• Category : Tech Tips

 
 

BFD troubleshooting tips

BFD quick introduction: What is BFD? Bidirectional Forwarding Detection(BFD) is a low overhead protocol designed to provide rapid detection of failures in the path between adjacent forwarding engines over any media and at any protocol layer – this base protocol is defined in RFC5880. It does not operate independently, but only as an adjunct to routing protocols Operation: BFD is a simple Hello protocol that involves  a pair of systems transmitting BFD packets periodically over a path between the two systems, and if a system stops receiving BFD packets  for long enough , that bidirectional path is assumed to have...
Continue reading →

EVPN Multicast OISM Scenarios

Objective The objective of this article is to understand how EVPN OISM (Optimised Inter Subnet Multicast) operates in certain scenarios/designs and understanding the logical flow. This article is best suited if you have already read the below TOI and have some trouble understanding how it would work in real world: https://eos.arista.com/eos-4-25-1f/multicast-evpn-irb/ Scenarios Scenario 1 Topology In above topology, host Sender multicast traffic is in Vlan 10 connected to VTEP-1 and Receiver is Vlan 20, connected to VTEP-2. Please ignore VTEP-3 for now. Vxlan Configuration On both VTEP-1 and VTEP-2 (showing output only for VTEP-1): BGP Configuration VTEP-1 BGP Underlay neighbour...
Continue reading →

TerminAttr – Manual Upgrade & Downgrade

Introduction TerminAttr is the EOS state streaming telemetry agent running as a single binary that can stream to both CloudVision and 3rd party applications using gNMI. It has been bundled with every EOS release from 4.17.0F and above and it’s also available as a SWIX extension that can be used to upgrade TerminAttr to the latest version. This article lists the steps to manually upgrade and downgrade TerminAttr from CLI. How to check which version of TerminAttr is running on EOS As per the release notes, the minimum supported TerminAttr version on each EOS release, is the one that comes...
Continue reading →

7500N Clearance Requirements and Footprint

Introduction When install a 7500N chassis in a rack that provides adequate clearance for removing front and rear components. Arista 7500N Quick Start Guide states the Clearance requirements and footprint for switches.   7500R/R2 Line Card Clearance Since Quick Start Guide mentioned clearance is only for front and rear side, we added more clearance information here in the left and right space for 7500R/R2 Line card as below: Max width (when ejector open and pull out line card) 7500R/R2   The above 2 diagrams show the clearance of left and right in a rack  which is for linecard eject handle...
Continue reading →

VXLAN Configuration check using “show vxlan config-sanity”

Introduction Starting with EOS 4.22.0F, the show vxlan config-sanity command can be used to highlight various common errors in a VxLAN setup. This command is platform-independent. CLI Details switch# show vxlan config-sanity [ options ] VXLAN Config Sanity CLI has the following options. # show vxlan config-sanity (displays details for only FAIL and WARN checks) # show vxlan config-sanity brief (displays a brief output for FAIL and WARN checks) # show vxlan config-sanity detail (displays details for all checks) RESULT column may have one of these three entries:  The status “OK”  indicates a good configuration Status “FAIL” indicates a misconfiguration...
Continue reading →

High CPU on FHR or RP due to PIM

Introduction High CPU due to PIM processes is not always a bug and may be caused by either a misconfiguration or a routing issue.  For the purposes of this document we will focus primarily on network misconfiguration. Overview Network wide choppy video, music on hold streams or loud speaker issues are commonly caused by multicast problems in the network.  Should the issue be network wide and not isolated to one area of the network, the next place to start looking is high CPU on the First Hop Routers (FHR) and/or the Rendezvous Point (RP).  When the CPU process is high...
Continue reading →

CVP HA Deployment Guide

Introduction This document describes high availability deployment scenarios and best practices for Arista CloudVision Portal (CVP). The guide is intended for network architects and engineers who are planning, designing, or implementing an on-premises deployment of CVP. Scope In Scope CVP version 2020.2.x/2020.3.x/2021.1.x On-premises deployment CVP virtual appliance CVP physical appliance Single-site Multi-site Disaster recovery Out of Scope Cloud-based deployment CloudVision as a Service (CVaaS) CVP virtual appliance in the public cloud Detailed implementation steps (refer to the CVP user guide on arista.com) CloudVision Exchange (CVX) Deployment Models Arista offers the on-premises CVP platform in both a virtual and physical form...
Continue reading →

Vxlan Trident L2-Uplink Limitation 113722

If you’ve tried implementing VXLAN on Trident VTEPs with a Layer-2 uplink to remote-vteps, you may have noticed that sometimes packets can’t be successfully forwarded across the VXLAN fabric, or perhaps the latency observed is higher than what’s expected. Alternatively, maybe you never noticed the above symptoms and are here instead because you noticed the following log in your switch: STRATA-6-VXLAN_PORT_TO_NEXTHOP_OVERFLOW. These are the most common observations made when a Trident switch has hit the following limitation, 113722, found in EOS Release Notes: Limitations and Restrictions in 4.26.1F 7300X3, 7320X, 7368, CCS-720XP, CCS-750, DCS-7010, DCS-7050X, DCS-7050X2, DCS-7050X3, DCS-7060X, DCS-7060X2, DCS-7060X4,...
Continue reading →

Setting up AD, NPS, and RADIUS authentication using Windows NPS

Overview This article will guide through setting up Network Policy Server (NPS) on a Windows Server along with Active Directory Domain Services (AD DS). In addition, this document will address the required parameters to successfully authenticate users to login into Arista switches and CVP using RADIUS. Definition Network Policy Server (NPS) – This feature allows administrators to define policies for Network access authentication, authorization and accounting for wireless, authenticating switch, and remote access dial-up, and virtual private network (VPN) connections. Active Directory Domain Services (AD DS) – This feature stores information of Users, computers, and other devices in the network such...
Continue reading →

Extending EVPN and VXLAN to the Host

Overview VxLAN provides a highly scalable, standards based approach for constructing L2 overlays on top of routed networks. It is defined in RFC7348, and encapsulates the original host Ethernet frame in a UDP + IP + Ethernet frame. BGP EVPN (RFC 7432 and RFC 8365 for its application to VXLAN) is a standards based control protocol to efficiently discover other endpoints (VTEPs) and distribute reachability information (MAC addresses). This post assumes the reader is already familiar with configuration and operations of EVPN and VXLAN for Arista. Goals The use case here is the extension of a L2 overlay south of the TOR/Leaf...
Continue reading →

Recommended Configurations for Multicast Using Anycast-RP

Overview Multicast is a means of sending data from one source to many receivers.  To understand what one to many looks like no further than a TV streaming service and or a paging system which calls only certain phones.  Unlike broadcast which multicast may act like depending on the design, typically multicast packets are not meant for the whole network but to a set of end points for a specific group.  Sending to a group is achieved by sending data to a multicast IP whose range is from 224.0.0.1 to 239.255.255.255.   For data to flow from its publisher or source,...
Continue reading →

Using the CloudVision API with Service Accounts

Description With the release of CloudVision Portal 2020.3, you have the ability to create Service Accounts. I won’t show you how to create a Service Account, but you can go to this TOI to read about that. This article will show you how to use Service Account Tokens in Python and cURL for API calls. Platform Compatibility This applies to both CVaaS and on-premise installations. How To Using a Service Account Token allows you to bypass the standard authentication process when making API calls. It also allows you to create a local “account” on CloudVision that doesn’t depend on outside authentication...
Continue reading →

Basic Campus Quality of Service (QoS) design

Introduction Quality of Service (QoS) is the ability to provide different priorities to different applications, users, or data flows, or to guarantee a certain level of performance to a data flow. QoS processes apply to traffic that flows through Ethernet ports and control planes. These processes can modify data fields (Class of Service (CoS) or Differentiated Services Code Point (DSCP)) or assign data streams to traffic classes for prioritised handling. In this document we will be implementing a basic enterprise QoS model. Consider the following topology for the following examples:   What do we want to achieve In this example,...
Continue reading →

Managing Containers on EOS – container-manager

Containers on EOS Container-based deployments make creating cloud portable applications extremely easy. An application can be written on normal build infrastructure, that in turn can be run on a EOS switch or any Linux device that runs docker run time engine. So the same applications that are ran on a server for microservices can be run on switch with Arista EOS. Since Arista extensible operating system is simply linux (CentOS at this time – 2021) we are able to integrate docker run time engine into the operating system. Containers give us the agility and control to run any application without...
Continue reading →

Configure and Troubleshoot DNS on EOS

What is DNS? The Domain Name Server (DNS) maps FQDN labels to IP addresses and provides addresses for network devices. How to install it on EOS switch? EOS has a pre-installed DNSmasq service that can be used as a lightweight DNS server. The switch can be used in the recursive mode to take the local and external requests and forward them to an upstream DNS server.  Each network requires at least one server to resolve addresses. The configuration file can list a maximum of three server addresses. Configuration Step 1: In EOS CLI configure a name-server: ip name-server vrf default...
Continue reading →

Understanding interface breakout modes on Arista switches

Arista switches have the capability to break out QSFP and OSFP interfaces to multiple lanes of smaller speeds. This can be very useful for high density deployments that require a minimal RU footprint by maximizing the ports available on various Arista platforms. With QSFP interfaces, whether it be for 40G or 100G speeds, these are implemented as 4 lanes that can be independently controlled & configured. With 40G interfaces, these interfaces can operate in 4x10G speeds and for 100G interfaces can operate in 4x25G or 2x50G speeds .        As an example, with the Arista 7280CR2A-30 switch which comes with 30...
Continue reading →

Pushing a Python Script to Devices Using CVP (SWIX)

Introduction In a previous article, I discussed how to push a simple Python script to managed devices with CVP through a configlet. In this article, I will show how to create and install an extension with the same python hello script through an image bundle in CVP. This method is useful if the script is very long and/or has dependencies.   Packaging the Script Into an RPM First, we will need to build an RPM to package the python script. We can do this from a linux host with RPMBuild. I also highly recommend taking a look at this guide...
Continue reading →

Pushing a Python Script to Devices Using CVP (Configlet)

Introduction This method is useful for pushing simple scripts to managed devices in CVP. This is not suitable for long scripts or scripts with dependencies. It may work, but creating extensions is a far more structured approach which I talk about here.   Creating the Configlet We will use an event-handler to assist us in creating the script on the switch due to its ability to execute multiple line bash commands. We are not able to use bash commands natively in  CVP configlets. To start the simple method, create the configlet based on the below example from Provisionsing>Configlets. event-handler hello...
Continue reading →

TerminAttr most commonly used flags and sample configurations

Introduction TerminAttr is the EOS state streaming telemetry agent running as a single binary that can stream to both CloudVision and 3rd party applications using gNMI. It has been bundled with every EOS release from 4.17.0F and above and it’s also available as a SWIX extension which can be used to upgrade TerminAttr to the latest version. It is recommended to check the release notes for the latest recommended stable version and compatibility between EOS releases. How to check which version of TerminAttr is running on EOS As the release notes say, the minimum supported TerminAttr version on each EOS...
Continue reading →

Create a CloudEOS IP Fabric in a Cloud Provider Using Terraform and CloudVision as-a-Service

Objective The goal of this document is to guide you through the setup of CloudEOS in AWS and/or Azure using CloudVision as-a-Service and the Terraform CloudEOS examples in the Arista GitHub repository. Obtain a CloudVision as-a-Service Account Work with an Arista account team member to procure a CloudVision as-a-Service account. Download and Install Terraform From www.terraform.io, download Terraform 13 or above.  It is best to place the terraform binary file in the PATH of your workstation for ease of use. Download and Install Cloud Provider CLI For AWS Cloud Deployment For an AWS demonstration environment, download and install AWS CLI...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: