• Tag : 4.24.0F

 
 

IS-IS set-attached-bit

Level-1-2 routers set attached-bit in their Level-1 LSPs to indicate their reachability to the rest of the network. A Level-1-2 router is considered attached only if it is able to reach a Level-2 router in a different area. Level-1 routers use this attached-bit information to install a default route to the closest attached Level-1-2 router and use it to route inter-area traffic. A route-map can be configured on a Level-1-2 router to control the setting of attached-bit in Level-1 LSPs with set-attached-bit route-map <name>. Attached-bit will be set only if the route-map is satisfied in addition to the Level-2 reachability...
Continue reading →

Redistribution of leaked routes into IGPs

Description VRF Route leaking can be used when routes from one VRF are required in another VRF (e.g. in case of shared services). If VrfLeak Agent is being used to leak routes, the leaked routes (in destination VRF) can be redistributed into IGPs. This feature adds support for the following: Redistribution of leaked static, connected, Ospf, and IS-IS routes into Ospf Redistribution of leaked static, connected, and Ospf routes into IS-IS Platform compatibility Redistribution of leaked routes is supported on all EOS devices, but only with the routing system in multi-agent mode. Configuration Redistribution of leaked routes into OSPF Redistribution...
Continue reading →

EOS-4.24.1F TOI Index Page

Support for IPv6 multicast (S,G) counters BGP best paths and best ECMP paths counters As-Path Statement Enhancement BGP Non Stop Forwarding Setting metric on static routes and Eos SDK support Redistribution of leaked routes into IGPs CLI Command for Fast Phy Link up Security ACL Filtered Mirroring MPLS static tunnel ECMP Optimizing hardware utilization for unused (S,G) routes Hardware Accelerated sFlow on 7280R3/7500R3/7800R3 MLAG Unicast Convergence LDP Graceful Restart Support for static NAT access-list resource sharing TAP Aggregation – FCS handling Support for metadata in egress mirroring to GRE TAP Aggregation DCS-7280R3 / DCS-7500R3 support BGP neighbor default-originate always LAWFUL...
Continue reading →

Subinterface Queue Shaping

Description Subinterfaces divide a single ethernet or port channel interface into multiple logical L2 or L3 interfaces based on the 802.1q or 802.1ad tags of incoming traffic. Subinterfaces are commonly used in the L2/L3 boundary device, but they can also be used to isolate traffic with 802.1q tags between L3 peers by assigning subinterfaces to different VRFs or different L2 bridging domains. Queue shaping  allows the user to specify the maximum rate of traffic that can be transmitted. Shaping rate can be specified for individual queues on a per-subinterface basis. Platform compatibility DCS-7500R and DCS-7500R2 platforms DSC-7280R and DSC-7280R2 platforms...
Continue reading →

Hardware based firewall

Description The hardware based implementation of the firewall uses a segment security model. In the segment security model, groups of interfaces, subnets, or IP prefixes are classified into segments. This allows for defining policies to govern the flow of traffic between a pair of segments called “from-segment” and “to-segment”. The policies define inter segment communication rules. For example, segment A can communicate with segment B over TCP port 80. By default, no communication is allowed between segments. Explicit rules are required to be configured to allow any communication between segments. However, communication is always allowed within the same segment. The...
Continue reading →

Simultaneous negotiation of IPv6 unicast and 6PE capabilities in BGP

Support for negotiating and receiving IPv6 unicast and IPv6 labeled-unicast (6PE) updates from a BGP peer. Description Some deployments require IPv6 unicast and 6PE capabilities to be negotiated. An example of one such deployment involves learning routes from a route reflector which itself is getting both 6PE and IPv6 unicast routes. The goal of this feature is to add support for configuring both 6PE and IPv6 unicast on a single peer, which were previously mutually exclusive. Platform compatibility This feature would work on all platforms supporting 6PE. Configuration A new command is now available to configure both 6PE and ipv6-unicast:...
Continue reading →

MAP-T Border Relay

Description MAP-T is a double stateless NAT64 translation technology. It allows an internet service provider to share IPv4 addresses among customers by translating their traffic to IPv6 on a customer edge device, and then translating from IPv6 to IPv4 on a Border Relay device. The translation is stateless, being driven by a set of mapping rules that map IPv4 prefixes to IPv6 and vice versa. EOS supports hardware translation of TCP and UDP traffic as a border relay device. Non TCP/UDP traffic, and several other exception cases are not translated in hardware, and require these packets to be sent to...
Continue reading →

RACL on inner IP fields for VXLAN decapsulated packets

Description This feature introduces the support for ACL configuration on VxLAN decapsulated packets. The configured ACL rules will be applied to the inner packet header after Vxlan header decapsulation. The ingress RACLs for VxLAN decap packets can be configured on SVIs or under Vxlan tunnel interface. Platform Compatibility DCS-7280R/R2 DCS-7500R/R2 Configuration No special configuration needed to enable RACLs on SVIs to match inner header fields for VxLAN decapsulated packets. interface Vlan100 ip address 1.0.5.1/24 ip access-group vxlanAclIpv4CoreToEdge in ! interface Vxlan1 vxlan source-interface Loopback0 vxlan udp-port 4789 vxlan vlan 100 vni 20000 vxlan flood vtep 172.16.1.1 172.16.1.2 172.16.1.3 ! ip...
Continue reading →

ASU support on the 7170 series

Description 4.24.0F adds Accelerated Software Upgrade (ASU) support to the 7170 series.  Accelerated Software Upgrade significantly decreases control-plane downtime and packet loss during switch reload or upgrade, by: performing time-intensive tasks (including copying the EOS image) before rebooting the control plane forwarding packets in hardware while the control-plane is offline optimizing the boot process to: quickly enable essential services (e.g., ARP) send protocol keepalives (e.g., for LACP) prevent port flaps minimize packet loss by deferring hardware reprogramming Accelerated Software Upgrade is detailed in the Upgrades and Downgrades chapter of the EOS User Manual. On the 7170 series, this feature is...
Continue reading →

7170 Load Balancer

Description The primary challenge with using a switching ASIC as a load balancer has been how to deal with changes in the network topology without disrupting existing TCP connections. ASICs are very good at hashing multiple flows evenly across multiple devices, however when the number of devices changes; it causes rehashing of flows causing many of them to be sent to a different device. In the case of TCP this is fatal and results in the TCP connection being lost. Resilient ECMP hashing is a feature that prevents network wide rehashing when a network device fails however this technique still...
Continue reading →

The BGP Best-Path Selection Algorithm

Description BGP routing information often contains more than one path to the same destination network. The BGP best-path selection algorithm determines which of these paths should be considered as the best path to that network. The best BGP path (as chosen by the algorithm) is then used as follows: If it is also chosen as the RIB winner (i.e. the winning path from among any other non-BGP paths), it will be installed in the RIB and used to forward traffic to that network. With the multi-agent routing protocol model since EOS-4.23.2, RIB installation can be skipped by using the “bgp...
Continue reading →

EVPN Transit Route VRF Leaking

Description As described in the L3 EVPN VXLAN Configuration Guide, it is common practice to use Layer 3 EVPN to provide multi-tenancy within a datacenter. This is achieved by keeping each tenant’s prefixes in separate VRFs.   In order to allow hosts from different VRFs to communicate with each other, a new mechanism lets the Spine act as a VTEP to which cross-VRF traffic will be directed for leaking.   The Spine will: Import specific learned IP or IPv6 prefixes belonging to one VRF into another Advertise these leaked routes to relevant EVPN neighbors (Leafs) with itself as next-hop. Furthermore,...
Continue reading →

Mirroring to CPU on 7050, 7060, 7260, 7368, 7300 and 720XP series

Description Arista switches provide several mirroring features. Filtered mirroring to CPU adds a special destination to the mirroring features that allows the mirrored traffic to be sent to the switch supervisor. The traffic can then be monitored and analyzed locally without the need of a remote port analyzer. Use case of this feature is for debugging and troubleshooting purposes. Other mirroring features: Most systems can be configured to mirror RX traffic, TX traffic or both Modular systems support a maximum up to 16 sessions Platform Compatibility DCS-7050TX-72 DCS-7050TX-96 DCS-7050SX-72 DCS-7050SX-96 DCS-7050QX-32S DCS-7050QX2-32S DCS-7050QX-32 DCS-7050SX-64 DCS-7250QX-64 DCS-7050SX-72Q DCS-7050SX2-72Q DCS-7050TX-72Q DCS-7050SX-128 DCS-7050SX2-128...
Continue reading →

NAT support in Arista 7170

Description Network address translation (NAT) is a common method used to remap one IP address space into another by modifying the network address information in the header of IP packets while they are in transit across a routing device.   NAT was originally implemented and used as a way to avoid having to modify the address associated with every host every time a network was moved. However, it has also become a popular instrument to reduce the spread of IP addresses and to conserve the global address space while the IPv4 address gets near the exhaustion.   NAT is supported...
Continue reading →

EVPN MPLS Virtual Private Wire Service (VPWS)

Description EVPN MPLS VPWS (RFC 8214) provides the ability to forward customer traffic to / from a given attachment circuit (AC) without any MAC lookup / learning.  The basic advantage of VPWS over an L2 EVPN is the reduced control plane signalling due to not exchanging MAC address information.  In contrast to LDP pseudowires, EVPN MPLS VPWS uses BGP for signalling.  Port based and VLAN based services are supported. VLAN Based Service Port Based Service Platform compatibility DCS-7280R DCS-7280R2 DCS-7500R DCS-7500R2 Configuration VPWS configuration is made up of two main components on each participating router.  The first is the patch...
Continue reading →

Configurable counter period

By default, counters are polled from hardware every 2 seconds. This enhancement allows this period to be configured, allowing for more or less frequent polling of the hardware counters. Decreasing this period will result in counter values being available for consumption more quickly, while increasing it will result in reduced CPU usage. Platform compatibility DCS-7010 DCS-7020R DCS-7050X DCS-7050X2 DCS-7060X4 DCS-7280 DCS-7300 DCS-7368X4 DCS-7500 Notes: Feature support on DCS-7060X4 and DCS-7368X4 available since EOS-4.24.0F. Configuration Configuration can be done using update interval from within the monitor ethernet counters mode. This mode can be entered from configure mode via monitor counters mode....
Continue reading →

L2 protocol forwarding

Description L2 protocol packets – LLDP, LACP and STP are trapped to the CPU by default. This feature allows for disabling the per protocol trap on a given set of interfaces. Configuration The following command creates a forwarding profile switch(config)#l2-protocol switch(config-l2-protocol)#forwarding profile xyz switch(config-l2p-fwd-profile-xyz)#stp forward switch(config-l2p-fwd-profile-xyz)#lldp forward switch(config-l2p-fwd-profile-xyz)#lacp forward switch(config-l2p-fwd-profile-xyz)#exit switch(config-l2-protocol)#exit The following command adds the above created profile on interfaces switch(config)#interface Et3/1/1,Et3/1/2 switch(config-if-Et3/1/1)#interface Et3/1/1,Et3/2/1 switch(config-if-Et3/1/1,3/2/1)#l2-protocol forwarding profile xyz switch(config-if-Et3/1/1,3/2/1)#exit Multiple forwarding profiles can be created but only a single forwarding profile can be applied to an interface. Show Commands The following command displays L2 protocol forwarding profile. switch(config)#show l2-protocol...
Continue reading →

Hardware resource optimization for route programming

Description On network devices, when a route is programmed, a certain portion of hardware resources is allocated and associated with the route. Such resource allocation and association might be sub-optimal or redundant in order to maintain fast convergence when the network is churning. For example, when an “equal-cost multi-path” (ECMP) route is programmed and some of the ECMP links are down, the resources allocated to the route may not be released so that the route can recover quickly (as there is no hardware churning) when those links are up. However, since the hardware resources for routes are limited, maintaining sub-optimal...
Continue reading →

EVPN E-Tree for MPLS

Description E-Tree is an L2 EVPN service (defined in RFC8317) in which each attachment circuit (AC) is assigned a role of Root or Leaf.  Once roles are assigned, forwarding rules are enforced such that: Root ACs can communicate with leaf ACs and other root ACs Leaf ACs can only communicate with root ACs.  Leaf AC to leaf AC traffic is blocked In this implementation, ACs are configured at the VLAN level, and the forwarding rules are enforced using a combination of local configuration of leaf VLANs (for local hosts), and  asymmetric route targets (for remote hosts). Platform compatibility DCS-7280R DCS-7280R2...
Continue reading →

TOI for 4.24.0F?

Hi,   i cannot find the TOI for 4.24.0F? https://www.arista.com/en/support/software-download only has the TOI for the 4.23.xF releases. I’m curiuos what’s new ;)   Thanks, Mike

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: