• Author : Sergey Kolobov

 
 

DHCP Server on Arista EOS

Overview In this document, a DHCP server will be installed on the switch, and configured to deliver IP addresses for a subnet/VLAN interface on the switch serving both IPv4 and IPv6 address families. All examples are demonstrated on Arista EOS release 4.20.7M. Install the DHCPD extension An extension is a Red Hat Linux .rpm file type or an archive of .rpm files in a .swi format. For this example the latest .swi package for DHCPD is downloaded from Arista repository to the switch and installed as a recognized extension. Download the extension: Please make sure you have reached out to Arista...
Continue reading →

Securing Inter Domain Routing with RPKI

Problem definition The debate over challenges and solutions for Secure Interdomain Traffic Exchange is hot as ever these days. The obstacle lies in the fundamental principle of BGP – mutual trust between network operators. Unfortunately, though this principle has led to a number of incidents in the industry, to the public eye only the tip of the iceberg is visible. The results of these incidents are traffic redirection, eavesdropping, DoS attacks and black-holing, to name a few. While incidents number in thousands, the underlying issues are only a few, and vary between accidental route leak through intentional prefix hijack and...
Continue reading →

Carrying Label Information in BGP-4

Theory of BGP-LU Overview MPLS typically has been used in core service provider (SP) networks. These deployments, however, have expanded beyond the network core and edge to the access and metropolitan networks. This rapid growth of edge-to-edge, label-switched paths (LSPs) across many networks  has presented scaling challenges. In particular, emerging business demands related to Carrier Supporting Carrier (CSC), global growth of IPv6 traffic, and delivery of services over native IPv4 networks require pertinent and flexible solutions. Many organizations prefer to continue with the existing MPLS-based solutions to more recent overlay technologies such as VXLAN. A solution that solves these potential...
Continue reading →

VXLAN: security recommendations

Abstract This document provides recommendations that are advised to implement in order to increase the security in multitenant network environments built on Arista Networks devices using VXLAN. Introduction One of the crucial qualities of modern cloud network infrastructure is scalability. Scalability can’t be achieved if security of the network operations inside the cloud is compromised. As for example, load scalability is not achievable in environments where the VMs are not able to operate when the network between them is not working properly due to hijacked MAC-addresses. One of the technologies used nowadays to address the challenges with scalability inside the cloud networks...
Continue reading →

Load Balancing with ECMP: Hardware Configuration Lookup

Abstract: This publication illustrates a technique which can be used to find exactly how Arista devices program routes to send traffic across multiple available paths. An example will be given on the Arista DCS-7150S-52-CL-R running EOS version 4.14.8M. Initial configuration: As an IGP we are using OSPF with maximum paths feature configured: Arista(config)#router ospf 1 Arista(config-router-ospf)#maximum-paths 32 There are two iBGP peers configured via a peer-group “pg1”: Arista(config)#router bgp 65001 Arista(config-router-bgp)#neighbor pg1 maximum-routes 16000 Arista(config-router-bgp)#neighbor 172.20.18.49 peer-group pg1 Arista(config-router-bgp)#neighbor 172.20.18.121 peer-group pg1 iBGP advertisements: * >   10.82.2.32/27       172.20.16.143    0       100     0       64920 64944...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: