• Blog

 
 

User passwords with blank spaces

  ContentsOverviewIntroductionManually hashing the passwordCreating the user accountTesting the account Overview                 Arista EOS allows users to define local user accounts using the command “username <name> secret <password> “, where <password> is a plain text password. However, the Arista CLI does not accept blank spaces in the <password> portion of the command. This restriction is due to a limitation in the parsing algorithm EOS uses to find the password in the command. The parsing algorithm does not recognize blank spaces when parsing the password. To work around this issue a password with blank spaces can be manually converted to a...
Continue reading →

40G TapAgg BiDi Design

Arista QSFP BiDi optics allow both transmit and receive signals, to travel on the same fiber slice. The QSFP BiDi design provides 40Gbps (20Gbps egress & 20Gbps ingress on each fiber slice) bandwidth using the duplex MMF (OM3, & OM4) cable. This way one can leverage the existing cabling infrastructure to upgrade BW from 10Gbps to 40Gbps ( see diagram 1). The BiDi optics provides a number of benefits and some are listed below: ▪   Fiber replacement not required when moving from 10Gbps to 40Gbps ▪   Lower CAPEX as 75% less fiber comparing parallel cable (40G SR4) ▪   Interoperable with Industry standard...
Continue reading →

Robot Framework for Auto Test

ContentsIntroductionRobot FrameworkWhy Robot Framework?KeywordsAristaLibrary for Robot FrameworkArista Network Validation FrameworkAristaLibrary ExampleReferences Introduction In-house EOS code certification is generally a time consuming process as it involves a lengthy life cycle. At a high-level, the various stages involved are: Setting up the test environment Designing test cases Executing test cases Documenting test results Validating gathered test results As you can imagine, stages 3, 4 and 5 can be the most time consuming as they warrant an error-free execution. Additionally, since image and configuration management would be simplified, most customers would like to have a single EOS version deployed across all their platforms and...
Continue reading →

Understanding Logging Levels

Overview   EOS generates a number of logs to notify various events such as interface going down,spanning-tree state change, agent restart, bgp neighborship flap etc. One event can be more impacting than other and thus it is necessary that respective logs reflect that severity. This is why all the logs are categorized into different severity/logging levels. There are 8 logging levels available, from 0-7, 0 being most critical and 7 being least critical.  alerts         Immediate action needed           (severity=1)  critical       Critical conditions              (severity=2)  debugging      Debugging messages                (severity=7)  emergencies    System is unusable                (severity=0)  errors         Error conditions                  (severity=3)  informational  Informational messages            (severity=6)  notifications...
Continue reading →

ChalkTalk Series Launched!

Be sure to check out the new Arista Chalk Talk Series –  https://eos.arista.com/arista-chalktalk-series/ You will need a login to access this content – so get one now!    

ZTPv6 using DHCPv6 Relay Agent

1. IntroductionZTP (v4/v6) is a simple hands-off approach to both initial set up and upgrading an existing network.  ZTP does not require entering into the switch CLI, speeds up and simplifies deployment, reduces the risk of human error, and can adapt to many deployment scenarios. It offers scripting extensibility for complex networks and flexible provisioning using standard tools.  Additionally, the switch can be ZTP booted using a variety of identifiers, such as its MAC address, serial number, or LLDP neighbors. Arista switch’s ZTP process starts with communicating to a DHCP(v4/v6) Server, where apart from getting the IP Address, Default Gateway,...
Continue reading →

Arista Any Cloud Platform – Destination NAT (IP Anycast) in vEOS Router

ContentsOverviewObjectivesConfiguration and ValidationReachability TestFailover Test Overview Purpose of this post is to test and validate Destination NAT (IP Anycast) support on vEOS Router.  We built the following topology in AWS to validate this setup:    Here is the link to the EOS Central article that can be referenced to help build this topology – https://eos.arista.com/arista-any-cloud-platform-hybrid-cloud-veos-router-in-aws-deployment-guide/ Objectives We hope to accomplish  the following in this article: Create a Loopback interface on vRouter-1a and vRouter-1b with an IP address of 1.1.1.1/32 Advertise 1.1.1.1/32 as an equal cost route to vRouter-Transit.  At any given moment vRouter-Transit could take the path to vRouter-1a or vRouter-1b.  In this setup...
Continue reading →

Network CI/CD Part 2 – Automated Testing with Robot Framework library for Arista devices

ContentsPreviously on Network CI/CD Part 1…The problem of network testingWhy Ansible isn’t enough?Why scripting is too much?Robot Framework Arista Network ValidationTest bed setupTesting Custom keywordsFurther readingComing up Previously on Network CI/CD Part 1… We’ve established that lack of simulated test environments and automated test tools are among the inhibitors in a transition from a traditional network operation model to a DevOps workflow, where all changes are verified and tested prior to being deployed in production. We’ve seen how to solve the first problem with Arista’s cEOS-Lab docker container and a simple container orchestration tool. We’ve shown how the new containerised EOS allows us to dramatically increase the number of nodes...
Continue reading →

Tap Aggregration Tip: Popping MPLS tags for Untagged or VLAN based Tools

In Tap Aggregation scenarios common in WAN and Service Provider environments, MPLS tags are present.  Many of the analysis tools do not understand these tags and so the Arista DANZ feature set allows for these to be removed.  This functionality has been around since 4.15.0F however initially had the limitation that the traffic would always be sent out the Tool port with a VLAN tag.  However, some tools not only do not understand MPLS, but also VLAN tags, so this tip describes how to deal with both 802.1q and untagged scenarios. Step 1:  Configure MPLS pop/strip on the Tap port:...
Continue reading →

Network CI/CD Part 1 – Building network topologies with Docker and cEOS-lab

ContentsIntroductionProblem StatementcEOS-lab introductioncEOS-lab quickstartBuilding multinode cEOS topologiesUsing existing container orchestration toolsBuilding network topology orchestrator for cEOS using Docker APIComing up Introduction As the networking industry continues riding the DevOps wave and network engineers become more comfortable using automation tools like Ansible and Salt, network still remains the most brittle piece of IT infrastructure. Partially this can be justified by the fact that network underpins all other areas of IT infrastructure stack – compute, storage and virtualisation. However we, as network engineers, have done very little to improve our confidence in networks and until now some of the biggest outages were caused by trivial network...
Continue reading →

Summary of Arista VxLAN Control Plane Options

IP Multicast Head End Replication (HER) with static flood-set CloudVision eXchange (CVX) Ethernet VPN (EVPN) – VTEPs within a VNI join a configured control plane multicast group.– BUM traffic is sent to all VTEPs within the VNI over the configured multicast-group.– Arista supports only multicast decapsulation to interop with third-party VTEP(s). HER will be used for BUM traffic encapsulation.  – Underlay needs to be multicast capable which can possibly make the deployment limited.– Recommended for deployments where Arista VTEPs need to interop with legacy third-party VTEPs that support only multicast underlay for BUM traffic handling. – BUM traffic within a...
Continue reading →

CVX Deployment Recommendations for VxLAN Control Service

CVX (CloudVision eXchange) is an infrastructure for aggregating and sharing state across a network of physical switches running EOS. Services that run on top of this infrastructure provide network-wide visibility and coordination. CVX is a single pane of glass for network wide visibility and orchestration of physical switches running EOS. CVX provides VxLAN Control Service (VCS) which is a mechanism by which hardware VTEPs share states between each other in order to establish VxLAN tunnels without the need for a multicast control plane or manual configuration of static flood-set for Head End Replication. CVX is built on the same underlying...
Continue reading →

Arista Any Cloud Platform – Migrate an AWS VPC utilizing VGW to Arista vEOS Router

Overview Purpose of this post is to outline the steps involved in migration of an AWS VPC running VGW for VPN termination / connectivit to Arista vEOS Router. When utilizing the AWS VGW we are employing IPSec and VTI on the Arista vEOS Router running in the Transit VPC router as shown in the image below. Our goal is to migrate from this setup:  To this setup:  What is CloudFormation and creation of templates in YAML I have broken down every section of the template and provided my thought process with regards to what I am doing and how in...
Continue reading →

EOS allows you to choose your own hardware and run your own apps

You’ve decided to go open source with your datacenter network. Whether you want to go open software or open hardware, Arista EOS provides the best software stack to complete your solution. In fact, I’ve been told that most of my daily web usage travels through a switch running EOS along the way. Arista’s EOS software architecture is designed to manage the best network silicon available for datacenters.  EOS is offered as a single binary across all Arista products, including 4 silicon architectures, over a dozen chipsets, as well as in hypervisor, container, and cloud-platform packaging. We have always supported the...
Continue reading →

Carrying Label Information in BGP-4

Theory of BGP-LU Overview  MPLS typically has been used in core service provider (SP) networks. These deployments, however, have expanded beyond the network core and edge to the access and metropolitan networks. This rapid growth of edge-to-edge, label-switched paths (LSPs) across many networks  has presented scaling challenges.  In particular, emerging business demands related to Carrier Supporting Carrier (CSC), global growth of IPv6 traffic, and delivery of services over native IPv4 networks require pertinent and flexible solutions. Many organizations prefer to continue with the existing MPLS-based solutions to more recent overlay technologies such as VXLAN.   A solution that solves these potential...
Continue reading →

Automating L3 EVPN instances deployment using CloudVision Portal

The intention of this article is to show how CloudVision Portal can be used to deploy L3 EVPN instances on one switch, or many switches, using a CloudVision Portal configlet builder. A complete demonstration of how CloudVision Portal is used to deploy an EVPN instance and EVPN fabric can be found here The configlet builder example provided on the GitHub Arista repo covers L3 EVPN deployments using physical interfaces as SVI as CE facing interface. The configlet builder example can be used on top of any EVPN underlay and overlay. Below is a step by step procedure which describes how to import...
Continue reading →

Arista Any Cloud Platform – AWS CloudFormation YAML Script to launch a VPC with Arista’s vEOS Router

ContentsOverviewWhat is CloudFormationNeed for Cloudformation TemplatesCloudformation Template creation in YAMLTemplate SectionsBuilding the Cloudformation YAML template.Building a Stack Overview The purpose of this post is to outline the basics of creating AWS resources (infrastructure) using Cloud Formation as a service. What is CloudFormation CloudFormation can be interpreted as the ability to make an underlying API call to AWS to provision and configure AWS resources. It is an automated way to create, modify and delete AWS resources. CloudFormation templates can either be created using the AWS CloudFormation Designer (https://console.aws.amazon.com/cloudformation/designer) or a JSON or YAML-formatted document. In this document we will go through...
Continue reading →

Deploying L2 and L3 services with Multiple Tenants on a Single Interface

The intention of this post is to provide a configuration example on how multiple tenants could be deployed on a single physical interface with a mix of multiple L2 and L3 EVPN services. Ponder the network in below diagram, where two EVPN end point switches have multiple tenants (Tenant A, B, C and D) connected on the same physical interface. The interface in this case is Ethernet3, at the respective sites. Tenant A and B want L2 EVPN services. Tenant C and D want L3 EVPN services. Please note that the IP core in the diagram could be a spine...
Continue reading →

CloudVisionPortal – Open-VM-Tools

Open-VM-Tools is an open source add-on that allows for graceful startup & shutdown of Cloud Vision Portal. This allows for graceful startup and shutdown of CVP Virtual Machines with the ESXi manager. Further information and latest version can be found in the link belowhttps://github.com/vmware/open-vm-tools Note: The open-vm-tools package is only supported on Cloud Vision Portal. Open-vm-tools on Cloud Vision Exchange (CVX) or EOS vRouter is not supported at this time. Enabling Open-VM-ToolsStarting in CVP version 2017.2.3 the open-vm-tools package is available to be enabled on Cloud Vision Portal Instances. In order to enable the package: either SSH or login to the...
Continue reading →

Automating EVPN fabric deployment using CVP

To simplify and speed up the deployment of an EVPN fabric, CloudVision Portal can be a powerful tool to work with. The intention of this post is to divide this up into steps to simplify, qualify the actions steps needed and provide an example CloudVision Portal configlet builder to execute needed tasks in CloudVision. A complete demonstration of how CloudVision Portal is used to deploy an EVPN instance and EVPN fabric can be found here First of all, there needs to be a decision of which deployment model of EVPN underlay and overlay that suits the particular deployment being worked on....
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: