• Category : Tech Tips

 
 

TerminAttr most commonly used flags and sample configurations

Introduction TerminAttr is the EOS state streaming telemetry agent running as a single binary that can stream to both CloudVision and 3rd party applications using gNMI. It has been bundled with every EOS release from 4.17.0F and above and it’s also available as a SWIX extension which can be used to upgrade TerminAttr to the latest version. It is recommended to check the release notes for the latest recommended stable version and compatibility between EOS releases. How to check which version of TerminAttr is running on EOS As the release notes say, the minimum supported TerminAttr version on each EOS...
Continue reading →

Create a CloudEOS IP Fabric in a Cloud Provider Using Terraform and CloudVision as-a-Service

Objective The goal of this document is to guide you through the setup of CloudEOS in AWS and/or Azure using CloudVision as-a-Service and the Terraform CloudEOS examples in the Arista GitHub repository. Obtain a CloudVision as-a-Service Account Work with an Arista account team member to procure a CloudVision as-a-Service account. Download and Install Terraform From www.terraform.io, download Terraform 13 or above.  It is best to place the terraform binary file in the PATH of your workstation for ease of use. Download and Install Cloud Provider CLI For AWS Cloud Deployment For an AWS demonstration environment, download and install AWS CLI...
Continue reading →

gNMIReverse Examples

Introduction gNMIReverse is a Dial-Out gRPC service (available on our Github page) that reverses the direction of the dial for gNMI Subscriptions, where the gNMIReverse client (running along with gNMI target) on the switch sends data to the gNMIReverse Server. This article contains steps on how to build the gNMIReverse client and server binaries and examples on how to configure the daemon to run the gNMIReverse client on EOS. Prerequisite The following tools are required to proceed with this setup including cloning the repository and compiling client binary for EOS. Go Git Installing and configuring gNMIReverse client Building the client...
Continue reading →

Understanding and Interpreting SNMP outputs for switch entities

This article provides an overview on how to interpret the values returned by SNMP on polling certain MIB objects related to physical entities such as sensor values of different components from a switch. Overview of Entity MIBS To provide a quick overview, Arista supports the following standard MIBs:  ENTITY-MIB (RFC4133) ENTITY-SENSOR-MIB (RFC4268) ENTITY-STATE-MIB (RFC3433) ..and also a proprietary MIB: ARISTA-ENTITY-SENSOR-MIB ENTITY-MIB describes a set of MIB objects that can be used to poll information regarding physical entities in a networking equipment such as entity name, class (if the unit is a sensor, module, fan, power supply, container etc), hardware /...
Continue reading →

Understanding Table Sizes on the 7050QX-32

A common question asked about Arista switches is “how many routes can they handle”, and unfortunately, this is never an easy question to answer. Dedicated switch ASIC hardware is required to program each route so that when a packet arrives with a certain destination address, the switch can look up the destination and route the packet to the correct interface at line-rate across all the ports. The part that makes it hard is that there is practically never a 1:1 mapping between hardware resources on a switch and the number of routes that can be programmed into them, and under...
Continue reading →

Curl’ing with EOS and third party devices

Perhaps you’re aware that EOS is based on Linux, which comes with many powerful & useful built-in utilities. I recently wrote an EOS Central article on sed. Even if you are not a pure networking person (perhaps you’re a server person), many of the familiar Linux tools you have used in your past exist on EOS natively today. One of my customers recently shared an experience with me that made me smile because they had now started to embrace the Linux underpinnings & power of EOS after running into a configuration challenge with a 3rd party (television) broadcast IP/SDI gateway...
Continue reading →

A simple GNU sed example on EOS

Hopefully by now you are aware that Arista EOS (Extensible Operating System), which is the operating system that runs on Arista switches, is based on Linux. From the CLI you can drop to the Bash shell by just typing bash. Given that EOS is based on Linux you already have access to many of the helpful utilities seen in many Linux distributions. Let’s pretend that you have a configuration file that was copied over from another very similar configuration and that the only thing that needs to change is every occurrence of IP addresses that look like 10.0.x.y. This is...
Continue reading →

