• Tag : 4.26.1F

 
 

Inband Telemetry

Description For network monitoring and troubleshooting flow related issues, it is desirable to know the path, latency, queue and congestion information for flows at different times. The inband telemetry feature(INT) is used to gather per flow telemetry information like path, per hop latency and congestion. For enabling inband telemetry, inband telemetry domain should be created using switches which support inband telemetry. Interfaces on the edge of the domain should be configured as edge ports and interfaces inside the domain as core ports. On edge ports, sampling of packets is done at ingress and INT flows are terminated at egress. INT...
Continue reading →

Voice VLAN

Description This article is intended to discuss how to configure the Voice VLAN (phone VLAN) on an Arista switch. In the Campus environment, there are many devices which can connect wirelessly or wired. Switches need to be able to classify these devices and forward the traffic appropriately. For IP phones, this is of utmost importance as voice traffic and  signaling need to be treated with priority over generic data traffic to ensure quality of service and minimum to no loss. This article focuses on how to configure the switch CLI based on different scenarios found on a campus in order...
Continue reading →

BGP Remove-Private-As Ingress

Description Remove Private AS Ingress is a feature used for removing and replacing private AS numbers from inbound AS paths, so that private ASes from the outside will not be circulating inside the network. It can protect the network from misconfigurations or misbehaving networks. For example, when the outside networks fail to configure “remove-private-as” (egress), it can serve as a double safety check to make sure that no outside private ASes are intruding the network. Platform Compatibility Remove-private-as in ingress is a platform independent feature. And it is only supported in multi-agent mode. Configuration The configuration command: router bgp <AS>...
Continue reading →

EVPN MAC duplication denylist

Description This feature is available when configuring Layer2 EVPN or EVPN IRB. As described in RFC7432 section 15 [1], “MAC Mobility” or “MAC move” occurs when a Customer Edge (CE) moves from one Ethernet segment to another, resulting in two EVPN MAC/IP (Type 2) routes being advertised — one route with the previous Ethernet segment ID (ESI) and the other with the new Ethernet segment ID. MAC mobility also happens when a CE moves from a single-homed provider edge (PE) to a different PE. Consider a situation in an EVPN network where there are two hosts in the same VLAN,...
Continue reading →

7170 load balancer TCP probe support

Description The 7170 load balancer is a layer 4 load-balancer providing high packet processing throughput. Health monitoring probes the servers in the nexthop-groups to determine their administrative and operational states. This feature introduces the capability of using a TCP probe for the health check. The TCP probe results can be merged with an HTTP or HTTPS probe result to establish a server operational state. TCP probes work like the following: A TCP connection request with a destination port value as the one that is configured is sent to the server. If the connection succeeds the probe state is server operationally...
Continue reading →

OSPFv3 Area Filter

Description In an OSPFv3 Area Border Router (ABR), area filters may be used to prevent specific prefixes from being announced by an area as Inter-area Summary LSAs. The set of prefixes to be filtered can be configured one at a time or using a prefix-list. The feature can be used to prevent an area from receiving Inter-Area Summary LSAs from a specified subnet in both the IPv4 and the IPv6 address families. This is available with both the multi-agent and the ribd routing protocol model. Platform compatibility This feature is supported on all platforms Configuration The area filter command is...
Continue reading →

Forwarding destination predictor support for additional tunneling protocols

Description Forwarding destination prediction enables visibility into how a packet is forwarded through the switch and allows the user to determine which interface a given packet will egress. This feature has been extended to include additional tunnel packet types, namely IP-in-IP, GRE, NVGRE, and IPSEC tunneling protocols. Platform Compatibility DCS-7020 DCS-7280/R/R2 series DCS-7500/R/R2 series DCS-7280R3/R3K series DCS-7500R3/R3K series DCS-7800R3/R3K series Feature History Release Update 4.26.1F Initial introduction 4.27.0F Support for DCS-7280R3/R3K, DCS-7500R3/R3K, DCS-7800R3/R3K TCAM profile configuration To support this feature, a custom TCAM profile needs to be configured that includes tunnel packet types not currently included in the system profiles....
Continue reading →

Dynamic hash field selection for ECMP and LAG

Description This feature allows configuration of hash seed and hash fields used for LAG and ECMP hash computation.  This offers a greater flexibility to the user to avoid polarization issues by selecting appropriate fields and hash seed to compute the ECMP and LAG hashes. Platform compatibility DCS-7170 with profiles where this feature is supported Feature History Release Update EOS-4.26.1F Initial introduction Configuration This feature requires configuring the load-balance profile and which of those configured profiles is to be used.  This configuration impacts both LAG and ECMP hashes. Configuring load-balance policy Multiple custom profiles with unique hash-configurations can be created and...
Continue reading →

IPv6 ND Proxy Routed Port and Subinterface Support

Description This feature enables IPv6 neighbor discovery (ND) proxies for IPv6 subnets on routed ports and L3 subinterfaces. When enabling IPv6 ND proxy, all IPv6 ND Neighbor Solicitation (NS) packets will be trapped to the control plane instead of being forwarded. In response, IPv6 ND Neighbor Advertisement (NA) packets with the corresponding interface router MACs will be sent back. Platform compatibility DCS-7800R3 DCS-7500R3 DCS-7280R3 Feature History Release Update 4.26.1F Initial introduction Configuration CLI command to configure IPv6 neighbor discovery proxies: switch(config-if-Et1)# ipv6 nd proxy prefix [A:B:C:D:E:F:G:H/I | connected] The ipv6 nd proxy prefix command have two options as follows. It...
Continue reading →

PVLAN and VxLAN with EVPN

Description A private VLAN partitions the Layer 2 broadcast domain of a VLAN into subdomains. It allows isolating the ports on the switch from each other. A subdomain consists of a primary VLAN and one or more secondary VLANs (Private vlans). All secondary VLAN share the same primary VLAN. The secondary VLAN ID differentiates one subdomain from another. The secondary VLANs may either be isolated VLANs or community VLANs. VxLAN with EVPN is used to extend the PVLAN domain to remote locations. Types of VLANs We use below terminologies to describe the type of VLANs in PVLAN domain. Primary VLAN:...
Continue reading →

Multi-Domain EVPN VXLAN

Description This feature provides the ability to interconnect EVPN VXLAN domains. Domains may or may not be within the same data center network, and the decision to stretch/interconnect a subnet between domains is configurable. The following diagram shows a multi-domain deployment using symmetric IRB. Note that two domains are shown for simplicity, but this solution supports any number of domains. Within domain #1 and domain #2, VTEPs exchange EVPN reachability as normal. Between domains, gateway nodes advertise intra-domain EVPN routes with the gateway inserting itself as the nexthop. From the perspective of a gateway node, there is the local EVPN...
Continue reading →

EVPN Centralized Anycast Gateway

Description In the Centralized Anycast Gateway configuration, the Spines are configured with EVPN-IRB and are used as the IP Default Gateway(DWG), whereas the Top of rack switches perform L2 EVPN Routing. EVPN-IRB  supports both Virtual eXtensible Local Area Network (VXLAN) Bridging and IP Routing on the top of rack (TOR) switch.  In a typical EVPN IRB deployment, the IP Default Gateway(DGW) for a host (or VM) is the IP address configured on the IRB interface (check out the EVPN IRB TOI for more detail). Platform compatibility DCS-7050X* DCS-7050X2 DCS-7050X3 DCS-7300/DCS-7320 DCS-7300X3 DCS-7260X* (DCS-7260X, DCS-7260X2, DCS-7260X3) DCS-7280R, DCS-7280R2, DCS-7280R3 DCS-7500R, DCS-7500R2,...
Continue reading →

Per Port Scheduler Compensation

Description The per port scheduler compensation feature is used to make adjustments to the packet size seen by the scheduler for scheduling-shaping. This feature is useful when shaping is applied on an interface where the traffic is getting encapsulated or decapsulated. When a packet is decapsulated, the egress packet size is less than the ingress packet size ( due to termination of headers ) but the scheduler uses ingress packet size for the calculation of scheduling-shaping resulting in a lower observed shape rate. Using this feature the scheduler can be informed of the decapsulation happening on the packet. ( Similarly...
Continue reading →

Per Port Tc-To-Cos

Description This feature enables per port TC-To-COS mapping, where TC represents Traffic-Class and COS represents Vlan tag PCP bits. While at present there is a global TC-To-COS mapping, we can use the TC-To-COS feature to create custom profiles which can be applied to the required interfaces. When a TC-To-COS profile is applied to an interface then all the packets egressing through this interface will follow the below principles: COS remarking will happen based on the TC, Dp (Drop precedence) of the packet. The exact value of the COS will depend on the mapping present in the TC-To-COS profile applied to...
Continue reading →

IS-IS redistribute route count limiting

Description Route redistribution is a process that allows a network to use a routing protocol to dynamically route traffic based on information learned from a different routing protocol. Route redistribution helps increase accessibility within networks. Redistributing the large number of routes into IGP potentially causes many problems. To alleviate the problem we can add a limit on the maximum number of routes, cumulative from all protocols, to be redistributed in ISIS. By default, the feature is disabled. User should explicitly configure the route limit using the CLI to limit the number of routes which are redistributed into the ISIS instance...
Continue reading →

Cos To Traffic-Class Map on SubInterfaces

Description This feature allows the user to have a custom COS-To-TC map per subinterfaces. By default, subinterfaces follow the parent’s trust settings. With this feature , the classification behaviour will follow the named Cos to TC map and hence, we can have a different qos behaviour among parents and subinterfaces for traffic classification. This feature allows the user to classify packets on a subInterface, based on COS bits ( VLAN priority bits ) of the outer VLAN tag. The exact mapping can be specified using a custom COS-To-TC map. Feature Specification The feature is supported on L2 , L3 ,...
Continue reading →

Routing Telemetry (IP Routes)

Description This feature provides the ability to classify and display misbehaving routes into the following :- 1) Routes which are dropping traffic. 2) Routes which are unprogrammed. 3) Routes which are in an inconsistent state. Drop Routes Definition of drop route Any route which is going to be blackholing/dropping traffic. The route in hardware is pointing to a DropFec, so all traffic hitting this route will get blackholed. Unprogrammed Routes Definition of unprogrammed route The route R1 is in FIB and we tried (updateRoute call to PD failed) to program R1 into the HW, and couldn’t. At this point report...
Continue reading →

Mixed speed port channel

Description Starting with the 4.26.1F release, EOS supports active mixed speed members in a port-channel, allowing different speed ports to aggregate. Mixed speed port-channels can be enabled using a CLI configuration command. By default the feature is disabled. The mixed speed port-channel feature introduces the concept of ”weight” associated with a port-channel member. The weight of a member port is directly proportional to the other members’ speeds and it determines the ratio of packets sent over that member port if it becomes active. For same speed port-channels, all members have a weight of 1. The ”weight” value has been added...
Continue reading →

Port-channel Minimum Speed Review and Retry Mechanism

Description Starting from 4.26.10F release, for LACP and static port-channels, EOS will support minimum speed configuration, along with review timer and retry timer. Minimum speed is the total speed of all the interfaces configured in the port-channel which is needed to bring the port-channel link up. If both min-links and minimum speed are configured for a port-channel, minimum speed takes precedence over min-links. Min-links feature is only applicable on the port-channel with all member interfaces having the same speed. Minimum speed feature is applicable for both: port-channel with all member interfaces having same speed; port-channel with member interfaces having different/mixed...
Continue reading →

VLAN-based Port Security

Definitions Port-wide port security: Port security with address limit on the port configured by the existing shutdown mode port security command VLAN-wide port security: Port security with address limit on VLANs configured by the new VLAN-based port security command Port-level limit: Maximum address number configured on the port for port-wide port security VLAN-level limit: Maximum address number configured on VLANs for VLAN-wide port security Description This feature adds the support for configuring port security on a per-VLAN basis for each port. It is an extension of the existing shutdown mode port security. In the existing shutdown mode port-wide port security,...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: