Chapter 3: Cloud High Availability .........................................................13
Cloud HA Topology.....................................................................................................................................13
Cloud HA Configuration .............................................................................................................................15
Configuring the
Configuring the
Configuring Cloud High Availability..........................................................................................................18
JSON-Based Cloud High Availability Configurations and Equivalent CLI Configurations...........................20
General Troubleshooting Tips.....................................................................................................................23
Caveats and Limitations..............................................................................................................................23
Cloud High Availability Commands.............................................................................................................24
Cloud High Availability CLIs.....................................................................................................................25
Chapter 4: Using vEOS Router on the AWS Platform ..........................39
Arista vEOS Router is a new platform release of EOS that is supported on Amazon Web Service (AWS), Microsoft
Azure and other public clouds. It is also supported on customer equipment running Linux and VMware hypervisors.
By bringing advanced network telemetry and secure IPSec VPN connectivity in a software-only package, vEOS Router
provides a consistent, secure and universal approach to hybrid cloud netw orking for any virtualized cloud deployment.
Use cases for vEOS Router include Secure Multi Cloud Connectivity , Interconnecting VPCs/VNets in the Public Cloud,
Multi-site VPN aggregation and Network Function Virtualization.
5
Page 6
Page 7
Chapter 2
vEOS Licensing
Licensing for vEOS
There are two licenses available as a software subscription which must be applied to the vEOS Router software after
an instance is launched for the activation of all capabilities:
• vEOS Router license -Unlocks the instance from the default performance limit of 80 Mbps.
• IPsec license
SS-VEOSR-IPSEC-500M-1M
The vEOS Router SW Subscription License for a single vEOS instance for 1-Month for up to 500Mbps throughput.
This includes base routing features, IPsec encryption and SW support.
SS-VEOSR-IPSEC-1G-1M
The vEOS Router SW Subscription License for a single vEOS instance for 1-Month for up to 1Gbps throughput. This
includes base routing features, IPsec encryption and SW support.
SS-VEOSR-IPSEC-10G-1M
The vEOS Router SW Subscription License for a single vEOS instance for 1-Month for up to 10Gbps throughput. This
includes base routing features, IPsec encryption and SW support.
If a valid license has never been installed,
• The performance of the instance is limited to 10Mbps.
• IPsec is not available without a license.
For purchased licenses, upon expiration or nearing expiration,
• Renew the license as you would renew a service agreement. (The performance of the vEOS Router and IPsec instance
are not impacted).
• If the license is renewed, there is no impact of service, provided there is an overlap of license dates.
Support for Bring-Your-Own-License (BYOL)
Bring your own license (BYOL) is only supported on AWS. The pricing on AWS includes both the AWS instance
cost and the Arista license fee.
7
Page 8
Installing Licenses
Licenses are files that are imported via the CLI. Contact your local SE for assistance in obtaining a license. Use the
license import command to download a license file. Save the file to /mnt/flash/ or a serv er . For example purposes,
the licenses below are non-functional.
Use the show license command to display details regarding the active licenses and device-specific information
needed for licensing. For example purposes, the licenses below are non-functional.
veos#show license
System Serial number: 2BC6A772072B04BED43DCCF8777F036F
System MAC address: 06:1b:8a:48:8d:0c
Domain name: Unknown
Use the license update command to trigger an update of licenses in storage.
veos#license update
Obtaining and Installing Soft Expiry
Users can obtain licenses from Arista that extend the time for which the customer can use a certain feature without
any limitations. The license for the feature is considered expired, but the feature continues to work until the grace
period as mentioned in the license lapses.
For example, with a license such as the one below, customer can continue to use vEOS without any limitations for ten
days beyond expiry date.
{
"LicenseFileVersion": "1.0",
"CustomerName": "Arista Test Customer",
"LicenseSerialNumber": "ARISTA-TEST-DAYSPAST1",
"Signature": {
The following CLIs can be used to verify if a license is valid, when it expires, what licenses are installed and any
relevant information regarding a license. The show license commands do not list features that are unlocked by
external licenses or means and does not list the pay-as-you-go license provided by AWS.
Show License Files
Use the show license files command to display all information related to the active licenses installed. For
example purposes, the licenses below are non-functional.
]
},
"LicenseFileVersion": "1.0",
(truncated)
END CERTIFICATE-----\n"
show license files compressed
Use the show license files compressed command to display license information. In this example, the
files are zipped then base64 encoded. For example purposes, the licenses below are non-functional.
In the cloud, resources can be deployed across different regions or multiple locations within a region for f ault tolerance
reasons. AWS Availability Zones and Azure Availability Sets (or Fault Domains; Azure currently supports different
resource groupings within a physical datacenter) are examples of cloud high availability offerings. When deploying
vEOS Routers to enhance your cloud's network capability, deploy the vEOS Routers as a high availability pair using
the vEOS Cloud High Availability feature that fits your cloud's high availability design.
The Cloud High Availability (Cloud HA) feature adds support to make the vEOS Router deployment more resilient
to various failure scenarios in the cloud, such as:
• vEOS Router instance goes down due to underlying cloud infrastructure issues.
• vEOS Router instance is unable to forward traffic due to connectivity issues in the cloud infrastructure.
• vEOS Router experiences an internal issue leading to unavailability.
vEOS Router HA pair with Cloud HA is an active-activ e deployment model for dif ferent cloud high av ailability design
in a region. Each vEOS Router in an HA pair provides enhanced routing capabilities as the gatew ay (or next-hop router
for certain destinations) for the subnets to which the vEOS routers connect. The two vEOS Router peers monitor the
liveliness of each other by using Bidirectional Forwarding Detection (BFD) between the router interfaces. In case of
the cloud infrastructure issues or vEOS router failure, the active vEOS router takes over as the gateway or next-hop
for the subnets that were connected to the peer router through cloud-specific API calls that modify the corresponding
cloud route table(s) according to pre-configured information.
Cloud HA Topology
This diagram shows an example of a vEOS Router Cloud HA implementation.
13
Page 14
Figure 1: Cloud high availability network topology with vEOS router instances
In the diagram above, a virtual network is a collection of resources that are in the same cloud region. Within this
virtual network, the resources, including vEOS routers, deploy into two cloud high av ailability zones (A vailability
Zones for AWS and Fault Domain for Azure) for fault tolerance reasons.
Note: For ease of discussion, we will use availability zone 1 and 2 to reference the high a vailability design
in different clouds going forward.
Within each availability zone, the hosts/VMs and vEOS interfaces are connected to their corresponding subnets
when the network is operating normally. Each subnet associates to a route table within the cloud infrastructure.
Static routes are configured in the cloud route tables so the traffic from the hosts/VMs are routed to vEOS Routers
in the corresponding availability zone as gate way or next-hop to reach certain destinations. For e xample, configure
a default route (0.0.0.0/0) in the cloud route table with the next-hop as vEOS Router's cloud interface ID or IP
(varies depending on the cloud). The routing policy or protocol, such as BGP, on the vEOS Routers, are user
configurable based on user's network design.
vEOS Router Configuration Guide14
Page 15
Cloud High Availability
The two vEOS Routers in the diagram above are configured with the Cloud HA feature as HA peers. The Cloud
HA on the vEOS routers would establish a BFD peering session between the two devices through ethernet or
tunnel interfaces.
When BFD connectivity loss is detected by the active vEOS router, the existing routes in the backup route table
in the cloud would be updated through cloud-specific API to use the active vEOS router as the next-hop. For
example, if vEOS 2 detected BFD connectivity loss with its peer, vEOS 2 would update the routes in RouteTable 1 so traffic from hosts in Subnet 1 and Subnet 2 for vEOS 1 would be forwarded to next-hop ID or IP
owned by vEOS 2. Traffic from the hosts in availability zone 1 would first be forwarded to the corresponding
subnet gateways in the cloud. After that, the subnet gateways in the cloud would forward the traffic toward the
new next-hop interface ID or IP that exist on vEOS 2. When vEOS 2 received the traffic, it would forward the
traffic on according to its routing table.
What about traffic going toward the hosts in availability zone 1 while connectivity to vEOS 1 is down? When
connectivity to vEOS 1 is down, hosts behind Subnet 1 and Subnet 2 become unreachable to the other part of
the network (routes being withdrawn by routing protocols like BGP). Since Subnet 1 and Subnet 2 are not
directly connected to vEOS 2, a routing strategy for the two subnets as "backup" on vEOS 2 is to be considered
as part of your network design. A typical design would be to use static routes for the subnets connected to the
peer vEOS router and point them toward the cloud subnet gateways of the active vEOS router (for example,
static route for peer subnet 10.1.1.0/24 would be configured on the active vEOS router as ip route10.1.1.0/24
10.2.1.1 255 where 10.2.1.1 is the gateway/next-hop for one of the ethernet interfaces) with a high administrati ve
distance value (least preferred). The static routes would be redistributed or advertised when the original routes
with better administrative distance are withdrawn or removed by dynamic routing protocol (such as BGP).
When BFD peering session is restored to UP state upon recovery, each active vEOS router would restore its
locally controlled route table entries (per user configuration) to point to itself as primary gateway again.
Cloud HA Configuration
This example configuration is based on the Cloud HA implementation diagram. The point of reference of the
configuration is the vEOS Router instance vEOS 1 in the Gateway Virtual Network.
Note: Starting from Release 4.20.6, the Cloud HA configuration is only available through the CLI. The
JSON file from the previous vEOS version is deprecated. You must convert the JSON configuration to
CLI configuration after upgrading from any previous vEOS version. For information regarding the
conversion of the JSON configuration to CLI configuration, go to: JSON-Based Cloud High Availability
Configurations and Equivalent CLI Configurations on page 20.
Cloud HA Modes
The Cloud HA related configurations are divided into three separate configuration modes:
• Cloud Proxy - For proxy related configuration such as http and https.
• Cloud Provider - For cloud provider specific configuration such as region, credential, and proxy name.
• Cloud High-Availability - For configurations such as route, next-hop, BFD source interface, and peer.
The example includes specific configurations for various aspects of the Cloud HA implementation that are
configured prior to implementation. The specific configurations are:
• Configuring the Cloud Proxy on page 16
• Configuring the Cloud Provider on page 16
• Configuring Cloud High Availability on page 18
15
Page 16
Note: The last tw o configurations represent full Cloud HA implementation configurations, including one
full configuration for Cloud HA on theAWS Specific Cloud, and one for Cloud HA on Azure.
• AWS Specific for High Availability on page 19
• Azure Specific for High Availability on page 19
Configuring the Cloud Proxy
Optional proxies can be configured if used in a deployment. The configuration is applicable for any cloud type.
All web traffic for the underlying restful APIs for the Cloud provider SDK will use the configured proxies.
Multiple proxies can be configured but only one can be used at any giv en time from the Cloud High-Availability
configuration.
veos(config)#
veos(config)#cloud proxy test
veos(config-cloud-proxy-test)#
The following example configures the cloud proxy IP, port, and username and password for HTTP.
veos(config)#
veos(config)#cloud proxy test
veos(config-cloud-proxy-test)#http 1.2.3.4 1234 username test password 7
075E731F1A
veos(config-cloud-proxy-test)#
Configuring the Cloud Provider
The following describes configurations required for Cloud HA on different types of clouds.
Cloud Configuration
To have access to the cloud services, the vEOS Router must be provided with credentials. Additionally, a proxy
may be configured for the connection to the cloud services to go through.
AWS Specific Cloud
Complete the following tasks to configure AWS Specific Cloud services.
• Configure Credentials
• Access to AWS Specific Cloud API Server
• If vEOS is associated with a public IP address, no special configuration is required.
• If vEOS is not associated with an public IP address, either use AWS Private Link or Proxy configuration
Configure Credentials
In the AWS Specific Cloud configuration, a region must be specified. It is recommended to authorize the vEOS
Router by assigning it an IAM role, but an explicit credential can also be specified.
• IAM Role Configuration - No credentials. See Cloud Provider Helpful Tips on page 18 for additional
information.
• Explicit Credential Configuration
AWS Specific Cloud IAM Role Configuration
The IAM role should be configured on the AWS Specific as shown below . This is the recommended configuration.
• "Trust Relationships" has "ec2.amazonaws.com" as trusted entities.
vEOS Router Configuration Guide16
Page 17
• "Policy" with "Permissions" for the network related EC2 actions.
This is applicable only when running in AWS cloud environment and configures various aspects of Cloud HA
feature to interact with AWS web services.
Note: The access-key-id and secret access-key commands are either both configured or both are omitted. If
omitted, the Cloud HA Agent will try to use AWS IAM role for security tokens to access and control A WS route
tables. Verify the IAM role for the vEOS router Virtual Machine( VM ) is configured properly on the AWS
cloud. Refer to AWS documentation to configure IAM role.
Configure the backup-gateway, primary-gateway, Route Table ID(rtb) and local interface for AWS.
The Route Table ID specifies for AWS the backup-gateway and primary gateway, then the destination selects
the individual route within the route table to control. The local-cloud-interface then points to the interface ID
eni-867caa86 (from AWS perspective) of the vEOS router that the traffic should be directed.
There are two authorization models that can be used in Azure: SDK Auth Credentials and Active Directory
Credentials. SDK Auth Credentials are the recommended authorization model.
• SDK Auth Credentials
To generate SDK Auth Credentials, use the sdk authentication credential-file
flash:startup-config command in the config-cloud-azure configuration mode.
veos(config)#cloud provider azure
The following are needed for Cloud High Availability but are not part of the vEOS configuration on the vEOS
Router. These may change or can be another way to achie v e the same ef fect without changing the vEOS Router.
AWS VPN Specific Cloud PrivateLink
AWS VPN Specific Cloud Pri vateLink allows a priv ate (no public IP address) vEOS instance to access services
offered by AWS (without using proxy).
The interface VPC endpoints enables a pri vate vEOS instance to connect to AWS VPN Specific Cloud PrivateLink.
To configure Interface VPC Endpoints:
1. Open the Amazon VPC console and choose Endpoints in the navigation panel.
2. Select Create Endpoint.
3. Choose the AWS Services and select service name com.amazonaws.<your-region>.ec2.
4. Choose the VPC and the subnets in each availability zone for the Interface VPC endpoints.
5. Enable private DNS name and set security group accordingly.
6. Select Create Endpoint.
Once the Endpoint(s) is created, the EC2 API IP associated with the domain-name will be updated to the endpoint
IP.
Additional interface VPC endpoints information can be found at:
To enable the Cloud HA and its parameters, use the following configurations.
Enable Cloud High Availability
vEOS Router Configuration Guide18
Page 19
Cloud High Availability
The cloud high-availability command places the vEOS in the cloud-ha configuration mode. This example
enables cloud high-availability and configures the peer veos2.
To configure the BFD link between the HA pair of vEOS Routers that is used to detect peer failure, the peer IP
address and local BFD source interface must be provided. The follo wing example configures T unnel 2 as a single
hop for the source interface for BFD.
The recovery wait-time command in the cloud-ha configuration sub-mode configures the amount of time to
take back control of local route tables after failure recovery. The following example shows the wait time is
configured to 90 seconds.
JSON-Based Cloud High Availability Configurations and Equivalent CLI
Configurations
Note: Starting from 4.20.6, the Cloud HA configuration is only available through the CLI. The JSON
file from the previous vEOS version is deprecated. You must convert the JSON configuration to CLI
configuration after upgrading from any previous vEOS version.
Mapping JSON Config to the New CLI
Use the following to map the previous JSON file to the new CLI.
Mapping JSON Config to Cloud High-Availability
The following JSON Configurations are now available in Cloud High-Availability configuration mode.
The following JSON configurations are available in Cloud Proxy configuration mode.
Note: In the Cloud HA CLI, the Cloud Proxy name must be referenced in the Cloud Provider Proxy configuration
If the Cloud HA feature is not working as expected, follow these tips for debugging.
• Make sure that the network connectivity is there and DNS server is setup correctly for this feature to work.
• If using Proxy and IAM role under AWS, make sure that the HTTP traffic (TCP port 80) is not proxied to allow
for temporarily security credentials to be retrieved by vEOS instance.
• Make sure to use a corresponding BFD source interface on the peer vEOS instance. This makes sure that the
BFD traffic ingress and egress are on the same interface on each instance.
• For an AWS Specific Cloud, if the IAM role does not work, Arista recommends temporarily using access-key
id and secret access key with enough permissions to make sure the rest of the Cloud HA configuration is fine
until you debug IAM role policy.
Caveats and Limitations
• This feature was introduced in EOS release 4.20.5F which uses /mnt/flash/cloud_ha_config.json file for Cloud
HA configuration without any CLI support. Starting from release 4.20.5.A1 onwards, Cloud HA feature supports
CLI based configuration only. Deployments using JSON based config are not supported and will not work
when the image is upgraded or downgraded. To upgrade image, the administrator must configure Cloud HA
feature manually by converting the JSON config to equivalent CLI configuration. Downgrading will work as
long as the older jJSON file is still present in /mnt/flash directory.
• Only a single resource-group is supported across all routing entries for Azure under Cloud specific config
HA configuration.
• Cloud HA feature currently supports only a single peer.
• The AWS IAM role or Azure MSI needs to be configured properly using cloud provider's management tools
and should give sufficient permissions to vEOS instance to access and update route table entries.
• The vEOS instance should have connectivity to the cloud provider's web services. The access can also be via
proxy or using feature like AWS private-link.
• The recovery wait-time should not be configured less than 10 sec to avoid unnecessary route flapping when
experiencing periodic instabilities.
• The Cloud HA feature will completely validate all the provided cloud configuration to make sure it is consistent
and has all required permissions. However, the administrator should not change the provider's network
configuration afterwards to avoid any issues during fail-over.
• When there are BFD connectivity issues between the two vEOS peers, each instance will take over the other's
traffic. This cross traffic forwarding on provider's network should not have any adverse affect and still work
as active-active even though both of the instance will report as Fail-over. After the network connectivity is
resolved, the traffic pattern should revert to normal active-active mode.
• The user can adjust the BFD specific parameters for the session used by Cloud HA feature using normal BFD
commands such as multiplier, tx/rx intervals etc. The Cloud HA fail-over and traffic takeover time is directly
correlated with BFD failure detection time. However, when using an overly aggressive BFD, the failover time
may incur higher overhead as well may result in greater instability during traffic bursts. Arista recommends
using the use default BFD interval which is currently 300 msec with multiplier as 3.
• The bfd source-interface used in Cloud HA configuration should not belong and/or routable via the route-tables
controlled by the vEOS router instance itself to avoid traffic looping issues.
• If the Cloud HA is in an invalid configuration state due to erroneous/mismatched configuration in the pro vider's
cloud, the administrator has to force update the Cloud HA configuration( for example by shut/no shut under
Cloud HA mode) after updating the provider's cloud configuration. In other words, by itself the Cloud HA
feature will not retry the back-end configuration check if it is found to be invalid at the time of configuration
23
Page 24
Cloud High Availability Commands
Global
• cloud high availability cloud high-availability (vEOS) on page 28
• cloud high availability shutdown cloud high-availability shutdown (vEOS) on page 28
• cloud high availability peer cloud high-availability peer
Interface
• backup-gatewaybackup-gateway (vEOS - Azure) on page 27
• bfd-source_interface bfd source-interface (vEOS) on page 27
• access-key-id access-key-id (vEOS-AWS) on page 25
• region region (vEOS - AWS) on page 34
• secret access-key secret-access_key (vEOS - AWS) on page 35
Cloud Proxy Commands
Global
• cloud proxy cloud proxy (vEOS) on page 30
Interface
• http http (vEOS) on page 30
• https https (vEOS) on page 31
• proxy cloud proxy (vEOS) on page 30
Show Commands
EXEC
• show cloud high-availability show cloud high-availability (vEOS) on page 36
• show cloud high-availability routes show cloud high-availability routes on page 36
• show cloud provider aws show cloud provider aws (vEOS - AWS) on page 37
• show cloud provider azure show cloud provider azure (vEOS - Azure) on page 38
• show cloud proxy show cloud proxy (vEOS) on page 38
vEOS Router Configuration Guide24
Page 25
Cloud High Availability
Cloud High Availability CLIs
The Cloud High Availability CLIs are divided into three separate configuration modes:
• Cloud Proxy - For proxy related configuration such as http and https.
• Cloud Provider - For cloud provider specific configuration such as region, credential, and proxy name.
• Cloud High-Availability - For configurations such as route, next-hop, BFD source interface, and peer.
access-key-id (vEOS-AWS)
The cloud provider A WS command places the vEOS in cloud-provider -aws configuration mode. This configuration
mode allows user to configure cloud provider aws access-key-id command parameters. The no access-key-id
command removes the configuration from the vEOS running-config. The exit command returns the vEOS to
global configuration mode.
Note: Supported on AWS platform only.
Command Mode
Cloud Provider AWS Configuration
Command Syntax
access-key-id(Password_Type)
no access-key-id(Password_Type)
Parameters
Password_Type
• 0 access-key-id The password is a clear-text string. Equivalent to no parameter.
• 7 encrypted_key The password is an encrypted string.
• Text
Example:
The following example configures the AWS access key to encrypted.
veos(config)#cloud provider aws
veos(config-cloud-aws)#access-key 0 565656 test
Example:
The following example removes the AWS access key and returns the vEOS to Global configuration mode.
veos(config-cloud-aws)#access-key 0 565656 test
veos(config-cloud-aws)#no access-key 0 565656 test
veos(config)#
Example:
The following example returns the vEOS to Global configuration mode.
veos(config-cloud-aws)#access-key 0 565656 test
veos(config-cloud-aws)#exit
veos(config)#
The active-directory credential email subscription-id command configures Azure's cloud provider azure
active-directory credential parameters. The no active-directory command removes the configuration fromthe vEOS running-config. The exit command returns the vEOS to global configuration mode.
Note: Supported on Azure platform only.
Command Mode
Cloud Provider Azure Configuration
Command Syntax
active-directory credential email subscription-id ID
no active-directory credential email subscription-id
Parameters
• ID Defines the active directory subscription ID.
Example:
The following example places the cloud provider for Azure into the configuration mode.
The azure command in the cloud-ha-peer configuration sub-mode, accessible through the cloud-ha configuration
mode, allows the user to configure cloud high-availability peer related parameters. The exit command returns
the vEOS to the to the cloud-ha-peer configuration mode.
Note: Supported on Azure platform only.
Command Mode
Global Cloud High Availability Peer Configuration Submode
Command Syntax
azure
Example:
The following example configures the peer related information for Azure.
veos(config)#cloud high-availability
veos(config-cloud-ha)#peer p
veos(config-cloud-ha-peer-veos2)#azure
veos(config-cloud-ha-peer-veos2-azure)#
Example:
vEOS Router Configuration Guide26
Page 27
Cloud High Availability
The following example returns the vEOS to the cloud-ha configuration mode.
The cloud high-availability command in the cloud-ha submode assigns the backup gatew ay parameters for the
Azure high availability peered cloud. The no backup-gateway command removes the configuration from the
vEOS running-config. The exit command returns the vEOS to global configuration mode.
Command Mode
Cloud HA azure configuration submode
Command Syntax
backup-gateway [Azure Rt_Info]resource-group[Name]
no backup-gateway [Azure Rt_Info]
Parameters
• Azure Rt_Info
• azure-rt-name The azure route name.
• dest-ip-address/mask The destination IP address.
• local-ip-address The local IP address.
• resource-group
• Name Azure resource group name.
Example:
The following example configures the parameters for the Azure high availability peered cloud.
The bfd source-interface command in the cloud-ha configuration submode configures BFD source interface
parameters for the high availability peer . The no bfdsource-interface command removed the BFD configurations
from the vEOS running-config.
The cloud high-availability command places the vEOS in cloud-ha configuration mode. This configuration
mode allows user to configure cloud high-av ailability related parameters. The exit command returns the switch
to global configuration mode.
Command Mode
Global Cloud High Availability Configuration
Command Syntax
cloud high-availability
Example:
The following example places the vEOS in the cloud high availability configuration mode.
The cloud provider aws command places the vEOS in cloud-provider-aws configuration mode. This configuration
mode allows user to configure cloud provider aws command parameters. The exit command returns the vEOS
to global configuration mode.
Note: Supported on AWS platform only.
Command Mode
Global Configuration
Command Syntax
cloud provider aws
Example:
The following example places the cloud provider for AWS into the configuration mode.
The following example returns to the global configuration mode.
veos(config-cloud-aws)#exit
veos(config)#
cloud provider azure (vEOS)
The cloud provider azure command places the vEOS in cloud-provider-azure configuration mode. This
configuration mode allows user to configure cloud provider azure command parameters. The exit command
returns the vEOS to global configuration mode.
Note: Enabled for Azure platform only.
Command Mode
Global Configuration
Command Syntax
cloud provider azure
Example:
The following example places the cloud provider for Azure into the configuration mode.
The cloud proxy command places the vEOS in cloud-proxyconfiguration mode. This configuration mode allows
user to configure the cloud proxy command parameters. The no cloud proxy command disables the named
proxy and returns the vEOS to global configuration mode.
Command mode
Global Configuration
Command Syntax
cloud proxy proxy_name
no cloud proxy proxy_name
Parameters
proxy_name The proxy name to configure.
Example:
The following example configures the cloud proxy configuration setting for "test".
veos(config)#
veos(config)#cloud proxy test
veos(config-cloud-proxy-test)#
Example:
This command disables the cloud proxy named "test" and returns the vEOS to global configuration mode.
veos(config-cloud-proxy-test)# no cloud proxy test
veos(config)#
http (vEOS)
The http command in the cloud-proxy configuration submode configures the IP, port, username, and password
parameters. The no http command removes the configured cloud proxy information for HTTP from the
running-config and returns the vEOS to the global configuration mode.
Command mode
Global Cloud Proxy Configuration
Command Syntax
http[PROXY_IP_PORT][username][password]
no http[PROXY_IP_PORT][username][password]
Parameters
• PROXY_IP_PORT Port number to be used for the HTTP server. Options include:
• proxy-ip IP address used for the HTTPs proxy. Dotted decimal location.
• proxy_port HTTPS proxy port. Value ranges from 1 to 65535.
• username Name string.
• password Password string.
• 0 cleartext-passwd Indicates the cleartext password is in clear text. Equivalent to the no parameter case.
• 7 encrypted_passwd Indicates encrypted password is md5 encrypted.
Example:
vEOS Router Configuration Guide30
Page 31
Cloud High Availability
The following example configures the cloud proxy IP, port and username and password for HTTP.
veos(config)#
veos(config)#cloud proxy test
veos(config-cloud-proxy-test)# http 1.2.3.4 1234 username test password 7
075E731F1A
veos(config-cloud-proxy-test)#
Example:
The following example removes the configured cloud proxy information for HTTP from the running-config.
veos(config-cloud-proxy-test)# no http 1.2.3.4 1234 username test password
7 075E731F1A
veos(config-cloud-proxy-test)#
https (vEOS)
The https command in the command in the cloud-proxy configuration submode configures the IP , port, username
and password parameters. The no https command removes the configured cloud proxy information for HTTPS
from the running-config and returns the vEOS to global configuration mode.