Technical Specialist Accreditation

DATACENTER

Confidential. Copyright © Arista 2020. All rights reserved.

 Course Objectives

• Learning Goals
• Target Audience
- Channel and Partner Systems Engineers
• Duration
- Approximately 3 hours
• Next Steps

2 Confidential. Copyright © Arista 2020. All rights reserved.

 Agenda

• Review & Refresher – Key Arista Differentiators

• Arista Extensible Operating System (EOS)
• Hardware Product Portfolio & Positioning
• Arista Universal Architectures for Data Center, Campus & Cloud
• Building in Network Automation with Arista CloudVision
• Obtaining new levels of visibility with Arista Telemetry
• Conclusion

3 Confidential. Copyright © Arista 2020. All rights reserved.

 Arista Partner Training Curriculum

Sales Sales Technical Data Center

Foundation Specialist Foundation Specialist

Cognitive
Campus
Specialist
Arista
Tap
Certification
Aggregation Program
Specialist
Service
Sales Provider
Specialist
Pre-Sales Engineers

Advanced & Professional Services Engineers

4 Confidential. Copyright © Arista 2020. All rights reserved.

Arista Unified Cloud Networking

Confidential. Copyright © Arista 2020. All rights reserved.

Next Generation Design

• The next generation data center requires an agile and scalable network
infrastructure which supports the ability to rapidly deploy, expand or contract
the IT infrastructure needed to run business applications.

• Next generation enterprise data centers are highly virtualized and built to
provide workload mobility and multi-tenancy. The virtualized environment
will benefit from a robust IP fabric where workloads can be placed anywhere
in the context of the data center.

• Next generation data centers are highly automatized and provide real-
time telemetry data of network health.

Confidential. Copyright © Arista 2020. All rights reserved.

The Cloud Divide Began : 2008 to 2015

Arista 1st Generation Arista 2nd Generation

(2008 to 2011) (2012 to 2015)

Cloud Orchestrators Network Services Overlay Controllers

2nd Gen enriching EOS and 1st Gen State consolidation

1st Gen Arista’s EOS open enhancing programmability OPEN API to SDN controllers
extensible OS

1st Gen Leaf & Spine using 2nd Gen workload mobility 2nd Gen automation for
merchant Silicon 3x ports & 3x speed cloud scale economics

Confidential. Copyright © Arista 2020. All rights reserved.

Arista is bringing the Third Generation Cloud
Arista 3rd Generation Arista’s ‘UCN PINs in the Cloud’
(2016 and beyond)
P
P 2 P
1 3

Spine Interconnect DCI

MSS, DANZ 7500E

7280*

3rd Gen NetDB - network wide state, CloudVision– Network Rollback, Visibility,
higher scaling, real time analytics Bug Scrub, Snapshot, Health Status L2 MLAG L3 ECMP VxLAN

Resilient L&S Security MSS

Data Data
Center Center LANZ Visibility End to End

Deep Buffers End to End

WAN 7500E

7280SE

Data
3rd Gen Universal Spine Cloudvision Hybrid Cloud
1G Attached

Center
10G Attached 10G Attached
Servers Servers Servers Storage

Scalable Routing IP Storage Nodes

Architecture Automation

8 Confidential. Copyright © Arista 2020. All rights reserved.

 Universal Cloud Network – Best-of-Breed Partnerships
Why deploy best-of-breed in DC?
 Choice of using best technology
partner
 Multi-vendor strategy to reduce
capex costs
 No single vendor is the leader in
every category

9 Confidential. Copyright © Arista 2020. All rights reserved.

The Arista Approach
• Automation and programmability  YOUR WAY!
• Unparalleled visibility with comprehensive state streaming
• Open APIs for easy integration with 3rd party or in house tools

• Truly open and standards based architectures, including:

- Data Centre
- Campus
- Cloud
- Interconnection & peering

• An Extensible Operating System (EOS) based on an unmodified Linux kernel

• NetDB - Robust, high performance database for state information (no IPC!)
• Restartable agents with no resident state for ultimate stability
• Hardware Abstraction - One binary for all systems

• Use the best merchant silicon available

• Platforms designed and built for…
- maximum scalability, highest performance, Ultra-low-latency, Wire-speed services etc.

Confidential. Copyright © Arista 2020. All rights reserved.

 Arista’s EOS Extensible Operating System Philosophy
Arista Universal Spine

Single binary image for all Same EOS across State driven, pprogrammable + Highly scalable
platforms hardware generations open API & SDK extensibility

4.14.7
Interface Counters

LANZ Data

4.15.7
Fan Speed sFlow Data
Temperature Sensor
Power Draw
Configurations
Routing Tables
MAC Tables
ACL Counters
VXLAN Mappings
Table Utilization
Buffer Utilization
System logs
CPU Load

Rapid convergence and Self-healing, quality, security, Hitless live migration Physical-virtual-container +
recovery upgrade & automation full state telemetry
11 Confidential. Copyright © Arista 2020. All rights reserved.
 Arista Product Overview - 2020

12 Confidential. Copyright © Arista 2020. All rights reserved.

Key Capabilities
EOS of Arista’s EOS
Key Capabilities

Confidential. Copyright © Arista 2020. All rights reserved.

Next Generation Data Center Network
Arista UCN Architecture Overview

Confidential. Copyright © Arista 2020. All rights reserved.

 Legacy Design

• High oversubscription
• Sub-optimal for E-W traffic
• Limited workload mobility
• Management via CLI (box by box)

Confidential. Copyright © Arista 2020. All rights reserved.

 Why Universal Cloud Network?

Industry consensus: Leaf-Spine for modern DC fabrics

• Simple, Stable, Scalable
• Consistent performance for all racks
- Latency/Throughput
- Shrink/Grow, maintaining consistency

• Open and Agnostic

- Any hardware, any routing protocol
- Standards based, Interoperable

• Easier to automate
- 2-Tier, cookie cutter, repeatable elements

• Proven, in the largest deployments

16 Confidential. Copyright © Arista 2020. All rights reserved.

 Arista UCN – L2LS
L2LS MLAG Spine Design
- Ease of Workload Mobility
- Segmentation via VLANs
- Simple design to provision and
manage
Layer 2 Leaf + Spine - All Active links
(Open Standards Protocols) - Leverage Standards based
protocols
WAN - Consistent Leaf designs (ToR)
Deep
MLAG Buffers - Spine to interconnect leafs
Consistent Leaf Design
- Deployed and Managed by
CloudVision
Compute Leaf Compute Leaf Storage Leaf Border Leaf
(Dual-Homed) (Single-Homed) (Deep Buffers) (LAN/WAN) - Scale limited by MAC, VLAN
and Spine density

Confidential. Copyright © Arista 2020. All rights reserved.

 Arista UCN – L3LS L3LS ECMP Spine Design
- Spine redundancy
- Grow/scale from 2 to 128
way
- Minimal fault domains
- Deterministic failover and
Layer 3 Leaf + Spine simpler troubleshooting
(Open Standards Protocols) - Limits the MAC table
sizes of the Spine for
improved scaling
Consistent Leaf Design WAN
- Consistent Leaf Designs
MLAG Deep
Buffers
- (ToR) Leafs as FHR
- Stability by reducing
scope of Layer 2 domain
Compute Leaf Compute Leaf Storage Leaf Border Leaf - Deployed and Managed
(Dual-Homed) (Single-Homed) (Deep Buffers) (LAN/WAN) by CloudVision
Confidential. Copyright © Arista 2020. All rights reserved.
 Arista UCN – L3LS-Virtualized
L3LS-V Use Case
Virtualization Controller
• Network Based Overlay
• Physical Virtual Tunnel
Active/Active
End Points (VTEP’s)
VTEPs + MLAG
• Overlay network with
underlay integration
VNI-2003 - PCI VXLAN Bridging • EVPN/CVX Integration
and Routing
VNI-2305 - HIPAA
• Enable Macro-
VTEP VTEP VTEP VTEP VTEP VTEP VTEP WAN
VTEP Segmentation Services
MLAG Deep
Buffers
MLAG with VXLAN
Firewalls

SLB
• CloudVision Orchestration,
WAAS Management, and
Compute Leaf Compute Leaf Storage Leaf Services Leaf Border Leaf Learning
(Dual-Homed) (Single-Homed) (Deep Buffers) (Deep Buffers) (LAN/WAN)

19 Confidential. Copyright © Arista 2020. All rights reserved.

 Universal Spine – Pod Interconnect

POD 1 POD 2
POD 3

Dual-Homed Leaf Dual-Homed Leaf Storage Leaf Storage Leaf Hadoop Hadoop Haddop Hadoop Internet/DMZ Internet/DMZ WAN Data Center Interconnect
Deep Deep
Buffers Buffers VTEP(s)
VARP-FHRP

MLAG MLAG
MLAG MLAG MLAG MLAG MLAG MLAG MLAG MLAG Web Servers Web Servers External
Network Metro A
External
Private Metro A Public
App Delivery App Delivery MPLS - A MPLS-B Network
NAS NAS
Controllers Controllers Cloud Cloud
Firewalls Firewalls Traditional Hybrid
WAN Cloud
IP Storage IP Storage MLAG MLAG

External External
Network Network

• Any Network Design (L2LS/L3LS/L3LS-V)

• Specialty Network Interconnect (Hadoop/HPC/etc)
• Multiple Data Room Interconnect
• All with the same rich services (MSS/Virtualization/Tracers/DANZ/LANZ)
• CloudVision Orchestration, Management, and Learning

20 Confidential. Copyright © Arista 2020. All rights reserved.

 Legacy Network Universal Cloud Network
Multiple Images Single Binary Image

Manual Process/Change Control Automated Provisioning/Changes

3 Tier Design 2‐Tier 100G Leaf/Spine

Proprietary Fabric Standards Based IP Fabric

PSIRT = Downtime Patching and Upgrades with no Downtime

Fibre Channel and FCoE 25/50G IP Connected Storage

Opaque Monitoring Integrated Telemetry

Confidential. Copyright © Arista 2020. All rights reserved.

Extending UCN Beyond the DC
Arista Any Cloud for Hybrid Cloud Networking

Confidential. Copyright © Arista 2020. All rights reserved.

 Enterprise Multi-Cloud Strategy

Network Considerations:

• Network architecture for growth

• Expertise in cloud platforms
• Networking policies across clouds
• Automation across clouds
• Visibility across clouds
• Compliance across clouds
• Etc…

However, IT remains challenged with multi-cloud integration

23 Confidential. Copyright © Arista 2020. All rights reserved.
 Playing out the Multi-Cloud Reality
‘Shadow IT’ Origins Arista Universal Cloud Network approach

Public Cloud 1 Public Cloud 2 Public Cloud 3 Public Cloud 1 Public Cloud 2 Public Cloud 3

Network instances
Uniform networking
grow ad-hoc and
across clouds
operate in isolation
Enterprise DC Private Cloud

• Limited compliance impacts security • Enterprise IT compliance reduces risk

• Inconsistent operational models • Common operations saves OpEx
• Disparate management and visibility • Improved service delivery
• No network architecture considerations • Proven network architecture scales over time

24 Confidential. Copyright © Arista 2020. All rights reserved.

 Introducing Arista Any Cloud Platform

Arista EOS CloudVision

Universal Cloud Network Architecture

Private Public Cloud Enterprise Any

Clouds Clouds Exchanges Datacenters Place-In-the-Cloud

Any Cloud, Any Workload, Any Location

25 Confidential. Copyright © Arista 2020. All rights reserved.

 Arista Any Cloud Platform
Private Cloud Cloud Exchange Public Cloud
Any Cloud API

vEOS Router in AWS

Automation

Analytics

vEOS Router in Azure East

Agile Work-X DC Aggregation with
Arista Universal Cloud Network

Available
Architecture
Arista Router at
vEOS Router in Azure
Equinix West

Hybrid cloud, expanding seamlessly beyond the datacenter...

26 Confidential. Copyright © Arista 2020. All rights reserved.
 Cloud-Grade Routing

Arista vEOS Router:

• Proven Routing
• Secure Tunneling
• High Availability
• Traffic Engineering
• APIs and Programmability

Hypervisors Public Clouds • Multi-hypervisor and cloud-native

packages

Single EOS image across all use-cases

27 Confidential. Copyright © Arista 2020. All rights reserved.
 CloudVision for the Hybrid Cloud

• Zero Touch Provisioning:

Enterprise
DC1 Quickly spin up routing services
Azure
West
• Automated Change Management:
Amazon
East Streamlined NetOps across clouds
Amazon
West
• State Streaming: Real-time
telemetry across any EOS use-case
Azure
Enterprise
DC2
East • Analytics Engine: for historic event
correlation and anomaly detection
Equinix
Private Cloud • Visualization Apps: common
Cloud Exchange
dashboard for advanced telemetry
Any Site

28 Confidential. Copyright © Arista 2020. All rights reserved.

Optimizing UCN Performance in the DC
Arista Deep Buffer Solutions

Confidential. Copyright © Arista 2020. All rights reserved.

 When Buffers Matter in Modern Networks

Modern Storage Connectivity

Incast (Many to Fewer) 10-100x higher performance than traditional disk storage

Speed Change (Faster to Slower) Modern Server

Connectivity
Increased VM Density increases
load on physical connectivity

Confidential. Copyright © Arista 2020. All rights reserved.

 VoQ and Cell Fabric for Best in Class Architecture
• Ingress traffic pushed to egress • Ingress traffic stored in VoQ
• Egress buffer defines max burst size • Egress port pulls the stored traffic
• Egress buffer might overflow (drops) • Egress buffer never fills up
• Effective buffer size is equal to the sum of the
• Effective buffer size is equal to the egress ingress device VoQs
buffer size of the egress chip
• Incast traffic distributed between all ingress
• Entire incast traffic reaches a single OCB devices

Switch Switch FE FE

Fabric Fabric Fabric Fabric

Ethernet Fabric (Push) Cell Fabric (Pull)

Switch Switch Switch Linecard Linecard Linecard
VOQ VOQ VOQ
Linecard Linecard Linecard

31 Confidential. Copyright © Arista 2020. All rights reserved.

 VoQ and Cell Fabric for Best in Class Architecture

• Incast Prevention – Credit based virtual queues

• Easy migration to next speed eg. 100G to 400G
- Eliminating speed mismatch with cell based fabric
• Large HBM2 and on On-Chip packet buffer for burst absorption
VOQ
FE

VOQ
PP

VOQ Cell Based

Fabric

32 Confidential. Copyright © Arista 2020. All rights reserved.

Fabric Architectures & Efficiency Summary

Fabric 1 Fabric 2
F F F F F F
a a a a a a
b b b b b b
r r r r r r
i i i i i i
c c c c c c

1 2 3 4 5 6

Packet Packet Packet Packet

Processor Processor Processor Processor
1 2 3 4
SA DA Payload
SA DA Payload
1/1 1/2 64/1 64/2

Clos network: 80% Flow Based Systems: 80-90% Cell-based System: 100%

2-tier networks Arista 7300X and Nexus 9500 Arista 7500E and 7500R

Confidential. Copyright © Arista 2020. All rights reserved.

Overview of Leaf Spine Technology
Choices

Confidential.
Copyright © Arista
Copyright
2019.© All
Arista
rights
2020.
reserved.
All rights reserved.
Two-Tier Leaf-Spine Design

Spine

Point-to-Point
Point-to-Point
Layer(Layer
2 or 3)
Layer 3

Leaf Nodes
Confidential. Copyright © Arista 2016. All rights reserved.
Layer 2 Leaf Spine Technologies

Confidential. Copyright © Arista 2020. All rights reserved.

Multi Chassis Link Aggregation (MLAG)
• Arista Multi-Chassis LAG (MLAG) MLAG Domain
Creates a Single Logical
Active-Active
Traffic
- Enhancement to standard LAG Switch
Forwarding
- Splits the LAG group across nodes
- Providing link, module and node
redundancy
- No layer 2 loop thus an Active-active
topology.
- Sub-second failover based on the MLAG – LAG
physical link failure formed across 2
physical switches
• Fully compliant with the IEEE 802.1AX Link and 2 or more
Aggregation Standard ports
Standards
- Dynamic or static LACP
based LAG
- Transparent to attached client device using IEEE
- Support for third-party vendors and 802.1AX
Servers

MLAG technology transparent to

the client device

Copyright © Arista 2019. All rights reserved.

MLAG Terminology
• MLAG Domain-ID

MLAG peers
- A pair of physical Arista switches
- Members identified by common text string
• MLAG peer
MLAG Domain-ID
- A single switch within an MLAG domain
MLAG Peer Link • MLAG Peer Link
- Non-proprietary Ethernet physical link between
MLAG peers
- Used to synchronize state between MLAG peers
• MLAG member port
MLAG - Physical ports that are part of an MLAG
MLAG peer
• MLAG
MLAG member VLAN - This is the combined port-channel between MLAG
port peers and the downstream/upstream devices
LA • MLAG VLAN
G
- A logical VLAN used on MLAG peer-links ports
- Supports communication between MLAG peers.

Copyright © Arista 2019. All rights reserved.

MLAG Peer Link
• The Primary and Secondary communicate and synchronize across
the peer link

• Co-ordination traffic, across TCP and UDP sessions port 4432

≫ Used to transport keep alive messages and primary/secondary election (TCP)
≫ Used to tunnel, control traffic and learned MAC addresses notification

• Normal data traffic passed over the peer link

≫ In a configuration were a singular attached host exists
≫ The local MLAG member port has failed, partial active MLAG
≫ To ensure VLAN communication by default carries all member port VLANs

Copyright © Arista 2019. All rights reserved.

Peer‐Link Traffic and Guidelines
• MLAG peer-link carries the following traffic:
- BPDUs (IEEE / PVST)
- LLDP
- IGMPv1/v2/v3
- MLAG Heartbeats
- PIM

• MLAG peer-link requirements:

- Must be 10Gbps interfaces or higher speed
- Must be point-to-point links

• MLAG peer-link recommendations (STRONG):

- Minimum of 2 x 10Gbps links for redundancy
- Chassis: Have the links on a separate blade
- Switches in MLAG should be the same Arista model
- Switches in MLAG pair should run the same EOS version

Copyright © Arista 2019. All rights reserved.

Arista virtual-ARP (vARP)
• Provides active-active, load sharing, First Hop Router Redundancy (unlike
VRRP)
• Enables multiple switches to simultaneously route packets from a common IP
address
• Each switch is configured with the same virtual IP (VIP) on a given VLAN
interface
• All VIPs interfaces share a common virtual MAC address
• VARP is “stateless” – no polling or hellos been VIPs required (unlike VRRP)
• VARP does not require traffic to traverse the peer-link (unlike VRRP)
• VARP functions by having each switch respond to ARP and GARP requests for
the configured VIP address with the virtual MAC address
• The virtual MAC address is only used for the destination address on inbound
packets
• The virtual MAC is never used as source address for sent packets
• Packets sent to the virtual MAC address are routed to the next hop destination

Copyright © Arista 2019. All rights reserved.

 Layer 3 Leaf Spine Technologies

Copyright © Arista 2019. All rights reserved. 42

42 Copyright © Arista 2018. All rights reserved.
Key Benefits of Layer 3 Topology

Spine

Point-to-Point
(Layer 3)
OSPF/BGP

Leaf Nodes
Confidential. Copyright © Arista 2016. All rights reserved.
Key Benefits of Layer 3 Topology - ECMP

• Spine redundancy and capacity

• Ability to grow/scale as capacity is needed
- from 2 to 128 spines supported
- odd topologies supported grow-as-you-go…2,3,4,5…
• Collapsing of fault/broadcast domains (due to Layer 3 topologies)
• Deterministic failover and simpler troubleshooting
• Readily available operational expertise as well as a variety of traffic
engineering capabilities

Confidential. Copyright © Arista 2016. All rights reserved.

Limitations of Layer 3 Design

• L3 designs restrict VLAN and MAC address mobility

• Limit the scope of VM mobility to a single switch or pair of switches
• In some circumstances a large/flat network with one large subnet is easier to
provision
Spine

Point-to-Point
(Layer 3)
X
VLAN
VLAN VLAN Leaf Nodes 10
10 10

Confidential. Copyright © Arista 2016. All rights reserved.

Solution to L3 Limitations - VxLAN

Spine

VxLAN
Point-to-Point
(Layer 3)

VLAN VLAN
10 Leaf Nodes 10

Confidential. Copyright © Arista 2016. All rights reserved.

Underlay Design Options

Confidential.
Copyright © Arista
Copyright
2019.© All
Arista
rights
2020.
reserved.
All rights reserved.
Choosing an underlay routing protocol
• The overlay and underlay in EVPN with VXLAN are IP based
- There is no need for fancy protocols like LDP or RSVP
- Therefore there is no reason to run an IGP to support these protocols

• When a leaf spine architecture is used in the underlay

- The best way to distribute routes in the underlay and overlay is with BGP

• BGP
- Supports multiple address families
- Scalable
- Predictable
- Controllable (via policies)

• IGP protocols like OSPF can be used as well

- The right choice is what works best for your environment

Confidential. Copyright © Arista 2020. All rights reserved.

Building the underlay

• Assign IP addresses to the physical interfaces

- Do not use loopbacks to build the underlay
- If an interface goes down we want the BGP peer to go down
• Establish an eBGP session between the Leaf and spine switches using the
physical interfaces
- In this example each leaf will have two BGP peers

Spine 1 Spine 2
AS 65001

eBGP
NVE 1 NVE 2 NVE 3 NVE 4
AS 65002
Confidential. Copyright © Arista 2020. All rights reserved.
 Building the overlay
• Define a loopback interface on each switch
- For the overlay we want to use loopback interfaces
- We do not want to lose the overlay if an interface goes down
• Build a new BGP session between the loopback interfaces
• At this point you have a choice to make
- eBGP or iBGP

AS 65001 1.1.1.1 1.1.1.2

Spine 1 Spine 2

NVE 1 NVE 2 NVE 3 NVE 4

AS 65002 1.1.1.11 1.1.1.12 1.1.1.13 1.1.1.14

50 Confidential. Copyright © Arista 2020. All rights reserved.

 iBGP
• In the iBGP solution, the spine switches are set up as “route reflectors”
• A new AS number is assigned to the overlay network
- The leaf and spine switches are all in the same AS
• Advantage: You do not need a full mesh of BGP peers

Route Reflector Route Reflector

AS 65003 1.1.1.1 1.1.1.2

Spine 1 Spine 2

NVE 1 NVE 2 NVE 3 NVE 4

AS 65003 1.1.1.11 1.1.1.12 1.1.1.13 1.1.1.14

51 Confidential. Copyright © Arista 2020. All rights reserved.

 eBGP
• In the eBGP solution, the spine switches can be set up in two ways
- As a transit router
- As a “route servers”
• A route server re-advertise the EVPN prefix to the other leaf switches
- The route server does not change the next-hop and retains any advertised communities
- The route server adds route reflector services to eBGP
• Advantage: eBGP allows you to filter routes and control the cost of received routes
Route Server Route Server

AS 65001 1.1.1.1 1.1.1.2

Spine 1 Spine 2

NVE 1 NVE 2 NVE 3 NVE 4

AS 65002 1.1.1.11 1.1.1.12 1.1.1.13 1.1.1.14

52 Confidential. Copyright © Arista 2020. All rights reserved.

VXLAN Overview

Confidential.
Copyright © Arista
Copyright
2019.© All
Arista
rights
2020.
reserved.
All rights reserved.
VxLAN Overview

Frame VxLAN Frame VxLAN

VTEP VxLAN VTEP

Frame Frame

L3 - IP Segments

Confidential. Copyright © Arista 2016. All rights reserved.

 Site B Site C VXLAN terms
VNI 100 VNI 200 1. VTEP (Virtual Tunnel Endpoint) – Add and remove VXLAN
headers to Ethernet frames
VTEP 2 VTEP 3

VTI 12.1.0.1 VTI 13.1.0.1 2. VTI (Virtual Tunnel Interface) – The IP interface of the VTEP.
For example a loopback interface that is mapped to a VTEP

3. VNI (Virtual Network Identifier) – A 24 bit field in the VXLAN

4 header used to identify a VXLAN segment. Basically this is
the VXLAN equivalent of a VLAN ID.
- The VNI can uniquely identify up to 16 million domains
2 - VNIs map to VLANs
VTI 11.1.0.1 - VNIs can be though of as virtual ports that can be added to a VLAN
to connect the VTEP to the VLAN
VTEP 1 1

VNI 100 3 VNI 200

4. VXLAN Tunnel
- A L2 tunnel between two VTEPs
VLAN 100 VLAN 200

55 Site A Confidential. Copyright © Arista 2020. All rights reserved.

Notable VXLAN characteristics E0/3 E0/3

VTEP3 10.3.0.1

• VTEPs are not bound to physical E0/3 E0/3

ports VTEP2 10.2.0.1 VTEP4 10.4.0.1
- VTEPS are more like Loopback interfaces
E0/3 E0/3

• VTEPs are multitenant

- One VTEP can support an entire switch
- Tenants are segmented by VNIs E0/3 E0/3

• VXLAN tunnels are multipoint

- Typical IP tunneling protocols are point- VTEP1 10.1.0.1
to-point
VNI 100 VNI 200
• VXLAN tunnels are stateless VLAN 100 VLAN 200
- There is no keep alive mechanism SVI 1.1.1.1 SVI 2.2.2.1

E0/1 E0/2
• VXLAN requires MAC learning
- This will be discussed in detail
Confidential. Copyright © Arista 2020. All rights reserved.
VTEPs and Broadcasts
Host 2 Host 3

• VTEPs are multipoint, but they are non- VTEP2 VTEP3

broadcast interfaces
- VTEPs behave like NBMA serial interfaces
- P-T-P, P-T-MP, MP-T-MP etc.
Broadcast Broadcast
Packet Packet
• Like serial interfaces VTEP interfaces replicate DIP: VTEP2 DIP: VTEP3

broadcast frames and unicast them to the

remote VTEPs VTEP1

Broadcast Packet
DIP:192.168.1.255

Host 1
Confidential. Copyright © Arista 2020. All rights reserved.
BUM Traffic Forwarding Methods
Head-End Replication (HER) Multicast
• Each VTEP maintains a list of all • VNIs mapped to Multicast Group
VTEPs that must receive BUM - On 1:1 or N:1 basis
traffic • VTEPs are both Senders and
• This list is maintained on a per-VNI Receivers
basis - Join all necessary (*,G) feeds to service
local VNIs
• N unicast copies of BUM frame
- Send to all appropriate (S,G) feeds for
egress the source VTEP Bum traffic originated on local VNIs
- N = Total VTEPs that must receive the
BUM frame • Single instance of VXLAN encap’d
BUM frame egresses source VTEP

Confidential. Copyright © Arista 2020. All rights reserved.

MAC Learning options
• Orchestration based (NSX, OpenStack) • Controller based with HER (CloudVision)
- The orchestrator does MAC learning - HER eliminates the need for multicast
- The orchestrator does ARP resolution
- MAC learning is done by the switch
- The orchestrator creates / discovers VTEPs
- The switch updates the controller when it learns a
- The orchestrator pushes the MAC addresses
MAC addresses
and MAC + IP bindings (ARP) to the VTEPs.
- The controller automatically builds the
≫ Builds the remote MAC to destination VTEP
• Flood and learn (Multicast)
≫ Builds the flood list table
- MAC learning is performed by flooding and
learning
- Flooding is done using a multicast group • Controller less protocol distribution (EVPN)
- This solution is cumbersome (and obsolete)
- Remote MAC addresses are distributed by a
protocol (BGP).
- Remote VTEPs are dynamically learned via BGP
≫ Flood lists are updated when VTEPs are discovered
Confidential. Copyright © Arista 2020. All rights reserved.
 EVPN Control-Plane for VXLAN

60 Confidential. Copyright © Arista 2020. All rights reserved.

What is EVPN?

• Ethernet VPN
• RFC 7432 (https://tools.ietf.org/html/rfc7432)
• Address-Family within BGP
- Address-Family Identifier: 25
- Subsequent Address-Family Identifier: 70
• Control-Plane that enables L2VPN and L3VPN services
- Other features such as Active/Active multihoming are provided, but not covered in ATD
• Supports multiple Data-Plane encapsulations
- MPLS and VXLAN
• We will focus on VXLAN

Confidential. Copyright © Arista 2020. All rights reserved.

 When to use VXLAN and EVPN

62 Confidential. Copyright © Arista 2020. All rights reserved.

 Scaling limits of MLAG
• MLAG can scale to extremely large L2 domains
- A typical ToR switch supports 48x10G ports
- A small 30 port spine switch can aggregate 30 ToR switches
- One MLAG domain can support 1,440 10G server ports

• Larger spine switches scale even higher

- A 60 port spine can support 2,880 10G server ports
- An 8 slot chassis with 288 ports can support 13,824 10G server ports

• As the MLAG domain grows so do the

- MAC tables
- ARP tables
- Number of broadcast frames crossing the network

63 Confidential. Copyright © Arista 2020. All rights reserved.

 Scaling in MLAG VS EVPN
• When you stretch a VLAN you stretch • In EVPN the spine tunnels L2 segments
- The MAC table - L2 domains are stretched from ToR to ToR
- The ARP table • Host MAC learning stops at the ToR
- The broadcast domains
- The spine only learns the tunnel endpoints
• In MLAG the spine is part of the L2 domain
• The spine is no longer a limiting factor
- VLANs are stretched by the spine
- Scale is now limited by the ToR
- VLANs can be pruned from the ToR, not the spine
- The spine learns every host MAC address • This is what allows IP fabrics to scale
- The spine is the limiting factor of the MLAG domain

MAC learning
Spine 1 MLAG Spine 2 ARP Spine 1 Spine 2
Broadcast

L2 Domain

Leaf 1 Leaf 2 Leaf 3 Leaf 4 Leaf 5 Leaf 6 Leaf 1 Leaf 2 Leaf 3 Leaf 4 Leaf 5 Leaf 6

64 Confidential. Copyright © Arista 2020. All rights reserved.

 When to move from MLAG to VXLAN and EVPN
1. You need more physical ports than an MLAG domain can support
2. You need an additional layer of segmentation in the network
- VLAN + VPN instead of VLAN only
≫ You have overlapping VLANs or you exceeded 4096 VLANs
3. You want to automate expanding L2 segments across the datacenter
- VPNs stretch VLANs on demand during provisioning…..and when deleting a VPN
- Adding a VLAN to an MLAG trunk is a manual process
≫ This can lead to VLANs being defined where they are no longer needed, consuming CAM resources

1. You want IP routing at the ToR AND a L2 domain that spans racks (IRB)
2. You need an IP fabric and an L2 fabric
3. You need L2 stretch across data centers connected by a L3 core
4. You want redundant L2 POD to L2 POD connectivity without worrying about loops

65 Confidential. Copyright © Arista 2020. All rights reserved.

 Introduction to VXLAN and EVPN

66 Confidential. Copyright © Arista 2020. All rights reserved.

 What is VXLAN and EVPN?
VXLAN
• VXLAN is a L2 tunneling protocol that runs over an IP network
- Sometimes referred to as MAC in IP encapsulation
• VXLAN is used to stretch L2 domains over L3 networks

EVPN
• EVPN defines VPN services using VXLAN as the tunneling protocol
• EVPN adds the following features to basic VXLAN tunneling
- L2 VPN services
- L3 VPN services

Comparison to MPLS
• EVPN with VXLAN is similar to MPLS L3 VPNs and VPLS
• VXLAN = MPLS label
• EVPN = L3 VPNs and VPLS

67 Confidential. Copyright © Arista 2020. All rights reserved.

Why would we use EVPN with VXLAN?

VXLAN Provides: EVPN Provides:

• Real-time information, and location,
• Layer2 Broadcast Domain
of all connected endpoints
Extension over Layer3 IP Networks
• Ability to use 24-bit VNID to signal
• 24-bit VNID to signal L2VPN
both L2VPN and L3VPN
• Ethernet Bridging Semantics
- ie. Data-Plane Driven Learning
• BUM Traffic Flooding via HER at
scale
• Routing optimization techniques
- ie. Selectively leak /32 host routes
• ARP Suppression (Optional)

Confidential. Copyright © Arista 2020. All rights reserved.

 Arista CloudVision Overview

69 Confidential. Copyright © Arista 2020. All rights reserved.

 The Transition to Cloud Networking

Legacy Networking Cloud Networking

Manual, Box-by-Box Automated, Network-wide

Open, Standards-based
Closed architectures
approaches

Control through deeper

Limited integration and control
Programmability at all layers

New Skillsets: Virtualization,

Networking skillsets
DevOps, Scripting

70 Confidential. Copyright © Arista 2020. All rights reserved.

 Approaches to Network Automation

Customer Spectrum

D.I.Y. DevOps Turnkey

Custom development for Leveraging existing tools Limited solutions today,

integration focus on legacy models
(Puppet, Ansible, Salt, etc)
Software development Customers need turnkey
Integration & customization solution for cloud-
resources & approach via scripts automation!

✔ ✔ ✔
EOS SDK
EOS DevOps Toolkit
eAPI CloudVision
OpenConfig
Ruby/Python Object Model

71 Confidential. Copyright © Arista 2020. All rights reserved.

 CloudVision: Multi-Function Platform

Automated Deployments Real-time Telemetry

Zero Touch Provisioning, Granular state streaming for time-series
Hierarchical Config, Extensibility metrics, flows, and events

Change Controls Cognitive Analytics

Correlations, trend analysis, predictive
Orchestrate network-wide algorithms across wired and wireless
upgrades, rollback and snapshots state, network-wide

Compliance / Risk Security Services

Continuously assess, report, and remediate Security policy enforcement,
deviations, vulnerabilities, bugs Policy server integration, Wireless IPS

Data Center, Campus Wired/WiFi, Public Cloud, TapAgg

72 Confidential. Copyright © Arista 2020. All rights reserved.
 Network Automation Pillars @
Network Abstraction / APIs
Openconfig / SDK
Orchestration Controller Integration
Macro/Micro-Segmentation
ITOM Integration (ServiceNow, etc)

Real-time/Historic State Zero Touch

Analytics for Correlation/Learning Config Mgmt
Device / Metric / Snapshot Views Change Control Mgmt
Events / Notifications Telemetry Provisioning Automated Upgrade/Rollback
Cloud Tracer / Device Analyzer Compliance Audit (Security/Bug)
Topology Views TapAgg Steering

Any Cloud

73 Confidential. Copyright © Arista 2020. All rights reserved.

 Full Automation for the NetOps Life Cycle
CloudVision Automation

Build Deploy Operate

Config Config Simulate in Zero Touch Continuous Hitless Deep Visibility

Templates Extensibility, Virtual or Provisioning & Compliance Network-wide for
and External Containerized Replacement and Event Change Troubleshooting
Hierarchical Repos and environment Generation Controls and Automated
management Sources Root Cause

Deployments, Upgrades, Remediations → From Months to Minutes

Move from Manual to Automated Operations

74 Confidential. Copyright © Arista 2020. All rights reserved.
 CloudVision Provisioning

75 Confidential. Copyright © Arista 2020. All rights reserved.

 Provisioning

• Build configurations
via Configlets
- Static or Generated
• Inheritance model
• Execute Tasks to
apply configlets

76 Confidential. Copyright © Arista 2020. All rights reserved.

 Continuous Snapshots

• Capture network status and

configuration
• Compare two points in time
and display the difference
• View Device Configuration
History and diff view
between config versions

Reduce change control time by 50%

77 Confidential. Copyright © Arista 2020. All rights reserved.
 Change Management Done Right

• Perform graceful change controls

without impacting applications
• Automatic snapshots pre & post
change
• Config validation before change
• Useful for Smart System
Upgrades (SSU) or any change
control
• Integration into Workflow Tools,
like Service Now
• Full audit trail & compliance

Reduce change control time by 50%

78 Confidential. Copyright © Arista 2020. All rights reserved.

 Compliance Dashboard

• Continuous checks for Config

and Image drift
• Alerts for new Security
Advisories and track scope of
exposure
• Ongoing assessment of known
bugs and potential impact to
EOS estate
• Dashboard for aggregated view
across entire inventory

Schedule common tasks to automate CVP management

79 Confidential. Copyright © Arista 2020. All rights reserved.
 Configlet Builder – Flexible Scripting Engine
Need to integrate variable or external configs?

• Configlet Builder addresses

the need to customize
portions of the config
• Pre-integrated templates as
well as Python libraries for
scripted extensions
• Shared on GitHub
• Integrates with IP Address
Mgmt (IPAM) systems
(BlueCat, InfoBlox) and other
databases

Extensibility for the CloudVision Portal

80 Confidential. Copyright © Arista 2020. All rights reserved.
 CloudVision Telemetry

81 Confidential. Copyright © Arista 2020. All rights reserved.

 Today’s Telemetry Trends
Many data center operations
are driving in the dark…

Traditional / Legacy Approach Cloud Telemetry Requirements

1990’s networking Cloud DC Architectures
Polling Approach (10-15 min) Real-time streaming
State scope limited to MIB definition Complete state history
Per-Switch Per Device Network-wide scope

Static, discrete events. Manually correlated Dynamic event correlation

The Cloud has driven new telemetry approaches….

82 Confidential. Copyright © Arista 2020. All rights reserved.
 Polling Data == Missing Data
Common Transport Protocol
(gRPC, NetConf, etc)

Switch
State
Intf Intf
down up

Polled
State
Intf Intf Intf Intf Intf Intf
up up up up up up

Streamed
State
Intf Intf Intf
up down up TIME

83 Confidential. Copyright © Arista 2020. All rights reserved.

 1 What is State Streaming?
Interface Counters
LANZ Data
Fan Speed sFlow Data

Temperature Sensor

Configurations Power Draw

Routing Tables
MAC Tables ACL Counters State Streaming

VXLAN Mappings
Table Utilization
Buffer Utilization

System logs …and streamed to a

Every state change triggers
central state
an update… CPU Load
repository

Every SysDB state change. From every device. Instantaneously.

84 Confidential. Copyright © Arista 2020. All rights reserved.
 CloudVision Telemetry Apps
• CloudVision Telemetry Apps provide
front-end for visibility network state
• Correlation of network-wide data over
a time-series
• Views: Event, Device, Metric, and
more
• Timeline view for better historic
troubleshooting
• More apps to follow:
• Other CV-based apps
• APIs for customer & partner apps

Complete, real-time NetDB state streaming

85 Confidential. Copyright © Arista 2020. All rights reserved.
 J

CloudVision Telemetry: Addressing All Perspectives

When you know what your When you don’t know what
looking for… you are looking for…
• Snapshots
• Device Views • Events
• Discrete Metrics • Cloud Tracer
• Aggregated Metrics • Continuous Snapshots
• Search (MAC, IP) • Adaptive Events
• Topology Views

New for 2018: More Intelligent access to the network-wide state

86 Confidential. Copyright © Arista 2020. All rights reserved.

 Topology View: Client-to-Cloud Visibility

State Streaming-based
Modern, granular, complete.
(No Polling - at all!)

Single Management View

Overlay Telemetry Views Consolidation of
Performance, Events, DC + Campus + Cloud
Segmentation and more

Common Dashboard
Starting Point... for Visibility
For diving deeper into Wired and Wireless
control, data, mgmt plane 3rd Party devices

Improved Visibility by Breaking down Silos

87 Confidential. Copyright © Arista 2020. All rights reserved.
 CloudVision 2019: Data Plane Visibility

Data Plane
Flow Tracker
Understand
Visualization and
traffic patterns
trend analysis

Broad Visibility
Correlations from
DC to campus to
cloud + Endpoint
Inventory for
Security baseline

Improved Capacity Planning and Security Baselining

88 Confidential. Copyright © Arista 2020. All rights reserved.
 CloudVision 2019: Predictive Analytics

Algorithm-Driven
Proactive Alerts Predicts events
Ties into event based on historical
and notification data
system

Many Uses
Capacity Planning
Preventative
maintenance, etc

Behavioral Baselines and Deviation Notifications

89 Confidential. Copyright © Arista 2020. All rights reserved.
 CloudVision 2019: Operational Compliance Checking

Network Constraint
Rules
Uplink capacity, Device specific
redundancy, peers, rules
other Visualize alerts on
network devices or
even attached hosts

Proactive Design Constraints for Best Practices

90 Confidential. Copyright © Arista 2020. All rights reserved.
 CloudVision 2019: Historical Search
Leverage the
Database
Visibility to detailed Quick
historical changes Summary

Correlated Metrics
Search Enhances the search
Infrastructure results
Start with MAC and
IP search, more to
come...

Reduce Time to Root Cause with more Granular Visibility Tools

91 Confidential. Copyright © Arista 2020. All rights reserved.
 The Value of Telemetry
CLI approach State Streaming approach
Interface discards:
show interfaces counters discards

Traffic rate:
show interfaces counters rates

LANZ data:
show queue-monitor length drops
show queue-monitor length
statistics
show queue-monitor length tx-
latency

BASIC GRANULAR REAL-TIME, GRANULAR REAL-TIME, GRANULAR, AGGREGATED

LANZ for Queue LANZ Correlation of

Queue
monitoring Streaming discards, LANZ and
drops
Traffic rate in a time series

92 Confidential. Copyright © Arista 2020. All rights reserved.

 The Value of Telemetry
Historical state - Provides granular visibility for forensic troubleshooting
CV Telemetry Routing Table in Device View

Historical state
MONTH

repository,
proactive
tracking of
state changes

AEM to track
WEEK

changes to
ARP, MAC,
route table
entries
CLI Scheduler
DAYS

(scheduled
tech-supports)

93 Confidential. Copyright © Arista 2020. All rights reserved.

 The Value of Telemetry
Abstraction of platform level data

show platform fm6000 tcam usage show hardware capacity

show platform trident tcam summary utilization percent
show platform arad tcam summary exceed [0-100]

DIFFERENT ACROSS PLATFORMS UNIFORM ACROSS PLATFORMS VISUALIZATION & ANALYTICS ACROSS PLATFORMS

Platform CLI level Network wide abstraction

specific abstraction across all platforms
commands

94 Confidential. Copyright © Arista 2020. All rights reserved.

 Any Cloud Visibility with Cloud Tracer

vEOS Router in AWS

East

vEOS Router in AWS West

Cloud Tracer
Integrated with
CloudVision
Telemetry
Enterprise DC Arista Router at
Equinix Cloud vEOS Router in Azure
West
Exchange

95 Confidential. Copyright © Arista 2020. All rights reserved.

Securing the Places-in-the-Cloud

Confidential. Copyright © Arista 2020. All rights reserved.

 Security Trends in the Enterprise

New Security Requirements

• Data Protection
• Password Authentication
• Malware Attacks
• New attack vectors

Expanding Network Exposure

• New workloads
• Multi-cloud expansion
• Policy Complexity
• Manual operations / limited skillsets

97 Confidential. Copyright © Arista 2020. All rights reserved.

 Segmentation has created Security Islands...

DMZ Multi-Silo DC Campus Cloud

Security Island Security Island Security Island Security Island

The impact of these islands:

• Security Policy Sprawl
• Micro-visibility per island
• Vendor lock-in
• Lack of automation
Silo’d solutions can not address the combination of these new challenges
98 Confidential. Copyright © Arista 2020. All rights reserved.
 Arista’s Approach: ‘PINs’ to ‘PICs’

Software Consistency

Data Center Campus Spline Any Cloud

Spine
Virtual
Campus
Leaf Spine
Spline

Virtual
Leaf Leaf

Enabling Consistent Security across PICs

99 Confidential. Copyright © Arista 2020. All rights reserved.
 Simplifying Security Policy with Open Integration

Legacy Security: Policy Lock-in Arista Approach: Open Integration

Security Firewall Network Overlay Cloud Security
Policy Security Security Security Security Policy
Engines Policy Policy Policy Policy Engines

Security Islands!
Simplified
integration
point

Open
Physical Closed
Host Agents Physical
Network Fabric
Network

Typical vendor approach (ACI, Contrail) is to create yet- Arista approach is Best of Breed:
another security policy controller and lock it to physical Let customers use their existing security policy controller;
network and host agents Provide service insertion to the physical network

Modernizing Network Security with Best of Breed Security policy integration

100 Confidential. Copyright © Arista 2020. All rights reserved.
 Extending the Segmentation Approach

Zone Segmentation VPC to VPC

Traditional Perimeter DMZ, North/South

Macro-Segmentation P-to-P, P-to-V, East/West

Micro-Segmentation Bare Metal Storage

V-to-V, East/West
Servers Arrays

101 Confidential. Copyright © Arista 2020. All rights reserved.

 Arista Macro-Segmentation Service

Physical Topology Logical Topology

• Enables logical topology to enable services & enforce service policies in the Network
• No constraints on physical topology - or device placement – as layer-2 or layer-3 device
• Policy authoring and control by security team via service devices

Confidential. Copyright © Arista 2020. All rights reserved.

 Arista Macro-Segmentation Service

Security Admin owns the security policies

No Network Admin involvement required

Network Admin owns the network configuration.

Firewall service is enabled within CloudVision, which:
• Learns security policies and associated end
devices
• Logically instantiates them in the network

Confidential. Copyright © Arista 2020. All rights reserved.

 Security admin programs rules in the firewall
MSS Packet Walk
1

2 MSS enabled in CloudVision, talks to FW/ FW

Manager to obtain tagged rules of interest.

3 Upon receiving rules, MSS programs the intercept

FW
Manager rules on the leaf switches

MSS 4 Once rules are programmed, ToRs/ Leaf switches

intercept traffic of interest, on the access port

5 The intercepted frames are encapsulated into a

tunnel and sent to the ToR connecting the firewall

6 The ToR will decapsulate and send the original frame

to firewall for inspection
IP IP

7 Firewall will apply ‘all’ rules for the frame and will
forward/ log or drop the frame

If firewall forwards the frames, the ToR receives the

8
IP original frame and forwards it to the intended
destination

104 Confidential. Copyright © Arista 2020. All rights reserved.

 Extending Micro-Segmentation
+
Micro-Segmentation Solution
Security Policy

Arista & VMware integration to extend common

policy enforcement for VMs and physical workloads
NSX Manager NSX Controller
Policy applied
to physical
Policy applied to workloads Key Benefits for Customers
virtual workloads

Physical Network NSX as the single policy engine for authoring Micro-
segmentation policies for both Virtual and Physical
workloads
Dynamic orchestration of policy for enforcement in
Arista leaf switches
NSX Logical Switch

Preserves Autonomy for both Security and Physical

Virtualized Physical
Environment workloads
Network Admins

105 Confidential. Copyright © Arista 2020. All rights reserved.

 Simplify Multi-Cloud Segmentation
Zone Segmentation Security
• vEOS Router feature
• Simplified policy definition
• Zone-based Classification
• Stateful enforcement
• Cloud-agnostic
• Automated centrally, via CloudVision
Manage zones, trust
relationships and alerts • Familiar to Network Ops

DC

Consistent Security Services across Multi-Cloud

106 Confidential. Copyright © Arista 2020. All rights reserved.
 Cloud Security with Arista + Zscaler
Complementary Segmentation
• Complete cloud security
• Cloud-agnostic
• Arista Zone Segmentation
N
- Handles East/West
- Inter-VPC, Inter-cloud
ZPA

To Networks
W Zone Segmentation E
To Networks • Zscaler Private Access (ZPA)
VPC/VNET VPC/VNET
- Handles North / South
ZPA

- To/from Workloads and Branches

S

To Campus,
Branch

107 Confidential. Copyright © Arista 2020. All rights reserved.

 Infrastructure Auditing for Operational Security www.arista.com

Customer Challenges
• Maintaining security config on all
devices
• Knowing which devices are vulnerable
• Operating out-of-support products

CloudVision Automates Compliance

• Continuously checking devices
• Dynamic updates from arista.com
• Provision remediation automatically

Ex: Configuration, Software Version drift, Bugs,

PSIRT, Software / Hardware End of support

108 Confidential. Copyright © Arista 2020. All rights reserved.

 Secure Connectivity

DC Interconnect Secure Cloud Edge Enterprise WAN

Any Cloud

Modular and Fixed options Modular and Fixed options Fixed Systems
Integrated 10G / 100G / 200G MACsec, Secure Leaf deployments Integrated hardware-based
Metro (80K) to Long Haul (5000K) Distances with 10G / 100G MACsec IPSec on all ports

Point-to-Point Consolidation of Services:

Mobile & Cable access
with MACsec VPN + Routing + Switching

Broader Integrated Encryption options

109 Confidential. Copyright © Arista 2020. All rights reserved.
 Arista TAC and Professional Services

110 Confidential. Copyright © Arista 2019. All rights reserved.

1. Arista Differentiator: Arista’s NPS - World Class Rating!

Arista NPS Arista’s Cisco NPS

https://npsbenchmarks.com/co
Overall Rating mpanies/cisco

+76 9.1/10 +38

Net Promoter Score (NPS):

NPS Scale: -100 to +100
Scores above 0 are considered good
Scores above 50 are considered excellent
Scores above 70 is considered World Class support

Confidential. Copyright © Arista 2020. All rights reserved.

3. Arista Differentiator: Not all TAC support is the same...
Arista A-Care Cisco Smart-Net

Single touch access with TAC SMEs ✔ ✘

Root Cause Analysis ✔ ✘

Proactive software escalation ✔ ✘

Proactive support case ✔ ✘

Tiered structure ✘ ✔

Outsourced support ✘ ✔

24x7 P1/2 response 1 minute* 60 minutes**

24x7 P3/4 response 15 minutes* 24 hours**

Support via Email or Phone ✔ ✔

Software downloads & RMA ✔ ✔

* Measured over last 36 months
**Target time - https://www.cisco.com/c/dam/global/th_th/assets/docs/seminar/advantnow10_SmartService_Boot_Camp_Myanmar.pdf

112 Confidential. Copyright © Arista 2020. All rights reserved.

4. Arista Differentiator: Support Quality
Avg. frequency
(Based on ~500k IB)
What level of support
General questions ~1-2 per yr customers can expect
when they move to
Software defects ~1 every 2 yrs Arista?

Hardware RMAs Compare these stats with

~1 replacement per yr your incumbent vendor!
TOTAL < 4 per yr

Drastically lower impact on

customer Net Ops teams

Key takeaway:
If network uptime is important to your business Arista is the ONLY choice
Confidential. Copyright © Arista 2020. All rights reserved.
 5. Arista Differentiator: Arista TAC Escalation Process

Customers TAC Dev. Engr.

(No tiered TAC)

Engage TAC
via email or phone If TAC can’t resolve issue, it gets
escalated to:

‘The person who wrote the code’

As needed,
communication to → This dramatically reduces MTTR for
execs customers

Customer Exec TAC Mngt.

Confidential. Copyright © Arista 2020. All rights reserved.

6. Arista Differentiator: Arista’s TAC Single Tier Support
24x7x365
Vancouver

Shannon
Nashua,NH Korea

China
Pune Japan[*Hiring in progress]
Santa Clara Cary,NC

Bangalore

Sydney

Contact us:
Phone: 1866 476 0000
Global locations All products ~19s to respond to calls
Email: [email protected]
[email protected] for round the supported by single ~10min. TSE assignment
Forum: https://eos.arista.com/forum/ clock coverage tier, all employee TAC for email cases
Confidential. Copyright © Arista 2020. All rights reserved.
7. Arista Differentiator: Customer Feedback
"I work with many, many vendors, and Arista has, by far, the best TAC in the Industry!"

“I was expecting an old-school TAC experience: call, get

“Very knowledgeable and they reply
quickly. Arista support is superior to both
Cisco and HPE support.”
“I must say Arista’s support is excellent.
It is far better than Cisco’s or HPE’s
support. For support with Cisco, we pay
thousands of dollars. CCIE’s eventually
reply to my questions, but their answers
are not as good as yours. I appreciate it”
triaged, get someone junior to look at the case, explain
the whole thing to them, get escalation, explain it all
again, get resolution. Instead, Arista TSE answered my
phone call on like the first or second ring, stayed on the
phone with me for almost three hours, and ended up
solving both problems.”
ATAC has excellent knowledge of
hardware and software, is moving fast to
troubleshoot/lab and makes fast and
good answers

How are we doing?

[email protected] direct link for customers to provide feedback to TAC
Confidential. Copyright © Arista 2020. All rights reserved.
 Design Resources

117 Confidential. Copyright © Arista 2020. All rights reserved.

 Universal Cloud Network
Design Guides
118 Confidential. Copyright © Arista 2020. All rights reserved.
 Training

• Currently offer several courses that cover general Arista Knowledge and
CloudVision
• New program being developed to cover full certification from beginner to
expert - 8 levels
- Will cover in-depth training on VXLAN, EVPN, BGP, MPLS, WIFI, Cloud Vision, etc.
- Roadmap for launch early 2020
• WiFi specific specialization training
• Partner hosted Arista specific CWNP WiFi training

119 Confidential. Copyright © Arista 2020. All rights reserved.

 Test Drives, Demos and POCs

• We have numerous hands-on Test Drives available through your Channel SE

to host guided labs for your own knowledge and customer demos.

• Proof of Concept capabilities available through Channel SE.

120 Confidential. Copyright © Arista 2020. All rights reserved.

 Arista Technical Specialist - FOUNDATIONS

Conclusion

121 Confidential. Copyright © Arista 2020. All rights reserved.

 Thank You

www.arista.com
Confidential. Copyright © Arista 2020. All rights reserved.