• Author : Shyam Kota

 
 

Support for TapAgg traffic steering using Aegis

Description This feature extends the capabilities of Tap Aggregation traffic steering to allow for using traffic policies. In order to limit the possible combinations of items in each field list, this feature performs transformations on the packet fields. These transforms summarize the fields in terms of the relevant rules they match. Then the summarized rules are looked up instead of the raw packet fields in a traditional classification engine that is implemented in a TCAM. This results in marked reduction in TCAM entries required for the same set of rules as against traditional TCAM-only based ACL implementations. Platform compatibility DCS-7280R3...
Continue reading →

Power alerts for high card power

Description Line cards, fabric cards, and switch cards now alert the user whenever a card consumes excessive power. There are three ways a card can trigger this alert: The card draws more power than its maximum rated power limit The card draws more power than a user configured power limit For fabric cards only, the card draws substantially more power than the other fabric cards These three cases will be referred to by their number below, e.g., (1), (2), or (3). In 4.25.2F, the power calculated does not take into account the power consumed by the fans on the system....
Continue reading →

EOS-4.26.2F TOI Index Page

Shaped Interface Speed in IF-MIB Set explicit nexthops for vpnv4 and vpn-ipv6 routes during outbound policy via route maps VXLAN Decapsulation on default VRF Only SSO support for 7500R3 series FEC Implicit References 7800R3/7500R3/7280R3 Qos Marking on Bridge Encap BGP multicluster route-reflector RADIUS over TLS Power alerts for high card power DPS VPN scaling using BGP OSPFv3 LSA Limit Support for PTP on MLAG Support for BGP multicast aggregation VRF Selection and Fallback Match Inner CoS in QoS Policy-Map Support for disabling NAT for forwarded fragments BGP Monitoring Protocol for Multi-agent Model Configurable Maintenance Mode Receiver Route-Map (ArBgp) Sub-second switchcard...
Continue reading →

Per Port Scheduler Compensation

Description The per port scheduler compensation feature is used to make adjustments to the packet size seen by the scheduler for scheduling-shaping. This feature is useful when shaping is applied on an interface where the traffic is getting encapsulated or decapsulated. When a packet is decapsulated, the egress packet size is less than the ingress packet size ( due to termination of headers ) but the scheduler uses ingress packet size for the calculation of scheduling-shaping resulting in a lower observed shape rate. Using this feature the scheduler can be informed of the decapsulation happening on the packet. ( Similarly...
Continue reading →

Health monitoring of free buffer counts

Description In rare circumstances, a Single Event Upset may cause an underflow in the free list of buffers of a switch chip. This can cause the chip to stop forwarding packets. Recovery from this state typically requires the affected chip to be reset. This new feature allows customers to take user-defined actions when the count of buffers in use exceeds the buffers configured in the system, with a default being to log to /var/log/messages. Platform compatibility DCS-7020R DCS-7280R DCS-7280R2 DCS-7280R3 DCS-7500R DCS-7500R2 DCS-7500R3 Configuration The HealthMonitorBuffersHandler has been added as a built-in event-handler. No configuration is required to set it...
Continue reading →

IS-IS redistribute route count limiting

Description Route redistribution is a process that allows a network to use a routing protocol to dynamically route traffic based on information learned from a different routing protocol. Route redistribution helps increase accessibility within networks. Redistributing the large number of routes into IGP potentially causes many problems. To alleviate the problem we can add a limit on the maximum number of routes, cumulative from all protocols, to be redistributed in ISIS. By default, the feature is disabled. User should explicitly configure the route limit using the CLI to limit the number of routes which are redistributed into the ISIS instance...
Continue reading →

EOS-4.26.1F TOI Index Page

VLAN-based Port Security Port-channel Minimum Speed Review and Retry Mechanism Mixed speed port channel Egress peer engineering using BGP-LU VxLAN DSCP Mapping Static Flow Aware Transport support on EVPN VPWS Configurable dynamic MAC learning limit threshold on 7800R3/7500R3/7280R3 MACsec configurable EAPoL destination MAC Send support-bundle CLI command 802.1X on Arista Switches Cos To Traffic-Class Map on SubInterfaces EVPN Centralized Anycast Gateway IS-IS multiple Instances BGP Link State (BGP-LS) Producer for IS-IS LSDB VxLAN Bridging & Routing Support on 7280R3/7500R3/7800R3 Series Transceiver Performance Monitoring and Enhanced Diagnostics IS-IS redistribute route count limiting L2 Protocol Forwarding Support for TapAgg GRE tunnel termination...
Continue reading →

EOS-4.26.0F TOI Index Page

VxLAN DSCP Mapping Sharing BGP update groups between similar RCF functions Support for Differentiated MMU Discard Counters on 7060X4 and 7368X4 series Detect Duplicate IP Addresses LSP ping/traceroute for BGP labeled unicast tunnels Configurable MTU values for fwd interfaces Disable ingress interface from LAG hashing 802.1X on Arista Switches VXLAN Remote VTEP Tunnels over L3 SubInterfaces MACsec LLDP Bypass MLDv2 Snooping Support for transmitting more-specific routes in IPv6 RA messages Security ACL Filtered Mirroring IPv4 route scale enhancements Default QSFP mode support Syslog with TLS support Postcard Telemetry EVPN Single-active Multihoming & Preference-based DF Election 7800R3/7500R3/7280R3 L2 EVPN MPLS Support...
Continue reading →

gRPC Network Operations Interface (gNOI) Support

Description gNOI (gRPC Network Operations Interface) defines a set of gRPC-based microservices for executing operational commands on network devices. Supported operational areas: gNOI Certificate Management (starting with 4.20.6F) – executes commands on the target relating to certificate management. /gnoi.certificate,CertificateManagement/CanGenerateCSR – used to check if a certificate signing request is supported, /gnoi.certificate,CertificateManagement/GetCertificates – used to get a list of certificates available. /gnoi.certificate.,CertificateManagement/Rotate – used to replace an existing certificate on the switch. Note: only internally generated CSRs are supported. gNOI System – a collection of operational RPCs. /gnoi.system.System/Ping (starting with 4.22.1F) – executes the ping command on the switch and streams...
Continue reading →

Support for TapAgg GRE tunnel termination

Description This feature terminates GRE packets on a TapAgg switch by stripping the GRE header and then letting the decapped packets go through the normal TapAgg path. With this feature, we can use an L3 GRE tunnel to transit tapped traffic to the TapAgg switch over an L3 network. That would widely extend the available use cases for TapAgg. Support IPv4 GRE tunnel interface only. Support the following GRE types: IPoGRE, L2GRE, GREenSPAN, ERSPAN Type I, ERSPAN Type II, and GREenTAP. Do packet forwarding/steering on the decaped packets. Not routing. Packets can be forwarded to a set of tool ports....
Continue reading →

Hardware Accelerated sFlow on 7280R3/7500R3/7800R3

Description EOS-4.24.0 adds support for hardware-accelerated sFlow on R3 systems. Without hardware acceleration, all sFlow processing is done in software, which means performance is heavily dependent on the capabilities of the host CPU. Aggressive sampling rates also decrease the amount of processing time available for other EOS applications. With hardware acceleration, all sFlow processing is done on the switch ASIC itself, with little involvement from the CPU. Hence, it’s possible to support higher sampling rate without compromising CPU performance. Note that this is different from DCS-7280R2 and DCS-7500R2 systems, where a separate accelerator chip is used to provide hardware acceleration....
Continue reading →

BGP Prefix Origin Validation with Resource Public Key Infrastructure (RPKI)

Description RPKI provides a mechanism to validate the originating AS of an advertised prefix. EOS support includes: Connecting to RPKI cache server(s) using the RTR protocol and syncing the Route Origin Authorizations (ROA) that have been synced from the global repositories. Validating prefixes received in BGP Update messages either using the ROAs that have been synced, or the Origin Validation State Extended Community attached to the received routes. Using the result of the validation to apply inbound policy in a route map. Platform Compatibility This feature is available on all platforms. Configuration Configuration consists of 3 steps: Configuration of an...
Continue reading →

EOS-4.25.1F TOI Index Page

Support for setting DN bit in OSPF PTP Monitoring: Filtering Dynamic NAT profiles Route-Map Match Ospf Instance Support Redistribution of leaked BGP routes into OSPF / OSPFv3 EVPN VxLAN IPV6 Overlay TOI L2EVPN MPLS EVPN IRB with MPLS Underlay MACsec fallback to unprotected traffic RFC 4364 BGP/MPLS L3 VPN Support for Multicast NAT L3 EVPN extension to BGP using MPLS Head-End-Replicated DHCP Packets Suppression in VXLAN Network VLAN Aware Bundle Service LAG and ECMP selectable hashing fields RSVP-TE LER L2 Sub-interfaces IP Locking + Release Updates OpenConfig Configuration Guide Enhance Dot1x Modes to MBA Hosts Egress ACL counters Storm control...
Continue reading →

Qos Policy Map Counter

This feature is an extension of Qos Policy. It allows the user to configure Qos Policy Map counters. If a class-map is configured for a policer action then the conformed and non-conformed packet and byte counters are displayed for that class-map. Otherwise the number of packets and bytes hitting the class-map are shown. Platform compatibility DCS-7280E DCS-7020R DCS-7280R DCS-7280R2 DCS-7500R2 DCS-7280R3, DCS-7500R3, DCS-7800R3 (EOS 4.24.2F) Configuration Following command allocates the Counter Engines for Qos which actually count and store the counter value. switch(config)#[no|default] hardware counter feature qos in 7280E Currently, there is not enough space in TCAM action bank for...
Continue reading →

QinQ L3 Subinterfaces

Description QinQ L3 subinterfaces divide a single ethernet or port-channel interface into multiple logical L3 interfaces based on a combination of two 802.1q tags (VLAN ID) in the incoming traffic. QinQ L3 subinterfaces are commonly used in the L2/L3 boundary device, but they can also be used to isolate traffic with a combination of two 802.1q tags between L3 peers by assigning each subinterface to a different VRF.   QinQ L3 subinterfaces are similar to regular L3 subinterfaces, with the only difference being the number of tags being used to isolate traffic. While L3 subinterfaces use a single 802.1q tag...
Continue reading →

EOS-4.25.0F TOI Index Page

EVPN VXLAN single-gateway centralized routing CLI error for references to unconfigured policy constructs Support for deleting link bandwidth extended community without specifying value (“set extcommunity lbw delete”) or with specified AS number (“set extcommunity lbw asn delete”) Support for IPv6 Link-local addresses in NHG entries Support for set large community list EVPN L3 Gateway Nexthop Group Resolution for Static Routes Set TTL for PBRed packets Support for OSPFv2 and OSPFv3 dn-bit-ignore Route-map match on next-hop for vpnv4/vpnv6 routes Support for WRED Counters on 7060X4 and 7368 series GRE Tunneling Support Consistent Policy Enforcement and Multi-VRF support for Macro-Segmentation Service L2...
Continue reading →

EOS-4.24.2F TOI Index Page

Disable ENTITY-STATE traps for link up/down IS-IS set-attached-bit OSPF conditional default-originate Route-Map As-Path “repeat” option RSVP-TE LSR Advanced Mirroring Features Support for Traffic Policy on interfaces DHCP Server on EOS Flexible Interface Encapsulation (FlexEncap) LDP End-of-LIB BGP Enhanced Route Refresh Connected routes for VARP subnets Support for Non XPN Cipher Suites in MACsec Route Map – Match Resolved Nexthop Support in Multi-Agent Discard unimportable VPN paths Health monitoring of free buffer counts Support for ECMP routes in RIP VxLAN VTEP counters on 7020R, 7280R, 7280R2, 7500R, and 7500R2 series RFC 4364 BGP/MPLS L3 VPN Dynamic CLI Access VLAN Support for...
Continue reading →

EOS-4.24.1F TOI Index Page

Support for IPv6 multicast (S,G) counters BGP best paths and best ECMP paths counters As-Path Statement Enhancement BGP Non Stop Forwarding Setting metric on static routes and Eos SDK support Redistribution of leaked routes into IGPs CLI Command for Fast Phy Link up Security ACL Filtered Mirroring MPLS static tunnel ECMP Optimizing hardware utilization for unused (S,G) routes Hardware Accelerated sFlow on 7280R3/7500R3/7800R3 MLAG Unicast Convergence LDP Graceful Restart Support for static NAT access-list resource sharing TAP Aggregation – FCS handling Support for metadata in egress mirroring to GRE TAP Aggregation DCS-7280R3 / DCS-7500R3 support BGP neighbor default-originate always LAWFUL...
Continue reading →

EOS-4.24.0F TOI Index Page

Allow resolution over BGP aggregates BGP Send-Community Global Setting Burst-Size with Shape Rate Configurable Admin Distance for OSPFv3 External Routes Flow Aware Transport on LDP pseudowires IS-IS set-attached-bit Egress IPv6 RACL on R3 series 7800R3/7500R3/7280R3 MLAG support Priority Drop Support Redistribution of ISIS Routes into OSPFv3 Redistribution of leaked routes into IGPs Router ACLs with User-Defined Fields Sub-interface ACLs with User-Defined Fields Port Security: Protect Mode Class Based Forwarding for SR-TE Policies BFD for Static Routes Per Port Tc-To-Cos IP Locking + Release Updates LDP Pseudowire Regular expression aliases Egress MAC ACLs Lanz Mirroring Segment Routing Traffic Engineering Policy (SR-TE)...
Continue reading →

Per Port Tc-To-Cos

Description This feature enables per port TC-To-COS mapping. TC represents Traffic-Class and COS represents Vlan tag PCP bits. While at present there is a global TC-To-COS mapping, in this feature named TC-To-COS profiles can be created which can be applied to the required interfaces. When a Tc-To-Cos profile is applied to an interface then all the packet egressing through this interface will follow the below principles: Cos remarking will happen based on the TC, Dp( Drop precedence ) of the packet. The exact value of the cos will depend on the mapping present in the tc-to-cos profile applied to it....
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: