• Category : Tech Tips

 
 

Troubleshooting filesystem full issues

Objective The document aims at describing scenarios that cause filesystems to get full and suggests ways to free up space in the occupied directories.   Introduction At times it is observed that after logging into the switch, EOS may display a warning message as follows: Warning: the following filesystems have less than 10% free space left: tmpfs (on /var/core) 0% (0 Available) tmpfs (on /var/log) 0% (0 Available) Please remove configuration such as tracing and clean up the space. The above message indicates that the /var/log and /var/core directories have reached their maximum utilization. If no action is taken to clear...
Continue reading →

Pause – Revisit the Fundamentals – Know Your Tools

Introduction Please. Pretty please. Pretty please with sugar on top. Do these pleas sound familiar when trying to buy tools for your network? Making a purchase for moving Production traffic is easier. You may be able to quantify how much time can be saved with the purchase of a tool for automation. Or for a tool with an integration focus. Easiest of all may be when proposing a self-service tool that unburdens the thin IT staff. How do you justify spending money on tools for a rainy day when the sun is shining and the birds are chirping? It can...
Continue reading →

Deploying Cloudvision Portal (CVP) on Proxmox VE

Introduction Proxmox is an open source server virtualization solution based on QEMU/KVM and LXC.  You can manage virtual machines, containers, high availability clusters, storage and networks with an integrated, easy-to-use web interface or via CLI. The purpose of this article is to assist in deployment of Arista’s Cloudvision Portal (CVP) within Proxmox VE.  The benefit of utilizing CVP within Proxmox VE is that it offers an open source, subscription free option for those who may not be able to afford proper VMware licensing for lab/demo deployments and/or would like to utilize the rich, open source feature set provided by Proxmox...
Continue reading →

Automate a Layer 3 MLAG Campus Stack With In-Band Management and Telemetry Using CVP

Overview One of the advantages Arista offers for campus switches is an automated approach to grouping campus closet switches together into a virtual stack via CloudVision Portal (CVP).  This article covers a Configlet Builder that will automate the building of a Layer 3 Leaf Spine (L3LS) architecture integrated into the data center. Introduction In a Data Center, switches are traditionally managed out-of-band where the forwarding of management information is in a separate data path than the actual data center traffic.  The management connections are via a separate management network, and the switches typically plug into that environment through a copper...
Continue reading →

Real-time DDoS Mitigation

Introduction Arista has introduced BGP FlowSpec support to EOS in addition to its long supported sFlow feature. This article demonstrates real-time DDoS mitigation using BGP Remote Triggered Black Hole (RTBH) and FlowSpec. Leveraging Open-Source Tools DDoS Protect is an open source application running on the sFlow-RT real-time analytics engine. The software uses streaming analytics to rapidly detect and characterize DDoS flood attacks and automatically applies BGP remote triggered black hole (RTBH) and/or FlowSpec controls to mitigate their impact. The total time to detect and mitigate an attack is in the order of a second. The combination of  standard telemetry (sFlow) and control (BGP FlowSpec) provide the...
Continue reading →

Achieving Optimal Timestamp Accuracy on 7150 Platforms

Background The launch of the Arista 7150S in 2012 delivered the industry’s first product to offer high speed networking with high granularity packet time stamping in an Ethernet switch/router platform. This article will review how time stamping has evolved since. Arista first conceived of the capability to leverage the 7150S to intersect with an emerging network monitoring market requirement that would improve the ability to capture the proper order of traffic captured by network analysis tools over the out of band (OOB) tap aggregation (aka network packet broker) infrastructure. Applying timestamps to packets at the network ingress ports of the...
Continue reading →

Pause – Revisit the Fundamentals – OOB

Introduction From your manager; “We have a greenfield data center project heading our way. I need you to start working on a design for two data centers. Each data center will be 10,000 square feet in size. We’ll need full network redundancy. It needs to support virtualized compute, physical compute, IP Storage, load balancers, firewalls, an oversubscription ration of 3:1 or better, horizontal cabling based on MMF and a set of Data Center Interconnect links with Layer 2 adjacency to support VM Mobility. Oh, and I need a rough budget estimate by the end of the week.” Sound familiar? Hurry...
Continue reading →

