TAP Aggregation Overview
TAP Aggregation enables N:M packet replication, unlike SPAN/mirror ports, which have limited filtering capability and only a few ports with which to mirror to. Besides that, Arista’s TAP aggregation offering enables users to leverage the extensibility of EOS – click here for a more in depth overview of TAP aggregation or contact your local account team for an in depth overview of DANZ.
Enabling Tap Aggregation
By default, Arista switches operate in normal switching mode. To place the switch into TAP aggregation mode, the following configuration must be added:
tap aggregation mode exclusive
This configuration disables all ports on the switch, unless they are specifically configured for TAP aggregation.
Ports and Groups
To enable a port, the interface has to be configured in one of the following modes:
- tap – if the port is connected to either a physical TAP or a SPAN/mirror session from another switch
- tool – if the port is connected to the device that is capturing the data for analysis or archive
Groups are used to control where traffic is sent. There are two main guidelines for groups:
- a tap port can only belong to a single group
- a tool port can belong to multiple groups
The following example configures two tap ports. Ethernet1 will be for “Development” traffic and Ethernet2 will be for “Production” traffic.
interface Ethernet1 switchport mode tap switchport tap default group Development ! interface Ethernet2 switchport mode tap switchport tap default group Production
Now that TAP ports are configured, the tool ports must be configured to receive the appropriate traffic. Ethernet3 will only contain “Development” traffic, Ethernet4 will only contain “Production” traffic and Ethernet5 will contain all traffic.
interface Ethernet3 switchport mode tool switchport tool group set Development ! interface Ethernet4 switchport mode tool switchport tool group set Production ! interface Ethernet5 switchport mode tool switchport tool group set Development Production
TAP Aggregation Manager
TAP Aggregation Manager (TAM) can be used for both the configuration or to get a visualisation of where the traffic is going and is available in EOS 4.13 and higher. The following steps will configure access to TAM via https:
management api http-commands no shutdown
TAM is accessed through the IP address or hostname of the switch and is available at the following URL: https://hostname/apps/TapAgg
Enabling a Port for PTP in TAP Aggregation Mode
If there is a requirement to configure PTP on the switch, PTP needs to be configured on a front panel port that is connected to the ASIC (instead of the management port). The port must be configured to override the error disable state (this is the state the the port defaults to when the switch is put into TAP Aggregation mode) and enable PTP synchronisation. Here is an example:
! Base PTP config ptp mode boundary ptp source ip 126.96.36.199 ! Force the interface out of error disable mode tap aggregation mode exclusive mode exclusive no-errdisable Ethernet48 ! Enable PTP interface Ethernet48 ptp enable
Note:In order for a Tapagg switch to receive PTP traffic, the upstream device to which it is connected should be set to statically send PTP multicast traffic to the connected port on the switch.
Since IGMP snooping is disabled on Tapagg switches and with no configuration to support sending upstream join messages in such a state, the messages are transmitted statically from the upstream device. Once the upstream messages are received, the port will move to the slave state and follow the standard PTP mechanism.