Network-Engineering | 3 min read
Arista EOS Config Sessions
Do you know that feeling when changing interface configs on that device without remote console in the data center 200 km away? If something goes wrong it may take hours to return the device to working state. With features in Arista EOS you can substantially reduce that stress level.
Network engineers who are used to the Junos CLI miss the comfort and safety net when having to deal with CLIs from other vendors. The idea that a config statement is activated the moment you press enter is scary.
But there are other modern implementations around that provide similar functions and that is Arista EOS!
The CLI of EOS is very similar to Cisco’s IOS. If an engineer with IOS background wants to configure an Arista switch, he or she probably just types “conf t” (short for “configure terminal”) and adds the desired configs. But then he or she will not benefit from the advanced configuration features.
Instead, it is better to start with “configure session.” This resembles the Junos configure mode in the sense that config statements are not activated immediately. Instead, all config statements are activated in one go once the engineer enters “commit”.
But before committing to a new configuration, the difference to the running configurations can be displayed (similar to “show | compare” on Junos).
leaf1#configure session leaf1(config-s-sess-1)#int lo77 leaf1(config-s-sess-1-if-Lo77)#ip address 220.127.116.11/32 leaf1(config-s-sess-1)#show session-config diffs --- system:/running-config +++ session:/sess-1663-140324424902400-0-session-config @@ -79,6 +79,9 @@ ip address 10.255.254.111/32 ip ospf area 0.0.0.0 ! +interface Loopback77 + ip address 18.104.22.168/32 +! interface Management1 vrf mgmt ip address 192.168.101.111/24 leaf1(config-s-sess-1)#commit leaf1#
A commit automatically creates a configuration checkpoint. This can be used to revert the running config to the state before the commit happened.
leaf1#show configuration checkpoints Maximum number of checkpoints: 20 Filename Date User -------------- ------------------------- ----- ckp-20210410-0 2021-04-10 18:33:11 admin ckp-20210410-1 2021-04-10 21:42:48 admin ckp-20210412-0 2021-04-12 09:00:11 admin ckp-20210412-1 2021-04-12 09:13:31 admin ckp-20210412-2 2021-04-12 11:30:21 admin ckp-20210412-3 2021-04-12 12:12:58 admin ckp-20210412-4 2021-04-12 14:04:33 admin ckp-20210412-5 2021-04-12 14:25:38 admin ckp-20210412-6 2021-04-12 14:39:23 admin ckp-20210412-7 2021-04-12 15:51:26 admin ckp-20210416-0 2021-04-16 19:15:48 admin leaf1#configure checkpoint restore ckp-20210416-0 leaf1#
Not only this, but also the “commit confirmed” known from Junos is available in EOS. Instead of simply typing “commit,” the word “timer” and a time has to be provided. If the config is not confirmed in that timeframe, it will be automatically reverted. This is very useful in case something with the new ACL is wrong and you lose your session to the network device.
leaf1#configure session leaf1(config-s-sess-1)#int Lo99 leaf1(config-s-sess-1-if-Lo99)#ip addr 22.214.171.124/32 leaf1(config-s-sess-1-if-Lo99)#exit leaf1(config-s-sess-1)#commit timer 0:05:0 leaf1#show configuration sessions Maximum number of completed sessions: 1 Maximum number of pending sessions: 5 Name State User Terminal --------------------------- ------------------------ ---------- -------- sess-1663-140324424902400-1 pending sess-1663-140324424902400-4 pendingCommitTimer leaf1#configure session sess-1663-140324424902400-4 commit leaf1#
With the “configure replace” command, it is possible to load a configuration from a file and replace the configuration. This is like the “load override” statement in Junos.
Knowing how config sessions and checkpoints work on EOS can certainly reduce the stress level when changing interface configs or ACLs on that particular device 200 km away without console access!
Curious to learn more about the products from Arista? Feel free to contact ngworx.ag and learn more!