CloudVision Event Guide

Contents Overview CloudVision Portal Events Streaming Analytics Error CVE Bug Exposed Change Control Failed Change Control Running Change Control Succeeded Clock Not Synchronized Anomaly in CloudTracer Latency CVX Disconnection Low Disk Partition Space Available Disk Partition Usage Approaching Threshold Packet Loss Detected for CloudTracer Host High CPU Load High CPU Utilization High QSFP DOM Temperature High QSFP DOM Voltage High SFP DOM Temperature High SFP DOM Voltage Interface Went Down Unexpectedly Interface Went Down Expectedly Unexpected Link Change Expected Link Change Tunnel Interface Went Down EOS Version Change High Interface Alignment Errors Abnormally Large Frames Abnormally Small Frames High Interface...
Continue reading →

Troubleshooting Egress Queue drops on 7280/7500 devices

Aggregate VoQ drops on 7280/7500 devices On 7280/7500 devices, the platform architecture uses Virtual Output Queuing (VoQ) between the ingress and egress chips to forward known unicast traffic. Whenever a packet is to be transmitted, the ingress chip requests for credit from the egress. Once the credits are issued/granted, the packet is dequeued to the egress chip. While the packets are awaiting the credit, they are enqueued on the ingress chip buffers, in the Virtual Output Queue (VoQ) for the corresponding egress port. Accordingly, in the output of “show interfaces counters queue detail” on these devices, we see two sections:...
Continue reading →

Operation of the Route-Map ‘continue’ feature with CLI outputs

Supported Platforms The Route-Map ‘continue’ feature is supported on all platforms and is hence platform-independent. The support for this feature in Multi-agent model has been added since EOS-4.21.0, and the support for this feature in Single-agent model  is supported since EOS-4.10.2 Background of the default operation of a route-map A given route-map can have a number of sequence statements each of which contain optional match and/or set rules. When a route is advertised to a BGP neighbor or received from a BGP neighbor, that route is evaluated against each sequence statement of the route-map that’s applied to the concerned neighbor,...
Continue reading →

Onboarding a switch in CVP

Description This article will talk about how to onboard a switch in CVP 2019.1.x/2020.1.x and will deep-dive into the process involved during the registration process. In addition, we will also include the troubleshooting steps that can be taken in case the registration process fails.  Platform compatibility This feature is supported on all platforms. Configuration On the Switch: To enable the onboarding process, we will need to first enable command-api on the switch so that the switch is able to communicate with CVP via eAPI. This can be done in the following way: Arista#configure Arista(config)#management api http-commands Arista(config-mgmt-api-http-cmds)#no shut Arista(config-mgmt-api-http-cmds)#show active...
Continue reading →

Launching CloudEOS in Azure with Terraform

Launching CloudEOS in Azure with Terraform Introduction Enterprise cloud organizations are orchestrating environments in the cloud.  This can be done with cloud native tools such as AWS CloudFormation or Azure Resource Manager Templates.  However, Terraform is winning enterprise mindshare as a cross-cloud orchestration system, and this post is an example of a simple CloudEOS deployment into Azure using Terraform. Diagram Below is the diagram that will be referenced in this post. Prerequisites It will be assumed that the reader has familiarity with Terraform and how to setup the Terraform environment.  For basic instructions on setting up a Terraform environment, see...
Continue reading →

Launching CloudEOS in AWS with Terraform

Launching CloudEOS in AWS with Terraform Introduction Enterprise cloud organizations are orchestrating environments in the cloud.  This can be done with cloud native tools such as AWS CloudFormation or Azure Resource Manager Templates.  However, Terraform is winning enterprise mindshare as a cross-cloud orchestration system, and this post is an example of a simple CloudEOS deployment into AWS using Terraform. Diagram Below is the diagram that will be referenced in this post. Prerequisites It will be assumed that the reader has familiarity with Terraform and how to setup the Terraform environment.  For basic instructions on installing and setting up a Terraform...
Continue reading →

Monitoring Link Quality Using Forward Error Correction (FEC) Data on Arista Switches

Introduction When forward error correction is enabled, it provides a set of statistics which can be used to monitor the health of the link at layer 1.  By comparing trends over time it may be possible to predict which links may experience service impacting error rates allowing action to be taken before these events. This document will describe these statistics and how to monitor them on an Arista switch running EOS.   Forward Error Correction Forward error correction (FEC) is a technique used in data communications where data is portioned into blocks and to these blocks parity bits are added. When...
Continue reading →

Streaming EOS telemetry states to ELK stack using openconfigbeat

Introduction The purpose of this document is to help you to set up an ELK (Elasticsearch/Logstash/Kibana) stack and stream EOS Telemetry states from an Arista Switch using openconfigbeat that can stream gRPC updates from OpenConfig or TerminAttr directly into Elasticsearch. Please note, that this app was written as a proof-of-concept and is supported on a best-effort basis. The projects can be forked and modified to suit your needs. Feedbacks are always welcome and issues can be filed like for any other projects on Github. Elasticsearch is the distributed search and analytics engine at the heart of the Elastic Stack. Logstash...
Continue reading →

Commit Signing with Git at Enterprise Scale

Commit Signing with Git at Enterprise Scale Git is one of the most ubiquitous version control systems used today, seeing extensive usage in projects both around the world and within Arista. Everyday numerous Arista employees, located around the world, make commits to the codebase to fix bugs, add features, and save works in progress. The same scenario plays out with many other people, both when working for private enterprises, government institutions, and open source projects. The following paper discusses changes made to alleviate a fundamental security problem with Git, and version control systems in general. It is assumed that readers...
Continue reading →

How to build and install DPDKCap

Introduction DPDKCap is high performance packet capture tool based on DPDK. This guide explains how to build, install and use DPDKCap on a CentOS 7 based system. Arista Fork : https://github.com/aristanetworks/dpdkcap Assumptions CentOS 7 Linux NVMe capture drive (not mandatory but recommended for line rate capture) Running as root user CPU & NIC combination that supports DPDK System used to validate performance Manufacturer: Supermicro Part number: SYS-E300-8D Processor: Intel Xeon CPU D-1518 Memory: 2x Micron 9ASF1G72PZ-2G3A1 8GB DIMMs HDD: Samsung 860 PRO SSD 4TB NVMe: Samsung 960 EVO 1TB Build steps Create a directory at /data and format and mount...
Continue reading →

Syslog message generation on MAC table changes

This feature provides the ability to generate Syslog messages for the events related to mac address entries being learnt or removed from the mac address-table on the switch. Here we will leverage following two key features of EOS: Event Monitor Event Handler Platform compatibility This feature is supported on all platforms.   Configuration The following shows how to configure the event monitor and event-handler for generating syslog messages for each mac address entry learnt or removed from the eventmon database.   1) First of all, enable the event monitor on the switch with the help of command event-monitor. Switch(config)# Switch(config)#...
Continue reading →

Default Control Plane ACL Explained

Explaining the default Control Plane ACL- Control-plane traffic is defined as the traffic that is destined to or sourced from the CPU. An access-list applied to the control-plane traffic is called the control-plane ACL. By default, every Arista switch comes configured with a control-plane ACL, named ‘default-control-plane-acl’, which cannot be modified (read-only). To add to the control-plane ACL, you should create a new ACL and apply it to the control-plane (see next section). When customizing the default CP-ACL, be wary of removing original rules which could negatively impact necessary traffic on your network. Please see the Caveats section as examples....
Continue reading →

CloudVision Portal Hardening Guide

Introduction This guide is provided as a starting point for securing CloudVision Portal, also known as CVP. In the below sections various best practices such as non-default configurations, setup instructions, and discussions of other monitoring systems are discussed.  The best way to ensure that a CVP system remains secure is to combine the configuration instructions discussed below with a monitoring solution for log output. In addition, keeping CVP up to date and monitoring Arista’s list of security advisories ( https://www.arista.com/en/support/advisories-notices/security-advisories ) is always recommended.  CVP Default Settings By default CVP should be expected to ship with settings that will work...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: