• DANZ TAP Aggregation Configuration: Quick Start

 
 
Print Friendly, PDF & Email

TAP Aggregation Overview

TAP Aggregation enables N:M packet replication, unlike SPAN/mirror ports, which have limited filtering capability and only a few ports with which to mirror to. Besides that, Arista’s TAP aggregation offering enables users to leverage the extensibility of EOS – click here for a more in depth overview of TAP aggregation or contact your local account team for an in depth overview of DANZ.

Enabling Tap Aggregation

By default, Arista switches operate in normal switching mode. To place the switch into TAP aggregation mode, the following configuration must be added:

tap aggregation
   mode exclusive

This configuration disables all ports on the switch, unless they are specifically configured for TAP aggregation.

Ports and Groups

To enable a port, the interface has to be configured in one of the following modes:

  • tap – if the port is connected to either a physical TAP or a SPAN/mirror session from another switch
  • tool – if the port is connected to the device that is capturing the data for analysis or archive

Groups are used to control where traffic is sent. There are two main guidelines for groups:

  • a tap port can only belong to a single group
  • a tool port can belong to multiple groups

The following example configures two tap ports. Ethernet1 will be for “Development” traffic and Ethernet2 will be for “Production” traffic.

interface Ethernet1
   switchport mode tap
   switchport tap default group Development
!
interface Ethernet2
   switchport mode tap
   switchport tap default group Production

Now that TAP ports are configured, the tool ports must be configured to receive the appropriate traffic. Ethernet3 will only contain “Development” traffic, Ethernet4 will only contain “Production” traffic and Ethernet5 will contain all traffic.

interface Ethernet3
   switchport mode tool
   switchport tool group set Development
!
interface Ethernet4
   switchport mode tool
   switchport tool group set Production
!
interface Ethernet5
   switchport mode tool
   switchport tool group set Development Production

TAP Aggregation Manager

TAP Aggregation Manager (TAM) can be used for both the configuration or to get a visualisation of where the traffic is going and is available in EOS 4.13 and higher. The following steps will configure access to TAM via https:

management api http-commands
   no shutdown

TAM is accessed through the IP address or hostname of the switch and is available at the following URL: https://hostname/apps/TapAgg

tam-home

Enabling a Port for PTP in TAP Aggregation Mode

If there is a requirement to configure PTP on the switch, PTP needs to be configured on a front panel port that is connected to the ASIC (instead of the management port). The port must be configured to override the error disable state (this is the state the the port defaults to when the switch is put into TAP Aggregation mode) and enable PTP synchronisation. Here is an example:

! Base PTP config
ptp mode boundary
ptp source ip 1.2.3.4

! Force the interface out of error disable mode
tap aggregation
   mode exclusive 
   mode exclusive no-errdisable Ethernet48

! Enable PTP
interface Ethernet48
   ptp enable

Note:In order for a Tapagg switch to receive PTP traffic, the upstream device to which it is connected should be set to statically send PTP multicast traffic to the connected port on the switch.
Since IGMP snooping is disabled on Tapagg switches and with no configuration to support sending upstream join messages in such a state, the messages are transmitted statically from the upstream device. Once the upstream messages are received, the port will move to the slave state and follow the standard PTP mechanism.

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: