Arista EOS Central - Tag

Alias – Simple yet powerful

posted on June 4, 2017 by Alexis Dacquay

Alias – Simple yet powerful About: Alias mySimpleAlias <a maybe complicated command you would never remember> Alias commands can be composed of multiple lines and embed variables. Below is an example of alias used as configuration template for automating configuration with just few arguments. Sunch template can satisfy complex configurations and be highly reusable. This high-level scripting or command bundling is simple to implement yet powerful. The below example is a multi-line alias with variables (%<x>) alias set-baremetal !! Syntax : set-baremetal <INTF> <Po ID> <DESCR> <VLAN> !! Example: set-baremetal e1,2 po1 “To Server 42” 200 10 config 20 interface...
Continue reading →

Changing the switchport default mode

posted on April 25, 2017 by Colin MacGiollaEain

By default all ports on an Arista switch are configured to be switch ports, as you would expect. If you are mostly dealing with routed ports, this behaviour may not be totally desirable. Starting in EOS-4.18.0, this behaviour is configurable e.g. we can have all interfaces in routed mode by default. switch1...11:10:56(config)#show run int et 1-4interface Ethernet1interface Ethernet2interface Ethernet3interface Ethernet4switch1...11:11:00(config)#show interface Et1-4 switchport | i Name|Switchport:Name: Et1Switchport: EnabledName: Et2Switchport: EnabledName: Et3Switchport: EnabledName: Et4Switchport: Enabled To change the default, simply issue the configuration command switchport default mode routed As you can see, all interfaces are now in routed mode by default:...
Continue reading →

Arista 7280QR-C36 Load Balancing Optimization for Dual Homed Systems and Networks

posted on December 21, 2016 by Martin

Arista 7280QR-C36 The Arista DCS-7280QR-C36 switch is a purpose built flexible fixed configuration 1RU system capable of supporting a wide range of interface choices. Its designed for the highest performance environments such as IP Storage, Content Delivery Networks, Data Center Interconnect and IP Peering. The 7280QR-C36 is optimized for environments with dual connected nodes such as storage and for spine applications with dual homed leaf switches. This technical application note describes the internal optimized load-balancing mechanism used within the switch and how network architects can best deploy this system to maximize overall system performance. The internal architecture of the DCS-7280QR-C36...
Continue reading →

Why Bash and Cli responce different ?

posted on September 19, 2016 by Toshio Taga

Hi all, I have 3 questions. 1. When I use bash command “ifconfig” from Arista SW. It showing “CPU” , why ifconfig show CPU ? When I use ifconfig command on Linux server, it doesn’t show CPU. Why “CPU” showing bash command “ifconfig” ? 2. Why different MAC address show , Cli and bash ? 3. Bash ifconfig show same MAC address for all interface , why ? Thank you,Toshi.

Config Sessions Tips

posted on March 16, 2016 by Alexei Agueev

Description: You want to implement human error prevention, 4-eyes-principle, task separation and delegation in your network? Then read on. We’ll show you how you can delegate configuration preparation to the operators team, retaining the control to commit the submitted changes, and having a delayed roll-back as a safety network in case something went wrong. Please also refer to the article “How to keep last X startup configs” for further tips on config handling and versioning. User Management: Let’s create two roles: one for the Network Operations team, that is allowed to use “configure session” to prepare changes, but is not...
Continue reading →

Find the next free VLAN id

posted on April 29, 2015 by Alexei Agueev

If you have a lot of VLANs to manage, finding unused, available VLAN ids can be a challenge. Here’s a short alias to do exactly that (with the help of our customer Mateusz Blaszczyk): alias next-vlan show vlan | awk -v a=`echo %1 ` '$1 ~ /[0-9]/ && $1==a { ++a }; END { print a }' alias next-vlan-h bash echo -e "\nUsage: next-vlan <STARTING-ID>\n\nWhere <STARTING-ID> is the VLAN id to start looking for unused VLAN ids\n" Description: The script analyses the output of the “show vlan” command for consequently rising VLAN ids, starting with the given one. It...
Continue reading →

How to keep last X startup configs

posted on April 24, 2015 by Alexei Agueev

If you would like to keep track of last 10 (or more, or less) configuration changes, here’s the event-handler code to do that: event-handler config-versioning trigger on-startup-config action bash FN=/mnt/flash/startup-config; LFN="`ls -1 $FN.*-* | tail -n 1`"; if [ -z "$LFN" -o -n "`diff -I 'last modified' $FN $LFN`" ]; then cp $FN $FN.`date +%Y%m%d-%H%M%S`; ls -1r $FN.*-* | tail -n +11 | xargs -I % rm %; fi delay 0 Description: Every time the startup config gets changed, this event handler will be executed (“trigger on-startup-config”). You could increase the delay, if you wish, but now it’s engaged immediately...
Continue reading →

Supported Commands for eAPI?

posted on November 20, 2014 by Mike Cotrone

Hi, Is there a link to a document that shows the supported commands for the eAPI using JSON/ text format? I need to decide how to filter out the commands that aren’t supported in the eAPI. Thank you very much, Mike

Introduction to Managing EOS Devices – EOS Tips for Power Users

posted on October 24, 2014 by Alexis Dacquay

Note: This article is part of the Introduction to Managing EOS Devices series: https://eos.arista.com/introduction-to-managing-eos-devices/ Annex B) EOS Tips for Power Users B.1) CLI – Show Commands Redirections EOS CLI supports the following “show” command redirections, by “|” (pipe): LINE Filter command by common Linux tools such as grep/awk/sed/wc append Append redirected output to URL begin Begin with the line that matches exclude Exclude lines that match include Include lines that match no-more Disable pagination for this command nz Include only non-zero counters ← Hides line with all 0 numbers redirect Redirect output to URL section Include sections that match...
Continue reading →

Securing EOS CLI

posted on March 25, 2014 by admin

Objective This Tech Tip is intended to provide Arista EOS users with the configuration guidelines and best practices to enable secure management plane protocols according to IT industry security standards. It is not the objective of this document to set the foundations or rules of a company security policy or a password policy. Note: This document is not intended to set company security or password policy. Ultimate responsible to define and apply an end-to-end IT security policy is the responsibility of the end user and must take into account any regulations directly related with company activities. Arista EOS includes a wide...
Continue reading →

Restricting access to the switch

posted on January 24, 2014 by jkelly

In this article we demonstrate how you can enable your Arista switch to restrict access to various network services. By default, Arista EOS implements a control-plane ACL to restrict the packets going to the CPU. This is done for security purposes, but in its default configuration is very permissive. As such, it is recommended that the sources which can access the switch be restricted using the methods described below. To view the default ACL issue the following command: Arista#sh ip access-lists default-control-plane-acl IP Access List default-control-plane-acl [readonly] statistics per-entry 10 permit icmp any any [match 4, 11 days, 20:46:23 ago]...
Continue reading →

How to collect interface statistics from bash

posted on January 23, 2014 by josh

Watch interface counters, update interval 10 second (defined by the -n flag): [user@Arista ~]$watch -n 10 "FastCli -c 'show int e1 count rates'" Note: This command can also be run from the CLI: Arista#watch 10 show int e1 count rates Watch interface counters, update interval 10 second & highlight differences (defined by the -d flag): [user@Arista ~]$ bash watch -d -n 10 "FastCli -c 'sh int e1 count rates'" Note: This command can also be run from the CLI: Arista#watch 10 diff show int e1 count rates Collect the interface names and the corresponding IP addresses (for all interfaces) to a...
Continue reading →

Debugging EOS agents

posted on January 22, 2014 by josh

EOS’s architecture is built around the notion of agents. While the CLI show commands offer some great insights into the operational status of the switch, there is deeper level of detail that can be gathered from the agents by using a EOS debugging feature called agent tracing. Through this feature, which delivers live debug output to the CLI, EOS provides extensive troubleshooting information and enables users to debug complex control plane or protocol layer interactions. To configure agent tracing, first check the list of available agents. For example, in order to see the list of all agent starting with ‘A’, use: Arista#show trace...
Continue reading →

How to store and view previous contents of ‘show tech-support’

posted on January 22, 2014 by josh

Introduction Starting with EOS 4.8.1, Arista introduced a unique feature called CLI Scheduler. Besides helping with troubleshooting and debugging Arista switches, this feature is used in order to automatically save the last 100 outputs of show tech-support (taken every hour). Please see an Arista EOS Manual for further details on the CLI Scheduler. Scheduling a show tech-support command The schedule command facilitates the periodic execution of a specified CLI command. Command parameters can be used in order to configure: the interval between consecutive executions of the command the maximum number of log files to be saved Starting with 4.8.1, by default, the...
Continue reading →

SSH login without password

posted on January 22, 2014 by josh

This article describes how you can configure your switch with a pre-shared SSH key from a host. 1. Create the user account on the switch Arista(config)#username <user> privilege 15 secret <secret password> 2. Generate SSH key files on the SSH client host. If you already have the SSH key files, skip to step 3. <host>$ssh-keygen -t dsa -f testkey Generating public/private dsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in testkey. Your public key has been saved in testkey.pub. The key fingerprint is: 38:dd:3a:68:ea:36:f1:9b:fa:69:ba:43:38:2f:98:f0 fred@HOST1.yourdomain.local The key's randomart image...
Continue reading →

Dynamically update your interface name via port auto-description

posted on January 15, 2014 by Mark Berly

Overview: Port auto-description will dynamically update the port description based on the LLDP information received from the neighbour. As always we are looking for your feedback please let us know if you have ideas on how to improve this script or other ideas… The tool: The script, called ‘portAuto’, will dynamically change the port description based on the neighbour’s LLDP information. This could be used as a stand alone script or part of a larger toolset. How to get the code: Get the code directly from Github https://github.com/arista-eosext/PortAutoDescription4 forks.11 stars.2 open issues.Recent commits: Update README.md, GitHub Add unix socket support, Philip DiLeo...
Continue reading →

Understanding EOS CLI implementation

posted on October 31, 2013 by Shine

This document gives an overview of the some of the APIs used for developing CLI Plugins. Although it tries to be as complete as possible, it only focuses on the most common APIs used by the CLI Plugins and it is not an exhaustive description of all the interfaces. The document is relevant for EOS version 4.12.0, although parts of the document might also apply to older releases. “Hello world!” example TestCli.py # Copyright(c)2013 AristaNetworks,Inc. All rights reserved. # Arista Networks, Inc. Confidential and Proprietary. import BasicCli import CliParser from CliModel import Model # Model only required for eAPI...
Continue reading →

How to restrict a user to only run “show run” if he is logged in via ssh?

posted on October 30, 2013 by Addison Chi

How to restrict a user to only run “show run” if he is logged in via ssh?

Tagged: CLI