• Blog

 
 

Summary of Arista VxLAN Control Plane Options

IP Multicast Head End Replication (HER) with static flood-set CloudVision eXchange (CVX) Ethernet VPN (EVPN) – VTEPs within a VNI join a configured control plane multicast group.– BUM traffic is sent to all VTEPs within the VNI over the configured multicast-group.– Arista supports only multicast decapsulation to interop with third-party VTEP(s). HER will be used for BUM traffic encapsulation.  – Underlay needs to be multicast capable which can possibly make the deployment limited.– Recommended for deployments where Arista VTEPs need to interop with legacy third-party VTEPs that support only multicast underlay for BUM traffic handling. – BUM traffic within a...
Continue reading →

CVX Deployment Recommendations for VxLAN Control Service

CVX (CloudVision eXchange) is an infrastructure for aggregating and sharing state across a network of physical switches running EOS. Services that run on top of this infrastructure provide network-wide visibility and coordination. CVX is a single pane of glass for network wide visibility and orchestration of physical switches running EOS. CVX provides VxLAN Control Service (VCS) which is a mechanism by which hardware VTEPs share states between each other in order to establish VxLAN tunnels without the need for a multicast control plane or manual configuration of static flood-set for Head End Replication. CVX is built on the same underlying...
Continue reading →

Arista Any Cloud Platform – Migrate an AWS VPC utilizing VGW to Arista vEOS Router

Overview Purpose of this post is to outline the steps involved in migration of an AWS VPC running VGW for VPN termination / connectivit to Arista vEOS Router. When utilizing the AWS VGW we are employing IPSec and VTI on the Arista vEOS Router running in the Transit VPC router as shown in the image below. Our goal is to migrate from this setup:  To this setup:  What is CloudFormation and creation of templates in YAML I have broken down every section of the template and provided my thought process with regards to what I am doing and how in...
Continue reading →

EOS allows you to choose your own hardware and run your own apps

You’ve decided to go open source with your datacenter network. Whether you want to go open software or open hardware, Arista EOS provides the best software stack to complete your solution. In fact, I’ve been told that most of my daily web usage travels through a switch running EOS along the way. Arista’s EOS software architecture is designed to manage the best network silicon available for datacenters.  EOS is offered as a single binary across all Arista products, including 4 silicon architectures, over a dozen chipsets, as well as in hypervisor, container, and cloud-platform packaging. We have always supported the...
Continue reading →

Carrying Label Information in BGP-4

Theory of BGP-LU Overview  MPLS typically has been used in core service provider (SP) networks. These deployments, however, have expanded beyond the network core and edge to the access and metropolitan networks. This rapid growth of edge-to-edge, label-switched paths (LSPs) across many networks  has presented scaling challenges.  In particular, emerging business demands related to Carrier Supporting Carrier (CSC), global growth of IPv6 traffic, and delivery of services over native IPv4 networks require pertinent and flexible solutions. Many organizations prefer to continue with the existing MPLS-based solutions to more recent overlay technologies such as VXLAN.   A solution that solves these potential...
Continue reading →

Automating L3 EVPN instances deployment using CloudVision Portal

The intention of this article is to show how CloudVision Portal can be used to deploy L3 EVPN instances on one switch, or many switches, using a CloudVision Portal configlet builder. A complete demonstration of how CloudVision Portal is used to deploy an EVPN instance and EVPN fabric can be found here The configlet builder example provided on the GitHub Arista repo covers L3 EVPN deployments using physical interfaces as SVI as CE facing interface. The configlet builder example can be used on top of any EVPN underlay and overlay. Below is a step by step procedure which describes how to import...
Continue reading →

Arista Any Cloud Platform – AWS CloudFormation YAML Script to launch a VPC with Arista’s vEOS Router

ContentsOverviewWhat is CloudFormationNeed for Cloudformation TemplatesCloudformation Template creation in YAMLTemplate SectionsBuilding the Cloudformation YAML template.Building a Stack Overview The purpose of this post is to outline the basics of creating AWS resources (infrastructure) using Cloud Formation as a service. What is CloudFormation CloudFormation can be interpreted as the ability to make an underlying API call to AWS to provision and configure AWS resources. It is an automated way to create, modify and delete AWS resources. CloudFormation templates can either be created using the AWS CloudFormation Designer (https://console.aws.amazon.com/cloudformation/designer) or a JSON or YAML-formatted document. In this document we will go through...
Continue reading →

Deploying L2 and L3 services with Multiple Tenants on a Single Interface

The intention of this post is to provide a configuration example on how multiple tenants could be deployed on a single physical interface with a mix of multiple L2 and L3 EVPN services. Ponder the network in below diagram, where two EVPN end point switches have multiple tenants (Tenant A, B, C and D) connected on the same physical interface. The interface in this case is Ethernet3, at the respective sites. Tenant A and B want L2 EVPN services. Tenant C and D want L3 EVPN services. Please note that the IP core in the diagram could be a spine...
Continue reading →

CloudVisionPortal – Open-VM-Tools

Open-VM-Tools is an open source add-on that allows for graceful startup & shutdown of Cloud Vision Portal. This allows for graceful startup and shutdown of CVP Virtual Machines with the ESXi manager. Further information and latest version can be found in the link belowhttps://github.com/vmware/open-vm-tools Note: The open-vm-tools package is only supported on Cloud Vision Portal. Open-vm-tools on Cloud Vision Exchange (CVX) or EOS vRouter is not supported at this time. Enabling Open-VM-ToolsStarting in CVP version 2017.2.3 the open-vm-tools package is available to be enabled on Cloud Vision Portal Instances. In order to enable the package: either SSH or login to the...
Continue reading →

Automating EVPN fabric deployment using CVP

To simplify and speed up the deployment of an EVPN fabric, CloudVision Portal can be a powerful tool to work with. The intention of this post is to divide this up into steps to simplify, qualify the actions steps needed and provide an example CloudVision Portal configlet builder to execute needed tasks in CloudVision. A complete demonstration of how CloudVision Portal is used to deploy an EVPN instance and EVPN fabric can be found here First of all, there needs to be a decision of which deployment model of EVPN underlay and overlay that suits the particular deployment being worked on....
Continue reading →

Automating L2 EVPN instances deployment using CloudVision Portal

The intention of this article is to show how CloudVision Portal can be used to deploy L2 EVPN instances on one switch, or many switches, using a CloudVision Portal configlet builder. A complete demonstration of how CloudVision Portal is used to deploy an EVPN instance and EVPN fabric can be found here The configlet builder example provided at GitHub Arista repo covers L2 EVPN deployments using MLAG, single interface, VLAN trunk, access VLAN, symmetric routing and asymmetric routing. The configlet builder example can be used on top of any EVPN underlay and overlay. Below is a step by step procedure is...
Continue reading →

MLAG: Traffic flow for single-homed hosts

ContentsObjectiveIntroductionTraffic flowsBridged traffic within an MLAG domainFlow 1: Traffic sent to Leaf-1Flow 2: Traffic sent to Leaf-2Configuration considerationsRouted traffic within a leaf MLAG pairConfiguration considerationsBridged or routed traffic between racks in a Layer 2 Leaf-Spine fabricConfiguration considerations VXLAN bridged or routed traffic between racks in a Layer 3 Leaf-Spine fabricConfiguration considerations External controller integrated with the VXLAN Control Service (VCS)Design considerations Objective The objective of this document is to explain the traffic flows, best practice designs, and configuration details when single-homed devices are connected to an MLAG domain.  It is assumed that the reader is familiar with the concept of Leaf-Spine fabrics, MLAG, and...
Continue reading →

vEOS-Lab on Hyper-V

ContentsIntroductionPre-requisitesInstructionsStepsNote Introduction There are multiple ways to setup a vEOS-Lab environment if you have a linux system or on hypervisors such as VMware ESXi, vCenter, VM Workstation, VM Fusion, Virtualbox, etc using the vmdk provided in the Software downloads page. But if you have a Windows machine or a Windows server, the vmdk will not be useful. So here are the steps on how you can convert the vmdk to a  vhdx and create a vEOS VM on Hyper-V. Pre-requisites 1. Hyper-V Manager and Hyper-V 2. vEOS-Lab vmdk 3. Aboot ISO  Instructions Steps 1. Download the vEOS vmdk for the EOS...
Continue reading →

Multicast Fastdrops

Overview In IP multicast protocols, every (S,G) or (*,G) route is associated with an inbound RPF (reverse path forwarding) interface. Packets arriving on an interface not associated with the route may need CPU-dependent PIM processing, so packets received by non-RPF interfaces are sent to the CPU by default, causing heavy CPU processing loads. However, it is not necessary for multicast routing protocols to process subsequent non-RPF packets all the time. The CPU therefore updates the hardware MFIB with a fast-drop entry when it receives a non-RPF interface packet that PIM does not require. Additional packets that match the fast-drop entry are...
Continue reading →

Arista Salt integration

ContentsWhat is Salt?Salt High Speed Network BusSalt Terminology Salt Lab on Vagrant Accepting the Salt Keys from the Minions.Salt GrainsTargeting DevicesConfiguring a Device by Loading Config and Rendering Templates Salt StatesSalt ReactorsSlack Notifications and Reactors What is Salt? Salt is an event driven infrastructure management tool. It sounds really complex but it’s not. Salt is similar to most of the configuration tools that we use in our every day lives to configure infrastructure but there are many key differences in the way salt is architected. Salt is very unique as it has a ZeroMQ high speed messaging bus between the salt minions (in...
Continue reading →

Arista Any Cloud Platform – Security Use Case

ContentsIntroductionObjectivePrerequisitesTopologyConfigurationStep 1: Verify the two IPsec tunnels defined in the topology above are established prior to any changesStep 2: Create an AWS Internet Gateway and attach it to the Transit VPCStep 3: Add a default route to the AWS routing table for the Transit VPC, pointing to the newly created IGW Step 4: Create an AWS Elastic IP and associate it with the outside interface of the Palo Alto in the Transit VPCStep 5: Add a default route to the Palo Alto, pointing to the outside interfaceStep 6: Create a Redistribution Profile on the Palo Alto to redistribute the default route...
Continue reading →

Docker containers on Arista EOS

ContentsDocker on EOS Docker Networking  Docker Run time examples Running a load balancer on the switch with HAproxy   Docker on EOS  In this article we will talk about what is a container, how it is applicable to Arista EOS switches and pulling containers from a public or private repot to run on a Arista physical or virtual device.  A docker container is simply a way to abstract and decouple an application from a linux(and now windows) operating system to run as a process on a host machine with the bare minimum requirements.   Docker makes creating cloud portable applications extremely easy.  So a application...
Continue reading →

Creating A Multi-node vEOS Vagrant Enviroment

ContentsIntroductionPrerequisites InstructionsStep 1: Step 2:Notes: Introduction Beginning with EOS 4.15.2F, vEOS is available as a Vagrant box for VirtualBox. Vagrant is great whether you are simply getting started with vEOS or want to easily create a complex test environment.  With Vagrant, multiple VMs may be defined within a single ‘Vagrant file’, including non vEOS VMs allowing for an entire topology to be instantiated using a single file. For more info on Vagrant, check out their documentation.  This document will go through the details of how to use the predefined Vagrantfile shared below to instantiate a Spine&Leaf topology with vEOS. The topology that will be...
Continue reading →

Reversing The Airflow of a Running Switch

Occasionally customers have a switch in production that they need to change the airflow direction of e.g. from a front-to-rear (-F) to a rear-to-front (-R), or vice-versa, without shutting down the switch. The following procedure outlines the steps to follow in order to accomplish this. This procedure assumes that you already have the replacement fans and PSUs on hand and are ready to perform the swap. Start with the switch powered up, both power supplies powered and providing power to the switch. Gain access to the switch’s serial console to check status and run CLI commands as need be. Add...
Continue reading →

Using eAPI to Provide SNMP Extensions

EOS utilizes net-snmp which offers provisions to extend OIDs.  The following script leverages eAPI to gather OSPFv3 interface information and populates the SNMP ospfv3IfTable. The OSPFV3-MIB can be downloaded from here: http://www.oidview.com/mibs/0/OSPFV3-MIB.html #!/usr/bin/python -u # # Arista Networks, Inc. # # Script: ospfv3IfTable.py v1.6 # # This script populates the ospfv3IfTable via a net-snmp extension # # 1. Copy this script to /mnt/flash as ospfv3IfTable.py # # 2. Copy snmp_passpersist to /mnt/flash # https://github.com/nagius/snmp_passpersist # # 3. Enable management api (script uses a unix socket) # management api http-commands # protocol unix-socket # no shutdown # # 4. Configure snmp to...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: