel [1]. In EOS 4.18.1F VXLAN tunnel support was introduced [2]. The available features are: Single-homing L2 routes (EVPN type 2 and type 3), with MLAG used as the L2 multi-homing solution. Multi-homing L2 routes (EVPN type 1 and type 2) are received and installed, with up to two all-active remote paths per destination (additional paths...
Continue reading →

Coherent Modulation Formats and 7500R-8CFPX-LC

The 7500R-8CFPX-LC linecard with ACO CFP2 optics provides connectivity over DWDM systems and links. 7500R-8CFPX-LC currently only supports connections to other 7500R-8CFPX-LC linecards. 7500R-8CFPX-LC when used with Linear CFP2-ACO supports three modulation formats allowing three different combinations of reach and data rate as required by the application. Enhancements for 7500R-8CFPX-LC Modulation Formats Capabilities The show interfaces capabilities command has been enhanced to show the available modulations for coherent interfaces. Arista#show interfaces Ethernet4/1/1-4/2/1 capabilities Ethernet4/1/1 Model: 7500R-8CFPX-LC Type: 100G-DWDM-E Speed/Duplex: 100G/full(default) Flowcontrol: rx-(off,on),tx-(off) Error Correction: Reed-Solomon: 100G Modulation: DP-QPSK,8QAM,16QAM(default) Ethernet4/1/2 Model: 7500R-8CFPX-LC Type: 100G-DWDM-E Speed/Duplex: 100G/full(default) Flowcontrol: rx-(off,on),tx-(off) Error Correction: Reed-Solomon:...
Continue reading →

CloudVision Portal 2017.1.0 – TOI

Documentation for the new major features is available in the CloudVision User Guide for release 2017.1.0. This TOI provide details for the minor features 2017.1.0 release. Major Features (Documented in CloudVision User Guide) Change Control Management Snapshots Network Rollback Minor Features Support for AAA managed enable password on switches Configlet Builder enhancements Configurable default ZTP Image Bundle on Undefined Container Comma separated multi-word searches are supported on Inventory and Task list pages Cron job support for scheduling compliance checks, snapshots, backups System Enhancements Scale, Performance and Infrastructure Support for AAA managed enable password on switches In releases before 2017.1.0, CVP...
Continue reading →

OVSDB Hardware-VTEP L3 Integration

EOS currently supports VXLAN L2 integration with external controllers using the Arista OVSDB HW VTEP schema ([HW-VTEP]) implementation. External controllers can read and write the tables specified in OVSDB to orchestrate a VXLAN L2 overlay network. EOS-4.18.0F  introduces  support for L3 functionality in VXLAN Overlay Networks. The functionality,  implemented in Arista’s Cloudvision Controller (CVX) and switches, will be used to orchestrate L3 VXLAN Overlay in a physical network of Arista switches. External controllers (e.g., VMWare NSX or Nuage VSP) can interact with the OVSDB server running on CVX/EOS. CVX/EOS reads all the information from OVSDB and communicates with the appropriate Arista...
Continue reading →

BGP Convergence Timer Improvements

BGP Convergence Overview To avoid hardware updates and route advertisement churn during switch reload or BGP instance start, BGP enters into convergence state where it will wait for all the peers to join and receive all the routes from all the peers. In this phase BGP also waits for IGP protocols to converge before declaring its convergence, this is required for all IBGP sessions to get Established and also for routes learned over IBGP sessions to get recursively resolved via IGP routes. BGP declares convergence when it has received route updates from all its peers, received EOR (End-Of-RIB) markers from...
Continue reading →

Transceiver Performance Monitoring and Enhanced Diagnostics

This feature adds support for viewing the Digital Optical Monitoring (DOM) parameters for the optics that support enhanced diagnostics from the CLI. The show commands described later in this document can be used to view the instantaneous values for various PAM4 parameters like Signal-To-Noise Ratio, Residual Inter Symbol Interference, PAM4 Level Transition Parameters, etc. that such optics support. EOS-4.18.0F also introduces the Performance Monitoring feature wherein EOS collects and maintains certain performance statistics over a user-defined time period. EOS stores data for two intervals, the current interval and the most recently completed interval. When the current interval completes, the data...
Continue reading →

BFD Support for ISIS IPv6

IPv6 support for BFD in ISIS. BFD provides a faster convergence in scaled deployments where using aggressive times may cause scalability issues. This also addresses scenarios which need sub-second hello timers, which is not supported in EOS. Platform compatibility ISIS IPv6 BFD feature is supported on all platforms. Configuration This feature can be configured in two ways. 1.The following command is available under the config-router-isis mode. Arista(config)#router isis <Isis Process ID> Arista(config-router-isis) address-family ipv6 Arista(config-router-isis-af)#[ no | default ] bfd all-interfaces This enables or disables BFD for all ISIS interfaces for ipv6. It is disabled by default. 2. The following...
Continue reading →

Allow single lane of 10G on 40G only ports

The 40G-only ports on Trident 2 switches may now be configured as 1 lane of 10G, 1G, or 100M*. This may be achieved using the first lane of a QSFP+ cable or transceiver, the first lane of a QSFP+ to 4xSFP+ “octopus” cable or transceiver, or an SFP+ cable or transceiver inserted into a Mellanox MAM1Q00A-QSA QSFP to SFP adapter (QSA). Platform compatibility DCS-7050QX-32 DCS-7050QX-32S DCS-7050SX-128 DCS-7050TX-128 Limitations The bandwidth scheduler on the forwarding chip will schedule the 40G-only ports as if they were running at 40G regardless of their actual speed. * Some ports on the DCS-7050QX-32 and DCS-7050SX-128 do...
Continue reading →

ECMP Hash Visibility

Description ECMP Hash visibility CLI determines the output interface for an ECMP set based on the flow parameters supplied by the user. Ingress interface, source IP address, destination IP address and IP protocol are the required parameters. L4 source and destination ports and VLAN identifier are optional, but should be specified if the packet has them.   7050(config)# show load-balance destination ingress-interface <interface> { src-ipv4-address <ipv4-address> dst-ipv4-address <ipv4-address> | src-ipv6-addess <ipv6-address> dst-ipv6-address <ipv6-address> } ip-protocol <protocol> [src-l4-port <port#> dst-l4-port <port#>] [vlan-id <vlan>] Platform Compatibility 7050X 7250X 7300 7050 7010 7368 7060DX4-32 7068PX4-32 Configuration Example 1 Say, the routes programmed in...
Continue reading →

Per port per VLAN QoS

The per-port-per-VLAN feature allows application of QoS policies for IP, IPv6 and non IP traffic on a per-port-per-VLAN basis. This feature is also supported for port-channels. This feature is not supported for CoPP. Platform compatibility Here is the platform compatibility with EOS version where the feature got introduced. DCS-7010T EOS4.17.0F DCS-7050X EOS4.17.0F DCS-7250X EOS4.18.0F DCS-7300X EOS4.18.0F DCS-7280(E/R) EOS4.18.0F DCS-7500(E/R) EOS4.18.0F DCS-7020TR Bloomington-rel Configuration On DCS-7280(E/R, DCS-7500(E/R) and DCS-7020TR, to use this feature, tcam profile needs to be switched to ‘qos’. Arista(config)#hardware tcam profile qos Please refer to EOS configuration guide to configure ACL policing QoS. Once created, policy-maps can be...
Continue reading →

Policing on LAGs

Ingress policing on front panel ports is supported on DCS-7010X and DCS-7050X since EOS4.14.0F. When ingress policing is applied on a port-channel, it polices the matched traffic from all its member interfaces combined i.e aggregate policing and statistics. If per-interface policer is attached to a port-channel, one set of TCAM entries is created for all its member interfaces and associated port-bitmap is updated i.e aggregate policing performed on all its member interfaces. For example, if per-port policer has to allow 1 Mbps of TFTP traffic on all matched TFTP traffic on interfaces Ethernet1, Ethernet2 and a port-channel with members Ethernet3...
Continue reading →

Ingress Traffic Class Counters

The feature enables support for displaying per traffic-class counters on ingress interfaces. The feature is supported on routed-ports and subinterfaces only. Both packet and octet counts are displayed. Platform compatibility DCS-7280E DCS-7500E Configuration The feature is configured as: Arista(config)#hardware counter feature traffic-class in The feature will only be enabled if the ‘tc-counters’  TCAM profile is configured. This profile can be configured as: Arista(config)#hardware tcam profile tc-counters Status Show Commands The currently configured dynamic counter features can be listed using the following show command: Arista#show hardware counter feature Feature Direction Counter Resource ... Traffic-class in 3 The counter resource allocated to the feature...
Continue reading →

Per VLAN MAC Learning

Per VLAN MAC Learning is a feature to enable/disable mac learning per-vlan instead of per-port. Using this feature with VxLAN could provide a poor-man version of Point-to-Point VxLAN Pseudowire services. Platform compatibility DCS-7500E DCS-7280 Configuration By default, MAC learning on a VLAN is enabled. To disable MAC learning on VLAN 10, simply issue no mac address learning command on VLAN config. 7280(config)#vlan 10 7280(config-vlan-10)#no mac address learning To bring the VLAN back to the default mode use mac address learning command. 7280(config-vlan-10)#mac address learning Status To check MAC Learning status on VLANs, issue show mac address-table command. 7280(config)#vlan 10 7280(config-vlan-10)#no...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: