• Tag : VRF


as masquerading – need to ibgp peer in a vrf using different as number than main vrf

I know with arista all VRF’s have to have the same AS number. lets say I use as 65000 to ebgp peer with someone. If I set up aanother VRF and want to ibgp peer with someone using as 65005, with the “local as” function where you impersonate an AS number, if I use local-as 65005 and peer with another router using 65005 will it behave as iBGP? Because I have an arista router using 65000 for eBGP with a partner and I need to also iBGP with someone using 65005 in a second VRF. Will this local-as approach work?...
Continue reading →

Inter-VRF Routing on Arista 7050SX-64s

Hi, I’m looking at implementing a seperate VRF for some sensative traffic within our environment. I was wondering – is there a way to route traffic between VRFs running on the same device without going through seperate hardware like a firewall? Many thanks, Tom

VRF import export

Is there a way to perform a VRF import and export target? Similar to: ip vrf wanconnection:1 rd 65000:1 route-target export 65000:2 route-target import 65000:99 ip vrf wanconnection:2 rd 65000:2 route-target export 65000:1 route-target import 65000:99 ip vrf shared:1 rd 65000:99 route-target export 65000:99 route-target import 65000:1 route-target import 65000:2

Test TCP connectivity from respective VRF

I have multiple VRFs defined on my Arista switch and it is participating in routing. How can I test TCP connectivity from Arista switch to a server in specific vrf ? Take for an example, i have 3 VRFs: TRUST, UNTRUST and DMZ. In TRUST vrf, i have VLAN106. On VLAN106, i would like to connect to a web server from my Arista switch but i could not see any option for vrf with the telnet command. I tried this but I got this error: Arista01(s1)#telnet 80 /source-interface Vlan106 Trying… Cannot assign requested address No connection. Escape...
Continue reading →

vrf configuration in vEOS instances

Hi All, I have a vEOS instance as well as a Arista hardware box. I was trying to configure vrf in both. In hardware box it was easy to configure and was able to ping my gateway using ping vrf <newvrf> <IP> command. The same configuration i tried in vEOS but it is not pinging. Is there any special config to enable vrf in vEOS? Both are in same LAN and has common gateway. The gateway is lying in a Cisco device which is out of my access. From vEOS i can do self ping, but none other IPs in...
Continue reading →

VARP not working on a VRF VLAN interface

I am running vEOS (4.14.5F) in a Lab environment and have set up a simple config of two switches connected via a single virtual hypervisor interface as an MLAG peer link. Each switch has 3 VLAN interfaces and I have configured VARP on them which works fine (show ip virtual-router displays all VARP links). When I place the VLAN interfaces into a VRF and add the ip address and ip virtual-router address back to the interface, VARP no longer works (show ip virtual-router displays an empty list). Below is a copy of the simple config for each switch I am...
Continue reading →

Introduction to Managing EOS Devices – Setting up Management

Note: This article is part of the Introduction to Managing EOS Devices series: https://eos.arista.com/introduction-to-managing-eos-devices/      1) Setting Up Management The following management tools are available on Arista EOS for all platforms: VRF-aware management Telnet and SSH Syslog and Console Logging SNMP Versions 1 and 3 NTP DNS Local and remote user control (AAA) TACACS+, RADIUS sFlow XMPP eAPI   Note: in the following configuration examples, the commands in square brackets are optional: [optional]   1.1) VRF Aware Management As of release 4.10.1, EOS supports the ability to constrain management functions to a VRF. This enables the user to separate management based functions...
Continue reading →

VRF-lite support in the 7500e coming?

As per the question, is this on the road map? Interested in hearing how Arista propose to deal with security boundaries in a multi-tennant DC environment using a VXLAN leaf-spine topology. Right now I am thinking I will need to break out the VXLANs into VLANs at the spine VTEP and send them to a L3 gateway where they can be put into the appropriate VRFs. It would be great if this bottleneck and .1q limitation could be avoided and directly switched on the 7500 spine by way of VXLAN to VRF mapping.


Get every new post on this blog delivered to your Inbox.

Join other followers: