** SWITCHES LINES ** * **7050X3** - 48 x 25 G SFP28 + 8 x 100 G QSFP * role: leaf / top-of-rack for dense 25 G servers and 100 G uplinks * asic: Broadcom Trident3 * **7060X5** - 32 x 400 G QSFP-DD (break-outs up to 2 x 800 G) * role: 400 / 800 G spine for AI-ML clusters and hyperscale clouds * asic: Broadcom Tomahawk5 * **7060X4** - 32 x 400 G QSFP-DD * role: 400 G super-spine or fan-out to 4 x 100 G * asic: Broadcom Tomahawk4 * **7130** - layer-1 matrix, 4 ns port-to-port, FPGA options * role: ultra-low-latency taps, matrix switches, time stamping * asic: Xilinx UltraScale+ FPGA cross-point * **7150** - ~350 ns L2/L3 forwarding * role: high-frequency trading leaf or edge * asic: Intel (Fulcrum) Alta FM6000 * **7160-48TC6** - 48 x 10GBASE-T + 6 x 100 G QSFP * role: high-density 10 G leaf or campus aggregation * asic: Broadcom Trident3 with AlgoMatch * **7170** - 32 / 64 x 100 G QSFP with P4-programmable pipeline * role: telemetry, service chaining, packet engineering * asic: Intel Barefoot Tofino * **7280R3** - 32 x 100 G QSFP (deep buffer) * role: universal leaf / edge router with internet-scale tables * asic: Broadcom Jericho2 * **7508R3** - modular, up to 288 x 400 G OSFP or QSFP-DD * role: universal spine or data-centre core up to 230 Tbps * asic: Broadcom Jericho2C+ ===== decoding the model code ===== * **number block** – family * 70xx fixed switching * 72xx deep-buffer fixed * 75xx modular chassis * **first letter** * X - high-performance fixed (Trident / Tomahawk) * R - deep-buffer routing (Jericho) * S - scaled tables * **port letters** (after the number) * Q - 40 G QSFP+ * C - 100 G QSFP28 (or 400 G QSFP-DD when paired with D) * D - QSFP-DD 400 G * O - OSFP 400 G * Y - 25 G SFP28 * T - 10GBASE-T copper * **suffixes** * A / F - airflow (A front-to-back, F back-to-front) * M - large memory for huge routing tables * K - inline MACsec / crypto * R3 - third hardware generation ---- __**ARISTA**__\\ To enable scp on the management vrf:\\ $ sudo ip netns exec ns-management bash All the tech support files are periodically saved in /mnt/flash/schedule/tech-support __SYSLOG MESSAGES__\\ See this [[http://www.arista.com/docs/Manuals/EOS-4.12.1-SysMsgGuide.pdf|link]] for a complete list of syslog messages.\\ Terminal console: always on\\ Terminal monitor:\\ term mon term no mon sh terminal ! To see which terminal I am on To change the logging level: \\ For the console: IOU1(config)#logging console ? For the terminal (tty):\\ IOU1(config)#logging monitor Logging to your terminal for debugging purposes. See this [[http://etherealmind.com/ios-terminal-monitor-on-off-logging-to-your-terminal|link]]. __CLI__ bash To see the SFP types - transceivers: show interfaces phy detail ! long reply show transceiver status interface Ethernet14/1 ! specific reply show idprom transceiver Troubleshooting with Arista switches [[https://www.edge-cloud.net/2013/06/network-troubleshooting-via-arista-eos-shell/|link ]] ARISTA SCRIPTING [[https://eos.arista.com/find-the-next-free-vlan-id/|find-the-next-free-vlan-id]]\\ [[https://eos.arista.com/introduction-to-managing-eos-devices-annex-b-eos-tips-for-power-users/|introduction-to-managing-eos-devices-annex-b-eos-tips-for-power-user]] This is to list the IP addresses and have them ordered (-n order numbers , -t . user dot as separator -k i i order first by the i digits) sh ip int brie | awk '{print $2}' | sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4 ---- __ARISTA MLAG__\\ sh mlag sh mlag interfaces show mlag config-sanity \\ * [[https://community.cisco.com/t5/switching/nexus-vpc-to-arista-mlag/td-p/2709929]] * [[https://eos.arista.com/mlag-basic-configuration/]] * [[https://eos.arista.com/forum/error-mlag-config-sanity/]] ---- **FIRST BOOT**\\ localhost login: admin # and no password en zerotouch disable # the device reboots ---- EOS UPGRADE:\\ Arista firmware upgrade (not Aboot boot-loader for the switch (which is really a Linux system)) scp EOS-4.18.2F.swi admin@192.168.160.102://mnt/flash/EOS-4.18.2F.swi Or directly with WinSCP. Use H: as local drive dir flash: verify /md5 flash:EOS-4.25.5.1M.swi conf t boot system flash:EOS-4.25.5.1M.swi ! no need to save after ths reload now ---- ARISTA SHELL (LINUX):\\ [[https://eos.arista.com/traffic-generator-on-arista/#3_Generating_Multicast_traffic]] en bash sudo -i tcpdump iperf.. mz.. __AUTOMATION__\\ __ANSIBLE__\\ [[https://52.28.112.194/doku.php?id=network_stuff:arista:api|Arista_Ansible_in_a_different_section]] ---- Features: * Signal regeneration * Port mirroring * Dynamic patching/link management * Ad-hoc tapping without rewiring * Layer 1+ statistics on every link * Media conversion * Telemetry and more * **Cut-Through Switching (below expanded)** Cut-through switching allows forwarding frames as soon as the destination MAC is read (6 bytes), without waiting for the full packet. This enables extremely low-latency forwarding, ideal for HFT environments where every nanosecond counts. \\ Switching Modes * **Cut-through**: Starts forwarding after 6 bytes (DMAC). Fastest, no CRC check. * **Fragment-free**: Waits for 64 bytes to reduce early collisions. Legacy, rarely used. * **Store-and-forward**: Waits for full frame and verifies CRC. Safer, slower. \\ Trade-offs * No CRC/FCS verification – errors propagate to the end host. * Risk of retransmission if frames are corrupted. * Not always viable with VOQ & crossbar fabrics due to internal queuing or HOL blocking. Virtual Output Queuing prevents head-of-line blocking by organizing separate queues for each destination at every input port. Crossbar fabrics create a matrix architecture where multiple inputs connect simultaneously to multiple outputs. Together, they enable high-throughput, low-latency switching critical for modern data center networks. \\ In HFT Environments * Critical for market data and order latency minimization. * Typically used in clean, controlled networks with reliable links. * Acceptable trade-off: CRC skipping vs. latency gains. \\ Hardware Notes * Arista 7128X, Cisco Nexus 3500, Exablaze support true cut-through. * Some switches offer hybrid modes or revert to store-and-forward under congestion. * Internal architecture (e.g. VOQ + single-stage fabrics) can limit practical use. \\ Summary: Cut-through switching reduces latency by forwarding packets before they are fully received. It skips CRC checks but is widely used in HFT due to its performance gains in controlled, lossless environments. ---- TCPDUMP\\ [[https://aristanetworks.force.com/AristaCommunity/s/article/using-tcpdump-for-troubleshooting|External Link]] Arista(config)#bash tcpdump -nevvvi any '((port 22) and (host 172.22.26.209))' More examples [[https://softbackbone.duckdns.org/doku.php?id=network_stuff:tcpdump&s[]=tcpdumpm|here]] ---- __CLOUDVISION (automation)__\\ Streamed telemetry.\\ * Internally Arista is Push/Subscribe model (not polling, polling is bad!). Sysdb. * State streaming. Events to systemd ---- ARISTA VRRP (ALTERNATIVE) \\ [[https://www.arista.com/en/um-eos/eos-varp]] aka Anycast gateway. \\ Same MAC in both routers. First one picking up the packet will route it anyway. ---- BGP COMMUNITIES ! R1 route-map COMMUNITY permit 10 set community 100:999 # erases previous comms. use 'add' router bgp 100 network 94.70.40.0 mask 255.255.255.0 route-map COMMUNITY neighbor 80.50.0.2 send-community # comms. are transitive but we need this ! R2 ip community-list 10 permit 100:999 # when 'receiving' a community we need to 'define it' beforehand route-map R1_IN permit 10 match community 10 set local-preference 150 # we can also delete parts of the comm. with set community-list delete router bgp 200 neighbor 80.50.0.1 route-map R1_IN in ! sh bgp neighbors 10.1.0.14 received-routes detail ---- __ARISTA REST-API PYEAPI__ \\ * [[https://saidvandeklundert.net/2019-08-06-arista-eapi-using-pyeapi/]] * [[https://pyeapi.readthedocs.io/en/latest/quickstart.html#connect-to-a-node]] Using https gives SSLv3 erros with python3.10+. This is to enable higher ciphers and add the certificates: [[https://www.arista.com/en/um-eos/eos-control-plane-security#xx1017549|Link]] \\ The quick and dirty solution is to use port :80 ! In the arista side: management api http-commands protocol http username restapi privilege 15 secret restapi ! In the 'python' side: import pyeapi import pprint eapi_param = pyeapi.client.connect( transport='http', host='192.168.121.101', username='restapi', password='restapi', port=80, ) eapi = pyeapi.client.Node(eapi_param) version_info = eapi.run_commands(['show version',]) pprint.pprint(version_info) ---- === LAYER 1 SWITCHING === [[https://chatgpt.com/s/dr_68270c44fb0c81919fd19c5ff7fbc074|External Link]] ---- === configuration replace === scp new.cfg admin@SW1:/mnt/flash/new.cfg ! scp the new config to the switch ! ssh to the switch dir flash: ! check new.cfg is there copy running-config flash:prechange.cfg ! make a checkpoint (golden backup of current running) wr reload in 10 ! failsafe configure replace flash:new.cfg ! do the config replace ! ! wait until 9 mins to be sure not locked out due to routing reconverging down thee line! reload cancel ! if all looks good, cancel the reload ! configure replace flash:prechange.cfg ! only if you need to roll back, restore the checkpoint