• Blog

 
 

Why Java APIs and Industry-Standard CLIs are Different

In the past few years, the tech industry has watched with increasing concern as various entrenched participants have brandished copyright law as a weapon to stifle competition and innovation. Recently, we have been treated to yet another novel claim: that after over a decade of broad adoption, the industry-standard set of commands that a user types into a command line interface (or CLI) to configure a network device is subject to copyright. This startling claim raises many questions, but today I want to address one in particular: What effect, if any, does the recent decision in Oracle v. Google have...
Continue reading →

Centralized vs. Distributed VxLAN Routing with EVPN

Tech Note: Centralized vs. Distributed VxLAN Routing with EVPN Over the past few years EVPN VxLAN deployments have become an increasingly popular overlay architecture selected by customers, primarily in data-center layer 3 leaf-spine (L3LS) fabrics.  With this popularity, numerous deployment topologies, and configuration options have presented themselves. This article reflects our observations based on real-world deployment experiences on one such choice; centralized vs. distributed gateways. When deploying EVPN VXLAN integrated routing and bridging (IRB), both VXLAN bridging and VXLAN routing are required concurrently on the switch.  This capability is also commonly referred to as an EVPN VxLAN gateway. There are...
Continue reading →

Displaying Neighbors’ Names with OSPF and BGP

This article describes how to configure Arista devices to display user-defined names for OSPF and BGP neighbors. OSPF First define name to IP address mappings, one per neighbor, where IP address is neighbor’s OSPF router ID: SW1(config)# ip host SW2 2.2.2.2 Next enable OSPF name resolution: SW1(config)# ip ospf name-lookup Finally, validate the output of ‘show ip ospf neighbor’ command. The command should display the user-defined name instead of router-ID: SW1(config)# show ip ospf neighbor Neighbor ID   VRF         Pri       State             Dead Time     Address        Interface SW2   ...
Continue reading →

25G Lane Speed

ContentsIntroductionPlatform CompatibilityConfigurationConfigure forced 25G speedOutput from “show interface status” commandConfigure forced 10G/1G speed on Et2-4Output from “show interface status” commandConfigure forced 10G speedOutput from “show interface status” commandConfigure forced 1G/100M speed on Et2-4Output from “show interface status” commandConfigure forced 1G speedOutput from “show interface status” commandConfigure forced 10G/100M speed on Et2-4Output from “show interface status” commandStatus Introduction With the introduction of support for 25GbE on servers and switches we expect to see a rapid movement to server attachment at 25G, replacing the use of servers at 40G. Even though 25G is becoming norm these days, most of the deployment is...
Continue reading →

Basic troubleshooting steps for some CVP and telemetry issues

ContentsObjectiveGeneral issues covered1. The CVP web-explorer is not reachable2. A configlet/image bundle push task to the switch failed3. Device not getting added to telemetryLogs to be collected from the SwitchLogs to be collected from the CVP server Objective The aim of this document is to convey a set of troubleshooting steps that can be carried out when running into issues with CVP and telemetry. General issues covered Issue 1- The CVP web-explorer is not reachable Issue 2- A configlet/image bundle push task to the switch failed Issue 3- Device not getting added to telemetry 1. The CVP web-explorer is not...
Continue reading →

Password Recovery

This article describes how to gain access to an Arista 7130 device if you lose the password. There are two solutions: Password recovery using grub from the serial console. Factory restore via USB. Password recovery using grub: This approach requires access via the serial console: Enter “reload” on the device command line to reboot C16-B1-10381-3#reload Are you sure you want to reload? yes or [no] yes INIT: Sending processes the TERM signal Reloading... When grub appears press ‘del’ to enter interactive boot mode GNU GRUB version 2.00 +--------------------------------------------------------------------------+ |lvm/vg1-mos_0.13.9 | |lvm/vg1-mos_0.13.3 | | | | | | | | |...
Continue reading →

Interface Status

The “show interfaces status” commands show the link status of the receive (Rx) and transmit (Tx). Besides “up” and “down”, the command gives addition information of the status of the port. This includes: Link status: shutdown – the port has been shutdown through the management platform. (Tx only) no source – the interface is not sourcing signal from anywhere. (Rx only) no signal – there is no signal received. (Rx only) no link – a signal is detected on the line side but there is not a valid link coming into device from upstream. Flags returned from the underlying driver...
Continue reading →

How do I get “tech-support” info from a 7130 device?

Arista 7130 devices have the ability to generate a zip archive of useful information which may be used to troubleshoot and diagnose issues. The archive contains information about the device configuration, state and relevant log files. Creating a tech-support archive To create a tech support archive use the “show tech-support” command: tad6#show tech-support Files zipped to A32-A4-52963-3_20170228_121510.zip To obtain the zip please use scp or a similar tool. Example cli command: bash scp A32-A4-52963-3_20170228_121510.zip <user>@<host>:<path> Number of errors encountered: 0 Transferring the archive from the Arista 7130 device There are a few options to transfer the file from the device:...
Continue reading →

CVP AAA TACACS+ authorization with Cisco ISE

ContentsCVP AAA TACACS+ authorization with Cisco ISEIntroductionConfiguring cvp-roles in Cisco ISEPCAPsCommon mistakes CVP AAA TACACS+ authorization with Cisco ISE Introduction We saw last time how to correctly integrate Aruba ClearPass CPPM with CVP so TACACS+ users can authenticate with the correct network role. The purpose of this document is to show the same for Cisco ISE (successor of ACS) TACACS+. Our goal is to make Cisco ISE send us the cvp-roles=network-admin attribute in the Authorization reply packet.   NOTE If you are running CVP versions 2018.2.0 and 2018.2.1 you might hit BUG 345723 due to which in tacacs-provider authorization we...
Continue reading →

Working with certificates

ContentsIntroduction and motivationCertificate management on an Arista switchStep 1: Generate the key pair:Step 2: Generate the certificate signing request:Step 3: We submit the CSR to the CA and get the signed certificate back. Step 4: Create an SSL profile using the certificateStep 5: SSL profile managementStep 6: Activate eAPI access and refer to the previously created SSL profileInstall your own CAStep 1: Download and install XCA on your machine.Step 2: Create a new databaseStep 3: Create a new CA certificateStep 4: Import the CSRStep 5: Issue the certificate Introduction and motivation Encryption protocols like HTTPS use certificates to authenticate the...
Continue reading →

How to update your Arista 7130 device

Arista 7130 devices run MOS. You can find the latest version of MOS at the Software Release Portal page. Broadly, there are two ways of updating the software on your device: a complete re-install, or the addition of the new image. The most commonly used method is the latter – a new software image is uploaded, the configuration is retained, and the device is reloaded to the new software. A complete re-image of the device would be required in order to restore the device to a factory-fresh state. That includes all configuration, including SSH keys, log files, startup configuration files,...
Continue reading →

How to set up MetaMux for a typical exchange

ContentsIntroductionConfiguration overview:Configuring MetaMux to pass through traffic from the L3 SwitchAdding a server to each the MetaMux instanceAdding additional serversSaving the configurationConfiguring the Layer 3 networkServer configurationAdjusting the MAC addressesL3 Switch configurationICMP Host Unknown/Unreachable Introduction This is an example configuration of MetaMux on an Arista 7130 being used with a typical exchange connection. Configuration overview: 3 servers will be used to connect to each exchange connection receiving market data Market data and order responses from the Exchange feed will be delivered to each server on NIC 1. The Layer 3 process will be handled by an existing existing switch, however...
Continue reading →

How to setup BGP for Exchange Connectivity

This is an example configuration of MetaMux on an Arista 7130 device being used with a typical exchange connection. BGP / PIM peering is done via internal routing daemons. ContentsOverview:Device Configuration:Enabling the MetaMux Application:Ingress traffic:Egress traffic:Routing (BGP/PIM) Configuration:Complete Sample ConfigurationServer side configurationAdjusting the MAC addressIP and Routing Configuration Overview: This example shows 2 servers connected to one exchange gateway but may easily be modified for additional servers Market data and order responses from the Exchange feed will be delivered to the server on NIC 1 The Layer 3 processes (such as BGP / PIM peering) is done via internal routing...
Continue reading →

How to install an application

Applications may be installed on your Arista 7130 device. Application installs will persist across reboots. Applications are installed in /opt/apps when using the install process. Presently, MOS ships with the latest stable version of each of the relevant applications, however if there’s a need to install a specific version of an application, instructions are below. Installing an application from the CLI Download the desired software application image as an RPM from the Software Download page. The file will be named something like “application-version.x86_64.rpm” i.e. metamux-0.14.3-1967.x86_64.rpm Copy the file to your Arista 7130 device. This can be done in a number...
Continue reading →

Automating MOS upgrade

Ways to mass-deploy MOS updates. ContentsBackgroundUsageCaveatsRunning the script on a 7130 deviceFeedback Background While upgrading MOS is generally fairly straightforward via the web UI or using the CLI, it can be time-consuming for mass-deployment. Below is a automation script that network administrators can use to bulk-upgrade Arista 7130 devices. The script is written in Python using the pexpect module. It requires the ssh and scp executable on your host. You can download the script from the Arista releases page. Usage python mos-upgrade-ssh.py <options>. Where options are: -u admin, --user admin -p PASSWORD, --password PASSWORD you will be prompted if none...
Continue reading →

How to remove MOS image with older releases

Step-by-step guide Check what you have installed. For example: C16-B1-10381-3 login: admin C16-B1-10381-3>enable C16-B1-10381-3#show boot system mos_0.7.0 mos_0.7.1 mos_0.7.2 mos_0.8.0 [BOOT] Remove the one(s) you no longer need. Note you cannot remove currently active volumes (marked as [BOOT]). Also note that you can nuke multiple volumes at once with wildcards – for example: C16-B1-10381-3#bash sudo lvremove /dev/vg1/mos_0.7* Do you really want to remove active logical volume mos_0.7.2? [y/n]: y Logical volume "mos_0.7.2" successfully removed Do you really want to remove active logical volume mos_0.7.1? [y/n]: y Logical volume "mos_0.7.1" successfully removed Do you really want to remove active logical volume...
Continue reading →

What is MOS core?

MOS core is a regular MOS which includes all the features without the weight of any bundled FPGA Apps. Ideal for customers using 7130 Connect devices (7130-16, 7130-48, 7130-96), as well as custom application developers. MOS core installations are ideal for devices that are getting “insufficient free space” error while doing an upgrade. testing:~$ sudo mos-install mos-0.16.0.iso Volume group "vg1" has insufficient free space (160 extents): 164 required. Volume group "vg1" has insufficient free space (11 extents): 125 required. % Command 'sudo /usr/sbin/mos-install mos-0.14.1.iso' returned non-zero exit status 5 test(config)#boot system file:mos-0.14.1.iso Volume group "vg1" has insufficient free space (99...
Continue reading →

CVP to K8s: full-scale production network simulation

Intro Network simulation environments have always been limited to a single compute node, which made the labbing of a full-scale production network an exercise in compromise and trade-offs. At the same time compute resources are cheap and abundant and modern application designs are making use of them by adopting meshed scale-out architectures, treating multiple hosts as a single pool of resources. In this post, we’ll see how (with just a few clicks*) we can build a replica of a real production network, orchestrated by Kubernetes based on information extracted from Arista’s CloudVision Portal (CVP). * Assuming all the prerequisites are met

What to do when you are getting a “meltdown”, “powerdown” or “system powered down” message

This is step-by-step guide on what actions to take if you are getting messages similar to below. Jan 17 02:08:34 C16-B1-10381-3 daemon.emerg /usr/bin/meltdownd: Temperature 35000 for /sys/class/hwmon/hwmon3/temp1_input is over critical value of 70000. or 17 02:08:34 C16-B1-10381-3 daemon.emerg /usr/bin/meltdownd: over temperature, system powerdown or Jan 17 02:08:50 C16-B1-10381-3 daemon.emerg /usr/bin/meltdownd: system powered down Step-by-step guide Upgrade to MOS-0.16.0 or later version. This can be downloaded from our releases page. Please refer to our FAQ page on how to update your Arista 7130 device. For details about the fix refer to MOSH-1223 within the MOS-0.16.0 release notes. Power cycle the device....
Continue reading →

CVP TIP – Encrypt local username passwords with Configlet Builder

Introduction   Arista CloudVision Portal (CVP) uses configlets to create configuration snippets for individual or groups of switches based on user selection. These configlets can be either static or dynamic. Static configlets include static EOS CLI configuration statements as if they were right on the switch configuration file. These configlets are used to create the full configuration for the network switches. An example of a static configlet in Arista CloudVision Portal: Below example is a static Arista EOS CLI configuration. These small pieces of configuration snippets can be applied as configlets in Network Provisioning view to selected device or devices....
Continue reading →