Use CVP to Automate a POE L2 MLAG Stack with In-Band Management and Telemetry

Overview One of the advantages Arista offers for campus switches is an automated approach to stacking via CloudVision Portal (CVP), and this article covers a Configlet Builder that will allow for this automation in a Layer 2 Leaf Spine architecture. Introduction In a Data Center, switches are traditionally managed out-of-band where the forwarding of management information is in a separate data path than the actual data center traffic.  The management connections are via a separate management network, and the switches typically plug into that environment through a copper Ethernet port.  In campus, however, management is typically done in-band meaning that...
Continue reading →

VMWare NSX-T 3.0 EVPN Type 5 Integration with Arista Gateways

Introduction VMWare NSX-T 3.0 introduced support for EVPN Type-5 integration which allows efficient multi-tenant L3 exchange between VMWare NSX-T Edge and external gateways. The following graph should visualize life before and after the EVPN Type5 support: Instead of having 802.1q trunk interface with L3 sub-interface per VRF, we now can have a single routed interface with just a single BGP EVPN session. This greatly reduces configuration overhead on both sides. This article will describe all necessary steps required to test this feature against Arista EOS devices. Test Setup Let us assume we already have running EVPN/VXLAN fabric with Symmetric IRB...
Continue reading →

VLAN Traffic Mirroring on R Series Products

Traffic can be mirrored to ports using the monitor syntax, however the source of the mirrored traffic is limited to Ethernet and Port-channel interfaces. If there is a requirement to source a mirror from a specific VLAN across multiple ports, a different method is available as of EOS 4.20.5F or later on R series platforms utilizing DirectFlow. Before DirectFlow can be configured, a new TCAM profile must be configured and applied: hardware tcam    profile direct-flow-mirror-vlan       feature flow          key size limit 160          key field dst-mac ether-type in-port src-mac vlan...
Continue reading →

Streaming EOS telemetry states to InfluxDB

Introduction The aim of this document is to help you deploy and configure InfluxDB, Grafana, and Arista EOS, allowing you to send Telemetry states from the Arista switch to InfluxDB, using one of our OpenConfig connector application octsdb that you can find on our GitHub page. Please note, that these apps were written as a proof-of-concept and are supported on a best-effort basis. You can fork the project and edit based on your requirements. Feedbacks are always welcome and issues can be filed like for any other projects on GitHub. Both OpenTSDB and InfluxDB are time-series databases. Where OpenTSDB is...
Continue reading →

NCClient Example with EOS

Introduction Ncclient is a python library that provides a set of tools to interact with and manipulate devices supporting NETCONF server functionality. The goal of this article is to assist users to leverage ncclient effectively with EOS. This article will outline the use of  ncclient to configure Arista devices using EOS CLI commands, as well as YANG modelled data (and a combination of the two).  This article is not intended to be a full tutorial on YANG or EOS supported YANG models. Arista EOS strives to support open YANG models via support of OpenConfig models wherever possible. At times vendor...
Continue reading →

Inter-VRF Local Route leaking using VRF-leak Agent

Introduction The use of Virtual Routing Forwarding (VRF) to provide a level of segmentation is common practice. In order for traffic to communicate between VRFs, a firewall is generally part of the design. However, situations exist where it is not desirable to place the traffic load between VRFs on the firewall. This article provides a basic solution to leak routes from one VRF to another allowing select subnets to communicate directly. Platforms EOS Switch Versions 4.22F and above Description The Inter-VRF local route leaking feature allows the leaking of routes from one VRF to another using a route map as...
Continue reading →

Pause – Revisit the Fundamentals – ARP

Introduction Wow, networking technology really does continue to march along. If you wanted to be a lifelong learner you definitely picked a great speciality. And face it, we all know the cool kids are the Network Engineers. In this article we’re not going to take a bunch of packet captures nor analyze the outputs of a dozen ‘show’ commands. There are plenty of documents for that already. Rather, this document and the entire Pause series, looks to take a step back and feed your team’s banter about ‘What problem are we trying to solve?’ Evolving Tech New Layer 1 technologies...
Continue reading →

BGP peering configuration examples for service providers

Service providers proficiently use BGP to deliver their services to their customers and communicate witht their peers. This article features some design considerations and configuration examples to try to showcase how a service provider could use BGP and other functionality to operate their networks. 1 BGP peering configuration example for service providers 1.1 Service provider edge A typical service provider edge will be running one or more several peers connecting the SP to its customers and other SPs. This type of autonomous systems is called transit AS. The role of this type of network is to aggregate neighboring networks to...
Continue reading →

Internet BGP peering examples for enterprises

Enterprises seeking redundancy for their Internet connetivity and agility to change service provider when needed, greatly benefit from having their own AS number and IP addresses that can be announced using their own BGP routers. This article features some design considerations and configuration to achieve this in a common enterprise scenario. 1 Internet BGP peering examples for enterprises 1.1 Enterprise edge A typical use case of BGP for an enterprise is to create a possibility to have redundant SPs as Internet uplinks and have its own private IP range (PI) that does not belong to any SP (addresses that belongs...
Continue reading →

BGP primer for Internet peering

Internet is not one single network, it consists of a number of networks owned and operated by different commercial and non-commercial entities. Each network is considered its own autonomous system. To separate the networks from each other, each network has a number called autonomous system number (AS number). The delegation of AS numbers is done by the organizations ARIN (Americas), RIPE (Europe) and APIC (APAC). These organization also delegate IP addresses that each AS is allowed to use. To exchange routing information for IP addresses between each AS, a protocol is needed, aswell as a router with the role to...
Continue reading →

Setting up EVE-NG, CloudVision Portal and vEOS

Introduction EVE-NG is a client-less multivendor network emulation software that enables network and security professionals to build out network topologies and simulate networking environments. Using EVE-NG, Arista vEOS and Arista CloudVision, it is possible to simulate from start to end, connecting and provisioning a datacenter network, test scripting for CloudVision and finally test your EVPN Spine-Leaf configuration. This guide explains how to start an EVE-NG environment (either using the OVF image provided on the EVE-NG site, or by doing a bare-metal install), adding the vEOS and CloudVision images to EVE-NG and connecting the switches in a Leaf-Spine topology. The vEOS...
Continue reading →

CloudVision Appliance Deployment Recommendations (DCA-200-CV)

CloudVision Appliance (CVA) Introduction CloudVision Appliance (DCA-200-CV) is a physical appliance that runs CentOS base image and hosts one instance of each CloudVision Portal (CVP) and CloudVision eXchange (CVX) using KVM hypervisor. It comes with 4X1G NICs and a separate 1G NIC for iDRAC. The virtual NICs on CVP, CVX VMs are mapped to the physical NICs 1-4 as follows: CloudVision Appliance quick start guide can be found here. Deployment Recommendations 1. Ensure that you are running the latest version of the host image; this provides updated OS packages and security patches. The current version of the host image can...
Continue reading →

CVP Container and Configlet Design Guidelines

Platforms: All CloudVision (CVP) versions supported Purpose: The purpose of this document is to provide a starting point for those wanting to take advantage of CloudVision’s provisioning capabilities through the use of shared configlets that are pushed out to devices under a particular container. Summary: CloudVision manages Arista Switch configurations through the use of Containers and Configlets.  The Container layout is completely arbitrary and allows the customer flexibility and alignment to their organization’s mode of operation.  Containers are a hierarchical structure of Parent-Child relationships, similar to Active-Directory.  Configlets represent a snippet of a switch configuration.  The full configuration of a...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: