• Tag : CVX


Mss fortigate, cvx, cvp and Arista L3LS

Hi master. My customer has infrastructure Arista 2spine and 4leaf. They want to deploy new firewall Fortigate HA = 2 unit and Cloudvison appliance with MSS features. I’m reading and learn concept mss configuration on cvx and Fortigate, but there is something I’m not understanding about config mss on cvx. Arista Macro Segmentation Service integration with Fortinet Firewalls The link at the top, define command on cvx “type Fortinet fortimanager”My customer asks for me, how about not used /without the fortimanager? It is can used mss features, configuration or not?   Please advise and share your experience and link recommended.     Thanks   Robma bayu    

Openstack multi-region problem with CVX

Hi! I have a problem with intergration multi-region Openstack and CVX. Opestack has two region: Miami and Moscow. Configuration neutron plugin region Moscow controller nodes: [ml2_arista] eapi_username=admin eapi_password=Fhpfvfc16 eapi_host = region_name = Moscow use_fqdn = true Configuration CVX in region Moscow: MSK-CVX(config-cvx-openstack-Moscow)#show running-config section cvx ! device: MSK-CVX (vEOS, EOS- ! cvx no shutdown source-interface Management1 ! service openstack no shutdown authentication role admin name-resolution interval 10 ! region Moscow username arista_cvx_msk tenant service password 0 password keystone auth-url provision sync mandatory   Openstack endpoint list: +——–+————–+————–+———+———–+————————————————–+ | Region | Service Name | Service Type | Enabled |...
Continue reading →

VXLAN Unresolved ARPs to

We have stand for test VXLAN between different DCs (schema in attachment). All Leafs connected to CVX server on each DC. And each CVX connected between themeslaves via BGP EVPN. For test in each leaf was connect server with linux and configured port on access VLAN100. Next step I configure assotiation VLAN100 and VNI25100. MAC Lerning good work and on both leaf I see mac-addreses. Connection for vxlan configured in GRE tunnel and has good L3 connectevless. But traffic has no on VNI 25100. I tried to debug this problem and discovered: show vxlan config-sanity category result detail ———————————- ——–...
Continue reading →

Policy Control Service

Description Policy Control Service (PCS) is the integration of Arista CVX and VMWare NSX-T to enable NSX-T managed networks to enforce security policies on Arista switches for traffic sourced from or destined to bare metal servers that are connected to the switches. PCS service runs on CVX and directly interfaces with NSX-T policy manager. It receives policies from NSX-T policy manager and converts them into ACLs that are applied on the switches to enforce the desired behavior for traffic ingressing and egressing through these switches. Figure 1: PCS Integration with VMWare NSX-T   To help understand the interaction between PCS...
Continue reading →

Migrating from legacy DC design to EVPN VXLAN Fabric

Introduction This document is intended to provide a reference of steps and sequence followed for:  (1) migrating a legacy 3-tier L2 network to EVPN based VXLAN environment using Leaf & Spine design (2) migrating an L2 Leaf & Spine network with VXLAN using CVX as the control plane to EVPN based control plane (3) migrating an L2 Leaf & Spine network with VXLAN using static VXLAN as the control plane to EVPN based control plane. Scope The key objective of this report is to migrate a Layer 2 datacenter to EVPN based VXLAN using Leaf & Spine (L3LS) solution for...
Continue reading →

CVX preserve client state

Description The CVX preserve client state feature allows client state to be preserved on CVX even when the management connection between the client and CVX is disrupted. With the feature is enabled, clients become inactive upon disconnection, and all client state is preserved on CVX. When clients reconnect to CVX, client state learned during the connection outage is immediately processed. For example, with the VXLAN controller service, MAC’s are learned from each client, and the aggregated state is published to the clients to populate their MAC address table. If a client disconnects, the MAC’s for that client are preserved on...
Continue reading →

Layer 2 Data Center Interconnect – Reference Designs

Introduction VxLAN is a popular choice for extending Layer 2 both intra and inter DC using overlays. Arista offers multiple control plane choices for VxLAN: Static HER, CVX and EVPN. In this article, two approaches to designing a L2 DCI over a L3 underlay are discussed. High-level technical details of each design approach is described first, followed by a comparison of the two options along with their typical use cases. Design 1: Multi-domain Overlay In this design, two overlay domains are identified: DC Fabric domain: This is the VxLAN domain within the DC Layer 3 Leaf-Spine Fabric with Leafs acting...
Continue reading →

How to recover flood-list and mac address learning when using OVSDB management

Hi, I am a beginner of Arista switch. I have two questions on that. <Information of the switch>model:Arista DCS-7150S-64-CLversion:EOS-4.15.7M 1) The flood-list and the mac address  learning disappears when the switch restarts. Why? I set the infomation that “HER flood-list and mac address learning” on the Arista switch that using the OVSDB management. Example of setting  is as follows.(The following command executed on CVX.)-bash-4.1# vtep-ctl add-mcast-remote <LS-name> unknown-dst vxlan_over_ipv4 <vtep-ip>-bash-4.1# vtep-ctl add-ucast-remote  <LS-name>  <MAC-address> vxlan_over_ipv4 <vtep-ip> One day, I stopped the Arista switch and started it.Then, the information(HER flood-list and mac address  learning) disappeared from Arista switch…Note: I confirmed it by...
Continue reading →

Can’t load Arista ML2 driver in Openstack?

Hi Guys, I’m trying to integrate Arista ML2 driver with Openstack (installed with packstack). It was giving me error like the below when I restart the neutron-server service. I followed “Arista Openstack Deployment Guide” for enabling the services. List of config can be found in attachment. Any clue what is causing this error & how to resolve it? tail -f /var/log/neutron/server.log 2017-03-11 23:53:03.431 6438 INFO neutron.plugins.ml2.managers [-] Configured mechanism driver names: [‘openvswitch’, ‘arista’]2017-03-11 23:53:03.536 6438 ERROR stevedore.extension [-] Could not load ‘arista’: cannot import name context2017-03-11 23:53:03.537 6438 WARNING stevedore.named [-] Could not load arista ###################### [root@controller-1 neutron]# tail -f...
Continue reading →

Issues Arista Integration with OpenStack (Mitaka)

Hello All, We are trying to integrate Arista Switches with OpenStack using Ml2 Plugins. Details of the setup as below  Setup Details: Base OS: CentOS Linux release 7.3.1611 (Core) OpenStack Version: Mitaka (13.1.2-1.el7) Control +Network Node : Compute 1 : Arista CVX VM :   Attached are the configuration, Physical Setup Details and logs from the network+Controller node. Once the recommended changes are made Neutron service fails.  Can anybody guide here.  Regards, Lalit   

Bug Alerts

Bug-Alerts is a service that runs on Arista CloudVisionTM eXchange (CVX) that provides customers with information on known, resolved bugs that are impacting Arista switches. The feature collects switch properties such as EOS version, hardware platform, configuration and operating conditions of all connected switches. It uses these switch properties and a local database of known bugs to determine the list of impacting bugs for each switch. This information is then displayed via show commands on CVX. The complete Bug-Alerts feature consists of the following components: CVX components AlertBase – This is the database of known and resolved bugs in Arista...
Continue reading →

VXLAN Without Controller for Network Virtualization with Arista physical VTEPs

  1) Introduction This article assumed an understanding of the VXLAN concepts. This article aims at guiding the design and implementation of network virtualization with VXLAN, employing physical VTEPs. This controller-less design provides Layer2 communication across a Layer3 network for any Layer2 Ethernet device. This solution guide resolves network virtualization for network teams that might not have yet a network virtualisation controller, or cloud management platform (CMP), but want to benefit now from all the advantages of VXLAN. Without network controller, the virtual switches will not participate natively in the VXLAN overlay setup, they would be configured the traditional way...
Continue reading →

SDN Starter Kit Quick Start Guide v2015.1

Introduction The Quick Start Guide is intended to provide an introduction to Arista Networks switches, Extensible Operating System (EOS) and recently released CloudVision management. It is intended to help the reader quickly deploy Arista switches and leverage the power of automation by using CloudVision. The setup, installation and configuration from start to finish should not take more than a couple hours.  Audience This guide is intended for the following audience:  • End user getting familiar with CloudVision • End user getting familiar with Arista’s EOS CLI CloudVision – Network Automation Key CloudVision features include point and click interface to simplify bulk tasks,...
Continue reading →

Configure CVX and VXLAN with Ansible

Purpose: This Ansible playbook allows an administrator to easily configure a Cloud Vision Exchange (CVX) environment as well as configure a Virtual Extensible LAN (VXLAN) between two switches in an environment built using Arista switches, whether they be physical or virtual (vEOS). It is ideally suited for test environments and administrators wanting to test CVX and VXLAN. The playbook can be modified for more complex deployments. Running the playbook: From the /etc/ansible directory in the Linux CLI run: ansible-playbook cvx_vxlan_playbook.yaml Prerequisites: An Ansible server (http://docs.ansible.com/ansible/intro_installation.html) arista.eos roles for Ansible v1.0.1 # sudo ansible-galaxy install arista.eos. Rename the following files under...
Continue reading →

Ansible playbook for CVX and VXLAN configuration.

Purpose: This playbook allows an administrator to easily configure Cloud Vision Exchange (CVX)  and Virtual Extensible LAN (VXLAN) between two Arista switches. It is ideally suited for test environments and administrators wanting to test CVX and VXLAN functionality. The playbook can be modified for more advanced deployments. Running the playbook: From the cli under the /etc/ansible directory run: ansible-playbook cvx_vxlan_playbook.yaml Prerequisites: An Ansible server (http://docs.ansible.com/ansible/intro_installation.html) arista.eos roles for Ansible v1.0.1. To install run # sudo ansible-galaxy install arista.eos on the Ansible server. Rename the following files under /etc/ansible/roles/arista.eos/library to not have a .py extension i.e eos_config.py becomes eos_config.  # cp...
Continue reading →


Get every new post on this blog delivered to your Inbox.

Join other followers: