Chapter 14. Aboot
Aboot is the bootloader for EOS. The bootloader is a small program that loads automatically when the system is powered on. The bootloader’s primary job is to load the primary operating system (OS), which is usually stored elsewhere, such as flash memory or disk. If you’ve ever installed a Linux system, you’ve likely encountered bootloaders such as GRUB. On Windows NT/2000/XP machines, the default bootloader is NTLDR.
Note
Technically, there are two types of bootloaders: first stage and second stage. The first-stage bootloader usually operates at a very low level and is often responsible for hardware system checks. A PC’s BIOS would be considered a first-stage bootloader, whereas the bootloaders mentioned in this chapter would be second-stage bootloaders.
Before EOS is loaded, the switch loads the Aboot process from ROM. Aboot looks for a file called boot-config in flash:/, which to be painfully accurate, is actually /mnt/flash in Linux:
[admin@Arista ~]$ cd /mnt/flash [admin@Arista flash]$ ls EOS-4.20.1F.swi debug schedule zerotouch-config boot-config persist startup-config
Aboot reads the contents of this file, determines the image to be loaded, and then loads it. If the boot-config does not exist, Aboot will halt the system and present an Aboot# prompt.
In fact, if any of the following should occur, Aboot will halt the system:
-
boot-config is corrupt or not found
-
Configured EOS image is corrupt or not found
-
Ctrl-C is entered from the console while the Aboot process is running
Normally, the system boots as follows (details might differ depending on loaded modules and the version of EOS installed):
Aboot 6.1.2-4757975 Press Control-C now to enter Aboot shell Booting flash:/EOS-4.20.1F.swi [ 8.336429] Starting new kernel [ 1.674818] Running dosfsck on: /mnt/flash Switching rootfs Welcome to Arista Networks EOS 4.20.1F New seat seat0. RTNETLINK answers: No such process [ 63.406686] EXT4-fs (sda): VFS: Can't find ext4 filesystem [ 63.483960] FAT-fs (sda): invalid media value (0xf3) Arista File Archive: initialization complete, quotapct: 20 [ OK ] TimeAgent: Starting ConnMgr: [ OK ] [ OK ] Starting ProcMgr: [ OK ] Starting EOS initialization stage 1: [ OK ] Starting NorCal initialization: [ OK ] Starting EOS initialization stage 2: [ OK ] Starting Power OCompleting EOS initialization (press ESC to skip): [ OK ] Model: DCS-7280SR-48C6-M Serial Number: SSJ17290599 System RAM: 32459704 kB Flash Memory size: 3.1G Arista login:
By pressing Ctrl-C on the console when prompted, we interrupt the boot process and drop into the Aboot shell:
Aboot 6.1.2-4757975 Press Control-C now to enter Aboot shell ^CWelcome to Aboot. Aboot#
While in Aboot, the fans in the switch run at high speed. They put out some significant noise in this state, so if you’re playing with a switch on your desk at work, prepare for all of your local cube dwellers to hate you. If you work in an open office environment, I recommend leaving the switch in the office and connecting to it from home with a console server so that the noise won’t bother you. That’ll teach ‘em.
Aboot has a help command that shows the following:
Aboot# help Commonly-used Aboot commands ls Prints a list of the files in the current working directory cd Changes the current working directory cp Copies a file more Prints the contents of a file one page at a time vi Edits a text file boot Boots a SWI swiinfo Prints information about a SWI recover Recovers the factory-default configuration reboot Reboots the switch netconf Configures a network interface manually (IPv4 or IPv6) udhcpc Configures a network interface automatically via DHCP (IPv4 only) wget Transfers a file from an HTTP or FTP server scp Transfers a file to or from a server running SSH showtech Show system information Run 'command -h' for brief help on a specific command. See http://busybox.net/ for additional help on many commands.
Navigating around is easy if you’re familiar with Linux (and you really should be). Although Aboot is Linux, it’s a flavor of Linux called Busybox, which is an open source version of Unix utilities compiled into a single small executable designed to run in a USB stick. The thing to remember about Aboot is that it’s a tiny Linux; if you think of it as such, you’ll do fine. Unless you don’t know anything about Linux, in which case you’re screwed. Good thing you bought this book!
From within the Aboot prompt, the first thing we do is to try and get our bearings. When I’m lost on a Linux box, I issue the pwd command to see what directory I’m in. Sure enough, this works just fine in Aboot:
Aboot# pwd /
So, we’re in the root, which means I’m bored. Let’s take a look around by using the ls command:
Aboot# ls MD5SUMS dev init mnt root tmp bin etc lib proc sys
Looks harmless enough. I wonder if more elaborate versions of these commands work?
Aboot# ls -al drwxr-xr-x 11 root 0 0 Apr 24 19:51 . drwxr-xr-x 11 root 0 0 Apr 24 19:51 .. -rw-r--r-- 1 root 0 2012 Apr 19 2017 MD5SUMS drwxr-xr-x 2 root 0 0 Apr 19 2017 bin drwxr-xr-x 2 root 0 0 Apr 24 19:51 dev drwxr-xr-x 2 root 0 0 Apr 24 19:51 etc -rwxr-xr-x 122 root 0 448836 Apr 19 2017 init drwxr-xr-x 2 root 0 0 Apr 19 2017 lib drwxr-xr-x 4 root 0 0 Apr 24 19:51 mnt dr-xr-xr-x 66 root 0 0 Apr 24 19:51 proc drwx------ 2 root 0 0 Mar 22 2017 root dr-xr-xr-x 11 root 0 0 Apr 24 19:51 sys drwxrwxrwt 2 root 0 0 Apr 24 19:51 tmp
Yay! But this looks like any Unix machine. Where’s the good stuff? Because I’m in Aboot, I’d probably want to check, change, or otherwise mangle the boot-config, and I know that resides in flash:/ from within EOS, but that doesn’t seem to exist here. That’s because flash:/ is an EOS construct. The key to mounted filesystems in Fedora Core Linux (the Linux used to build EOS) is /mnt, so let’s take a look there:
Aboot# cd mnt/ Aboot# ls -al drwxr-xr-x 4 root 0 0 Apr 24 19:51 . drwxr-xr-x 11 root 0 0 Apr 24 19:51 .. drwxrwx--- 16 root 88 4096 Apr 24 19:48 drive -rw-rw-rw- 1 root 0 91 Apr 24 19:51 drive.conf drwxrwx--- 7 root 88 4096 Jan 1 1970 flash -rw-r--r-- 1 root 0 94 Apr 24 19:51 flash-original.conf -rw-rw-rw- 1 root 0 90 Apr 24 19:51 flash-recover.conf -rw-rw-rw- 1 root 0 94 Apr 24 19:51 flash.conf
Note
I tend to repeat this bit about flash:/ being an EOS construct because I’ve found that people not familiar with Unix find this a bit confusing. That, and I really like the word construct. It makes me feel like I’m in Star Trek when I say it out loud. Try it for yourself and see. Construct...
Looks promising! There’s a directory within /mnt named flash, so let’s see what’s in there:
Aboot# cd flash/ Aboot# pwd /mnt/flash Aboot# ls -l -rwxrwx--- 1 root 88 638234211 Nov 21 21:13 EOS-4.20.1F.swi -rwxrwx--- 1 root 88 27 Apr 23 11:28 boot-config drwxrwx--- 3 root 88 4096 Apr 24 19:51 debug drwxrwx--- 2 root 88 4096 Apr 24 19:50 persist drwxrwx--- 3 root 88 4096 Apr 23 11:40 schedule -rwxrwx--- 1 root 88 2885 Apr 24 19:46 startup-config -rwxrwx--- 1 root 88 19 Apr 24 15:14 zerotouch-config
Ah-ha! We’ve found the flash:/ location from within Aboot. In the future, we can just issue the cd /mnt/flash/ command from within Aboot to get back here.
Note
The file structure in Aboot is pretty much the same as it would be in Bash, though any temporary file structures created when EOS boots will be missing. Generally, if you’re in Aboot it’s because something is wrong and to fix it, you’ll likely need to cd to /mnt/flash/. Remember that your home directory does not survive a reboot, so if you’re in Aboot looking for your home directory, you’re out of luck.
To see the contents of a file in Linux, we might use the more command. Let’s do exactly that in order to see what’s contained within the boot-config:
Aboot# more boot-config SWI=flash:/EOS-4.20.1F.swi
Not very exciting, is it? The single line indicates that the SWI file can be found at flash:/EOS-4.20.1F.swi. Note that this is configured using EOS reference points (flash:/), not Linux reference points (/mnt/flash/). My guess is that it’s done this way to make it more palatable to network engineers unfamiliar with Linux. Now let’s see what other sorts of trouble we can get ourselves into with this file. There are some cool options that we can configure in the boot-config:
SWISet the location of the SWI
CONSOLESPEEDSet the speed of the console port
PASSWORDThe encrypted password for the Aboot shell
- NET commands
Set various configurations pertaining to simple network connectivity
These commands are placed within the boot-config, with the syntax COMMAND= configuration. This file can be examined from within Aboot or the Bash shell using the more /mnt/flash/boot-config command or from within EOS with the show boot CLI command:
Arista#sho boot Software image: flash:/EOS-4.20.1F.swi Console speed: (not set) Aboot password (encrypted): (not set) Memory test iterations: (not set)
We’ve already seen the SWI command in action, but let me just point out that although the obvious method is to point to an image on flash, we can also point to images outside the box. Here are some cool examples of valid SWI statements:
- SWI on flash
SWI=flash:EOS-4.20.1F.swiIf you notice, there is no slash after the colon in this example (flash: versus flash:/). Either will work.
- SWI on USB1
SWI=usb1:/EOS-4.20.1F.swi- SWI on
/mnt/flash(same as flash:/) Yes, you can use either
flash:or/mnt/flash/! Because this is usually configured with the CLI boot system command, this line will likely contain flash:SWI=/mnt/flash/EOS-4.20.1F.swi- SWI on an HTTP server
SWI=http://foo.com/images/EOS-4.20.1F.swi- SWI on an FTP server
SWI=ftp://foo.com/EOS-4.20.1F.swi- SWI on an FTP server with a username and password
SWI=ftp://user:[email protected]/EOS-4.20.1F.swi- SWI on a TFTP server
SWI=tftp://foo.com/EOS-4.20.1F.swi- SWI on an NFS-mounted filesystem
SWI=nfs://foo.com/images/EOS-4.20.1F.swi
Although you can have your image reside somewhere on the network, I’m not a fan of this because for that to work, you’ll need to configure IP information in the boot-config, as well. Not only that, but since we’re in Aboot and not EOS, that means that the ASIC driver is not loaded, which means that the only available interface, is the physical management interface as shown by issuing the ifconfig –a command in Aboot:
Aboot# ifconfig -a
lo Link encap:Local Loopback
LOOPBACK MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
ma1 Link encap:Ethernet HWaddr 28:99:3A:BE:9F:91
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:36
OK, you get the point. Now let’s move on to the other boot-config commands.
The CONSOLESPEED command is pretty simple. We can apply one choice from a list of speeds, and that’s it. We cannot set stop bits, parity bits, or anything other than speed with this command. Values include common speeds for serial ports, including 1200, 2400, 4800, 9600, 19200, and 38400 with the default being 9600. Here is an example boot-config with the CONSOLESPEED set to 38400:
Aboot# more boot-config SWI=flash:/EOS-4.20.1F.swi CONSOLESPEED=38400
You also can configure the CONSOLESPEED setting by using the EOS boot console speed speed command:
Arista(config)#boot console speed ? baud Console port speed (1200, 2400, 4800, 9600, 19200 or 38400)
The PASSWORD command is also pretty simple, but you should not configure it from within Aboot. You should set the PASSWORD command using only the EOS boot secret command because the EOS command encrypts the password, and the boot-config contains the encrypted result. With a password in place, you’ll need to authenticate in order to access the Aboot shell, and this password cannot be recovered from Aboot, so assign an Aboot password with care.
Let’s assign a password to Aboot from within EOS with the boot secret command. Here, I set the password to Arista!:
Arista(config)#boot secret Arista!
Note
I know I keep going back and forth between EOS and Aboot, and that might be confusing. You cannot go back and forth between these modes; I’m just showing how these items would be configured when within each of the modes. Stay with me, and watch the prompts carefully if you get mixed up as to where I am.
Now, viewing the boot-config with the show boot command, we can see that the file contains a PASSWORD entry and that the password is encrypted:
Arista(config)#sho boot Software image: /mnt/flash/EOS-4.20.1F.swi Console speed: (not set)Aboot password (encrypted): $6$Mo6m6VkhGeG7.6pW$xFy0SEi2 EalgVy3xTjZagdGUMsEqxT3lMg.2YormEDdTtXCa0K2aPPlKWc/D0LUpvpOxxHVbT77J6F6x8Jzik. Memory test iterations: (not set)
In the first edition of this book, I wrote, “Whether or not the password is easily cracked is not germane to the subject matter of this book, and shame on you for thinking such things!” because of the MD5 encryption in use at the time, but as of about 2015 or so, EOS now defaults to SHA512, which is much more cryptographically sound. It also results in much longer encrypted password strings.
Upon a reboot, with the PASSWORD command set in the boot-config, we are now prompted for authentication when we press Ctrl-C at the Aboot message:
Restarting system [00:48:22] watchdog punch . [00:48:26] watchdog punch . no FE found in the system Aboot 4.0.4-2086886 Press Control-C now to enter Aboot shell^C
Aboot password:
At this point, if we enter the incorrect password three times, we are greeted with this friendly message:
Press Control-C now to enter Aboot shell^C Aboot password: incorrect password Aboot password: incorrect password Aboot password: incorrect password Type "fullrecover" and press Enter to revert /mnt/flash to factory default state, or just press Enter to reboot:
If we feel the need to issue the fullrecover command, we are warned once again:
Type "fullrecover" and press Enter to revert /mnt/flash to factory Default state, or just press Enter to reboot: fullrecover All data on /mnt/flash will be erased; type "yes" and press Enter to proceed, or just press Enter to cancel:
Although it might not be obvious that “All data on /mnt/flash will be erased” is a bad thing, consider that the following files exist in /mnt/flash:
-
The SWI files (you know, EOS and stuff)
-
The boot-config
-
The startup-config
-
The zerotouch-config
-
Some console logs on EOS 4.21 and later
-
All schedule logs (unless stored elsewhere)
-
Anything you might have put there
-
Anything in the /mnt/flash/persist/ folder
In other words, if you perform a fullrecover on the switch, your switch will lose everything, and you’ll need to start from scratch. Fun! Still, my pain is your gain, so let’s go ahead and see what happens:
Type "fullrecover" and press Enter to revert /mnt/flash to factory default state, or just press Enter to reboot: fullrecover All data on /mnt/flash will be erased; type "yes" and press Enter to proceed, or just press Enter to cancel: yes Erasing /mnt/flash Writing recovery data to /mnt/flash EOS-4.19.1F.swi startup-config boot-config 850926 blocks [ 85.460223] Restarting system.
Ouch! We went from EOS version 4.20.1F to 4.19.1F, which might not seem like that big of a deal, but this is a pretty modern switch as of 2019. In the first edition of Arista Warrior we went from EOS version 4.8.1 to version 4.4.0 (the version my very old switch originally shipped with). Not only that, but our configuration is gone, the multiple EOS versions are gone from flash, and the switch is now a big unconfigured time sink. Luckily for you, that’s my time being sunk, so while you sit back enjoying a cocktail, I’ll be here rebuilding the switch.
Note
So, what’s the moral of the story? Don’t issue the fullrecover command unless you really mean it, because it doesn’t just delete the boot-config. It deletes everything!
Why do it? fullrecover is the means to return your switch to factory default in the event of a lost Aboot password and lost EOS passwords without having to send the switch back to Arista.
Note that depending on your switch and depending on what version of EOS you were originally on, you might get messages like this while booting a new version, regardless of if the change is an upgrade or a downgrade:
Starting NorCal initialization: ----------------------------------------------------- Upgrading the casini system fpga. This process can take 6 minutes. Please do not reboot your switch. ----------------------------------------------------- Upgrade of the casini system fpga completed successfully. Power cycling the system after successfully upgrading all system fpgas.
This is EOS putting new microcode onto the Field Programmable Gate Array (FPGA), which is essentially a programmable Application-Specific Integrated Circuit (ASIC). Some switches, like the 7280SE-72 shown in this example, contain multiple FPGAs and, as such, might take a fair bit of time to finish this task. Additionally, there might be multiple reboots while the system upgrades/downgrades, so this can take upward of 10 to 12 minutes for a single 1–rack unit (RU) switch.
Because I teach the Arista ACE classes, I get to listen to students as they watch their switches go through this process repeatedly. It takes a while, and no one likes to watch a switch boot, so do yourself a favor and grab another cocktail while it’s going. Unless you’re in my class, in which case, only the instructor can have cocktails—for safety reasons.
On a switch with a boot password that you want to remove, use the no boot secret command from within EOS. You could also just remove the PASSWORD= line in the boot-secret file from Bash:
Arista(config)#no boot secret
With nothing but the SWI set in the boot-config, you should see something like the following output when using the show boot command from within EOS:
Arista#sho boot Software image: flash:/EOS-4.21.1F.swi Console speed: (not set) Aboot password (encrypted): (not set) Memory test iterations: (not set)
Moving on, let’s take a look at some of the NET commands within the Aboot environment. NET commands include the following:
NETDEV=interfaceThe interface that the switch will be configured to use for loading configurations or SWI files. This interface can only be an out-of-band management port, not one of the normal Ethernet switch interfaces. This is because the front-panel interfaces are controlled by the ASIC, and the ASIC driver has not been loaded in Aboot. On a fixed-configuration switch, the only choice is ma1.
NETAUTO=auto_settingIf using DHCP, this would be set to
dhcp.NETIP=interface_addressThe IP address for the
NETDEVinterface.NETMASK=interface_maskThe IP subnet mask for the
NETDEVinterface.NETGW=gateway_addressThe IP gateway address to allow the
NETDEVinterface to communicate outside its directly connected IP network.NETDOMAIN=domain_nameThe DNS domain name for the switch.
NETDNS=dns_addressThe IP address of a DNS server that can be used to resolve external hostnames.
Note that there is no support for IPv6 and that only dotted-decimal notation can be used (no /24 masks, for example). Also, be advised that these commands can be set only from within Aboot or from the Bash shell. They cannot be configured from within EOS:
Arista(config)#boot ? console Console port settings secret Assign the Aboot password system Software image URL test Boot test
Here’s an example of how the boot-config might be configured on a simple network:
Aboot# more /mnt/flash/boot-config SWI=tftp:/10.0.0.100/EOS/EOS-4.20.1F.swi NETDEV=ma1 NETIP=10.0.0.44 NETMASK=255.255.255.0 NETGW=10.0.0.1 NETDOMAIN=arista.com NETDNS=10.0.0.100
When I first started messing with this file, I naturally placed all new commands where they belonged and then rebooted and dutifully pressed Ctrl-C as soon as the message commanded me to. Only, it didn’t work! After about 90 tries, I wasn’t paying attention and pressed Ctrl-C later in the boot process, and that is when my Aboot network configuration worked. Here, I’ll show you. First, let’s reboot the switch and press Ctrl-C the second I see the message:
Press Control-C now to enter Aboot shell^C Welcome to Aboot. Aboot#
Looks great, but all is not well in the world of bootloaders. By using the ifconfig command, I can see that the ma1 interface has no configuration:
Aboot# ifconfig ma1
ma1 Link encap:Ethernet HWaddr 28:99:3A:BE:A0:B9
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:36
I really hate when that happens.
Warning
Watch out! Mashing on Ctrl-C too quickly will prevent the network configuration from loading in Aboot!
One of the tech reviewers for the first edition was one of the system developers, who agreed that “yeah, that’s pretty lame.” He also said that the NET statements were designed to get an image from the network while already in Aboot, and not on reboot the way I was using it. That makes sense, but I’m still a happy keyboard masher and always will be.
It’s now 2019, and this still happens, but I’ve come to realize that my complaints about it are sort of dumb. You see, if you had configured boot-config to do this, why are you pressing Ctrl-C to go into Aboot? You would let Aboot do its thing and get the image from the network as intended, which I can assure you works just fine.
For years, I’ve trained myself to sit and stare at the screen and to pounce on Ctrl-C (or F2, or F12, or whatever damn key I’ve been commanded to engage) the millisecond that the message appeared. We’ve all missed those messages and had to reboot time and again, which is why this really drove me nuts.
Note
It’s worth noting again that if your NET commands in the boot-config don’t seem to be working, wait a few seconds after the Press Control-C now to enter Aboot shell prompt before mashing those keys. There’s a good chance that they’ll work if you can restrain your key-mashing impulse, if even for a few seconds. Better yet, just let Aboot do its job and stop interfering.
Honestly, doing this is a bit weird, so let me show you a more realistic way that you might use networking from within Aboot, and that is by manually setting an IP address and grabbing a file from the network using Linux commands:
Aboot# cd /mnt/flash Aboot# ifconfig ma1 10.0.0.19 Aboot# wget http://10.0.0.100/EOS/EOS-4.20.1F.swi Connecting to 10.0.0.100 (10.0.0.100:80) EOS-4.20.1F.swi 100% |*******************************| 608M 00:00:00 ETA Aboot#
Notice that I never configured a subnet mask? ifconfig will use the natural class mask if you don’t specify one:
Aboot# ifconfig ma1
ma1 Link encap:Ethernet HWaddr 28:99:3A:BE:9F:91
inet addr:10.0.0.1 Bcast:10.255.255.255 Mask:255.0.0.0
inet6 addr: fe80::2a99:3aff:febe:9f91/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:492 (492.0 B)
Interrupt:36
To prevent this behavior, use the netmask keyword:
Aboot# ifconfig ma1 10.0.0.1 netmask 255.255.255.0
At this point, with the new version of EOS on board, we can edit the boot-config, put in the new SWI= statement, and reboot the switch, at which point it will load the new version of code. Here’s the new boot-config after my vigorous editing using the vi editor:
Aboot# more boot-config SWI=flash:/EOS-4.20.1F.swi
The switch will now boot the 4.20.1F code.
Booting most network devices into their bootloaders is an exercise in frustration, at least for me. I do it so rarely that I struggle to remember the arcane commands, and then I invariably look up what I need to do online. That process is made even worse by many networking vendors because different products boot differently. Aboot changes all that because the bootloader environment is just another flavor of Linux. If you find yourself in Aboot, just keep your wits about you and remember to look for the boot-config in /mnt/ flash. Better yet? It’s the exact same procedure on every Arista switch.
Speaking of which, let’s talk about password recovery.
Password Recovery
On a competitor’s switch, password recovery might be a nightmare with different arcane procedures and commands that vary depending on what model number device is being recovered. On Arista switches, every device is the same when it comes to password recovery. Think about it for a second: where is the startup-config? It’s on flash:, of course. How do you get to flash in Linux? cd /mnt/flash/.
To do a password recovery on an Arista switch follow these steps:
-
Boot the switch.
-
Press Ctrl-C to enter Aboot.
-
From within Aboot change to the /mnt/flash directory.
-
Edit the startup-config using vi.
-
Comment out the lines that begin with username.
-
Reboot the switch and log in as admin with no password.
That’s it! And it’s the same on every Arista switch. How cool is that? In a nutshell, if you know where the startup-config is and how to get there in Linux, you can password recover the box.
What if you loathe the vi editor? You can just rename the startup-config to startup-config.bak, after which, when you exit aboot, the switch will have a default configuration (note that this might trigger Zero-Touch Provisioning [ZTP]).
Aboot# cd /mnt/flash Aboot# mv startup-config startup-config.bak
Conclusion
Running through Aboot once or twice is a good practice for anyone who works with Arista switches. I once mucked up a switch so severely that we couldn’t get it to cancel or disable ZTP, and it wouldn’t let us do any configuration. I was able to boot the switch, drop into Aboot, and issue the fullrecover command, which saved the switch, prevented us from bothering TAC (which saved a lot of time), and made me look like a hero. Let’s face it, technical writers don’t get all the girls because of our breathtaking vocabularies, so any chance to play the hero is welcome, even if this particular heroism was witnessed by only a bunch of IT guys in a cold data center.