Arista’s not Cisco – Nifty CLI features

At GPN18 we had an Arista DCS-7280SR as our core and border router. The Cisco-like CLI made it easy to configure the system as I know my way around IOS*.

While setting up the final BGP sessions to our upstreams at the GPN18 we by accident found out that Arista supports watch on their CLI which is quite awesome when you want to see if your peering are coming up.

router> watch sh ip bgp summary

The next thing Arista can do which Cisco can’t is show active. When you are in a config stanza like an interface, access-list or router bgp 13020, you can print the current configuration of this sub-tree; in configure mode! This is something every Cisco admin would love to have as it’s not possible to do a show running-config <thingy> for most parts of the config tree and you have to fiddle around with show running-config | section <something>.

As we grew fond of show active really fast we wanted to use it to verify our access-list changes etc. and were wondering why they didn’t show up in show active directly after attemping the chance.

core-hfg#sh ip access-lists bgp
IP Access List bgp
 10 permit tcp host 1.2.3.4 any eq bgp
 20 permit tcp host 2.3.4.5 any eq bgp
 30 permit tcp host 3.4.5.6 any eq bgp

core-hfg#conf t
core-hfg(config)#ip access-list bgp
core-hfg(config-acl-bgp)#40 permit tcp host 9.8.7.6 any eq bgp
core-hfg(config-acl-bgp)#show active 
ip Access List bgp
 10 permit tcp host 1.2.3.4 any eq bgp
 20 permit tcp host 2.3.4.5 any eq bgp
 30 permit tcp host 3.4.5.6 any eq bgp

It turns out some config changes only get active when you leave the block you were editing, which is another subtle difference to Ciscos behavior!

core-hfg(config-acl-bgp)#exit
core-hfg(config)#ip access-list bgp
core-hfg(config-acl-bgp)#show active 
ip Access List bgp
 10 permit tcp host 1.2.3.4 any eq bgp
 20 permit tcp host 2.3.4.5 any eq bgp
 30 permit tcp host 3.4.5.6 any eq bgp
 40 permit tcp host 9.8.7.6 any eq bgp

Update:

Some changes are applied immediately on interface level, for example (no) shut, VLAN changes, … These are visible in show active as expected. Thanks for Nico for the clarification!