Reversing The Airflow of a Running Switch

Occasionally customers have a switch in production that they need to change the airflow direction of e.g. from a front-to-rear (-F) to a rear-to-front (-R), or vice-versa, without shutting down the switch. The following procedure outlines the steps to follow in order to accomplish this. This procedure assumes that you already have the replacement fans and PSUs on hand and are ready to perform the swap. Start with the switch powered up, both power supplies powered and providing power to the switch. Gain access to the switch’s serial console to check status and run CLI commands as need be. Add...
Continue reading →

Creating A Multi-node vEOS Vagrant Enviroment

Introduction Beginning with EOS 4.15.2F, vEOS is available as a Vagrant box for VirtualBox. Vagrant is great whether you are simply getting started with vEOS or want to easily create a complex test environment.  With Vagrant, multiple VMs may be defined within a single ‘Vagrant file’, including non vEOS VMs allowing for an entire topology to be instantiated using a single file. For more info on Vagrant, check out their documentation.  This document will go through the details of how to use the predefined Vagrantfile shared below to instantiate a Spine&Leaf topology with vEOS. The topology that will be created is shown...
Continue reading →

Using eAPI to Provide SNMP Extensions

EOS utilizes net-snmp which offers provisions to extend OIDs.  The following script leverages eAPI to gather OSPFv3 interface information and populates the SNMP ospfv3IfTable. The OSPFV3-MIB can be downloaded from here: http://www.oidview.com/mibs/0/OSPFV3-MIB.html #!/usr/bin/python -u # # Arista Networks, Inc. # # Script: ospfv3IfTable.py v1.6 # # This script populates the ospfv3IfTable via a net-snmp extension # # 1. Copy this script to /mnt/flash as ospfv3IfTable.py # # 2. Copy snmp_passpersist to /mnt/flash # https://github.com/nagius/snmp_passpersist # # 3. Enable management api (script uses a unix socket) # management api http-commands # protocol unix-socket # no shutdown # # 4. Configure snmp to...
Continue reading →

Using stunnel (TLS Proxy) to secure OpenFlow on EOS

Do you have an OpenFlow controller that supports communication channel encryption via TLS and you’d like to take advantage of that option with an Arista switch? No problem! Just follow these simple steps and in mere minutes you’ll have a secure TLS connection up and running. Just imagine the look of shock and amazement on the faces of your friends, family and coworkers as you extend the capabilities of your EOS powered switch in near real time! 1) Please download Stunnel from here: http://dl.fedoraproject.org/pub/archive/fedora/linux/releases/14/Fedora/i386/os/Packages/stunnel-4.33-1.fc14.i686.rpm   2) Copy it to flash on the switch: switch#copy scp://@//stunnel-4.33-1.fc14.i686.rpm flash:   3) Install the...
Continue reading →

Configure groups of interfaces based on description regex

A simple python eAPI script to find groups of interfaces to configure based on a regex match to interface descriptions. The most interesting part is that the script types out the “interface <list of matching interfaces>” command in an interactive manner as if the EOS CLI user typed it. The command is even saved in the command history. Give it a try!   1) Configure a command alias: alias intRegex bash sudo /mnt/flash/intRegex.py %1   2) Load the script in flash: #!/usr/bin/env python # # intRegex.py ver 1.12 # Arista Networks, Inc. import jsonrpclib, os, re, socket, sys, fcntl, termios...
Continue reading →

EVPN Configuration – Layer 2 EVPN design with Type-2 routes

Introduction This document describes the operation and configuration of BGP EVPN with a VXLAN forwarding plane, for the construction of multi-tenant Layer 2 networks, termed L2VPNs within this document, over a layer 3 leaf-spine network. The configuration and guidance within the document unless specifically noted are based on the platforms and EOS releases noted in the table below Platform Software Release 7050X Series EOS release 4.18.1 7050X2 series EOS release 4.18.1 7060X Series EOS release 4.18.1 7160 series EOS release 4.18.1 7280SE/7280R/7500R/7050E EOS release 4.18.1   Leaf spine underlay architecture EVPN with a VXLAN forwarding plane provides the ability to...
Continue reading →

Automating CVX BugAlert Database Updates

Bug Alert Update Automation Intro Arista Networks released the Bug Alert feature as part of EOS 4.17.0F. Arista publishes a database in JSON format of bugs. This database is installed on the CloudVision Exchange (CVX) that provides NetDB services to your Universal Cloud Network. Using the included CLI a user can report on her environment for know bug exposures based on the actual configuration and EOS versions of the switches. This is indeed a powerful feature and in this article we will explain how to automate the updating of the Bug Alerts database with a simple script.   For more...
Continue reading →

Migrating from a VXLAN Controllerless implementation to a Cloud Vision eXchange (CVX) Controller

Introduction This post is intended to give step-by-step instructions on how to migrate from a controllerless VXLAN implementation that is using manual Head End Replication (HER) with static flood lists to a controller based model using Cloud Vision eXchange (CVX) with VXLAN Control Services (VCS).  The order of the steps we are going perform in the migration section of this document were tested and found to cause the least amount of impact in terms of packet loss during a cutover from HER to CVX. This article assumes that you already have a working knowledge of VXLAN with manual Head End Replication, an...
Continue reading →

Arista 7280R Series 40G/100G systems Multi-Speed Port Configuration

Overview In high performance leaf and spine networks the Arista 7280R Series enables a high level of flexibility with a common consistent architecture, with a choice of 1RU and 2RU fixed systems, 10G to 100G interface speeds and port density up to 72 ports of 40G and 60 ports of 100G. The 7280R Series include the ability for enabling multiple speeds on QSFP ports, with a per interface configuration that is optimized for the maximum overall system flexibility. On some members of the 7280R Series to maximise the total system port count, and at the same time facilitate the most...
Continue reading →

Deploy Arista vEOS-lab 4.19.0F (VirtualBox, VM Workstation, VM Fusion, vCenter 6.5)

How to deploy Arista vEOS-lab 4.19.0F     Summary   One great way to test drive an Arista switch is to download the free vm of the switch called vEOS-lab. This is the actual OS used on physical switches, but in a vmdk format that can be deployed on major hypervisors from VMware ESXi, vCenter, VM Workstation, VM Fusion, and VirtualBox. Because of the wide variety of hypervisors on the market, Arista has deploy this vm as a vmdk. The second file required is the Aboot iso. These files are uploaded as IDE devices onto the hypervisor. Minimum Req 2...
Continue reading →

WinSCP with Arista Switches

WinSCP with Arista Switches Summary WinSCP is a popular tool for quickly uploading and downloading files between hosts. On a Linux or Mac, scp is a CLI tool already built in and can be invoked by using the scp command. However, unlike Linux and Mac, there is no native CLI for scp on Windows.   One tool that can be installed is pscp.exe from the guys who brought you PuTTY, found here. This post will go over the WinSCP, a GUI alternative. The latest version as of this writing is 5.11.1 which can be found here.   There are three...
Continue reading →

Arista Hybrid Cloud – IPSec between vEOS Router and Linux

This document provides the steps and running configuration for setting up an IPsec connection between vEOS Router and a Linux Compute Node instance in AWS. On the Linux Compute Node Install Strongswan You might have to enable epel repository for yum on AWS. (https://aws.amazon.com/premiumsupport/knowledge-center/ec2-enable-epel/) yum install strongswan   Create a GRE tunnel on the machine ip tunnel add tun0 mode gre remote <ip addr on veos et> local <ip addr on client eth> ip link set tun0 up ip addr add <ip addr> dev  tun0 ip route add <prefix> dev tun0   In /etc/strongswan/ipsec.conf, add the configuration for the Ipsec...
Continue reading →

CloudVision Portal RESTful API Client

Arista Cloudvision® Portal (CVP) provides a central point of management for Arista network switches through shared snippets of configuration (configlets) enabling Network Engineers to provision the network more consistently and efficiently. While CVP highlights a graphical user interface for configuration and management of devices, it also includes a full-featured RESTful API that provides all of the same functionality available via the GUI which can be used to automate workflows and integrate with other tools. CVPRAC is a wrapper client for CVP’s RESTful APIs which greatly simplifies usage of the API and more elegantly handles the connections to the CVP nodes....
Continue reading →

Common Issues When Deploying CVX 4.18.2F on vCenter 6 or 6.5

Common Issues When Deploying CVX 4.18.2F on vCenter 6 or 6.5  Summary   This article will go over how to install CVX on a vCenter 6 appliance. Starting from vCenter 6, there was a change in the OVFTool built into vCenter that changes the SHA hashing algorithm from 1 to 256. There is also an issue with 6.5 where it is required to go into the BIOS of the CVX vm and change the boot order from HDD to CD.   The vEOS image (whethere as a vEOS-lab, vEOS for vRouter functionality in Amazon Web Services or Microsoft Azure, or...
Continue reading →

Using dynamic Ansible inventories to manage CloudVision switches.

Ansible Dynamic libraries with CloudVision  The common question when talking with customers about CloudVision is are we able to also use a configuration management tool such as Ansible along with CloudVision?  You can use CVP and Ansible to both manage your Arista devices.  This is a guide to dynamically pull CloudVision for its devices and automatically have Ansible use those CVP managed devices.  Arista has supported Ansible EOS modules for quite some time and are still innovating on new modules in the latest version of Ansible which at the time of writing is 2.3.  Summary Dynamic inventories are setup in Ansible...
Continue reading →

Alias – Simple yet powerful

Alias – Simple yet powerful   About: Alias mySimpleAlias <a maybe complicated command you would never remember>     Alias commands can be composed of multiple lines and embed variables. Below is an example of alias used as configuration template for automating configuration with just few arguments. Sunch template can satisfy complex configurations and be highly reusable. This high-level scripting or command bundling is simple to implement yet powerful.     The below example is a multi-line alias with variables (%<x>)   alias set-baremetal !! Syntax : set-baremetal <INTF> <Po ID> <DESCR> <VLAN> !! Example: set-baremetal e1,2 po1 “To Server...
Continue reading →

Changing the switchport default mode

By default all ports on an Arista switch are configured to be switch ports, as you would expect. If you are mostly dealing with routed ports, this behaviour may not be totally desirable. Starting in EOS-4.18.0, this behaviour is configurable e.g. we can have all interfaces in routed mode by default. switch1...11:10:56(config)#show run int et 1-4interface Ethernet1interface Ethernet2interface Ethernet3interface Ethernet4switch1...11:11:00(config)#show interface Et1-4 switchport | i Name|Switchport:Name: Et1Switchport: EnabledName: Et2Switchport: EnabledName: Et3Switchport: EnabledName: Et4Switchport: Enabled To change the default, simply issue the configuration command switchport default mode routed As you can see, all interfaces are now in routed mode by default:...
Continue reading →

VM Tracer configuration on a layer 2 switch

Introduction There are many network architectures, which include a separate network for out-of-band management. All Arista switches come with at least one designated management interface that is VRF-aware. When VM Tracer is configured on an Arista switch, by default, vCenter communication will be sourced from the management interface. There are situations where a layer 2 switch has the management interface configured in a separate VRF, not reachable from the vCenter network segment.  Objective Create reachability to vCenter from layer 2 switches that have the management interface configured in a separate VRF, not reachable from the vCenter network segment.  Prerequisites Proper VM Tracer configuration...
Continue reading →

Export CVP Functionality to Ansible

In some network environments there is a separation of responsibility for the network infrastructure and the server side equipment. In these environments, different groups responsible for managing different equipment could use different tools for the job. This guide will discuss one of the several options for integrating Arista’s network management tool, CloudVision Portal (CVP), into an Ansible environment. Summary In this example, the environment uses Ansible as the configuration management tool for server provisioning but uses CVP for network management. The environment is set up to allow the server team to provision top of rack switch ports for servers using...
Continue reading →