• Blog

 
 

Traffic Generator on Arista

The following tools can be used to generate traffic on Arista switches for testing purposes :– Iperf – Ethxmit Both Iperf and Ethxmit tools are pre-installed on Arista switches and no additional configuration is required to use them.                                                                                                                              ...
Continue reading →

Traffic Engineering with Segment Routing and sFlow

ContentsIntroductionComponents7280R Series PlatformYaBGP ControllersFlow-RTTopologyTraffic EngineeringThe ScriptPushing a Common Segment ListIdentifying Top-talker Altering Traffic Path of Top-TalkerBGP Labeled Unicast (LU) ExampleReferences Introduction Segment Routing (SR) solves a number of issues the existing MPLS IP networks face. Among the many benefits of Segment Routing, Traffic Engineering is a key one. Based on live telemetry events, traffic can be steered intelligently across a network using MPLS label paths a.k.a segment lists. The example discussed in this article shows how you can leverage BGP SR policy to alter traffic paths based on sFlow telemetry data. An SR Policy, discussed in detail here, is identified using a...
Continue reading →

Monitoring some agent’s memory utilisation

  ContentsMonitoring some agent’s memory utilisation1) Introduction2) Check memory with EOS commands3) Monitor with telemetry4) Monitor with SNMP5) Check with Bash commands6) Remediation (last resort only)Credits Monitoring some agent’s memory utilisation   This article develops further https://eos.arista.com/introduction-to-managing-eos-devices-memory-utilisation/ authored by Colin MacGiollaEain to bring the context to a specific agent’s memory utilisation and how to remediate.   1) Introduction Monitoring the memory usage of specific EOS processes maybe useful to detect which features consume the control-plane resources, as a first step to clarify whether it is a normal behaviour or not. In abnormal circumstances the overall system may be running low on memory,...
Continue reading →

IP static route with health check

ContentsIntroductionConfiguration1. Create ping check script on-boot:2. Create trigger on-logging to add/delete ip static route:NoteReferences  Introduction The purpose is to simplify ip static route with health check does_it_live.py script, it’s easy to enable this feature quickly without complicated programming. This feature leverages the Reachability Health Checks document ( https://eos.arista.com/reachability-health-checks/ ) and does_it_live.py  ( https://github.com/alexisdacquay/does_it_live ) which was made by Alexis Dacquay. Due to Reachability Health Checks(does_it_live.py) support rich parameters, there are mode(icmp/dns), interval, timeout, dampening, source. We just take it and use it. Configuration The following configuration commands have been added as part of this feature support: 1. Create ping check script on-boot: t3 – timeout...
Continue reading →

Verify EOS 3rd party software versions

  EOS includes a Linux kernel, GNU tools, and other 3rd party software. EOS make use of some of such 3rd party software and you might want to verify the version they run. Note: not every 3rd party software is actively used by default. If you have a particular concern in mind regarding 3rd party software version then you must refer to the Arista security advisories page: https://www.arista.com/en/support/advisories-notices/security-advisories   3rd party software Bash CLI command to verify the version EOS version 4.15.1F 4.17.1F 4.18.2F 4.20.10M  4.21.0F Bash bash –version 4.1.16(1) 4.3.42(1) 4.3.42(1) 4.3.42(1) 4.3.42(1) DNSmasq dnsmasq -v 2.59 2.59 2.59 2.77 2.77...
Continue reading →

Reachability Health Checks

  Contents1) Introduction1.1) does_it_live.py1.2) Purpose2) Use cases2.1) ICMP2.2) DNS resolution3) Features3.1) Dampening4) Syntax5) Defaults6) Installation6.1) Requirements6.2) Install instructions6.2.1) Acquire the srcipt file6.2.2) Load the file on the switch6.2.4) Install DNSPython (online with pip)6.2.5) Install DNSPython (offline with the package)6.2.6) Verify the pip installation of DNSpython6.2.7) Verify the package installation 1) Introduction 1.1) does_it_live.py This article describes a script called does_it_live, used to monitor the health of network targets, by testing IP reachability (by ICMP) and name resolution (by DNS). While some people might understand the Python code and find it self-explanatory and well documented, this articles aims at making the...
Continue reading →

Virtual IPs in Vxlan and need for vVTEP

ContentsObjectiveTopologyTypes of Virtual IPs:When using “ip virtual-router address”:When using “ip address virtual”:ARP REPLY SYNC:Source IP NAT feature while using “ip address virtual”Packet Structure after NAT:Support in Non-default VRF:Does NAT occurs when we initiate ping from remote host to it’s Gateway (Virtual IP on VTEPs) ?Why do we need VVTEP?1. To avoid MAC flaps on L2 vtep:2. To avoid ARP flaps on end hosts:When is VVTEP not required ?3. To avoid multiple ARP repliesPacket captures to understand difference in ARP request/replies with and without VVTEPTest cases when VVTEP is configured on SW1 and SW2 (L3VTEP)Test cases when VVTEP is NOT configured:...
Continue reading →

CloudVision Appliance Deployment Recommendations

CloudVision Appliance Introduction CloudVision Appliance is a physical appliance that runs CentOS base image and hosts one instance of each CloudVision Portal (CVP) and CloudVision eXchange (CVX) using KVM hypervisor. It comes with 4X1G NICs. The virtual NICs on CVP, CVX VMs are mapped to the physical NICs 1-4 as follows: For additional details, refer to CloudVision Appliance quick start guide here. Deployment Recommendations 1. Ensure that you are running the latest version of the host image; this provides updated OS packages and security patches. The current version of the host image can be checked using the following command from...
Continue reading →

Arista Custom Event Handler To Take Action Based On Interface Utilization

ContentsIntroductionConfiguration1. Create the Event Handler:2. Define the trigger action: 3. Define the delay in seconds before running the action:4. Enter the “asynchronous” command:5. Define the trigger:6. Verify that the above configuration:7. Let’s verify that the mirror session is active:8. Now let’s test our Event Handler:9. Verify that the desired behavior was achieved when the trigger threshold was met: Introduction An EOS event handler executes a Linux Bash shell command in response to a specific system event. An event handler consists of a Bash command, a trigger and a delay; when the trigger event occurs, the action is scheduled to run after...
Continue reading →

Network CI/CD Part 3 – Building a network CI pipeline with Gitlab, Ansible, cEOS, Robot Framework and Batfish

ContentsPreviously on Network CI/CD…IntroductionCI/CD environment overviewStage 1 – Building device configurationsStage 2 – Network analysis with BatfishStage 3 – Testing and verification with Robot FrameworkStage 4 – Dry-running the change and generating diffsStage 5 – Pushing to production and generating state diffsOutro Previously on Network CI/CD… We’ve kicked off this series with an overview of cEOS-lab and different container orchestration tools that can be used for network simulations. In the second post we’ve seen how to automate network verification and testing with Arista’s Robot framework library. In this final post, we’ll put it all together to demonstrate a simple data...
Continue reading →

An Exercise in Troubleshooting With CVP Telemetry

In a previous post, I demonstrated the ability of CVP Telemetry to do automatic analytics and event correlation.  While each release of CVP includes additional analytic, event correlation, and visualization capabilities, there are still situations for which there is not yet automatic correlation. In this post, we are going to investigate a network problem and identify the root cause using telemetry data.  The lab topology is a layer3 spine-leaf topology with 2 spines and 6 leafs configured as 3 MLAG pairs. As stated in the previous post, Cloud Tracer is a very useful tool for tracking the operational status of...
Continue reading →

How to Automate MAC Address Lookups

ContentsIntroductionIssueEOS Locate MACSetupExample Introduction MAC addresses are often overlooked, compared to higher layers of the OSI model, but they are a necessity in the transfer of data across the network. MAC addresses are unique in nature, with the vendor OUI portion of the MAC, and the client portion of the MAC. There are many reasons why locating a device is necessary, a few of them are: A device is causing adverse affects to the network and the port needs to be shutdown A port needs to be re-configured for a new device, but it is not known where the device...
Continue reading →

Provisioning Cloud Vision Portal on AWS

ContentsIntroductionPre-RequisitesSteps to provision CloudVision Portal on AWSSection A : EC2 Setup for CVPSection B: CVP Shell Based InstallationReferences Introduction This article demonstrates provisioning CloudVision Portal on AWS. With the release of CVP version 2018.x and upgrade of CVP platform to CentoOS 7.4, Cloud Vision Portal can be installed on CentOs servers with an RPM based script. This article specifically covers provisioning of CVP on the AWS EC2 Cloud platform. With CVP running on AWS users can easily manage AWS/OnPrem EOS instances from AWS and run analysis on CVP Telemetry/Compliance information with other AWS services and tools. Pre-Requisites 1) AWS account...
Continue reading →

Arista Any Cloud Platform – vEOS Router in Azure Deployment Guide

ContentsIntroductionOverviewPrerequisitesTopologyDeployment GuideDeploying vEOS with a pre-defined templateAzure LoginLaunch Instance in VNET-TransitLaunch Instance in edge1-VNETLaunching a host VM in VNET-edge1VNET PeeringCreating the Overlay Tunnel between the edge1-VNET and the transit-VNETConfigure an IPsec tunnel and BGP on veos-transit:Connecting to edge1-veosConfiguring IPsec and BGP on edge1-veosDeploying vEOS without using a pre-defined templateCreating a Subnet in edge1-RG/edge1-VNETLaunch a vEOS Router Instance Attaching additional network interfacesDeploying vEOS with Azure CLIvEOS Router Startup-Configuration using Instance Custom-DataTips for Azure deployment Introduction In this document, we will demonstrate the deployment of Arista’s vEOS Router in Microsoft Azure. A vEOS Router can be leveraged to implement various Azure architectures such as...
Continue reading →

DHCP Snooping

ContentsIntroductionPlatform CompatibilityShow commandsTroubleshootingLimitation Introduction EOS supports DHCP Relay feature, which relays DHCP Requests/Responses between DHCP clients and DHCP servers in different subnets. However, DHCP server does not have visibility of where the request originated from and can only make IP address allocation decisions based on the client MAC address alone (client MAC address is included in the DHCP packet as part of the payload). To remedy that, DHCP Option-82 was formalized to allow relay agent to include Remote ID and Circuit ID so that DHCP server can apply more intelligent allocation policy. Switch intercepts DHCP requests from client and insert...
Continue reading →

DHCP Smart Relay

ContentsIntroductionPlatform CompatibilityEOS SupportConfigurationVRF commandsShow commandsLimitation Introduction EOS DHCP relay agent forwards all the DHCP requests from the clients using the primary IP address of the interface as the ‘giaddr’ in the relayed/forwarded requests even when there are secondary IP addresses configured on the interface and there are multiple IP address pools from secondary IP subnets with available addresses on the server. DHCP smart relay feature supports forwarding requests with secondary IP addresses in the gateway address ‘giaddr’ field. This allows the DHCP server offer addresses to client requests with gateway addresses from secondary IP subnets configured on the interface. The...
Continue reading →

DHCP Relay

ContentsIntroductionPlatform CompatibilityEOS SupportConfigurationInterface commandsGlobal commandsIPv6 commandsVRF commandsShow commandsTroubleshooting Introduction DHCP Relay feature forwards DHCP packets between client and server when DHCP server is not in the same broadcast domain as client. DHCP Relay should be configured on the gateway interface (SVI/ L3 interface ) for the clients. DHCP Relay agent creates a new unicast DHCP packet and sets the giaddr field to the ‘primary’ IP address of the interface on which DHCP request packet is received. The modified request packet is then relayed to one or more configured DHCP servers. DHCP server assigns ip address to client from the pool...
Continue reading →

EVPN VXLAN Design Guide

A Detailed Overview of the EVPN & VxLAN Protocols, Route Types, Use-Cases and Architectures Contents1. Introduction2. VXLAN Overview2.1 VXLAN Bridging2.2 VXLAN Routing3 EVPN Overview3.1 EVPN Operational Benefits3.2 EVPN Terminology3.3 EVPN Address Family and Routes3.4 EVPN Service Models4.  EVPN Core Operations4.1 MAC Address Learning.4.2 ARP Suppression4.3 MAC Mobility4.4 MAC address Damping4.5 Broadcast and Multicast Traffic 4.6 Integrated Routing and Bridging 4.7 EVPN Type 5 Routes – IP Prefix advertisement4.8 Summary Comparison of Route Type-2 and Type-5 Prefix Announcements4.9 Auto RT and Auto RD For VLAN-Based EVIs5. Deployment Models5.1 Underlay and Overlay Design Options5.2 Site Topology Design Options 5.3 Layer 2 VPN...
Continue reading →

Arista Layer 2 VTEP EVPN VxLAN Route Type-1 Support

Arista Layer 2 VTEP EVPN Route Type-1 Support   Arista Layer 2 EVPN VTEP Inter-Operation With A/A Multi-homed Third-Party Layer 3 EVPN VXLAN VTEPs   Contents IntroductionTopology ConfigurationsVerificationTraffic Verification Introduction   This document will explain the configurations required to support inter-working with EVPN VXLAN A/A multi-homed VTEPs, also known as L2 ECMP in VxLAN EVPN.   Currently, EOS uses MLAG is used to achieve Multi-homing in EVPN VxLAN Topologies, with an any-cast VxLAN VTEP configured on the MLAG pair, and as such does not need to support EVPN Multihoming Tx (Type-1 route generation). EOS can however install received Type-1 routes...
Continue reading →

Multi-Tenant EVPN VXLAN IRB Configuration & Verification Guide (iBGP Overlay eBGP Underlay)

Multi-Tenant EVPN VXLAN IRB Configuration & Verification Guide   Symmetric and Asymmetric IRB With VLAN Based and VLAN Aware Bundle Services Using an iBGP Overlay and eBGP Underlay Topology Logical Diagrams Tenant-A: Symmetric IRB Tenant-B: Asymmetric IRB Platform Support: https://www.arista.com/en/support/product-documentation/supported-features Topology Overview   In the symmetric and asymmetric IRB setups illustrated in the figures above;  for tenant-a four subnets are stretched across the two MLAG domains; with two subnets (vlan 10 – 10.10.10.0/24 and vlan 11 – 10.10.11.0/24) configured as a VLAN based service, and two other subnets (vlan 12 – 10.10.12.0/24 and vlan 13 – 10.10.13.0/24) as a vlan-aware...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: