• Tag : CLI


section command regexes do not behave as-expected

Hi all,   When using “show run section” or “show run | section” or any other command involving the “section” capability, it looks like there may be some unexpected behavior with regexes that contain |.   rtr-edge1.sjc#show run section ? REGEX Regular expression for matching commands   For example if I am looking for configuration for sections route-map|prefix-list show run section route-map|prefix-list I only see configuration sections for route-map.  If change it to prefix-list|route-map, I see at least some of both categories. It looks like there may be some inconsistency in how regexes are parsed when | is involved?  ...
Continue reading →


Support for running multiple CLI commands in one line separated by semicolons. Description Multiple CLI commands can be run sequentially through the “run” command, separated by semicolons. For example: switch#run show version ; show boot #show version Arista DCS-7050CX3M-32S-F Hardware version: 01.03 Serial number: JAS19100008 Hardware MAC address: 985d.8284.7c33 System MAC address: 985d.8284.7c33 ... #show boot Software image: flash:/EOS.swi Console speed: (not set) Aboot password (encrypted): (not set) Memory test iterations: (not set) The commands start at the EXEC mode. For example, configuration commands can be supported by running the “configure” command: switch#run configure ; interface Po1 ; shutdown #configure...
Continue reading →

Timestamp cli commands

Hi all,   Is it possible to timestamp cli commands at the time they are executed. I want to track over time the changes I make at what time and have this logged on the CLI. Example Juniper feature I’m trying to achieve on arista instead. https://www.juniper.net/documentation/en_US/junos/topics/reference/command-summary/set-cli-timestamp.html

Configuration Lock

Description This mechanism allows a session to lock the configuration of the switch to prevent any other session from altering the configuration. The configuration lock is intended to be short-lived and allows a client to make a change without fear of interaction with other clients, eAPI, OpenConfig, CLI scripts, human users, etc. In order to acquire the configuration lock, a privileged user must use configure lock [ REASON ] command. Care must be taken, because if this CLI session cannot acquire the lock then an error will be issued, and the client must handle this error correctly. When the configuration...
Continue reading →

Migrating from legacy DC design to EVPN VXLAN Fabric

Introduction This document is intended to provide a reference of steps and sequence followed for:  (1) migrating a legacy 3-tier L2 network to EVPN based VXLAN environment using Leaf & Spine design (2) migrating an L2 Leaf & Spine network with VXLAN using CVX as the control plane to EVPN based control plane (3) migrating an L2 Leaf & Spine network with VXLAN using static VXLAN as the control plane to EVPN based control plane. Scope The key objective of this report is to migrate a Layer 2 datacenter to EVPN based VXLAN using Leaf & Spine (L3LS) solution for...
Continue reading →

Switch storage device secure erase 

Description A secure erase is generally defined as a command (or set of commands) that deliberately, permanently and irreversibly remove/destroy the data stored on a storage device, rendering that data unrecoverable. This feature securely erases the flash and optional SSD storage device(s) within an Arista switch. Specifically, it will secure erase the storage devices whose partitions mount to /mnt/crash, /mnt/drive, and /mnt/flash (as applicable). Then, it repartitions these storage devices and re-creates the filesystems for each of their partitions. In other words, the partition table of each storage device will be the exact same as before this secure erase procedure...
Continue reading →

clear platform trident counters

Hi Forum we currently troubleshoot input discards. we found the rich command show platform trident counters for our platform.(DCS-7050SX3-48YC8-F) I’ve tried to reset counter to have a blank situation. I’ve used: clear platform trident counters this cause reset of all interfaces in LAG on this switch. January 23rd 2020, 10:22:02.000 MODULE_RESET 6 Informational Switch Linecard0/0 restarting. Cause: Strata-FixedSystem crashed January 23rd 2020, 10:22:02.000 UNEXPECTED_RESTART 3 Error Unexpected restart of Strata agent Strata-FixedSystem occurred after my mistake i’ve checked the documentation about this clear command, but i didn’t found any reference. does someone has knowledge what the clear platform trident counters...
Continue reading →

VLAN-aware bundle Addition/Removal of VLANs from VLAN set

Description In EVPN, when configuring the member VLANs for a VLAN-aware bundle, the existing configuration command only allows the specification of a VLAN range string, which replaces the previously configured VLAN range string.  This enhancement adds new syntax to add or remove additional VLANs from the currently configured VLAN-aware bundle VLAN list. Platform Compatibility Platform independent Configuration The existing configuration CLI for configuring the member VLANs in a VLAN-aware bundle is: vlan <range>   This takes a VLAN range-string and uses it to replace the currently configured VLAN range-string.  The updated CLI syntax is now: vlan [ add | remove...
Continue reading →

extending eos cli with python

Has anyone had success implementing a cli extension with vEOS rev 4.18? I’m following this guide and got some guidance from our sales team on what changes were needing to be made but not getting very far with making this work on the eos central post https://eos.arista.com/extending-eos-cli/#Cli_Registration.   -a

Alias – Simple yet powerful

Alias – Simple yet powerful   About: Alias mySimpleAlias <a maybe complicated command you would never remember>     Alias commands can be composed of multiple lines and embed variables. Below is an example of alias used as configuration template for automating configuration with just few arguments. Sunch template can satisfy complex configurations and be highly reusable. This high-level scripting or command bundling is simple to implement yet powerful.     The below example is a multi-line alias with variables (%<x>)   alias set-baremetal !! Syntax : set-baremetal <INTF> <Po ID> <DESCR> <VLAN> !! Example: set-baremetal e1,2 po1 “To Server...
Continue reading →

Changing the switchport default mode

By default all ports on an Arista switch are configured to be switch ports, as you would expect. If you are mostly dealing with routed ports, this behaviour may not be totally desirable. Starting in EOS-4.18.0, this behaviour is configurable e.g. we can have all interfaces in routed mode by default. switch1...11:10:56(config)#show run int et 1-4interface Ethernet1interface Ethernet2interface Ethernet3interface Ethernet4switch1...11:11:00(config)#show interface Et1-4 switchport | i Name|Switchport:Name: Et1Switchport: EnabledName: Et2Switchport: EnabledName: Et3Switchport: EnabledName: Et4Switchport: Enabled To change the default, simply issue the configuration command switchport default mode routed As you can see, all interfaces are now in routed mode by default:...
Continue reading →

Arista 7280QR-C36 Load Balancing Optimization for Dual Homed Systems and Networks

Arista 7280QR-C36  The Arista DCS-7280QR-C36 switch is a purpose built flexible fixed configuration 1RU system capable of supporting a wide range of interface choices. Its designed for the highest performance environments such as IP Storage, Content Delivery Networks, Data Center Interconnect and IP Peering. The 7280QR-C36 is optimized for environments with dual connected nodes such as storage and for spine applications with dual homed leaf switches. This technical application note describes the internal optimized load-balancing mechanism used within the switch and how network architects can best deploy this system to maximize overall system performance. The internal architecture of the DCS-7280QR-C36...
Continue reading →

Why Bash and Cli responce different ?

Hi all, I have 3 questions. 1. When I use bash command “ifconfig” from Arista SW. It showing “CPU” , why ifconfig show CPU ? When I use ifconfig command on Linux server, it doesn’t show CPU. Why “CPU” showing bash command “ifconfig” ? 2. Why different MAC address show , Cli and bash ? 3. Bash ifconfig show same MAC address for all interface , why ? Thank you,Toshi.

Config Sessions Tips

Description: This article shows how to implement 4-eyes-principle, task separation and delegation in your network. In this particular example, you can delegate configuration preparation to the operators team, retaining the control to commit the submitted changes, and having a delayed roll-back as a safety network in case something went wrong. Please also refer to the article “How to keep last X startup configs” for further tips on config handling and versioning. Since this article has been published, there have been quite a few improvements to the way EOS handles configurations sessions. Please refer to “Config Checkpoint” and “Config Session Commit...
Continue reading →

Find the next free VLAN id

If you have a lot of VLANs to manage, finding unused, available VLAN ids can be a challenge. Here’s a short alias to do exactly that (with the help of our customer Mateusz Blaszczyk): alias next-vlan show vlan | awk -v a=`echo %1 ` '$1 ~ /[0-9]/ && $1==a { ++a }; END { print a }' alias next-vlan-h bash echo -e "\nUsage: next-vlan <STARTING-ID>\n\nWhere <STARTING-ID> is the VLAN id to start looking for unused VLAN ids\n"   Description: The script analyses the output of the “show vlan” command for consequently rising VLAN ids, starting with the given one. It...
Continue reading →

How to keep last X startup configs

If you would like to keep track of last 10 (or more, or less) configuration changes, here’s the event-handler code to do that: event-handler config-versioning    trigger on-startup-config action bash FN=/mnt/flash/startup-config; LFN="`ls -1 $FN.*-* | tail -n 1`"; if [ -z "$LFN" -o -n "`diff -I 'last modified' $FN $LFN`" ]; then cp $FN $FN.`date +%Y%m%d-%H%M%S`; ls -1r $FN.*-* | tail -n +11 | xargs -I % rm %; fi    delay 0 Description: Every time the startup config gets changed, this event handler will be executed (“trigger on-startup-config”). You could increase the delay, if you wish, but now it’s engaged immediately...
Continue reading →

Supported Commands for eAPI?

Hi, Is there a link to a document that shows the supported commands for the eAPI using JSON/ text format? I need to decide how to filter out the commands that aren’t supported in the eAPI.   Thank you very much, Mike

Introduction to Managing EOS Devices – EOS Tips for Power Users

Note: This article is part of the Introduction to Managing EOS Devices series: https://eos.arista.com/introduction-to-managing-eos-devices/      Annex B)  EOS Tips for Power Users B.1) CLI – Show Commands Redirections   EOS CLI supports the following “show” command redirections, by “|” (pipe): LINE      Filter command by common Linux tools such as grep/awk/sed/wc append    Append redirected output to URL begin     Begin with the line that matches exclude   Exclude lines that match include   Include lines that match no-more   Disable pagination for this command nz        Include only non-zero counters ← Hides line with all 0 numbers redirect  Redirect output to URL section   Include sections that match...
Continue reading →

Securing EOS CLI

Objective This Tech Tip is intended to provide Arista EOS users with the configuration guidelines and best practices to enable secure management plane protocols according to IT industry security standards. It is not the objective of this document to set the foundations or rules of a company security policy or a password policy. Note: This document is not intended to set company security or password policy. Ultimate responsible to define and apply an end-to-end IT security policy is the responsibility of the end user and must take into account any regulations directly related with company activities. Arista EOS includes a wide...
Continue reading →

Restricting access to the switch

In this article we demonstrate how you can enable your Arista switch to restrict access to various network services. By default, Arista EOS implements a control-plane ACL to restrict the packets going to the CPU.  This is done for security purposes, but in its default configuration is very permissive.  As such, it is recommended that the sources which can access the switch be restricted using the methods described below. To view the default ACL issue the following command: Arista#sh ip access-lists default-control-plane-acl IP Access List default-control-plane-acl [readonly] statistics per-entry 10 permit icmp any any [match 4, 11 days, 20:46:23 ago]...
Continue reading →


Get every new post on this blog delivered to your Inbox.

Join other followers: