• Tag : DANZ


Truncation on Tap and Tool Ports

Introduction EOS supports truncation on ingress and egress. In this article we will focus on how it can be applied in tap aggregation exclusive mode, on the Arista 7150 line of switches. Please refer to the supported features matrix for other hardware platforms. Truncation is the ability to remove unwanted or unneeded bytes from the packet at a configurable or fixed starting byte position, it may also be referred to as ‘Packet Slicing’. This is useful in situations where the data of interest is contained within the headers or early in the packet payload. It can be used to remove...
Continue reading →

LLDP on Tap ports

Introduction As of EOS 4.14.0F for Arista 7150 line of switches and EOS 4.20.1F for Arista 7500/7280 lines of switches, users of the tap aggregation features can benefit from visibility gained from LLDP on tap ports. Neighbor information will now be processed by the CPU and made available via the EOS CLI. Allows the tap aggregation administrator to view neighbor information for verification and troubleshooting. This article details the use of LLDP neighbor information on tap ports in tap aggregation exclusive mode. Show LLDP commands work in Tap Aggregation Exlcusive mode as they do in normal switching mode, no configuration...
Continue reading →

Introduction to TAP aggregation

Introduction Traditional approaches to network monitoring rely on the ongoing collection of generic, high level statistics such as interface utilization from a selection of network devices to detect trends or anomalies in service availability. Such metrics are naturally limited in the level of granularity they can provide and often only provide a hint of real underlying network conditions without providing any visibility into per-application activity or performance. Traditionally, reactive and localized packet capture would be employed to determine the cause of the performance degradation.  However the manual nature of needing to configure packet capture and mirroring and then physically attach...
Continue reading →

TAP Aggregation – Traffic Steering

Introduction This article details the ability of the Tap Aggregator to redirect, or steer, traffic away from the aggregation group that the Tap port belongs to.  This capability allows for a more granular focus and control on individual, or multiple, traffic flows ingressing the Tap Aggregator. The traffic steering capability uses MQC (QoS style) policy and class maps combined with standard access-lists to perform this function.  The feature also allows for the configuration of an identity VLAN different from the identity VLAN associated with the Tap port.  This article details the configuration steps necessary to achieve this functionality. The following...
Continue reading →

Leveraging Deep Inspection and Traffic Steering for monitoring SIP environments

Introduction With the expansion of SIP (Session Initiation Protocol) and RTP (Real-time Transport Protocol) for IP based telephony applications, enterprises and carriers alike have a requirement to track and capture calls or parts of calls for the purposes of performance analysis and forensic/legal monitoring requirements. This post documents a powerful use for Deep Inspection and Traffic Steering features to deliver a highly scaleable yet cost effective solution for stateful load-sharing of monitored VoIP services, avoiding the need for proprietary hardware (such as FPGA based accelerator modules). As the volumes of calls grow, it is clear that traffic will need to...
Continue reading →

Tap Aggregation – Filtering with Port ACLs

  1) Introduction   This article details the filtering of traffic across the Tap Aggregator by using port ACL. The filters allow granular selection of Layer2, Layer3, and Layer4 traffic on a per-port basis. The following other features might also be of interest, but are out of scope of this article: VLAN membership filters Traffic Steering   2) Filtering Overview   The well known MAC and IP Access-List filtering is used to filter traffic in Tap Aggregation mode, just like it does in switching mode. The Layer2/3/4 ACLs can be applied on Tap ports, ingress on Tool ports, egress  ...
Continue reading →

Tap Aggregation – VLAN List Filtering

  1) Introduction   A list of allowed VLANs simply specifies, under an interface in Tap Aggregation mode, which VLAN traffic is allowed. Removing VLANs from the allowed list means those VLANs would be blocked. It allows filtering traffic in a flexible manner, directly from the interface command, without creating ACLs or steering policies. This article details how to configure the VLAN list, and combine them to achieve multi-stage VLAN filtering.   2) Allowed VLAN List Definition   An allowed VLAN list is simply a definition of VLAN IDs. By default, all VLANs are allowed. The below commands illustrate the...
Continue reading →

Timestamping Deep Dive – Frequent Questions and Tips on Integration

  Introduction Accurate packet timestamps are essential for network event correlation and performance analysis. The Arista 7150S provides hardware timestamping with nanosecond granularity and ≤10ns precision. Timestamping is applied in hardware on all packets, at line rate in parallel. The timestamping format and implementation is detail is this article: https://eos.arista.com/timestamping-on-the-7150-series/ The present article explains in more details the internals of timestamping on the 7150S, and provides an overview of expected behaviours, as well as tips for integrating with your tooling environment.   1) How does Timestamping work ?   Timestamping on the Arista 7150S is a function of the MAC...
Continue reading →

DANZ TAP Aggregation Configuration: Quick Start

TAP Aggregation Overview TAP Aggregation enables N:M packet replication, unlike SPAN/mirror ports, which have limited filtering capability and only a few ports with which to mirror to. Besides that, Arista’s TAP aggregation offering enables users to leverage the extensibility of EOS – click here for a more in depth overview of TAP aggregation or contact your local account team for an in depth overview of DANZ. Enabling Tap Aggregation By default, Arista switches operate in normal switching mode. To place the switch into TAP aggregation mode, the following configuration must be added: tap aggregation   mode exclusive This configuration disables all ports...
Continue reading →

Introduction to Port Mirroring

Introduction Arista EOS enables many flexible capabilities for both control plane and data plane monitoring. Port Mirroring is one of the data plane monitoring facilities. Port Mirroring is used to send a copy of packets seen on one port to a network monitoring connection on another switch port. Port Mirroring is commonly used with network probes or other monitoring devices, for example intrusion detection devices, latency analyzers or packet capture and protocol analysis tools. These dedicated devices can be used for the identification of security breaches, capacity and performance related matters or for analyzing the network traffic. They are usually...
Continue reading →


Get every new post on this blog delivered to your Inbox.

Join other followers: