Arista Switch Configuration Example

Note

Important: When using L2 networks, make sure to remove “uc-tx-queue 2 no priority” and “uc-tx-queue 3 no priority” settings from the below configuration file.

no aaa XXXX
no username XXXX
!
errdisable recovery cause link-flap
errdisable recovery cause xcvr-unsupported
errdisable recovery cause link-flap interval 600
errdisable recovery cause xcvr-unsupported interval 300
!
load-interval default 15
!
transceiver osfp default-mode 4x10G
!
service routing protocols model ribd
!
queue-monitor length
!
logging buffered 1000
!
logging level AAA emergencies
!
platform trident mmu queue profile PFC_Profile
    ingress threshold 1
    ingress headroom 64000
!
hostname XXXX
ip name-server vrf XXXX XXXX
ip name-server vrf MGMT XXXX
dns domain XXXX
!
snmp-server ipv4 access-list snmp-allow-hosts vrf XXXX
snmp-server location XXXX
snmp-server community XXXX ro
snmp-server community XXXX ro
no snmp-server vrf default
snmp-server vrf XXXX
!
spanning-tree mode mstp
!
logging event flowcontrol received syslog disabled
!
service unsupported-transceiver XXXX
!
clock timezone Israel
!
vrf instance XXXX
!
banner motd
XXXX
EOF
!
management api http-commands
    no shutdown
    !
    vrf MGMT
        no shutdown
!ODD INTERFACES for uplinks to Spines
interface EthernetX/1,3,5,7
    description Uplink XXXX/30
    mtu 9198
    speed 100g-2
    error-correction encoding reed-solomon
    no switchport
    ip address XXXX
    qos trust dscp
    priority-flow-control on
    priority-flow-control priority 0 no-drop
    priority-flow-control priority 1 no-drop
    priority-flow-control priority 2 no-drop
    priority-flow-control priority 3 no-drop
    !
    uc-tx-queue 2
        no priority
    !
    uc-tx-queue 3
        no priority
!EVEN INTERFACES for DOWN LINKS
interface EthernetX/1,3,5,7
    description no-alert XXXX
    shutdown
    mtu 9198
    speed 100g-2
    error-correction encoding reed-solomon
    no switchport
    ip address XXXX
    ip access-group block-group-eng in
    qos trust dscp
    priority-flow-control on
    priority-flow-control priority 0 no-drop
    priority-flow-control priority 1 no-drop
    priority-flow-control priority 2 no-drop
    priority-flow-control priority 3 no-drop
    !
    uc-tx-queue 2
        no priority
    !
    uc-tx-queue 3
        no priority
!
interface Loopback0
    ip address XXXX
!
interface Management1
    vrf XXXX
    ip address XXXX
!
ip access-list block-group-eng
    10000 permit ip any any
!
ip access-list standard snmp-allow-hosts
    10 permit host XXXX
    20 permit host XXXX
    30 permit host XXXX
    40 permit host XXXX
    50 permit host XXXX
    60 permit host XXXX
    70 permit host XXXX
!
ip routing
ip routing vrf XXXX
!
ip prefix-list group_eng seq 10 permit XXXX
ip community-list regexp comm_group_eng permit ^(650.*):100
!
ip route vrf XXXX 0.0.0.0/0 XXXX
!
ntp server vrf XXXX XXXX
ntp server vrf XXXX XXXX
!
radius-server host XXXX timeout 30
radius-server host XXXX timeout 30
radius-server host XXXX timeout 30
!
route-map adv-set-comm permit 10
    match ip address prefix-list group_eng
    set community XXXX:100
!
route-map rcv-from-spine permit 10
    match community comm_group_eng
!
router bgp XXXX
    router-id XXXX
    maximum-paths 128
    neighbor spine_switches peer group
    neighbor spine_switches remote-as XXXX
    neighbor spine_switches route-map rcv-from-spine in
    neighbor spine_switches route-map adv-set-comm out
    neighbor spine_switches send-community
    neighbor spine_switches maximum-routes 12000
    neighbor XXXX peer group spine_switces
    aggregate-address XXXX
    redistribute connected
!
tacacs-server key XXXX
tacacs-server timeout 30
tacacs-server host XXXX  vrf XXXX
tacacs-server host XXXX timeout 30
tacacs-server host XXXX vrf XXXX
tacacs-server host XXXX  timeout 30
tacacs-server host XXXX vrf XXXX
tacacs-server host XXXX  timeout 30
!
aaa group server tacacs+ XXXX
    server XXXX vrf XXXX
    server XXXX vrf XXXX
    server XXXX vrf XXXX
!
aaa authentication login default local group XXXX
aaa authorization serial-console
aaa authorization exec default local group XXXX
aaa authorization commands all default local
aaa accounting exec default start-stop group XXXX
aaa accounting commands all default start-stop group XXXX
!
role sysops
    10 deny mode exec command configure|bash|python-shell|\|
    15 deny mode exec command reload|replace
    20 permit mode exec command .*
!
platform trident mmu queue profile PFC_Profile apply
!
management ssh
    shutdown
    !
    vrf MGMT
        no shutdown
!
end