• Author : Rahul Kumar Singh

 
 

Voice VLAN

Description This article is intended to discuss how to configure the Voice VLAN (phone VLAN) on an Arista switch. In the Campus environment, there are many devices which can connect wirelessly or wired. Switches need to be able to classify these devices and forward the traffic appropriately. For IP phones, this is of utmost importance as voice traffic and  signaling need to be treated with priority over generic data traffic to ensure quality of service and minimum to no loss. This article focuses on how to configure the switch CLI based on different scenarios found on a campus in order...
Continue reading →

Enhance Dot1x Modes to MBA Hosts

From 4.25.1F, Dot1x Modes to MBA Hosts is supported.With this feature enabled MBA hosts will be considered for Dot1x host mode restriction calculation. Single Host Mode => Only one supplicant( irrespective of Auth Method i.e. EAPOL or MBA ) will be allowed on the port. Multi Host Mode => Successful Authentication of one supplicant( irrespective of Auth Method i.e. EAPOL or MBA ) port will be opened and dynamical learning will be allowed. Multi Host Authenticated => All authenticated supplicants( irrespective of Auth Method i.e. EAPOL or MBA )  will be allowed. Configuring Dot1x Modes to MBA Hosts Dot1x Modes...
Continue reading →

802.1X on Arista switches

Overview 802.1X is an IEEE standard protocol that prevents unauthorised devices from gaining access to the network. 802.1X defines three device roles, Supplicant (client) Authenticator (switch) Authentication server (RADIUS) Before authentication can succeed, switchport is in unauthorized mode and blocks all traffic but, after authentication has succeeded, normal data can then flow through the switchport. Description 802.1X port security controls who can send traffic through and receive traffic from the individual switch ports. A supplicant needs to authenticate itself using EAPoL packets with the switch before it gains full access to the port. Arista switches act as an authenticator, passing...
Continue reading →

Phone VLAN Feature TOI

Description In campus network deployments, classification of the devices connected to a switch port is required. Based on the device type classification, devices are assigned to specific vlans for handling the traffic differently. The devices being referred here could be any desktop phone, mobile, computer, network printer or potentially anything that has the capability to connect to the Internet. These devices may or may not support 802.1X authentication. Please note that the interaction of this feature with Dot1x authentication has been covered in another Dot1x TOI. There are multiple pieces to this :  Phone Classification via LLDP Assignment of phone...
Continue reading →

802.1X on Arista switches

Overview 802.1X is an IEEE standard protocol that prevents unauthorised devices from gaining access to the network.    802.1X defines three device roles,  Supplicant (client) Authenticator (switch) Authentication server (RADIUS) Before authentication can succeed, switchport is in unauthorized mode and blocks all traffic but, after authentication has succeeded, normal data can then flow through the switchport. Description 802.1X port security controls who can send traffic through and receive traffic from the individual switch ports. A supplicant needs to authenticate itself using EAPoL packets with the switch before it gains full access to the port. Arista switches act as an authenticator,...
Continue reading →

802.1X on Arista switches

Overview 802.1X is an IEEE standard protocol that prevents unauthorised devices from gaining access to the network. 802.1X defines three device roles, Supplicant (client), Authenticator (switch) Authentication server (RADIUS) Before authentication can succeed, switchport is in unauthorized mode and blocks all traffic but, after authentication has succeeded, normal data can then flow through the switchport. Description 802.1X port security controls who can send traffic through and receive traffic from the individual switch ports. A supplicant needs to authenticate itself using EAPoL packets with the switch before it gains full access to the port. Arista switches act as an authenticator, passing...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: