• Blog

 
 

How to FTP/SCP/WinSCP

In this document we will look at tools for quickly uploading and downloading files between hosts and Arista switches. 1) SCP On a Linux or Mac, scp is a CLI tool already built in and can be invoked by using the scp command. SCP or secure copy allows secure transferring of files between a local host and a remote host or between two remote hosts. It uses the same authentication and security as the Secure Shell (SSH) protocol from which it is based. Before we look at the commands and examples, please make sure steps given below are followed:  ...
Continue reading →

“Wait-for-warmup” command – To understand if an agent has initialized

ContentsObjectiveMain use caseDetails of the wfw commandExamplesa) The agent is up and runningb) The agent is shutdownWFW command without the verbose optionEquivalent CLI command for wfwWFW command behavior after terminating an EOS agent Objective The aim of this document is to convey the use case and details of the bash command, wait-for-warmup (wfw). An equivalent CLI command exists for the same which is described later in this article. Main use case Agents like the forwarding agent of the switch take some time to come up when terminated. The same is the case for the linecard and fabric module agents when...
Continue reading →

Taking packet captures on Arista devices

ContentsControl-plane packet captureRunning tcpdump natively in EOSRunning tcpdump from bashData-plane packet captureMonitor sessionRunning tcpdump for data-plane traffic natively in EOSRunning tcpdump for data-plane traffic from bashRunning tcpdump for data-plane traffic from bash for 7050/7060/7260 devices using mirror to GRETest setupConfigurationShow commandsViewing the packet capture on CLIViewing the packet capture on wireshark:To enable sflow globallyConfiguring the agent source addressConfiguring the polling intervalConfiguring the sampling rate and sample contentsEnabling sflowShow commandsRunning tcpdump for data-plane traffic from bash for 7050/7060 devices using sflowConfigurationShow commandsViewing the packet capture on CLILimitationsReferences Control-plane packet capture TCPDUMP on physical ports and SVIs. This will help in capturing...
Continue reading →

Troubleshooting Multicast

ContentsOverviewPreliminary ChecksCommon Issues in Multicast1) Multicast Bridging(i) Multicast traffic not received by the subscriber(ii)Multicast traffic is flooded within a VLAN2) Multicast Routing(i) Last-Hop Router (LHR)(a) (*,G) mroute is missing (b) OIL is not populated for a (*,G)(ii) First-Hop Router (FHR)(a) (S,G) mroute is missing or the IIF for (S,G) has null populated(b) OIL is stuck in Register on FHR:(iii) Rendez-vous Point (RP)(a) (*,G) mroute is missing(b) (S,G) mroute is missing(iv) Unresolved Mroutes: 3) Is Multicast traffic being software forwarded i.e. is traffic going to CPU? Logs Collection: Overview The aim of this article is to highlight common issues related to...
Continue reading →

VxLAN troubleshooting guide

ContentsVxLAN Basic Troubleshooting GuideI. ObjectiveII. Introduction:III. TopologyIV. Generic Configurations to be checkedIV. Scenario specific troubleshootingVxLAN Bridging:VxLAN Routing: VxLAN Basic Troubleshooting Guide I. Objective Provide basic/generic troubleshooting steps to customers in case any VxLAN issue is encountered in their network. II. Introduction: Troubleshooting VxLAN involves few steps as mentioned in the upcoming sections of this document. The below referred topology includes VxLAN configurations with server 1,2,3 as the host devices which obtain connectivity over a vxlan tunnel. Troubleshooting steps are bifurcated into routing and bridging to include multiple scenarios possible.   III. Topology   IV. Generic Configurations to be checked A....
Continue reading →

Basic BGP Troubleshooting

ContentsObjectiveI. Neighborshipa. Idle (NoIf)b. Idle(MaxPath)c. The neighborship state is flapping between Connect and Active:d. Stuck in Active stateII. Route Advertisement/Receptiona. Route reception issueb. Route advertisement issuec. AS path loopIII. Route InstallationCase 1: The prefix received from one peer is preferred over the same prefix received from another peer.Case 2: Route for the prefix is installed from a routing protocol other than BGPCase 3: No route to the next hopVI. Logs collection: Objective The objective of this document is to outline the various common issues faced in BGP and the troubleshooting commands for the same. I. Neighborship BGP sends unicast messages,...
Continue reading →

Centralized vs. Distributed VxLAN Routing with EVPN

Tech Note: Centralized vs. Distributed VxLAN Routing with EVPN Over the past few years EVPN VxLAN deployments have become an increasingly popular overlay architecture selected by customers, primarily in data-center layer 3 leaf-spine (L3LS) fabrics.  With this popularity, numerous deployment topologies, and configuration options have presented themselves. This article reflects our observations based on real-world deployment experiences on one such choice; centralized vs. distributed gateways. When deploying EVPN VXLAN integrated routing and bridging (IRB), both VXLAN bridging and VXLAN routing are required concurrently on the switch.  This capability is also commonly referred to as an EVPN VxLAN gateway. There are...
Continue reading →

Displaying Neighbors’ Names with OSPF and BGP

This article describes how to configure Arista devices to display user-defined names for OSPF and BGP neighbors. OSPF First define name to IP address mappings, one per neighbor, where IP address is neighbor’s OSPF router ID: SW1(config)# ip host SW2 2.2.2.2 Next enable OSPF name resolution: SW1(config)# ip ospf name-lookup Finally, validate the output of ‘show ip ospf neighbor’ command. The command should display the user-defined name instead of router-ID: SW1(config)# show ip ospf neighbor Neighbor ID   VRF         Pri       State             Dead Time     Address        Interface SW2   ...
Continue reading →

25G Lane Speed

ContentsIntroductionPlatform CompatibilityConfigurationConfigure forced 25G speedOutput from “show interface status” commandConfigure forced 10G/1G speed on Et2-4Output from “show interface status” commandConfigure forced 10G speedOutput from “show interface status” commandConfigure forced 1G/100M speed on Et2-4Output from “show interface status” commandConfigure forced 1G speedOutput from “show interface status” commandConfigure forced 10G/100M speed on Et2-4Output from “show interface status” commandStatus Introduction With the introduction of support for 25GbE on servers and switches we expect to see a rapid movement to server attachment at 25G, replacing the use of servers at 40G. Even though 25G is becoming norm these days, most of the deployment is...
Continue reading →

Basic troubleshooting steps for some CVP and telemetry issues

ContentsObjectiveGeneral issues covered1. The CVP web-explorer is not reachable2. A configlet/image bundle push task to the switch failed3. Device not getting added to telemetryLogs to be collected from the SwitchLogs to be collected from the CVP server Objective The aim of this document is to convey a set of troubleshooting steps that can be carried out when running into issues with CVP and telemetry. General issues covered Issue 1- The CVP web-explorer is not reachable Issue 2- A configlet/image bundle push task to the switch failed Issue 3- Device not getting added to telemetry 1. The CVP web-explorer is not...
Continue reading →

Password Recovery

This article describes how to gain access to an Arista 7130 device if you lose the password. ContentsThere are two solutions:Password recovery using grubMOS 0.20 and laterMOS 0.19.10 and earlierMOS 0.14.3 and earlierNo grub prompt from MOS 0.17.0 to 0.18.6Factory restore via USB There are two solutions: Password recovery using grub from the serial console. Factory restore via USB. Password recovery using grub Reboot, either by using the reload command at the command line or by power cycling the device. The grub menu will appear after the BIOS message “Press <del> or to enter setup” or “Press <del> or to...
Continue reading →

Interface Status

The “show interfaces status” commands show the link status of the receive (Rx) and transmit (Tx). Besides “up” and “down”, the command gives addition information of the status of the port. This includes: Link status: shutdown – the port has been shutdown through the management platform. (Tx only) no source – the interface is not sourcing signal from anywhere. (Rx only) no signal – there is no signal received. (Rx only) no link – a signal is detected on the line side but there is not a valid link coming into device from upstream. Flags returned from the underlying driver...
Continue reading →

How do I get “tech-support” info from a 7130 device?

Arista 7130 devices have the ability to generate a zip archive of useful information which may be used to troubleshoot and diagnose issues. The archive contains information about the device configuration, state and relevant log files. Sending the archive to Arista Already have an archive? The archive may be sent to Arista using Tech Support Archive Submission. Please note the reference number for any further correspondence regarding the tech-support archive. Creating a tech-support archive To create a tech support archive use the “show tech-support” command: tad6#show tech-support Files zipped to A32-A4-52963-3_20170228_121510.zip To obtain the zip please use scp or a...
Continue reading →

CVP AAA TACACS+ authorization with Cisco ISE

ContentsCVP AAA TACACS+ authorization with Cisco ISEIntroductionConfiguring cvp-roles in Cisco ISEPCAPsCommon mistakes CVP AAA TACACS+ authorization with Cisco ISE Introduction We saw last time how to correctly integrate Aruba ClearPass CPPM with CVP so TACACS+ users can authenticate with the correct network role. The purpose of this document is to show the same for Cisco ISE (successor of ACS) TACACS+. Our goal is to make Cisco ISE send us the cvp-roles=network-admin attribute in the Authorization reply packet.   NOTE If you are running CVP versions 2018.2.0 and 2018.2.1 you might hit BUG 345723 due to which in tacacs-provider authorization we...
Continue reading →

Working with certificates

ContentsIntroduction and motivationCertificate management on an Arista switchStep 1: Generate the key pair:Step 2: Generate the certificate signing request:Step 3: We submit the CSR to the CA and get the signed certificate back. Step 4: Create an SSL profile using the certificateStep 5: SSL profile managementStep 6: Activate eAPI access and refer to the previously created SSL profileInstall your own CAStep 1: Download and install XCA on your machine.Step 2: Create a new databaseStep 3: Create a new CA certificateStep 4: Import the CSRStep 5: Issue the certificate Introduction and motivation Encryption protocols like HTTPS use certificates to authenticate the...
Continue reading →

How to update your Arista 7130 device

Arista 7130 devices run MOS. You can find the latest version of MOS at the Software Release Portal page. Broadly, there are two ways of updating the software on your device: a complete re-install, or the addition of the new image. The most commonly used method is the latter – a new software image is uploaded, the configuration is retained, and the device is reloaded to the new software. A complete re-image of the device would be required in order to restore the device to a factory-fresh state. That includes all configuration, including SSH keys, log files, startup configuration files,...
Continue reading →

How to set up MetaMux for a typical exchange

ContentsIntroductionConfiguration overview:Configuring MetaMux to pass through traffic from the L3 SwitchAdding a server to each the MetaMux instanceAdding additional serversSaving the configurationConfiguring the Layer 3 networkServer configurationAdjusting the MAC addressesL3 Switch configurationICMP Host Unknown/Unreachable Introduction This is an example configuration of MetaMux on an Arista 7130 being used with a typical exchange connection. Configuration overview: 3 servers will be used to connect to each exchange connection receiving market data Market data and order responses from the Exchange feed will be delivered to each server on NIC 1. The Layer 3 process will be handled by an existing existing switch, however...
Continue reading →

How to setup BGP for Exchange Connectivity

This is an example configuration of MetaMux on an Arista 7130 device being used with a typical exchange connection. BGP / PIM peering is done via internal routing daemons. ContentsOverview:Device Configuration:Enabling the MetaMux Application:Ingress traffic:Egress traffic:Routing (BGP/PIM) Configuration:Complete Sample ConfigurationServer side configurationAdjusting the MAC addressIP and Routing Configuration Overview: This example shows 2 servers connected to one exchange gateway but may easily be modified for additional servers Market data and order responses from the Exchange feed will be delivered to the server on NIC 1 The Layer 3 processes (such as BGP / PIM peering) is done via internal routing...
Continue reading →

How to install an application

Applications may be installed on your Arista 7130 device. Application installs will persist across reboots. Applications are installed in /opt/apps when using the install process. Presently, MOS ships with the latest stable version of each of the relevant applications, however if there’s a need to install a specific version of an application, instructions are below. Installing an application from the CLI Download the desired software application image as an RPM from the Software Download page. The file will be named something like “application-version.x86_64.rpm” i.e. metamux-0.14.3-1967.x86_64.rpm Copy the file to your Arista 7130 device. This can be done in a number...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: