• Tag : EOS-4.15.2F

 
 

Unconnected Ethernet Interfaces

Switches within the Arista 7050X Series utilize a forwarding chip that goes under the name Trident2. Trident2 is a Switch-on-Chip (SoC) single-chip with support for up to 1280Gbps of forwarding capacity (oversubscribed mode) that is provided by either 32x40G or up to 96x10G+8x40G, or up to 960Gbps (linerate mode). Since some Arista 7050X Series switches provide front-panel ports that use a subset of the capacity available on the SoC, the remaining capacity of the SoC is exposed as “UnconnectedEthernet (Ue)” interfaces to rest of the system. The purpose of exposing these internal ports in this manner is to make them available for...
Continue reading →

Recirculation Channel

Some data-plane features on some switch platforms may require packets to be recirculated through the switch chip in order to implement configured features and functionality. VXLAN Routing on Arista 7050X Series (single-chip T2) is one such feature. Recirc-Channel interfaces are a logical grouping of Ethernet and UnconnectedEthernet interfaces for use in recirculating the packet to provide features that require recirculation.  Each Recirc-Channel is tied to one specific feature. In this release, the only feature to be used in conjunction with Recirc-Channel interfaces is VXLAN Routing on Arista 7050X series devices. Platform compatibility DCS-7050X series Configuration The configuration for Recirc-Channel interfaces...
Continue reading →

PFC Watchdog

This feature enables detection of egress queues that are unable to transmit packets for prolonged periods of time due to receiving continuous PFC pause frames. On detection of such a stuck tx-queue this feature will error-disable the respective port with a err-disable reason of “stuck-queue”. Error-disabling a port in such a case may re-route the traffic via different port to the destination if possible. Platform compatibility DCS-7050x Series Configuration This feature can be enabled by the following command Arista(config)# priority-flow-control pause watchdog default timeout < 3-60 seconds >  This will start monitoring all the egress queues which have guaranteed bandwidth enabled and for the priorities...
Continue reading →

Shared tenant networks

OpenStack has a concept of shared tenant networks which let the admin can create a network which can be shared by all the tenants managed by the admin. A shared network is created as a regular tenant network which means that a segment id is associated with it. Whenever any tenant attaches a VM to this shared network, the VLAN required for that shared network is provisioned on the switch interface connected to the compute node hosting the tenant VM. In order to support the shared tenant networks, new internal CLI commands were added so that the ML2 driver can...
Continue reading →

Active-Active Neutron controller support

The active-active neutron controller support in CVX enables the deployment of highly available neutron service with multiple active neutron controllers. For the neutron service to be highly available multiple active instances of the server are deployed so that if any instance fails, the work load is distributed among the remaining instances without any downtime. The details on configuring the HA support in neutron can be found in the OpenStack documentation. The Arista ML2 driver interfaces with CVX and sends the virtual network information to it. CVX looks at this virtual network information and the topology to configure the required VLAN...
Continue reading →

OpenFlow/DirectFlow enhancements

The following are new enhancements in DirectFlow and/or OpenFlow that have been added in EOS-4.15.1F Action TTL decrement in an OpenFlow flow OpenFlow 1.3 Group support on DCS-7010 series Clearing flow counters  Action output next hop for DirectFlow Action TTL Decrement in an OpenFlow flow Support for OFPAT_DEC_NW_TTL has been added for flows. This action is supported on DCS-7050, DCS-7050X and DCS-7010 series of switches. This action can be used in conjunction with OFPAT_OUTPUT, OFPAT_POP_VLAN and OFPAT_SET_FIELD actions. a7050(config)#show openflow flows Flow flow00000000000000000001: priority: 100 cookie: 0 (0x0) match: destination Ethernet address: 00:cc:cc:cc:cc:cc/ff:ff:ff:ff:ff:ff Ethernet type: IPv4 actions: decrement TTL output interfaces:...
Continue reading →

Mirroring to CPU

Arista switches provide several mirroring features. Filtered mirroring to CPU adds a special destination to the mirroring features that allows the mirrored traffic to be sent to the switch supervisor. The traffic can then be monitored and analyzed locally without the need of a remote port analyzer. One use case of this feature is for debugging and troubleshooting purpose. As for other mirroring features: it can be configured to mirror RX traffic, TX traffic or both up to 14 mirroring profiles can be used simultaneously In addition mirroring to CPU uses the control plane protection to limit the rate of...
Continue reading →

Fallback PBR policy during policy change

Fallback PBR policy enables an alternate policy to be active when PBR policy attached to an interface is being modified. Configuring Fallback PBR policy is similar to configuring normal PBR policy except that the keyword fallback is specified when the fallback policy is attached to an interface. An interface can have one fallback PBR policy in addition to the PBR policy attached. If a fallback policy is attached to an interface that has no other PBR policy attached the fallback policy will be active. Platform compatibility DCS-7500E DCS-7280 Configuration To configure fallback PBR policy on an interface create policy of type pbr using...
Continue reading →

LANZ

Introduction LANZ on DCS-7280SE and DCS-7500E adds support for monitoring congestion on front panel ports at a more granular level with Start, Update, and Stop congestion events. These events are available while using Notifying mode. The previous behavior of polling the most congested queue per ASIC is still available in the default Polling mode. LANZ Streaming is now available on DCS-7280SE and DCS-7500E. Platform compatibility DCS-7280SE DCS-7500E Configuration Enabling Notifying mode Arista(config)# queue-monitor length notifying This enables Notifying mode. The default is Polling mode. In a mixed system with both DCS-7500 and DCS-7500E linecards configuring Notifying mode results in Notifying mode on DCS-7500E cards...
Continue reading →

IEEE1588 (PTP) – New Platform Support

Arista switches enable high precision time distribution directly in the data path using IEEE1588 Precision Time Protocol (PTP). This document provides information about new platforms those now support PTP. Platform compatibility The following platforms now support IEEE1588 Boundary and Transparent clock mode of operation. DCS-7050QX-32S DCS-7050SX-128 DCS-7050TX-64 DCS-7050TX-128 DCS-7250QX-64 Please visit EOS Feature Support page for list of platforms those already support PTP. Configuration EOS System Configuration Guide Precision Time Protocol (PTP) section provides necessary configuration details. Status EOS System Configuration Guide Precision Time Protocol (PTP) section provides various show commands useful for verifying the current operational state of PTP....
Continue reading →

Weighted Round Robin Scheduling

EOS supports different scheduling policies which dictate the way packets at different transmit queues leave the egress port. Currently EOS supports Strict Priority (SP) and Weighted Round Robin(WRR). Default scheduling policy is Strict Priority. Weighted Round Robin scheduling allows packets at different transmit queues to be serviced in round-robin manner in accordance to the weights assigned to those transmit queues. Users will be able to configure the set of queues to participate in WRR scheduling and will also be able configure the weights for those queues. At any given point, EOS allows some transmit queues to participate in SP and some to participate in WRR, the condition being the scheduling policy has...
Continue reading →

Fabric QoS on 7250X and 7300X

The 7250X and 7300 series use an optimized internal CLOS design with multiple port ASICs interconnected via Fabric ASICs in an efficient non-blocking two-tier design. Starting EOS 4.15.2F, EOS allows configuring QoS on fabric ASICs on these platforms. Configuring QoS on the fabric ASICs in addition to front panel ports empowers users to have end-to-end control on these platforms. By default, queues are configured as strict priority on 7250X and 7300X series. The following configuration options are now supported on fabric interfaces: Guaranteed Bandwidth: In order to prevent queue starvation on fabric ports EOS supports minimum bandwidth configuration on per queue basis across all fabric...
Continue reading →

IP Source Guard

IP Source Guard (IPSG) is a security feature that can help prevent IP spoofing attacks. It filters inbound IP packets based on their source MAC and IP addresses. IPSG is supported in hardware. When IPSG is enabled on a Layer 2 port, every IP packet received on this port is verified. The packet is permitted if its source MAC and IP addresses match any of the user-configured IP-MAC binding entries on the receiving vlan and port. The packet is dropped immediately if no match is found. Platform compatibility DCS-7010 DCS-7050 DCS-7050X DCS-7250X DCS-7300X Configuration IPSG is only applied to Layer 2 ports. To enable...
Continue reading →

GRE in LAG hash

By default,  inner IP header of a GRE packet is used for LAG hashing. With this feature, LAGs can hash GRE traffic across ports based on the outer IP header. Platform compatibility DCS-7050X DCS-7300X DCS-7250QX Configuration Using outer IP header of GRE packets for LAG hashing can be enabled based on different GRE tunnel types ( IPv4 over IPv4 GRE tunnel, IPv6 over IPv4 GRE tunnel, IPv4 over IPv6 GRE tunnel and IPv6 over IPv6 GRE tunnel).  To enable GRE LAG hashing based on outer IP header for one or more GRE tunnel types, use the following command in global configure mode:...
Continue reading →

Global config command to change implicit “v6 permit icmp all”

Introduction When a user configures IPv6 ACLs, by default, the system automatically  includes two additional rules :- a default drop rule and a permit all ICMP  types rule. This feature provides the user ability to override the default behavior from permitting ALL IPv6 ICMP types to ONLY permitting IPv6 ICMP neighbor discovery types. Caveats The configuration ONLY applies to IPv6 ACL rules configured  after applying the command “hardware access-list ipv6 implicit-permit icmpv6 neighbor-discovery”. All IPv6 ACLs configured and programmed prior  to applying the command will remain unaffected. Platform compatibility DSC-7050S DCS-7050T DCS-7050Q DCS-7010T DCS-7304 DCS-7316 DCS-7250 Configuration The following example...
Continue reading →

IP-in-IP encapsulation

With this feature, IP packets matching a static Nexthop-Group route can be encapsulated within an IP-in-IP tunnel and forwarded. Platform compatibility DCS-7050 DCS-7050X DCS-7250X DCS-7300 DCS-7010T Configuration Configure a static Nexthop-Group route and an IP-in-IP Nexthop-Group. Arista(config)#ip route 124.0.0.1/32 nexthop-group abc Arista(config)#nexthop-group abc type ip-in-ip Arista(config-nexthop-group-abc)#size <1-1024> Arista(config-nexthop-group-abc)#tunnel-source 1.1.1.1 Arista(config-nexthop-group-abc)#entry 0 tunnel-destination 1.1.1.2 Arista(config-nexthop-group-abc)#entry <0-size> tunnel-destination 10.1.1.1 Arista(config-nexthop-group-abc)#ttl <1-64> Status Show Commands show nexthop-group shows all the information about Nexthop-Groups configuration show platform trident l3 software tunnel encap shows the list of tunnels configured in the system Arista(config)#show nexthop-group abc Id          1 Type        ipInIp Size       2 Ttl        ...
Continue reading →

MLAG peer gateway

In an MLAG setup, routing on a switch (MLAG peer) is possible using its own bridge/system MAC, VARP MAC or VRRP MAC. When a peer receives an IP packet with destination MAC set to one of the aforementioned MACs, the packet gets routed if the hardware has enough information to route the packet. The following behavior was observed if the destination MAC is peer’s bridge MAC – the packet is L2 bridged on the peer-link and the routing takes place on the peer. This behavior to use the peer-link to bridge the L3 traffic to the peer is undesirable if heavy routable traffic...
Continue reading →

VXLAN multicast decapsulation

VXLAN multicast decapsulation enables VTEPs that only support HER (Head End Replication) to terminate multicast encapsulated BUM(Broadcast/Unknown/Multicast) packets from remote VTEPs that do not support HER. Platform compatibility DCS-7050X DCS-7250X DCS-7300X Configuration The feature is enabled by using the below CLI under interface Vxlan: Arista(config-if-Vx1)#vxlan multicast-group decap 230.1.1.1 The above command can take more than one multicast group. To disable the feature use the ‘no’ option under interface VXLAN and specify the groups that need to be disabled: Arista(config-if-Vx1)#no vxlan multicast-group decap 230.1.1.1 Status Use the following show command to verify that the multicast group is configured for decapsulation in...
Continue reading →

Leaf Smart System Upgrade (SSU)

Leaf Smart System Upgrade (SSU) provides the ability to upgrade the EOS image with minimal traffic disruption. Platform compatibility DCS-7050X (excluding DCS-7050SX-72, DCS-7050SX-96, DCS-7050TX-72 and DCS-7050TX-96) Configuration BGP Graceful Restart For hitless restart of BGP and MP-BGP, BGP graceful restart must be enabled on the switch using the graceful-restart command in BGP configuration mode. The default restart time value (300 seconds) is appropriate for most configurations. Arista(config)#router bgp 64496 Arista(config-router-bgp)#graceful-restart BGP peers (receiving speakers) must support graceful restart helper. Switches running EOS 4.13.0 and greater have this mode configured by default. Prepare the switch Prior to starting a Leaf Smart System Upgrade (SSU):...
Continue reading →

QOS control of ND and ARP

This feature makes ARP and ND packets use a higher priority output queue when software forwarded on the switch. Doing so avoids possible drops in the switching hardware when competing with data plane packets during traffic congestion. Without this feature it is sometimes possible for Bgp sessions to get drops due to dropped ARP and ND packets. Platform compatibility DCS-7500E DCS-7250X DCS-7300X DCS-7010X DCS-7050X Configuration This feature is configured in by default and cannot be disabled.

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: