Cisco ASR 920 series Скачать руководство пользователя страница 104 | Manualshive

Страница: 104 / 438

background image

Table 7: Bridge-Domain and Service-Instance MAC Address Limit

MAC Address Limit

Bridge-Domain / Service-Instance Number

20

Bridge Domain 1000

5

Service Instance 1001

10

Service Instance 1002

To be configured

Service Instance 1003

If you wish to configure MAC security on service instance 1003, any value can be configured for the maximum
count. For example:

service instance 1003 ethernet

bridge-domain 1
mac security
mac security maximum addresses 35

A MAC address limit of 35 is permitted, even though the total MAC address limit for the three service instances
(5 + 10 + 35) would exceed the count (20) configured on the bridge domain. Note that during actual operation,
the bridge domain limit of 20 is in effect. The dynamic secure address count cannot exceed the lowest count
applicable, so it is not possible for service instance 1003 to learn 35 addresses.

MAC Move and MAC Locking

If a MAC address is present in the MAC address table for a service instance (for example, service instance
1) on which MAC security is configured, the same MAC address cannot be learned on another service instance
(for example, service instance 2) in the same bridge domain.

If service instance 2 attempts to learn the same MAC address, the violation response configured on service
instance 2 is triggered. If MAC security is not configured on service instance 2 and a violation response is
not configured, the

“

shutdown

”

response sequence is triggered on service instance 2.

If MAC security is not enabled on service instance 1, the violation is not triggered. service instance 2 learns
the MAC address and moves it from service instance 1.

For some platforms, MAC address moves are allowed but moves between secured service instances and
nonsecured service instances cannot be detected.

For example, if you do not configure MAC security on service instance 2 because of a hardware limitation,
a MAC move from secured service instance 1 to service instance 2 is accepted. Therefore, it is recommended
that all service instances within the same bridge-domain be configured as secured service instances.

Violation Response Configuration

A violation response is a response to a MAC security violation or a failed attempt to dynamically learn a MAC
address due to an address violation. MAC security violations are of two types:

Type 1 Violation

--The address of the ingress frame cannot be dynamically learned due to a deny list, or

because doing so would cause the maximum number of secure addresses to be exceeded (see the

Limiting and Learning, on page 84

).

Carrier Ethernet Configuration Guide (Cisco ASR 920 Series)

86

Configuring MAC Address Limiting on Service Instances Bridge Domains and EVC Port Channels

Violation Response Configuration

«
...
102
103
104
105
106
...
»

Содержание ASR 920 series

Страница 1: ...guration Guide Cisco ASR 920 Series First Published July 29 2014 Americas Headquarters Cisco Systems Inc 170 West Tasman Drive San Jose CA 95134 1706 USA http www cisco com Tel 408 526 4000 800 553 NETS 6387 Fax 408 527 0883 ...

Страница 2: ... 2014 Cisco Systems Inc All rights reserved ...

Страница 3: ... 6 Example Configuring Trunk EFP Support 6 Example Verifying the Trunk EFP Support Configuration 7 Additional References 7 Feature Information for Trunk EFP Support 9 C H A P T E R 2 Ethernet Virtual Connections Configuration 11 Finding Feature Information 12 Supported EVC Features 12 Restrictions for Ethernet Virtual Connections Configuration 13 Ethernet Virtual Connections 14 Service Instances a...

Страница 4: ...ing 27 Example for Egress Filtering 28 Configuring Examples for Asymmetric EFPs 28 Configuring Other Features on EFPs 29 EFPs and EtherChannels 29 Layer 2 Protocol Peering 30 Layer 2 Protocol Forwarding 30 Configuring IEEE 802 1Q Tunneling and Layer 2 Protocol Tunneling Using EFPs 30 802 1Q Tunneling QinQ 30 Method 1 31 Method 2 32 Example for VLAN Translation Configurations 32 Example for Ingress...

Страница 5: ...ion About EVC Local Connect 52 Benefits of EVC Local Connect 52 Prerequisites for EVC Local Connect 52 Restrictions for EVC Local Connect 52 How to Configure EVC Local Connect 53 Configuring EVC Local Connect 53 Configuring EVC Local Connect as Interworking VLAN 53 Verifying EVC Local Connect Configuration 54 Verifying Traffic Statistics 54 Configuration Examples 55 Example Configuration Example f...

Страница 6: ...CFM on EFP 69 Example Configuration of Transparent CFM 70 C H A P T E R 6 VLAN Translation with QoS 71 Benefits of VLAN Translation 71 Scenarios showing VLAN Translation 72 Limitations for VLAN Translation with QoS 73 Configuring 1 1 VLAN Translation 74 Configuring 2 1 VLAN Translation 75 Configuring policy for ingress QoS 76 Configuration Example for 1 1 VLAN Translation 77 Configuration Example ...

Страница 7: ...Static and Dynamic MAC Addresses 85 Dynamic MAC Address Learning 85 MAC Address Limiting on Service Instances 85 MAC Address Limiting for Bridge Domains 85 Relationship Between the MAC Address Limit on a Bridge Domain and on a Service Instance 85 MAC Move and MAC Locking 86 Violation Response Configuration 86 MAC Address Aging Configuration 87 Sticky MAC Address Configurations 88 Aging for Sticky ...

Страница 8: ...08 Showing the MAC Addresses of a Specific Service Instance 109 Showing the MAC Addresses of All Service Instances on a Specific Bridge Domain 110 Showing the MAC Security Statistics of a Specific Service Instance 110 Showing the MAC Security Statistics of All Service Instances on a Specific Bridge Domain 111 Showing the Last Violation Recorded on Each Service Instance on a Specific Bridge Domain ...

Страница 9: ...n Service Instances Bridge Domains and EVC Port Channels 120 C H A P T E R 8 Configuring Ethernet Connectivity Fault Management in a Service Provider Network 123 Finding Feature Information 124 Prerequisites for Configuring Ethernet CFM in a Service Provider Network 124 Restrictions for Configuring Ethernet CFM in a Service Provider Network 124 Information About Configuring Ethernet CFM in a Servi...

Страница 10: ... 170 Provisioning Service on the N PE A 173 Provisioning Service on the CE B 177 Provisioning Service on the U PE B 180 Provisioning Service on the PE AGG B 184 Provisioning Service on the N PE B 187 Configuring and Enabling the Cross Check Function 190 Configuring and Enabling Cross Checking for an Inward Facing MEP on the U PE A 190 Configuring and Enabling Cross Checking for an Inward Facing ME...

Страница 11: ...e Tag VLAN Cross Connect 217 Example for Configuring CFM over EFP Interface with Cross Connect Single Tag VLAN Cross Connect 218 Configuring CFM over EFP Interface with Cross Connect Double Tag VLAN Cross Connect 219 Example for Configuring CFM over EFP Interface with Cross Connect Double Tag VLAN Cross Connect 220 Configuring CFM over EFP Interface with Cross Connect Selective QinQ Cross Connect ...

Страница 12: ... Specify Appropriate Actions 237 Modifying Ethernet Microwave Event Settings 239 Configuration Examples for G 8032 and CFM Support for Microwave Adaptive Bandwidth 241 Example Configuring the Ethernet Microwave Event 241 Example Verifying the Ethernet Microwave Event Configuration 241 Example Signal Degraded Event Syslog Messages 243 Example Configuring the TRUNK EFP with ACM Microwave 243 Additio...

Страница 13: ...VPN 274 Configuration Examples for Configuring Ethernet 275 Example Provisioning a Network 275 Example Provisioning Service 278 Additional References 280 Feature Information for Configuring Ethernet CFM 282 Glossary 282 C H A P T E R 1 2 Configuring Ethernet Local Management Interface at a Provider Edge 285 Prerequisites for Configuring Ethernet Local Management Interface at a Provider Edge 285 Re...

Страница 14: ...n of Ethernet OAM 301 OAM Features 301 OAM Messages 303 IEEE 802 3ah Link Fault RFI Support 303 Ethernet Connectivity Fault Management 304 How to Set Up and Configure Ethernet Operations Administration and Maintenance 304 Enabling Ethernet OAM on an Interface 304 Disabling and Enabling a Link Monitoring Session 305 Disabling a Link Monitoring Session 305 Enabling a Link Monitoring Session 306 Stop...

Страница 15: ...e Provider Network 325 C H A P T E R 1 5 Using Link Layer Discovery Protocol in Multivendor Networks 327 Finding Feature Information 327 Prerequisites for Using Link Layer Discovery Protocol in Multivendor Networks 328 Restrictions for Using Link Layer Discovery Protocol in Multivendor Networks 328 Information About Using Link Layer Discovery Protocol in Multivendor Networks 328 IEEE 802 1ab LLDP ...

Страница 16: ...ing IEEE 802 3ad Link Bundling 350 Information About Configuring IEEE 802 3ad Link Bundling 350 Gigabit EtherChannel 350 Port Channel and LACP Enabled Interfaces 350 IEEE 802 3ad Link Bundling 351 Benefits of IEEE 802 3ad Link Bundling 352 LACP Enhancements 352 LACP for Gigabit Interfaces 352 Features Supported on Gigabit EtherChannel Bundles 353 Guidelines for LACP for Gigabit Interfaces Configur...

Страница 17: ...g Local Span and RSPAN 381 Restrictions for Local Span and RSPAN 382 Understanding Local SPAN and RSPAN 383 Information About Local SPAN Session and RSPAN Session 383 Local SPAN Session 383 Local SPAN Traffic 384 RSPAN Session 384 RSPAN Traffic 384 Destination Interface 385 Source Interface 385 Traffic Directions 386 Configuring Local SPAN and RSPAN 389 Configuring Sources and Destinations for Loc...

Страница 18: ...802 1ad Ports 403 Service Provider Bridges 404 S Bridge Component 404 C Bridge Component 405 NNI Port 405 MAC Addresses for Layer 2 Protocols 405 Bridge Protocol Data Units Destination MAC Addresses 407 How to Configure 802 1ad 409 Configuring the IEEE 802 1ad on Service Instances 409 Configuring the IEEE 802 1ad on Trunk EFP Service Instances 412 Configuring the IEEE 802 1ad on Cross Connect on E...

Страница 19: ...arch Tool and the release notes for your platform and software release To find information about the features documented in this module and to see a list of the releases in which each feature is supported see the feature information table Use Cisco Feature Navigator to find information about platform support and Cisco software image support To access Cisco Feature Navigator go to www cisco com go ...

Страница 20: ...this new type of EFP is user configurable via the service instance trunk command the encapsulation command and the bridge domain from encapsulation command when the Trunk EFP Support feature is enabled Ethernet Flow Points An Ethernet flow point EFP is a forwarding decision point in the provider edge PE router which gives network designers flexibility to make many Layer 2 flow decisions within the...

Страница 21: ...atures or parameters can be changed and the ACL can be updated Trunk Ports An Ethernet interface can be configured as a trunk port interface A trunk port also known as a trunk is a point to point link between a networking device and another networking device Trunks carry the traffic of multiple VLANs over a single link and allow you to extend VLANs across an entire network A trunk port configured ...

Страница 22: ... 2 Configures the interface and enters interface configuration mode interface port channel number Example Device config interface port channel 1 Step 3 Configures an Ethernet service instance on an interface and enters Ethernet service configuration mode service instance trunk id ethernet Example Device config if service instance trunk 1 ethernet Step 4 Defines the matching criteria to map 802 1Q ...

Страница 23: ...p 7 Disables shutdown and keeps the interface or port active no shutdown Example Device config if srv no shutdown Step 8 Returns to privileged EXEC mode end Example Device config if srv end Step 9 Verifying the Trunk EFP Support Configuration Use one or more of the commands listed below to verify the Trunk EFP Support feature configuration SUMMARY STEPS 1 enable 2 show ethernet service instance 3 ...

Страница 24: ...domain Displays bridge domain information Step 5 exit Example Device exit Exits privileged EXEC mode Configuration Examples for Trunk EFP Support Example Configuring Trunk EFP Support In the following example EFP support has been configured on a trunk interface Device enable Device configure terminal Device config interface port channel 1 Device config if service instance trunk 1 ethernet Device c...

Страница 25: ...725 10798985220 160246675 10255787200 EFP Microblocks Microblock type Bridge domain Bridge domain 12 1900 Additional References Related Documents Document Title Related Topic Configuring Ethernet Connectivity Fault Management in a Service Provider Network Ethernet CFM IEEE 802 3ah Ethernet in the First Mile IEEE 802 3ah Configuring ITU T Y 1731 Fault Management Functions ITU T Y 1731 fault managem...

Страница 26: ...sco com go mibs CISCO ETHER CFM MIB CISCO IEEE CFM MIB RFCs Title RFC The BSD syslog Protocol RFC 3164 Technical Assistance Link Description http www cisco com cisco web support index html The Cisco Support and Documentation website provides online resources to download documentation software and tools Use these resources to install and configure the software and to troubleshoot and resolve techni...

Страница 27: ...Navigator to find information about platform support and Cisco software image support To access Cisco Feature Navigator go to www cisco com go cfn An account on Cisco com is not required Table 1 Feature Information for Trunk EFP Support Feature Information Releases Feature Name This feature was introduced on the Cisco ASR 920 Series Aggregation Services Router ASR 920 12CZ A ASR 920 12CZ D ASR 920...

Страница 28: ...Carrier Ethernet Configuration Guide Cisco ASR 920 Series 10 Trunk EFP Support Feature Information for Trunk EFP Support ...

Страница 29: ...s in the bridge domain If there are no matching EFPs the frame is dropped You can use EFPs to configure VLAN translation For example if there are two EFPs egressing the same interface each EFP can have a different VLAN rewrite operation which is more flexible than the traditional switchport VLAN translation model Effective Cisco IOS XE Release 3 15 0S QoS policies on EFPs are now supported with in...

Страница 30: ...fy EFP service instances on Ethernet interfaces Encapsulation you can map traffic to EFPs based on 802 1Q VLANs a single VLAN or a list or range of VLANs 802 1Q tunneling QinQ VLANs a single outer VLAN and a list or range of inner VLANs Double tagged frames mapped to EVC based on C tags wildcard S Tags Bridge domains you can configure EFPs as members of a bridge domain up to 64 EFPs per bridge dom...

Страница 31: ...orted You can create a maximum of 4000 EVCs per interface You can create a maximum of 128 EFPs per bridge domain The no mac address table learning bridge domain bridge id global configuration command is not currently supported Only dot1q encapsulation is supported on trunk EFPs Effective Cisco IOS XE Release 3 14 0S dot1ad encapsulation is also supported on the trunk EFPs Note Effective Cisco IOS ...

Страница 32: ...l configuration command you can associate the EVC with the service instance optional There is no default behavior for a service instance Use the service instance number ethernet name interface configuration command to create an EFP on a Layer 2 interface or EtherChannel and to enter service instance configuration mode You use service instance configuration mode to configure all management and cont...

Страница 33: ...ferent types of encapsulations are default dot1q dot1ad priority tagged and untagged Supported Ethertypes include ipv4 ipv6 pppoe all pppoe discovery and pppoe session Encapsulation classification options also include outer tag VLAN outer tag CoS inner tag VLAN inner tag CoS payload ethertype After you have entered an encapsulation method these keyword options are available in service instance con...

Страница 34: ...the C Tag The CoS value is a single digit between 1 and 7 for S Tag and C Tag You cannot configure CoS encapsulation with encapsulation untagged but you can configure it with encapsulation priority tag The result is an exact outermost VLAN and CoS match and second tag You can also use VLAN ranges encapsulation dot1q vlan_id cos cos_value second dot1q vlan id cos cos_value encapsulationMatches any ...

Страница 35: ...ID 0 and CoS value of 0 to 7 encapsulation priority tagged If a packet entering or leaving a port does not match any of the encapsulations on that port the packet is dropped resulting in filtering on both ingress and egress The encapsulation must match the packet on the wire to determine filtering criteria On the wire refers to packets ingressing the router before any rewrites and to packets egres...

Страница 36: ...econd dot1q vlan 2 rewrite ingress tag pop 1 symmetric Bridge Domains A service instance must be attached to a bridge domain Flooding and communication behavior of a bridge domain is similar to that of a VLAN domain Bridge domain membership is determined by which service instances have joined it while VLAN domain membership is determined by the VLAN tag in the packet You must configure encapsulati...

Страница 37: ...egress You can also use the rewrite command to facilitate VLAN translation and QinQ The supported rewrite commands rewrite ingress tag pop 1 symmetric rewrite ingress tag pop 2 symmetric rewrite ingress tag push dot1q vlan id symmetric Enter the rewrite ingress tag pop 1 2 symmetric service instance configuration mode command to specify the encapsulation adjustment to be performed on the frame ing...

Страница 38: ... interface these commands are prerequisites Router config interface gigabitethernet0 0 1 Router config if service instance 22 Ethernet ether Router config if srv encapsulation dot1q 10 Router config if srv bridge domain 10 You must configure encapsulation on a service instance before configuring bridge domain ISL trunk encapsulation is not supported The router does not support overlapping configur...

Страница 39: ...ervice instance number ethernet name Step 3 The number is the EFP identifier an integer from 1 to 4000 Optional ethernet name is the name of a previously configured EVC You do not need to use an EVC name in a service instance Configure encapsulation type for the service instance encapsulation default dot1q priority tagged untagged Step 4 default Configure to match all unmatched packets dot1q Confi...

Страница 40: ...orizon Step 8 Optional Save your entries in the configuration file copy running config startup config Step 9 Use the no forms of the commands to remove the service instance encapsulation type or bridge domain or to disable the rewrite operation Creating a Trunk EFP Beginning in privileged EXEC mode follow these steps to create an EFP service instance Use the no forms of the commands to remove the ...

Страница 41: ...uration mode service instance trunk number ethernet Step 3 The number is the EFP identifier an integer from 1 to 4000 The trunk keyword identifies the trunk ID to which the service instance is assigned Trunk EFP without port channel supports encapsulation of up to 1000 VLANS Note Configure encapsulation type for the service instance Only dot1q encapsulation is supported on trunk EFPs Note encapsul...

Страница 42: ...ep 8 show ethernetservice instance show bridge domain n split horizon Optional Save your entries in the configuration file copy running config startup config Step 9 Configuring Asymmetric EFPs Effective Cisco IOS XE Release 3 18S this feature introduces new rewrite rules for the egress direction in the EFP You can configure asymmetric rewrite rules in both ingress and egress directions of the EFP ...

Страница 43: ...C learning should be disabled on the multicast EFP using disable learning command Asymmetric rewrite configuration fails for the priority tagged encapsulation Procedure enable configure terminal interface TenGigabitEthernet0 0 26 no ip address service instance 1 ethernet encapsulation dot1q 30 rewrite ingress tag pop 1 igmp ingress ignore rewrite bridge domain 30 end Configuration Examples Example...

Страница 44: ... and 0 0 2 can bridge between each other Router Router config interface gigabitethernet0 1 Router config if service instance 1 Ethernet Router config if srv encapsulation dot1q 10 Router config if srv bridge domain 10 Router config interface gigabitethernet0 2 Router config if service instance 1 Ethernet Router config if srv encapsulation dot1q 10 Router config if srv bridge domain 10 Example for ...

Страница 45: ...up 2 Service instance 4 can forward traffic to any service instance in bridge domain 3000 since it has not joined any split horizon groups Router config interface gigabitethernet0 1 Router config if service instance 1 Ethernet Router config if srv encapsulation dot1q 10 Router config if srv rewrite ingress pop 1 symmetric Router config if srv bridge domain 3000 split horizon group 1 Router config ...

Страница 46: ...1q 20 Router config if srv bridge domain 19 Router config interface gigabitethernet0 2 Router config if service instance 2 Ethernet Router config if srv encapsulation dot1q 30 Router config if srv bridge domain 19 Router config interface gigabitethernet0 3 Router config if service instance 3 Ethernet Router config if srv encapsulation dot1q 10 second dot1q 20 Router config if srv rewrite ingress p...

Страница 47: ...tq 30 disable learning bridge domain 30 split horizon group 1 end Configuring Other Features on EFPs EFPs and EtherChannels You can configure EFP service instances on EtherChannel port channels but EtherChannels are not supported on ports configured with service instances Load balancing on port channels is based on the MAC address or IP address of the traffic flow on the EtherChannel interface Thi...

Страница 48: ... instance 10 ethernet xcon encapsulation dot1q 100 l2protocol forward cdp xconnect 4 3 2 1 12 encapsulation mpls Configuring IEEE 802 1Q Tunneling and Layer 2 Protocol Tunneling Using EFPs Tunneling is a feature used by service providers whose networks carry traffic of multiple customers and who are required to maintain the VLAN and Layer 2 protocol configurations of each customer without impactin...

Страница 49: ...uter config interface gigabitethernet0 2 Router config if service instance 2 Ethernet Router config if srv encapsulation dot1q 30 Router config if srv rewrite ingress tag pop 1 symmetric Router config if srv bridge domain 4000 For Customer A service instance 1 on Gigabit Ethernet 0 1 is configured with the VLAN encapsulations used by the customer C VLANs 1 100 These are forwarded on bridge domain ...

Страница 50: ...e domain Customer B Router config interface gigabitethernet0 3 Router config if service instance 1 Ethernet Router config if srv encapsulation dot1q 1 200 Router config if srv bridge domain 40 Router config interface gigabitethernet0 0 4 Router config if service instance trunk 2 Ethernet Router config if srv encapsulation dot1q 40 Router config if srv rewrite ingress tag pop 1 symmetric Router con...

Страница 51: ...rface with EVC Push and policy on EVC service instance 1 ethernet encapsulation untagged rewrite ingress tag push dot1q 10 service policy input policy dscp bridge domain 20 interface GigabitEthernet0 3 service instance 1 ethernet encapsulation dot1q 30 bridge domain 20 Example for Ingress Mapping of C CoS to C CoS In the following example both C CoS and S CoS are configured with CoS 4 The example ...

Страница 52: ... protocol packets with a special MAC address 0100 0CCD CDD0 and send them across the service provider network Core switches in the network do not process these packets but forward them as normal unknown multicast data packets Layer 2 protocol data units PDUs for the configured protocols cross the service provider network and are delivered to customer switches on the outbound side of the service pr...

Страница 53: ...arded over EoMPLS by enabling this command globally Note In figure below Customer X has four switches in the same VLAN which are connected through the service provider network If the network does not tunnel PDUs switches on the far ends of the network cannot properly run STP CDP and other Layer 2 protocols For example STP for a VLAN on a switch in Customer Carrier Ethernet Configuration Guide Cisc...

Страница 54: ...rvice provider network you can use Layer 2 protocol tunneling to enhance the creation of EtherChannels by emulating a point to point network topology When you enable protocol tunneling PAgP or LACP on the service provider switch remote customer switches receive the PDUs and can negotiate the automatic creation of EtherChannels Carrier Ethernet Configuration Guide Cisco ASR 920 Series 36 Ethernet V...

Страница 55: ...n untagged dot1q 200 second dot1q 300 Router config if srv l2protocol tunnel cdp stp vtp pagp lacp Router config if srv bridge domain 10 To enable tunneling of most Layer 2 protocol you must configure encapsulation untagged because Layer 2 protocol PDUs are usually untagged Note Layer 2 protocol tunneling statistics The following command is used to view the Layer 2 protocol tunneling statistics sh...

Страница 56: ...dge domain you can configure other types of Layer 2 ports such as EFP portss Switching functionalities such as MAC address learning flooding and forwarding to learned MAC addresses apply to all the Layer 2 ports including the pseudowire When a pseudowire is present in the same bridge domain as an EFP you cannot configure the EFP with the rewrite ingress tag pop 2 symmetric service instance configu...

Страница 57: ...c Router config if srv bridge domain 100 Router config interface bdi 100 Router config if ip address 20 1 1 1 255 255 255 255 EFPs and Trunk Port MAC Addresses Because forwarding can occur between EFPs and trunk ports MAC address movement can occur on learned addresses Addresses learned on EFPs will have the format of interface EFP ID for example gigabitethernet 0 0 1 EFP 1 When an address moves b...

Страница 58: ... bridge domain using existing IOS commands ip routing Ip multicast routing interface bdi 100 ip address 1 1 1 1 255 255 255 0 ip pim sparse mode Igmp version v3 interface GigabitEthernet0 1 service instance 1 ethernet encapsulation dot1q 33 rewrite ingress tag pop 1 symmetric bridge domain 100 service instance 2 ethernet encapsulation dot1q 55 rewrite ingress tag pop 1 symmetric bridge domain 100 ...

Страница 59: ...stance configuration mode service instance number ethernet name Step 3 The number is the EFP identifier an integer from 1 to 4000 Optional ethernet name is the name of a previously configured EVC You do not need to use an EVC name in a service instance CoS value encapsulation defines match criterion after including the CoS for the S Tag and the C Tag The CoS value is a single digit between 1 and 7...

Страница 60: ... frame with the destination MAC address is forwarded to the learned port When a MAC address moves to a different port the Layer 2 forwarding entry is updated with the corresponding port The router does not currently support the no mac address table learning bridge domain bridge id global configuration command Note Dynamic addresses are aged out if there is no frame from the host with the MAC addre...

Страница 61: ...ter MAC table Multicast static MAC addresses apply only to layer 2 traffic layer 3 multicast traffic is not affected by a static MAC configuration and is forwarded to all EFPs in a bridge domain Configuring a Static MAC Address SUMMARY STEPS 1 configure terminal 2 interface interface id 3 no ip address 4 no negotiation auto 5 service instance number ethernet name 6 encapsulation default dot1q prio...

Страница 62: ...ce instance Configure encapsulation type for the service instance encapsulation default dot1q priority tagged untagged Step 6 default Configure to match all unmatched packets Example Router config if srv encapsulation dot1q 100 dot1q Configure 802 1Q encapsulation See Table 2 Supported Encapsulation Types for details about options for this keyword priority tagged Specify priority tagged frames VLA...

Страница 63: ...nstance number ethernet name Example Rotuer config service instance 1 ethernet Step 3 The number is the EFP identifier an integer from 1 to 4000 Optional ethernet name is the name of a previously configured EVC You do not need to use an EVC name in a service instance Configure encapsulation type for the service instance encapsulation default dot1q priority tagged untagged Step 4 default Configure ...

Страница 64: ...100 mac static address 1302 4302 23c3 This configuration specifies that any layer 2 traffic sent to destination MAC address 1302 4302 23c3 is forwarded only to service instance 10 of bridge domain interface Gigabit Ethernet 0 0 3 To disable a static MAC configuration apply the mac static address address command to the service instance Router config interface gigabitethernet0 0 1 Router config if s...

Страница 65: ... split horizon group show bridge domain n split horizon group group_id all This command displays detailed service instance information including Layer 2 protocol information This is an example of the output Router show ethernet service instance detail Service Instance ID 1 Associated Interface Ethernet0 0 Associated EVC L2protocol tunnel pagp CE Vlans State Up EFP Statistics Pkts In Bytes In Pkts ...

Страница 66: ...s Maximum address limit 256000 GigabitEthernet0 0 0 service instance 1 Nile Mac Address Entries BD mac addr type ports 100 0000 bbbb cccc STATIC Gi0 0 0 Efp1 sh mac address table bdomain 100 Nile Mac Address Entries BD mac addr type ports 100 0000 bbbb cccc STATIC Gi0 0 0 Efp1 This is an example of output from the show ethernet service instance statistics command Router show ethernet service insta...

Страница 67: ...iption http www cisco com cisco web support index html The Cisco Support website provides extensive online resources including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies To receive security and technical information about your products you can subscribe to various services such as the Product Alert Tool accessed from Field Notice...

Страница 68: ...re image support To access Cisco Feature Navigator go to www cisco com go cfn An account on Cisco com is not required Table 4 Feature Information for Ethernet Virtual Connections Configuration Feature Information Releases Feature Name This feature was introduced on the Cisco ASR 920 Series Aggregation Services Router ASR 920 12CZ A ASR 920 12CZ D ASR 920 4SZ A ASR 920 4SZ D ASR 920 10SZ PD ASR 920...

Страница 69: ...5 Use Cases or Deployment Scenarios page 56 Additional References for EVC Local Connect page 57 Feature Information for EVC Local Connect page 58 Finding Feature Information Your software release may not support all the features documented in this module For the latest caveats and feature information see Bug Search Tool and the release notes for your platform and software release To find informati...

Страница 70: ...C local connect over Trunk is not supported Port based local connect is not supported Scaling Only 512 EVC Local connect sessions are supported Maximum is 2048 allocated for scale and this 2048 will be shared between L2VPN and Local connect Local connect shares Internal Bridge Domain space with L2VPN following changes are supported L2VPN counter will now be a combination of EOMPLS tunnels VPLS PW ...

Страница 71: ...figure terminal l2vpn xconnect context efp2 member GigabitEthernet0 1 6 service instance 1 member GigabitEthernet0 1 7 service instance 2 no shut end Configuring EVC Local Connect as Interworking VLAN Interworking VLAN is configured in the l2vpn xconnect command for local connect if the local connect member EFPs has encapsulation as default or untagged or vlan range Follow this procedure to config...

Страница 72: ...ce Group Encapsulation Prio St XC St Xconnect entry does not exist Verifying EVC Local Connect with Interworking VLAN show l2vpn service name test1 Legend St State XC St State in the L2VPN Service Prio Priority UP Up DN Down AD Admin Down IA Inactive SB Standby HS Hot Standby RV Recovering NH No Hardware m manually selected Interface Group Encapsulation Prio St XC St VPWS name test1 State UP Gi0 1...

Страница 73: ...C Local Connect Example Configuration Example for EVC Local Connect show run interface GigabitEthernet0 1 6 Building configuration Current configuration 142 bytes interface GigabitEthernet0 1 6 no ip address negotiation auto no keepalive service instance 1 ethernet encapsulation dot1q 10 end show run interface GigabitEthernet0 1 7 Building configuration Current configuration 142 bytes interface Gi...

Страница 74: ... instance 1 member GigabitEthernet0 3 7 service instance 1 Use Cases or Deployment Scenarios Ingress is VLAN list and Egress is fixed VLAN If you have the configuration where Ingress has encapsulations as a list of VLAN and Egress is a fixed VLAN You need to configure interworking VLAN in l2vpn xconnect command to enable local connect and the state of the connection to be UP A notification is disp...

Страница 75: ...ected Interface Group Encapsulation Prio St XC St VPWS name efp2 State UP Gi0 1 6 Gi0 1 6 1 Ethernet 0 UP UP Gi0 1 7 Gi0 1 7 5 Eth VLAN 0 UP UP Additional References for EVC Local Connect Related Documents Document Title Related Topic Cisco IOS Master Commands List All Releases Cisco IOS commands Standards and RFCs Title Standard RFC No specific Standards and RFCs are supported by the features in ...

Страница 76: ...ormation for EVC Local Connect The following table provides release information about the feature or features described in this module This table lists only the software release that introduced support for a given feature in a given software release train Unless noted otherwise subsequent releases of that software release train also support that feature Use Cisco Feature Navigator to find informat...

Страница 77: ... the OAM protocols to be used as an layer 2 BFD or line protocol for Ethernet interfaces Information about Ethernet Fault Detection page 59 Information about Ethernet Fault Detection Ethernet Fault Detection EFD is a mechanism that allows Ethernet OAM protocols such as CFM to control the line protocol state of an interface Unlike many other interface types Ethernet interfaces do not have a line pr...

Страница 78: ... longer any error it can signal to EFD and all protocols will once again go active Prerequisites for EFD EFD should be configured on only one side of the connection When both sides go down because of EFD CFM cannot be brought up as CFM frames are not sent by both the nodes EFD is supported on EFP port channel and port MEPs Limitations and Restrictions for EFD EFD is supported only on Down MEPs Whe...

Страница 79: ...eshold static rmep 8 efd notify g8032 9 efd line protocol 10 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Enters global configuration mode configure terminal Example Device configure terminal Step 2 Enables Ethernet CFM globally ethernet cfm global Example Device config ethernet cfm global Step 3 Enabl...

Страница 80: ...Device config ecfm srv continuity check interval 3 3ms Step 7 Enables CFM to notify registered protocols when a defect is detected or cleared which matches the current fault alarm priority efd notify g8032 Example Device config ecfm srv efd notify g8032 Step 8 Triggers line protocol action when the CFM error database is updated efd line protocol Example Device config ecfm srv efd line protocol Ste...

Страница 81: ...n of EFD Device show ethernet ser ins int g0 0 6 Identifier Type Interface State CE Vlans 2 Static GigabitEthernet0 0 6 ErrorDis Carrier Ethernet Configuration Guide Cisco ASR 920 Series 63 Using Ethernet Fault Detection Configuration Example for EFD ...

Страница 82: ...Carrier Ethernet Configuration Guide Cisco ASR 920 Series 64 Using Ethernet Fault Detection Configuration Example for EFD ...

Страница 83: ...ces with dot1q or dot1ad C UNI represents a demarcation point between a C VLAN space and an S VLAN space For purposes of CFM protocol processing a dot1q tunnel port is modeled as having two components a C VLAN component and an S VLAN component The C VLAN component processes double tagged packets from the relay function and single tagged packets from the wire The S VLAN component processes single t...

Страница 84: ...dot1q or dot1ad and the VID is equal to the port s access VLAN S VLAN The reason for this configuration is that the dot1q tunnel interface marks the endpoint of the S VLAN domain hence its associated S VLAN component should mark the endpoint of the CFM domain running over the S VLAN space C VLAN Component with Transparent CFM Support on C VLANs With the Transparent CFM support on C VLANs feature i...

Страница 85: ...nations Table 6 Rewrite Combinations Egress Port Ingress Port Ingress Frame POP1 No Rewrite Single Tag Translate 1 to 1 No Rewrite Double Tag Translate 1 to 1 Configuring Transparent CFM SUMMARY STEPS 1 enable 2 configure terminal 3 ethernet cfm global 4 ethernet cfm ieee 5 ethernet cfm domain domain name level level id 6 service MA name evc evc name vlan vlan id 7 continuity check 8 continuity ch...

Страница 86: ...d receiving of continuity check messages continuity check Step 7 Specifies the number of continuity check messages that are lost before CFM declares that a MEP is down unreachable Range is 2 to 255 Used in conjunction with interval continuity check interval cc interval Step 8 Configuring Transparent CFM on EFP SUMMARY STEPS 1 enable 2 configure terminal 3 interface gigabitethernet slot subslot por...

Страница 87: ...n interface for the appropriate service instance encapsulation dot1q vlan id Step 7 Use the second dot1q keyword and the vlan id argument to specify the VLAN tags to be terminated on the subinterface Configures transparent CFM transparent cfm Step 8 Binds a service instance to a bridge domain instance bridge domain domain number Step 9 Configures a CFM MEP domain ethernet cfm mep domain domain nam...

Страница 88: ...1s ethernet cfm logging ethernet evc evc1 interface TenGigabitEthernet0 0 3 no ip address negotiation auto service instance 1 ethernet evc1 encapsulation dot1q 10 transparent cfm bridge domain 4000 cfm mep domain MD2 mpid 100 interface TenGigabitEthernet0 0 5 no ip address negotiation auto service instance 1 ethernet evc1 encapsulation dot1q 20 rewrite ingress tag pop 1 symmetric bridge domain 400...

Страница 89: ...ransparently through the service to the other CPEs UNIs Benefits of VLAN Translation page 71 Configuring 1 1 VLAN Translation page 74 Configuring 2 1 VLAN Translation page 75 Configuring policy for ingress QoS page 76 Configuration Example for 1 1 VLAN Translation page 77 Configuration Example for 2 1 VLAN Translation page 78 Configuration Example for policing ingress QoS page 78 Configuration Ver...

Страница 90: ...gs can be replaced with other two tags The CoS field of the new tags is set to the same value as the CoS field of the incoming Q in Q outer and inner tag CoS service frame Scenarios showing VLAN Translation The following scenarios show the VLAN translation Scenario 1 1 1 VLAN Translation Figure 5 1 1 VLAN Translation In the scenario above t he broadcast or multicast from CPE1 has to be sent to CPE...

Страница 91: ... CPE2 and CPE3 ACs Limitations for VLAN Translation with QoS Only 1 1 and 2 1 translate rewrites are supported in Cisco IOS XE 3 17 release 1 2 and 2 2 translations are not supported Translate operation can only be applied to a unique tag matching service instance VLAN Translation is not supported on TEFP encapsulation untagged and BDI interfaces Any VLAN Translation with rewrite pop2 is not suppo...

Страница 92: ...an Ethernet service instance on the interface and enters Ethernet service configuration mode service instance id ethernet evc id Step 4 The Ethernet service instance identifier is a per interface service identifier and does not map to a VLAN Configures the encapsulation Defines the matching criteria that maps the ingress dot1q or untagged frames on an interface for the appropriate service instance...

Страница 93: ...interface number Step 3 Configures an Ethernet service instance on the interface and enters Ethernet service configuration mode service instance id ethernet evc id Step 4 The Ethernet service instance identifier is a per interface service identifier and does not map to a VLAN Configures the encapsulation Defines the matching criteria that maps the ingress dot1q or untagged frames on an interface f...

Страница 94: ...ervice instance id ethernet evc id 13 encapsulation dot1q vlan id second dot1q vlan id 14 rewrite ingress tag translate 2 to 1 dot1q vlan id symmetric 15 service policy input policy map name 16 bridge domain domain number 17 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Enter your password if prompted Enters global configuration mode configure terminal Ste...

Страница 95: ...ice instance identifier is a per interface service identifier and does not map to a VLAN Configures the encapsulation Defines the matching criteria that maps the ingress dot1q or untagged frames on an interface for the appropriate service instance encapsulation dot1q vlan id second dot1q vlan id Step 13 Use the second dot1q keyword and the vlan id argument to specify the VLAN tags to be terminated...

Страница 96: ...ric service policy input mark_cos3to6 bridge domain 1 Configuration Verifications for VLAN Translation with QoS The following sections show the configuration verifications for VLAN Translation with QoS Verifying the VLAN configuration The show running config interface number command displays and verifies the VLAN configuration show running config interface gigabitEthernet 0 0 5 interface GigabitEt...

Страница 97: ...rifying the QoS Labels The show platform hardware pp active feature qos label structs command displays the QoS labels in use show platform hardware pp active feature qos label structs PRINTING BIT LIST OF LABELS IN USE 0 3 8 15 125 127 Qos Label 1 Ref_count 1 Set_ref_count 1 edir 0 Label Key is as follows outer_dscp 0 inner_dscp 0 outer_cos 0 inner_cos 0 outer_cfi 0 inner_cfi 0 outer_exp 0 inner_e...

Страница 98: ...NA index 1 1 contiguous entries in same hw_handle aclType EGRESSCLASSIFY lookupTable NA index 2 1 contiguous entries in same hw_handle aclType EGRESSCLASSIFY lookupTable NA index 3 1 contiguous entries in same hw_handle aclType EGRESSCLASSIFY lookupTable NA index 4 1 contiguous entries in same hw_handle aclType EGRESSCLASSIFY lookupTable NA Verifying TCAM Index Details The show platform hardware p...

Страница 99: ...ing on Service Instances Bridge Domains and EVC Port Channels page 82 Information About MAC Address Limiting on Service Instances Bridge Domains and EVC Port Channels page 82 How to Configure MAC Address Limiting on Service Instances Bridge Domains and EVC Port Channels page 90 Configuration Examples for MAC Address Limiting on Service Instances and Bridge Domains and EVC Port Channels page 115 Ad...

Страница 100: ...omains An Ethernet virtual circuit EVC as defined by the Metro Ethernet Forum is a port level point to point or multipoint to multipoint Layer 2 circuit It is an end to end representation of a single instance of a Layer 2 service being offered by a provider to a customer An EVC embodies the different parameters on which the service is being offered A service instance is the instantiation of an EVC...

Страница 101: ... a permit list or dynamically learned MAC Address Permit List A permit list is a set of MAC addresses that are permitted on a service instance Permitted addresses permanently configured into the MAC address table of the service instance On a service instance that is a member of a bridge domain the operator is permitted to configure one or more permitted MAC addresses For each permitted address eli...

Страница 102: ...al of a frame with a source MAC address that is part of a deny list will trigger a violation response Before a denied address can be configured the following test is performed If the address is already configured as a permitted address on the specific service instance or if the address has been learned and saved as a sticky address on the service instance the configuration is rejected with an appr...

Страница 103: ...sses On a service instance that has MAC security enabled and that does not have the maximum number of MAC addresses configured the number of addresses allowed is one This means that if the service instance has an associated permit list that permit list can have only one address and no addresses are learned dynamically If the service instance does not have an associated permit list one MAC address ...

Страница 104: ...stance 2 is triggered If MAC security is not configured on service instance 2 and a violation response is not configured the shutdown response sequence is triggered on service instance 2 If MAC security is not enabled on service instance 1 the violation is not triggered service instance 2 learns the MAC address and moves it from service instance 1 For some platforms MAC address moves are allowed b...

Страница 105: ...G Support for the different types of violation responses depends on the capabilities of the platform The desired violation response can be configured on the service instance The configured violation response does not take effect unless and until MAC security is enabled using the mac security command MAC Address Aging Configuration A specific time scheduler can be set to age out secured MAC address...

Страница 106: ...configuration Doing this will ensure that when the device comes on all the MAC addresses learned dynamically previously are immediately populated into the MAC address table The mac security sticky address mac address command can configure a specific MAC address as a sticky MAC address The use of this command is not recommended for the user because configuring a MAC address as a static address does...

Страница 107: ...emoving a service instance from a bridge domain causes all the MAC security commands to be erased permanently Service Instance Shut Down Due to Violation All dynamically learned MAC addresses in the MAC address table are removed and all the other MAC security state values are left unchanged The only change is that no traffic is forwarded and therefore no learning can take place Interface Service I...

Страница 108: ...ure MAC addresses on the service instance to be removed from the MAC address table All new addresses learned become dynamic addresses on the service instance and are subject to aging How to Configure MAC Address Limiting on Service Instances Bridge Domains and EVC Port Channels Enabling MAC Security on a Service Instance Perform this task to enable MAC address security on a service instance SUMMAR...

Страница 109: ...ss dot1q frames on an interface to the appropriate service instance encapsulation dot1q vlan id Example Device config if srv encapsulation dot1q 100 Step 5 Binds the service instance to a bridge domain instance where bridge id is the identifier for the bridge domain instance bridge domain bridge id Example Device config if srv bridge domain 200 Step 6 Enables MAC security on the service instance m...

Страница 110: ...idge id 7 mac security 8 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Enters global configuration mode configure terminal Example Device configure terminal Step 2 Specifies the port channel group number and enters interface configuration mode interface port channel channel group Example Device config i...

Страница 111: ...n instance where bridge id is the identifier for the bridge domain instance bridge domain bridge id Example Device config if srv bridge domain 200 Step 6 Enables MAC security on the service instance mac security Example Device config if srv mac security Step 7 Returns to user EXEC mode end Example Device config if srv end Step 8 Configuring a MAC Address Permit List Perform this task to configure ...

Страница 112: ... configure terminal Step 2 Specifies the interface type and number and enters interface configuration mode interface type number Example Device config interface gigabitethernet2 0 1 Step 3 Creates a service instance an instance of an EVC on an interface and enters service instance configuration mode service instance id ethernet Example Device config if service instance 100 ethernet Step 4 Defines ...

Страница 113: ...nstance mac security address permit mac address Example Device config if srv mac security address permit a2aa aaaa aaac Step 9 Adds the specified MAC address as a permitted MAC address for the service instance mac security address permit mac address Example Device config if srv mac security address permit a2aa aaaa aaad Step 10 Adds the specified MAC address as a permitted MAC address for the serv...

Страница 114: ...ress deny mac address 11 mac security address deny mac address 12 mac security 13 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Enters global configuration mode configure terminal Example Device configure terminal Step 2 Specifies the interface type and number and enters interface configuration mode int...

Страница 115: ... address deny a2aa aaaa aaaa Step 7 Adds the specified MAC address as a denied MAC address for the service instance mac security address deny mac address Example Device config if srv mac security address deny a2aa aaaa aaab Step 8 Adds the specified MAC address as a denied MAC address for the service instance mac security address deny mac address Example Device config if srv mac security address d...

Страница 116: ...e domain SUMMARY STEPS 1 enable 2 configure terminal 3 bridge domain bridge id 4 mac limit maximum addresses maximum addresses 5 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Enters global configuration mode configure terminal Example Device configure terminal Step 2 Carrier Ethernet Configuration Guide...

Страница 117: ...AC addresses allowed on a service instance This number includes addresses added as part of a permit list as well as dynamically learned MAC addresses If the upper limit is decreased all learned MAC entries are removed SUMMARY STEPS 1 enable 2 configure terminal 3 interface type number 4 service instance id ethernet 5 encapsulation dot1q vlan id 6 bridge domain bridge id 7 mac security maximum addr...

Страница 118: ...e appropriate service instance encapsulation dot1q vlan id Example Device config if srv encapsulation dot1q 100 Step 5 Binds the service instance to a bridge domain instance where bridge id is the identifier for the bridge domain instance bridge domain bridge id Example Device config if srv bridge domain 200 Step 6 Sets the maximum number of secure addresses permitted on the service instance mac s...

Страница 119: ...ce instance id ethernet 5 encapsulation dot1q vlan id 6 bridge domain bridge id 7 Do one of the following mac security violation restrict mac security violation protect 8 mac security 9 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Enters global configuration mode configure terminal Example Device confi...

Страница 120: ...ge domain instance bridge domain bridge id Example Device config if srv bridge domain 100 Step 6 Sets the violation mode for Type 1 and 2 violations to restrict Do one of the following Step 7 mac security violation restrict or mac security violation protect Sets the violation mode for Type 1 and 2 violations to protect Example Device config if srv mac security violation restrict If a MAC security ...

Страница 121: ...y aging time aging time inactivity 8 mac security 9 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Enters global configuration mode configure terminal Example Device configure terminal Step 2 Specifies the interface type and number and enters interface configuration mode interface type number Example Dev...

Страница 122: ...onal inactivity keyword specifies that the aging out of mac security aging time aging time inactivity Step 7 addresses is based on inactivity of the sending hosts as opposed to absolute aging Example Device config if srv mac security aging time 200 inactivity Enables MAC security on the service instance mac security Example Device config if srv mac security Step 8 Returns to user EXEC mode end Exa...

Страница 123: ...figuration mode interface type number Example Device config interface gigabitethernet2 0 1 Step 3 Creates a service instance an instance of an EVC on an interface and enters service instance configuration mode service instance id ethernet Example Device config if service instance 100 ethernet Step 4 Defines the matching criteria to be used to map ingress dot1q frames on an interface to the appropr...

Страница 124: ... to user EXEC mode end Example Device config if srv end Step 9 Displaying the MAC Security Status of a Specific Service Instance Perform this task to display the MAC security status of a service instance SUMMARY STEPS 1 enable 2 show ethernet service instance id id interface type number mac security 3 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example D...

Страница 125: ...bled SUMMARY STEPS 1 enable 2 show ethernet service instance mac security 3 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Displays all the service instances with MAC security enabled show ethernet service instance mac security Example Device show ethernet service instance mac security Step 2 Returns to ...

Страница 126: ... all the service instances with MAC security enabled on a specific bridge domain show bridge domain id mac security Example Device show bridge domain 100 mac security Step 2 Returns to user EXEC mode end Example Device end Step 3 Showing the MAC Addresses of All Secured Service Instances SUMMARY STEPS 1 enable 2 show ethernet service instance mac security address 3 end Carrier Ethernet Configurati...

Страница 127: ...hernet service instance id id interface type number mac security address 3 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Displays the addresses of a specific service instance show ethernet service instance id id interface type number mac security address Example Device show ethernet service instance id ...

Страница 128: ... the service instances on a specified bridge domain show bridge domain id mac security address Example Device show bridge domain 100 mac security address Step 2 Returns to user EXEC mode end Example Device end Step 3 Showing the MAC Security Statistics of a Specific Service Instance This section describes how to display the MAC security statistics of a specific service instance Carrier Ethernet Co...

Страница 129: ...id 100 Step 2 interface gigabitethernet1 1 mac security statistics Returns to user EXEC mode end Example Device end Step 3 Showing the MAC Security Statistics of All Service Instances on a Specific Bridge Domain Perform this task to display the MAC security statistics of all the service instances on a specific bridge domain SUMMARY STEPS 1 enable 2 show bridge domain bridge id mac security statist...

Страница 130: ...Specific Bridge Domain Perform this task to display the last violation recorded on each service instance on a specific bridge domain Service instances on which there have been no violations are excluded from the output SUMMARY STEPS 1 enable 2 show bridge domain bridge id mac security last violation 3 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example D...

Страница 131: ...S 1 enable 2 clear ethernet service instance id id interface type number mac table 3 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Clears all the dynamically learned MAC addresses on the specified service instance clear ethernet service instance id id interface type number mac table Example Device clear...

Страница 132: ... Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Clears all dynamically learned MAC addresses on the specified bridge domain clear bridge domain bridge id mac table Example Device clear bridge domain 100 mac table Step 2 Returns to user EXEC mode end Example Device end Step 3 Carrier Ethernet Configuration Guide Cisco ASR 920 Series 114 Configuring ...

Страница 133: ...f srv mac security Device config if srv end Example Configuring a MAC Address Permit List The following example shows how to configure a MAC address permit list Device enable Device configure terminal Device config interface gigabitethernet 3 0 1 Device config if service instance 100 ethernet Device config if srv encapsulation dot1Q 100 Device config if srv bridge domain 100 Device config if srv m...

Страница 134: ...ddresses 1000 Device config bdomain end Example Configuring a MAC Address Limit on a Service Instance Device enable Device configure terminal Device config interface gigabitethernet 3 0 1 Device config if service instance 100 ethernet Device config if srv encapsulation dot1Q 100 Device config if srv bridge domain 100 Device config if srv mac security maximum addresses 10 Device config if srv mac s...

Страница 135: ...ACAddressesonaSpecificSecureServiceInstance Device show ethernet service instance id 10 inter gig 0 0 3 mac security address Bridge domain 10 MAC Address Type 0000 00ac ef02 static 0000 00ac ef03 static 0001 0001 aaaa dynamic 100 0001 0001 aaab dynamic 100 Example Displaying the Last Violation on a Specific Service Instance Device show bridge domain 100 mac security last violation Te0 0 3 ServInst...

Страница 136: ...ddresses 10 Te0 0 3 ServInst 200 bridge domain 100 Current secure addresses 0 Permitted addresses 1 Te0 0 3 ServInst 300 bridge domain 100 Current secure addresses 0 Permitted addresses 1 Example Displaying the MAC Addresses on All Service Instances for a Bridge Domain Router show bridge domain 10 mac security address Port MAC Address Type Gi0 0 3 ServInst 10 0000 00ac ef02 static Gi0 0 3 ServInst...

Страница 137: ... Provider Edge Device module in the Cisco IOS Carrier Ethernet Configuration Guide Ethernet Local Management Interface on a provider edge device IP SLAs for Metro Ethernet IP SLAs for Metro Ethernet NSF SSO MPLS LDP and LDP Graceful Restart NSF SSO and MPLS Cisco IOS Broadband High Availability In Service Software Upgrade ISSU feature and functions Cisco IOS In Service Software Upgrade Process and...

Страница 138: ...troubleshoot and resolve technical issues with Cisco products and technologies Access to most tools on the Cisco Support and Documentation website requires a Cisco com user ID and password Feature Information for MAC Address Limiting on Service Instances Bridge Domains and EVC Port Channels The following table provides release information about the feature or features described in this module This...

Страница 139: ...tion Releases Feature Name This feature was introduced on the Cisco ASR 920 Series Aggregation Services Router ASR 920 12CZ A ASR 920 12CZ D ASR 920 4SZ A ASR 920 4SZ D Cisco IOS XE Release 3 13 0S MAC Address Limiting on Service Instances Bridge Domains and EVC Port Channels Carrier Ethernet Configuration Guide Cisco ASR 920 Series 121 Configuring MAC Address Limiting on Service Instances Bridge ...

Страница 140: ...ion Guide Cisco ASR 920 Series 122 Configuring MAC Address Limiting on Service Instances Bridge Domains and EVC Port Channels Feature Information for MAC Address Limiting on Service Instances Bridge Domains and EVC Port Channels ...

Страница 141: ...olating and responding to a failure becomes mandatory for normal day to day operations and OAM translates directly to the competitiveness of the service provider As an alternative CFM can be configured over an Ethernet flow point EFP interface by using the cross connect functionality For more information about this alternative see Configuring the CFM over EFP Interface with Cross Connect Feature N...

Страница 142: ...Restrictions for Configuring Ethernet CFM in a Service Provider Network CFM loopback messages will not be confined within a maintenance domain according to their maintenance level The impact of not having CFM loopback messages confined to their maintenance levels occurs at these levels Architecture CFM layering is violated for loopback messages Deployment A user may potentially misconfigure a netw...

Страница 143: ...to distinct organizations or departments are substantially larger and more complex and have a wider user base Ethernet CFM provides a competitive advantage to service providers for which the operational management of link uptime and timeliness in isolating and responding to failures is crucial to daily operations Benefits of Ethernet CFM End to end service level OAM technology Reduced operating ex...

Страница 144: ...domain A unique maintenance level in the range of 0 to 7 is assigned to each domain by a network administrator Levels and domain names are useful for defining the hierarchical relationship that exists among domains The hierarchical relationship of domains parallels the structure of customer service provider and operator The Carrier Ethernet Configuration Guide Cisco ASR 920 Series 126 Configuring ...

Страница 145: ...Furthermore the customer has its own end to end domain which is in turn a superset of the service provider domain Maintenance levels of various nesting domains should be communicated among the administering organizations For example one approach would be to have the service provider assign maintenance levels to operators CFM exchanges messages and performs operations on a per domain basis For exam...

Страница 146: ...sages at a fixed rate of 500 frames per second Note Dowm MEP A down MEP sends and receives CFM frames through the wire connected to the port on which the MEP is configured It drops all CFM frames at its level or lower that come from the relay side For CFM frames from the wire side it processes all CFM frames at its level and drops CFM frames at lower levels except traffic going to the other lower ...

Страница 147: ... through the relay function not via the wire connected to the port on which the MEP is configured Drops all CFM frames at its level or lower level that come from the direction of the wire Processes all CFM frames at its level coming from the direction of the relay function Drops all CFM frames at a lower level coming from the direction of the relay function Transparently forwards all CFM frames at...

Страница 148: ...ntenance domain level and for all S VLANs enabled or allowed on a port Internal to a domain not at the boundary CFM frames received from MEPs and other MIPs are cataloged and forwarded using both the wire and the relay function All CFM frames at a lower level are stopped and dropped independent of whether they originate from the wire or relay function All CFM frames at a higher level are forwarded...

Страница 149: ...y allow MEPs to discover other MEPs within a domain and allow MIPs to discover MEPs CCMs are confined to a domain and S VLAN CFM CCMs have the following characteristics Transmitted at a configurable periodic interval by MEPs The interval can be from 10 seconds to 65535 seconds the default is 30 Contain a configurable hold time value to indicate to the receiver the validity of the message The defau...

Страница 150: ... limit propagation within the network They can be generated on demand using the CLI Traceroute messages are multicast reply messages are unicast Cross Check Function The cross check function is a timer driven post provisioning service verification between dynamically discovered MEPs via CCMs and expected MEPs via configuration for a service The cross check function verifies that all endpoints of a...

Страница 151: ...across the CFM domain CFM over Bridge Domains Connectivity Fault Management CFM over bridge domains allows untagged CFM packets to be associated with a maintenance end point MEP An incoming untagged customer CFM packet has an EtherType of CFM and is mapped to an Ethernet virtual circuit EVC or bridge domain based on the encapsulation configured on the Ethernet flow point EFP The EFP is configured ...

Страница 152: ...tors service providers network operations centers NOCs and customer service centers Understanding of the type and scale of services to be offered Agreement by all organizational entities on the responsibilities roles and restrictions for each organizational entity Determination of the number of maintenance domains in the network Determination of the nesting and disjoint maintenance domains Assignm...

Страница 153: ...west service provider level domain assign service provider MIPs at the NNI between operators if more than one Proceed to next higher service provider level and assign MIPs A port with a MIP at a lower level cannot have maintenance points at a higher level A port with a MEP at a lower level should not have either a MIP or a MEP at a higher level Follow these steps Determine service provider MEPs St...

Страница 154: ... network with a service provider and two operators A and B Three domains are to be established to map to each operator and the service provider In this example for simplicity we assume that the network uses Ethernet transport end to end CFM however can be used with other transports What to Do Next After you have defined the Ethernet CFM domains configure Ethernet CFM functionality by first provisi...

Страница 155: ...ernet cfm traceroute cache size entries 13 ethernet cfm traceroute cache hold time minutes 14 snmp server enable traps ethernet cfm cc mep up mep down config loop cross connect 15 snmp server enable traps ethernet cfm crosscheck mep unknown mep missing service up 16 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if ...

Страница 156: ...meters and sets the interval at which CCMs are transmitted continuity check interval cc interval Example Device config ecfm srv continuity check interval 10s Step 6 Returns to Ethernet connectivity fault management configuration mode exit Example Device config ecfm srv exit Step 7 Sets the amount of time that data from a missing MEP is kept in the continuity check database or that entries are held...

Страница 157: ...nts snmp server enable traps ethernet cfm cc mep up mep down config loop cross connect Example Device config snmp server enable traps ethernet Step 14 cfm cc mep up mep down config loop cross connect Enables SNMP trap generation for Ethernet CFM continuity check events in relation to the cross check snmp server enable traps ethernet cfm crosscheck mep unknown mep missing service up Step 15 operati...

Страница 158: ...id ethernet evc name 16 encapsulation encapsulation type 17 bridge domain bridge id 18 cfm mip level level 19 exit 20 exit 21 snmp server enable traps ethernet cfm cc mep up mep down config loop cross connect 22 snmp server enable traps ethernet cfm crosscheck mep unknown mep missing service up 23 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Devic...

Страница 159: ...nterval cc interval Example Device config ecfm srv continuity check interval 10s Step 6 Returns to Ethernet connectivity fault management configuration mode exit Example Device config ecfm srv exit Step 7 Sets the amount of time that data from a missing MEP is kept in the continuity check database or that entries are held in the error database before they are purged mep archive hold time minutes E...

Страница 160: ...s Ethernet service configuration mode service instance id ethernet evc name Example Device config if service instance 333 ethernet evc1 Step 15 Sets the encapsulation method used by the interface encapsulation encapsulation type Example Device config if srv encapsulation dot1q 5 Step 16 Binds a service instance to a bridge domain instance bridge domain bridge id Example Device config if srv bridge...

Страница 161: ...ration for Ethernet CFM mep unknown mep missing and service up continuity snmp server enable traps ethernet cfm crosscheck mep unknown mep missing service up Step 22 check events in relation to the cross check operation Example Device config snmp server enable traps ethernet between statically configured MEPs and those learned via CCMs cfm crosscheck mep unknown mep missing service up Returns to p...

Страница 162: ...id 15 cfm mip level level 16 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Enters global configuration mode configure terminal Example Device configure terminal Step 2 Defines a CFM maintenance domain at a particular maintenance level and enters Ethernet CFM configuration mode ethernet cfm domain domain...

Страница 163: ...nectivity fault management configuration mode exit Example Device config ecfm srv exit Step 7 Sets the amount of time that data from a missing MEP is kept in the continuity check database or that entries are held in the error database before they are purged mep archive hold time minutes Example Device config ecfm mep archive hold time 65 Step 8 Returns the CLI to global configuration mode exit Exa...

Страница 164: ...nfig if srv encapsulation dot1q 5 Step 13 Binds a service instance to a bridge domain instance bridge domain bridge id Example Device config if srv bridge domain 100 Step 14 Creates a MIP and sets the maintenance level number cfm mip level level Example Device config if srv cfm mip level 4 Step 15 Returns to privileged EXEC mode end Example Device config if end Step 16 Carrier Ethernet Configurati...

Страница 165: ...14 encapsulation encapsulation type 15 bridge domain bridge id 16 cfm mip level level 17 exit 18 exit 19 snmp server enable traps ethernet cfm cc mep up mep down config loop cross connect 20 snmp server enable traps ethernet cfm crosscheck mep unknown mep missing service up 21 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your p...

Страница 166: ...ce parameters and sets the interval at which CCMs are transmitted continuity check interval cc interval Example Device config ecfm srv continuity check interval 10s Step 6 Returns to Ethernet connectivity fault management configuration mode exit Example Device config ecfm srv exit Step 7 Enables CFM processing globally on the device ethernet cfm global Example Device config ethernet cfm global Ste...

Страница 167: ...hernet evc1 Step 13 Sets the encapsulation method used by the interface encapsulation encapsulation type Example Device config if srv encapsulation dot1q 5 Step 14 Binds a service instance to a bridge domain instance bridge domain bridge id Example Device config if srv bridge domain 100 Step 15 Creates a MIP and sets the maintenance level number cfm mip level level Example Device config if srv cfm...

Страница 168: ... unknown mep missing service up Returns to privileged EXEC mode end Example Device config end Step 21 Provisioning the Network on the CE B SUMMARY STEPS 1 enable 2 configure terminal 3 ethernet cfm domain domain name level level id 4 service short ma name evc evc name vlan vlanid direction down 5 continuity check 6 continuity check interval cc interval 7 exit 8 mep archive hold time minutes 9 exit...

Страница 169: ...igures the transmission of continuity check messages CCMs continuity check Example Device config ecfm srv continuity check Step 5 Configures the per service parameters and sets the interval at which CCMs are transmitted continuity check interval cc interval Example Device config ecfm srv continuity check interval 10s Step 6 Returns to Ethernet connectivity fault management configuration mode exit ...

Страница 170: ...CFM mep up mep down config loop and cross connect events snmp server enable traps ethernet cfm cc mep up mep down config loop cross connect Example Device config snmp server enable traps ethernet cfm cc mep up mep down config loop cross connect Step 14 Enables SNMP trap generation for Ethernet CFM mep unknown mep missing and service up continuity snmp server enable traps ethernet cfm crosscheck me...

Страница 171: ...id ethernet evc name 16 encapsulation encapsulation type 17 bridge domain bridge id 18 cfm mip level level 19 exit 20 exit 21 snmp server enable traps ethernet cfm cc mep up mep down config loop cross connect 22 snmp server enable traps ethernet cfm crosscheck mep unknown mep missing service up 23 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Devic...

Страница 172: ...nterval cc interval Example Device config ecfm srv continuity check interval 10s Step 6 Returns to Ethernet connectivity fault management configuration mode exit Example Device config ecfm srv exit Step 7 Sets the amount of time that data from a missing MEP is kept in the continuity check database or that entries are held in the error database before they are purged mep archive hold time minutes E...

Страница 173: ...rvice instance id ethernet evc name Example Device config if service instance 333 ethernet evc1 Step 15 Sets the encapsulation method used by the interface encapsulation encapsulation type Example Device config if srv encapsulation dot1q 5 Step 16 Binds a service instance to a bridge domain instance bridge domain bridge id Example Device config if srv bridge domain 100 Step 17 Creates a MIP and se...

Страница 174: ...sscheck mep unknown mep missing service up between statically configured MEPs and those learned via CCMs Returns to privileged EXEC mode end Example Device config end Step 23 Provisioning the Network on the PE AGG B SUMMARY STEPS 1 enable 2 configure terminal 3 ethernet cfm domain domain name level level id 4 service short ma name evc evc name vlan vlanid direction down 5 continuity check 6 contin...

Страница 175: ...igures the transmission of continuity check messages CCMs continuity check Example Device config ecfm srv continuity check Step 5 Configures the per service parameters and sets the interval at which CCMs are transmitted continuity check interval cc interval Example Device config ecfm srv continuity check interval 10s Step 6 Returns to Ethernet connectivity fault management configuration mode exit ...

Страница 176: ... 333 ethernet evc1 Step 12 Sets the encapsulation method used by the interface encapsulation encapsulation type Example Device config if srv encapsulation dot1q 5 Step 13 Binds a service instance to a bridge domain instance bridge domain bridge id Example Device config if srv bridge domain 100 Step 14 Creates a MIP and sets the maintenance level number cfm mip level level Example Device config if ...

Страница 177: ...id ethernet evc name 16 encapsulation encapsulation type 17 bridge domain bridge id 18 cfm mip level level 19 exit 20 exit 21 snmp server enable traps ethernet cfm cc mep up mep down config loop cross connect 22 snmp server enable traps ethernet cfm crosscheck mep unknown mep missing service up 23 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Devic...

Страница 178: ...nterval cc interval Example Device config ecfm srv continuity check interval 10s Step 6 Returns to Ethernet connectivity fault management configuration mode exit Example Device config ecfm srv exit Step 7 Sets the amount of time that data from a missing MEP is kept in the continuity check database or that entries are held in the error database before they are purged mep archive hold time minutes E...

Страница 179: ...rvice instance id ethernet evc name Example Device config if service instance 333 ethernet evc1 Step 15 Sets the encapsulation method used by the interface encapsulation encapsulation type Example Device config if srv encapsulation dot1q 5 Step 16 Binds a service instance to a bridge domain instance bridge domain bridge id Example Device config if srv bridge domain 100 Step 17 Creates a MIP and se...

Страница 180: ... cross check operation Example Device config snmp server enable traps ethernet cfm crosscheck mep unknown mep missing service up between statically configured MEPs and those learned via CCMs Returns to privileged EXEC mode end Example Device config end Step 23 Provisioning Service Provisioning Service on the CE A Perform this task to set up service for Ethernet CFM Optionally when this task is com...

Страница 181: ...ulation type 17 bridge domain bridge id 18 cfm mep domain domain name mpid id 19 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Enters global configuration mode configure terminal Example Device configure terminal Step 2 Defines a CFM maintenance domain at a particular maintenance level and enters Ethern...

Страница 182: ...t Step 7 Sets the amount of time that data from a missing MEP is kept in the continuity check database or that entries are held in the error database before they are purged mep archive hold time minutes Example Device config ecfm mep archive hold time 60 Step 8 Returns to global configuration mode exit Example Device config ecfm exit Step 9 Enables CFM processing globally on the device ethernet cf...

Страница 183: ...evice config if service instance 333 ethernet evc1 Step 15 Sets the encapsulation method used by the interface encapsulation encapsulation type Example Device config if srv encapsulation dot1q 5 Step 16 Binds a service instance to a bridge domain instance bridge domain bridge id Example Device config if srv bridge domain 100 Step 17 Configures the MEP domain and the ID cfm mep domain domain name m...

Страница 184: ...s 14 interface type number 15 service instance id ethernet evc name 16 encapsulation encapsulation type 17 bridge domain bridge id 18 cfm mep domain domain name mpid id 19 exit 20 exit 21 interface type number 22 service instance id ethernet evc name 23 encapsulation encapsulation type 24 bridge domain bridge id 25 cfm mip level level 26 end DETAILED STEPS Purpose Command or Action Enables privile...

Страница 185: ...ty check Step 5 Configures the per service parameters and sets the interval at which CCMs are transmitted continuity check interval cc interval Example Device config ecfm srv continuity check interval 10s Step 6 Returns to Ethernet connectivity fault management configuration mode exit Example Device config ecfm srv exit Step 7 Sets the amount of time that data from a missing MEP is kept in the con...

Страница 186: ...ep 14 Configures an Ethernet service instance on an interface and enters Ethernet service configuration mode service instance id ethernet evc name Example Device config if service instance 333 ethernet evc1 Step 15 Sets the encapsulation method used by the interface encapsulation encapsulation type Example Device config if srv encapsulation dot1q 5 Step 16 Binds a service instance to a bridge doma...

Страница 187: ... Step 22 Sets the encapsulation method used by the interface encapsulation encapsulation type Example Device config if srv encapsulation dot1q 5 Step 23 Binds a service instance to a bridge domain instance bridge domain bridge id Example Device config if srv bridge domain 100 Step 24 Creates a MIP and sets the maintenance level number cfm mip level level Example Device config if srv cfm mip level ...

Страница 188: ... your password if prompted Enters global configuration mode configure terminal Example Device configure terminal Step 2 Defines a CFM maintenance domain at a particular maintenance level and enters Ethernet CFM configuration mode ethernet cfm domain domain name level level id Example Device config ethernet cfm domain Customer level 7 Step 3 Configures a maintenance association within a maintenance...

Страница 189: ...de exit Example Device config ecfm exit Step 9 Enables CFM processing globally on the device ethernet cfm global Example Device config ethernet cfm global Step 10 Specifies an interface and enters interface configuration mode interface type number Example Device config interface gigabitethernet0 0 2 Step 11 Configures an Ethernet service instance on an interface and enters Ethernet service configu...

Страница 190: ... Example Device config if srv cfm mip level 4 Step 15 Returns to privileged EXEC mode end Example Device config if srv end Step 16 Carrier Ethernet Configuration Guide Cisco ASR 920 Series 172 Configuring Ethernet Connectivity Fault Management in a Service Provider Network Configuring Ethernet CFM ...

Страница 191: ...s 14 interface type number 15 service instance id ethernet evc name 16 encapsulation encapsulation type 17 bridge domain bridge id 18 cfm mip level level 19 exit 20 exit 21 interface type number 22 service instance id ethernet evc name 23 encapsulation encapsulation type 24 bridge domain bridge id 25 cfm mep domain domain name mpid id 26 end DETAILED STEPS Purpose Command or Action Enables privile...

Страница 192: ...ty check Step 5 Configures the per service parameters and sets the interval at which CCMs are transmitted continuity check interval cc interval Example Device config ecfm srv continuity check interval 10s Step 6 Returns to Ethernet connectivity fault management configuration mode exit Example Device config ecfm srv exit Step 7 Sets the amount of time that data from a missing MEP is kept in the con...

Страница 193: ...0 2 Step 14 Configures an Ethernet service instance on an interface and enters Ethernet service configuration mode service instance id ethernet evc name Example Device config if service instance 333 ethernet evc1 Step 15 Sets the encapsulation method used by the interface encapsulation encapsulation type Example Device config if srv encapsulation dot1q 5 Step 16 Binds a service instance to a bridg...

Страница 194: ...lation method used by the interface encapsulation encapsulation type Example Device config if srv encapsulation dot1q 5 Step 23 Binds a service instance to a bridge domain instance bridge domain bridge id Example Device config if srv bridge domain 100 Step 24 Configures the MEP domain and the ID cfm mep domain domain name mpid id Example Device config if srv cfm mep domain L4 mpid 4001 Step 25 Ret...

Страница 195: ...psulation encapsulation type 17 bridge domain bridge id 18 cfm mep domain domain name mpid id 19 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Enters global configuration mode configure terminal Example Device configure terminal Step 2 Defines a CFM maintenance domain at a particular maintenance level a...

Страница 196: ...t Step 7 Sets the amount of time that data from a missing MEP is kept in the continuity check database or that entries are held in the error database before they are purged mep archive hold time minutes Example Device config ecfm mep archive hold time 60 Step 8 Returns to global configuration mode exit Example Device config ecfm exit Step 9 Enables CFM processing globally on the device ethernet cf...

Страница 197: ...evice config if service instance 333 ethernet evc1 Step 15 Sets the encapsulation method used by the interface encapsulation encapsulation type Example Device config if srv encapsulation dot1q 5 Step 16 Binds a service instance to a bridge domain instance bridge domain bridge id Example Device config if srv bridge domain 100 Step 17 Configures the MEP domain and the ID cfm mep domain domain name m...

Страница 198: ...s 14 interface type number 15 service instance id ethernet evc name 16 encapsulation encapsulation type 17 bridge domain bridge id 18 cfm mip level level 19 exit 20 exit 21 interface type number 22 service instance id ethernet evc name 23 encapsulation encapsulation type 24 bridge domain bridge id 25 cfm mep domain domain name mpid id 26 end DETAILED STEPS Purpose Command or Action Enables privile...

Страница 199: ...ty check Step 5 Configures the per service parameters and sets the interval at which CCMs are transmitted continuity check interval cc interval Example Device config ecfm srv continuity check interval 10s Step 6 Returns to Ethernet connectivity fault management configuration mode exit Example Device config ecfm srv exit Step 7 Sets the amount of time that data from a missing MEP is kept in the con...

Страница 200: ...0 2 Step 14 Configures an Ethernet service instance on an interface and enters Ethernet service configuration mode service instance id ethernet evc name Example Device config if service instance 333 ethernet evc1 Step 15 Sets the encapsulation method used by the interface encapsulation encapsulation type Example Device config if srv encapsulation dot1q 5 Step 16 Binds a service instance to a bridg...

Страница 201: ...22 Sets the encapsulation method used by the interface encapsulation encapsulation type Example Device config if srv encapsulation dot1q 5 Step 23 Binds a service instance to a bridge domain instance bridge domain bridge id Example Device config if srv bridge domain 100 Step 24 Configures the MEP domain and the ID cfm mep domain domain name mpid id Example Device config if srv cfm mep domain L4 mp...

Страница 202: ... your password if prompted Enters global configuration mode configure terminal Example Device configure terminal Step 2 Defines a CFM maintenance domain at a particular maintenance level and enters Ethernet CFM configuration mode ethernet cfm domain domain name level level id Example Device config ethernet cfm domain Customer level 7 Step 3 Configures a maintenance association within a maintenance...

Страница 203: ...de exit Example Device config ecfm exit Step 9 Enables CFM processing globally on the device ethernet cfm global Example Device config ethernet cfm global Step 10 Specifies an interface and enters interface configuration mode interface type number Example Device config interface gigabitethernet0 0 2 Step 11 Configures an Ethernet service instance on an interface and enters Ethernet service configu...

Страница 204: ... Example Device config if srv cfm mip level 4 Step 15 Returns to privileged EXEC mode end Example Device config if srv end Step 16 Carrier Ethernet Configuration Guide Cisco ASR 920 Series 186 Configuring Ethernet Connectivity Fault Management in a Service Provider Network Configuring Ethernet CFM ...

Страница 205: ...s 14 interface type number 15 service instance id ethernet evc name 16 encapsulation encapsulation type 17 bridge domain bridge id 18 cfm mip level level 19 exit 20 exit 21 interface type number 22 service instance id ethernet evc name 23 encapsulation encapsulation type 24 bridge domain bridge id 25 cfm mep domain domain name mpid id 26 end DETAILED STEPS Purpose Command or Action Enables privile...

Страница 206: ...ty check Step 5 Configures the per service parameters and sets the interval at which CCMs are transmitted continuity check interval cc interval Example Device config ecfm srv continuity check interval 10s Step 6 Returns to Ethernet connectivity fault management configuration mode exit Example Device config ecfm srv exit Step 7 Sets the amount of time that data from a missing MEP is kept in the con...

Страница 207: ...0 2 Step 14 Configures an Ethernet service instance on an interface and enters Ethernet service configuration mode service instance id ethernet evc name Example Device config if service instance 333 ethernet evc1 Step 15 Sets the encapsulation method used by the interface encapsulation encapsulation type Example Device config if srv encapsulation dot1q 5 Step 16 Binds a service instance to a bridg...

Страница 208: ...e bridge domain bridge id Example Device config if srv bridge domain 100 Step 24 Configures the MEP domain and the ID cfm mep domain domain name mpid id Example Device config if srv cfm mep domain L4 mpid 4001 Step 25 Returns to privileged EXEC mode end Example Device config if srv end Step 26 Configuring and Enabling the Cross Check Function Configuring and Enabling Cross Checking for an Inward F...

Страница 209: ...rnet CFM configuration mode ethernet cfm domain domain name level level id Example Device config ethernet cfm domain ServiceProvider level 4 Step 3 Statically defines a remote MEP on a specified VLAN within the domain mep crosscheck mpid id vlan vlan id mac mac address Example Device config ether cfm mep crosscheck mpid 402 vlan 100 Step 4 Returns to global configuration mode exit Example Device c...

Страница 210: ...ward facing MEP U PE A U PE A U PEA ethernet cfm mep crosscheck enable level 4 vlan 100 Configuring and Enabling Cross Checking for an Inward Facing MEP on the U PE B Perform this task to configure and enable cross checking for an inward facing MEP This task requires you to configure and enable cross checking on two devices This task is optional SUMMARY STEPS 1 enable 2 configure terminal 3 ethern...

Страница 211: ... 4 Returns to global configuration mode exit Example Device config ether cfm exit Step 5 Configures the maximum amount of time that the device waits for remote MEPs to come up before the cross check operation is started ethernet cfm mep crosscheck start delay delay Example Device config ethernet cfm mep crosscheck start delay 60 Step 6 Returns to privileged EXEC mode exit Example Device config exi...

Страница 212: ...m mep crosscheck start delay delay 7 exit 8 ethernet cfm mep crosscheck enable disable level level id level id level id level id level id vlan vlan id any vlan id vlan id vlan id vlan id DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Enters global configuration mode configure terminal Example Device configur...

Страница 213: ... between MEPs ethernet cfm mep crosscheck enable disable level level id level id level id level id level id vlan vlan id any vlan id vlan id vlan id vlan id Step 8 Example Device ethernet cfm mep crosscheck enable level 7 vlan 100 Configuring and Enabling Cross Checking for an Outward Facing MEP on the CE B SUMMARY STEPS 1 enable 2 configure terminal 3 ethernet cfm domain domain name level level i...

Страница 214: ... 401 vlan 100 Step 4 Returns to global configuration mode exit Example Device config ether cfm exit Step 5 Configures the maximum amount of time that the device waits for remote MEPs to come up before the cross check operation is started ethernet cfm mep crosscheck start delay delay Example Device config ethernet cfm mep crosscheck start delay 60 Step 6 Returns to privileged EXEC mode exit Example...

Страница 215: ...ddress 16 service instance id ethernet evc id 17 encapsulation dot1q vlan id 18 bridge domain bridge id 19 cfm mep domain domain name mpid mpid value 20 end 21 configure terminal 22 interface type name 23 no ip address 24 ethernet cfm mip level level id 25 service instance id ethernet evc id 26 encapsulation dot1q vlan id 27 bridge domain bridge id 28 cfm mep domain domain name mpid mpid value 29 ...

Страница 216: ... cfm service customer_100 evc evc_100 Step 4 Returns to global configuration mode exit Example Device config ether cfm exit Step 5 Defines a CFM maintenance domain at a particular level and enters Ethernet CFM configuration mode ethernet cfm domain domain name level level id Example Device config ethernet cfm domain MIP level 7 Step 6 Returns to global configuration mode exit Example Device config...

Страница 217: ... evc name Example Device config ethernet evc evc_100 Step 12 Returns to global configuration mode exit Example Device config evc exit Step 13 Specifies an interface and enters interface configuration mode interface type number Example Device config interface gigabitethernet0 0 1 Step 14 Disables IP processing no ip address Example Device config if no ip address Step 15 Specifies an Ethernet servic...

Страница 218: ...EXEC mode end Example Device config if srv end Step 20 Enters global configuration mode configure terminal Example Device configure terminal Step 21 Specifies an interface and enters interface configuration mode interface type name Example Device config interface gigabitethernet0 0 1 Step 22 Disables IP processing no ip address Example Device config if no ip address Step 23 Provisions a MIP at a s...

Страница 219: ...mpid mpid value Example Device config if srv cfm mep domain PROVIDER inward mpid 201 Step 28 Returns to privileged EXEC mode end Example Device config if srv end Step 29 Enters global configuration mode configure terminal Example Device configure terminal Step 30 Globally enables transmission of CCMs ethernet cfm cc enable level level id evc evc name Example Device config ethernet cfm cc enable le...

Страница 220: ...next lower maintenance domain and repeat these four steps at that maintenance domain level Repeat the first four steps as needed to identify and correct the fault Configuring Ethernet OAM Interaction with CFM For Ethernet OAM to function with CFM you must configure an EVC and the OAM manager and associate the EVC with CFM Additionally you must use an inward facing MEP when you want interaction wit...

Страница 221: ...iguration mode configure terminal Example Device configure terminal Step 2 Defines a CFM domain sets the domain level and enters Ethernet CFM configuration mode ethernet cfm domain domain name level level id direction outward Example Device config ethernet cfm domain cstmr1 level 3 Step 3 Defines a universally unique customer service instance CSI and VLAN ID within the maintenance domain service c...

Страница 222: ...ep 9 Returns to privileged EXEC mode end Example Device config end Step 10 Enabling Ethernet OAM The order in which the global and interface configuration commands are issued determines the configuration The last command that is issued has precedence Perform this task to enable Ethernet OAM on a device or on an interface SUMMARY STEPS 1 enable 2 configure terminal 3 interface type number 4 etherne...

Страница 223: ...rate 50 Returns to privileged EXEC mode end Example Device config if end Step 5 Configuration Examples for Configuring Ethernet CFM in a Service Provider Network Example Provisioning a Network This configuration example shows only CFM related commands All commands that are required to set up the data path and configure the VLANs on the device are not shown However it should be noted that CFM traff...

Страница 224: ...g mep unknown service up PE AGG A ethernet cfm domain OperatorA level 1 mep archive hold time 65 ethernet cfm global interface gigabitethernet0 0 2 ethernet cfm mip level 1 interface gigabitethernet0 0 2 ethernet cfm mip level 1 N PE A ethernet cfm domain ServiceProvider level 4 mep archive hold time 60 ethernet cfm domain OperatorA level 1 mep archive hold time 65 ethernet cfm global ethernet cfm...

Страница 225: ...thernet0 0 2 ethernet cfm mip level 2 snmp server enable traps ethernet cfm cc mep up mep down cross connect loop config snmp server enable traps ethernet cfm crosscheck mep missing mep unknown service up CE B ethernet cfm domain Customer level 7 ethernet cfm global ethernet cfm traceroute cache ethernet cfm traceroute cache size 200 ethernet cfm traceroute cache hold time 60 ethernet cfm cc level...

Страница 226: ...ip level 1 ethernet cfm cc enable level 4 vlan 100 ethernet cfm cc enable level 1 vlan 100 ethernet cfm cc level any vlan any interval 20 loss threshold 3 PE AGG A ethernet cfm domain OperatorA level 1 mep archive hold time 65 service MetroCustomer10pA evc evc1 vlan 100 ethernet cfm global interface gigabitethernet0 0 2 use an appropriate device specific interface ethernet cfm mip level 1 interfac...

Страница 227: ...ustomer10pB evc evc1 vlan 100 ethernet cfm global interface gigabitethernet0 0 2 use an appropriate device specific interface ethernet cfm mip level 2 interface gigabitethernet0 0 2 use an appropriate device specific interface ethernet cfm mip level 2 N PE B ethernet cfm domain ServiceProvider level 4 mep archive hold time 60 service MetroCustomer1 evc evc1 vlan 100 ethernet cfm domain OperatorB l...

Страница 228: ...References Related Documents Document Title Related Topic Cisco IOS Master Commands List All Releases Cisco IOS commands Standards and RFCs Title Standard RFC No specific Standards and RFCs are supported by the features in this document MIBs MIBs Link MIB To locate and download MIBs for selected platforms Cisco IOS releases and feature sets use Cisco MIB Locator found at the following URL http www...

Страница 229: ...so support that feature Use Cisco Feature Navigator to find information about platform support and Cisco software image support To access Cisco Feature Navigator go to www cisco com go cfn An account on Cisco com is not required Table 9 Feature Information for Configuring Ethernet CFM in a Service Provider Network Feature Information Releases Feature Name This feature was introduced on the Cisco A...

Страница 230: ...ore maintenance entities MIP CCDB A database of information about the MEPs in the maintenance domain The MIP CCDB can be maintained by a MIP MP maintenance point Either a MEP or a MIP MPID maintenance endpoint identifier A small integer unique over a given MA that identifies a specific MEP OAM operations administration and maintenance A term used by several standards bodies to describe protocols a...

Страница 231: ...r Continuity Check Database CCDB based on maintenance point MP filtering rules Finding Feature Information page 213 Restrictions for CFM Configuration over EFP Interface with Cross Connect Feature page 214 Configuring CFM over EFP with Cross Connect page 214 Verifiying CFM over EFP page 227 Troubleshooting CFM Features page 229 Additional References page 230 Feature Information for CFM Configurati...

Страница 232: ...flooded only to port where it was last learned CFM Traceroute for new RMEPs are not initiated on their own However ping to both expired and new RMEPs are flooded to all EFPs in the BD Configuring CFM over EFP with Cross Connect The sections below describe how to configure CFM on EFP interfaces ConfiguringCFMoverEFPInterfacewithCrossConnect BasicConfiguration SUMMARY STEPS 1 enable 2 configure term...

Страница 233: ...l ports interface interface id Example Router config interface gigabitethernet0 0 1 Step 6 Configure an EFP service instance and enter service instance configuration mode service instance number ethernet name Example Router config if service instance 1 Ethernet Step 7 The number is the EFP identifier an integer from 1 to 4000 Optional ethernet name is the name of a previously configured EVC You do...

Страница 234: ...cfm service s256 evc 256 PE3 config ecfm srv continuity check PE3 config ecfm srv end PE3 config interface ten 2 0 0 PE3 config if no ip address PE3 config if service instance 256 ethernet 256 PE3 config if srv encapsulation dot1q 256 PE3 config if srv xconnect 1 1 1 1 1 encapsulation mpls PE3 cfg if ether vc xconn cfm mep domain L6 mpid 256 PE3 config if srv ecfm mep end PE3 PE3 config ethernet c...

Страница 235: ...eged EXEC mode enable Step 1 Example Router enable Enter your password if prompted Enters global configuration mode configure terminal Example Router configure terminal Step 2 Specifies the Gigabit Ethernet interface to configure where interface gigabitethernet slot subslot port Example Router config interface Gi2 0 2 Step 3 slot subslot port Specifies the location of the interface Creates a servi...

Страница 236: ... Example Router config xconnect 10 0 3 201 123 pw class vlan xconnect Step 7 Configures a maintenance endpoint MEP for a domain cfm mep domain domain name up down mpid mpid value cos cos value Example Router cfm mep up mpid 100 domain Core Step 8 Example for Configuring CFM over EFP Interface with Cross Connect Single Tag VLAN Cross Connect PE3 config ethernet cfm domain L2 level 2 PE3 config ecfm...

Страница 237: ...mand or Action Enables privileged EXEC mode enable Step 1 Example Router enable Enter your password if prompted Enters global configuration mode configure terminal Example Router configure terminal Step 2 Specifies the Gigabit Ethernet interface to configure where interface gigabitethernet slot subslot port Example Router config interface Gi2 0 2 Step 3 slot subslot port Specifies the location of ...

Страница 238: ...ncing transmit receive both Example Router config xconnect 1 1 1 1 100 pw class vlan xconnect Step 7 Configures a maintenance endpoint MEP for a domain cfm mep domain domain name up down mpid mpid value cos cos value Example Router cfm mep down mpid 100 domain Core Step 8 Example for Configuring CFM over EFP Interface with Cross Connect Double Tag VLAN Cross Connect PE3 config ethernet cfm domain ...

Страница 239: ...tep 2 Specifies the Gigabit Ethernet interface to configure where interface gigabitethernet slot subslot port Example Router config interface Gi2 0 2 Step 3 slot subslot port Specifies the location of the interface Creates a service instance an instance of an EVC on an interface and sets the device into the config if srv submode service instance id Ethernet service name service instance id Etherne...

Страница 240: ...ring CFM over EFP Interface with Cross Connect Selective QinQ Cross Connect PE3 config ethernet cfm domain L2 level 2 PE3 config ecfm service s256 evc 256 direction down PE3 config ecfm srv continuity check PE3 config ecfm srv end PE3 PE3 config int ten 2 0 0 PE3 config if no ip address PE3 config if service instance 256 ethernet 256 PE3 config if srv encapsulation dot1q 256 second dot1q 257 cos 7...

Страница 241: ...cifies the Gigabit Ethernet interface to configure where interface gigabitethernet slot subslot port Example Router config interface Gi2 0 2 Step 3 slot subslot port Specifies the location of the interface Creates a service instance an instantiation of an EVC on an interface and sets the device into the config if srv submode service instance id Ethernet service name Example Router config if servic...

Страница 242: ...s Connect Tunnel PE3 config ethernet cfm domain L2 level 2 PE3 config ecfm service s256 evc 256 direction down PE3 config ecfm srv continuity check PE3 config ecfm srv end PE3 PE3 config int ten 2 0 0 PE3 config if no ip address PE3 config if service instance 256 ethernet 256 PE3 config if srv encapsulation dot1q 256 PE3 config if srv xconnect 1 1 1 1 1 encapsulation mpls PE3 cfg if ether vc xconn...

Страница 243: ... class pw class name sequencing transmit receive both 8 cfm mep domain domain name up down mpid mpid value cos cos value DETAILED STEPS Purpose Command or Action enable Step 1 Example Router enable Enables privileged EXEC mode Enter your password if prompted configure terminal Step 2 Example Router configure terminal Enters global configuration mode interface gigabitethernet slot subslot port Step...

Страница 244: ...fies the tag manipulation that is to be performed on the frame ingress to the service instance xconnect peer ip address vc id encapsulation l2tpv3 manual mpls manual pw class pw class name pw class pw class name sequencing transmit receive both Step 7 Example Router config xconnect 1 1 1 1 100 pw class vlan xconnect Binds an attachment circuit to a pseudowire and configures an Any Transport over M...

Страница 245: ...Y L5 Up Te2 0 0 N A bbb 1 bbb Total Local MEPs 2 Local MIPs MIP Manually Configured Level Port MacAddress SrvcInst Type Id 7 Te2 0 0 0007 8478 4410 1 XCON N A Total Local MIPs 1 Use the show ethernet cfm ma remote to verify the MEP configuration Router 30 PE1 show ethernet cfm ma remote MPID Domain Name MacAddress IfSt PtSt Lvl Domain ID Ingress RDI MA Name Type Id SrvcInst EVC Name Age 4 L5 000a ...

Страница 246: ...local SSS circuit status rcvd No fault Last local SSS circuit status sent No fault Last local LDP TLV status sent No fault Last remote LDP TLV status rcvd No fault Last remote LDP ADJ status rcvd No fault MPLS VC labels local 21 remote 21 Group ID local 0 remote 0 MTU local 1500 remote 1500 Remote interface description Sequencing receive disabled send disabled Control Word On configured autosense ...

Страница 247: ... is not found Use the ping ethernet mac address mpid id multicast domain domain name vlan vlan id port evc evc name or the traceroute ethernet mac address mpid id domain domain name vlan vlan id port evc evc name commands to verify ethernet CFM connectivity Share the output with TAC for further investigation CFM connectivity is down and issues at the maintenance domain levels Use the show ethernet...

Страница 248: ... cisco com c en us td docs ios xml ios mcl allreleasemcl all book html Cisco IOS commands Standards and RFCs Title Standard RFC No specific Standards and RFCs are supported by the features in this document MIBs MIBs Link MIB To locate and download MIBs for selected platforms Cisco IOS releases and feature sets use Cisco MIB Locator found at the following URL http www cisco com go mibs Carrier Ethe...

Страница 249: ...ble lists only the software release that introduced support for a given feature in a given software release train Unless noted otherwise subsequent releases of that software release train also support that feature Use Cisco Feature Navigator to find information about platform support and Cisco software image support To access Cisco Feature Navigator go to www cisco com go cfn An account on Cisco c...

Страница 250: ...r Ethernet Configuration Guide Cisco ASR 920 Series 232 CFM Configuration over EFP Interface with Cross Connect Feature Feature Information for CFM Configuration over EFP Interface with Cross Connect Feature ...

Страница 251: ...equisites for G 8032 and CFM Microwave Adaptive Bandwidth Support page 234 About G 8032 and CFM Support for Microwave Adaptive Bandwidth page 234 How to Configure G 8032 and CFM Support for Microwave Adaptive Bandwidth page 237 Configuration Examples for G 8032 and CFM Support for Microwave Adaptive Bandwidth page 241 Additional References for G 8032 and CFM Support for Microwave Adaptive Bandwidt...

Страница 252: ...sed as a trigger in response to bandwidth degradation occurrences such as a signal degradation SD indicator on microwave links Ethernet CFM interacts with the microwave transceiver to continuously check the quality and the bandwidth of the microwave link When microwave link degradation based on the configured service level agreement SLA in use is detected CFM notifies the Embedded Event Manager EE...

Страница 253: ...logy must be provisioned with enough redundant bandwidth to handle a complete failure in certain situations where the service committed information rate CIR is very low forwarding as much excess traffic above the CIR as possible is important Therefore for those situations treating bandwidth degradation as a complete failure is not desirable Adaptive Bandwidth Multi hop Extensions In a network topo...

Страница 254: ...o a single physical link on the head end router Restrictions for Assigning Link IDs If link IDs are used the EEM scripts are registered on either a set of source MAC addresses or a set of link IDs but not a mixture of both When registering an EEM script and specifying multiple links it is recommended that the threshold is equal to or lower than the minimum nominal bandwidth across all those links ...

Страница 255: ...e instance id all 8 Repeat steps 4 through 7 for each Ethernet microwave event you want to create Then proceed to step 9 9 exit DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Enters global configuration mode configure terminal Example Device configure terminal Step 2 Registers an applet with the Embedded Eve...

Страница 256: ...s the Ethernet microwave event to be associated with bandwidth SD occurrences event ethernet microwave clear sd interface type number Example Device config applet event ethernet microwave clear sd interface gigabitethernet0 0 0 Step 6 After the event is created use the action switch ring g8032 clear instance command at step 7 to clear the SD occurrence and bring the ring back to the normal idle st...

Страница 257: ...e terminal Step 2 Specifies an interface and enters interface configuration mode interface type name Example Device config interface gigabitethernet0 0 0 Step 3 Specifies the microwave bandwidth degradation hold off time in seconds ethernet event microwave hold off seconds Example Device config if ethernet event microwave hold off 30 Step 4 This time is used to prevent changes in the state of the ...

Страница 258: ...thernet event microwave wtr 45 Step 6 This time is used to prevent changes in the state of the network node as a result of recovery events after an SD occurrence Timer parameters are applicable to Port channel Note Exits interface configuration mode exit Example Device config if exit Step 7 Optional Displays the microwave event status show ethernet event microwave status interface type number Step...

Страница 259: ...r applet mw_ring_clear_sd Device config applet event ethernet microwave clear sd interface gigabitethernet0 0 0 Device config applet action 1 switch ring g8032 clear ringA instance all Device config applet exit Example Verifying the Ethernet Microwave Event Configuration The following is sample output from the show ethernet event microwave status command where GigabitEthernet interface 0 0 2 has b...

Страница 260: ...1 The following is sample output from the show ethernet event microwave status command displaying the for Link ID TLVs Device show ethernet event microwave status GigabitEthernet 0 0 2 Microwave Bandwidth Status for Ethernet0 0 State SIGNAL_DEGRADED Hold Time 0 seconds Restore Time 10 seconds Loss threshold 3 Total VSM Receive Count 6 Total VSM Drop Count 0 Link ID 4 Sender Address aaa bbbb cccc S...

Страница 261: ...64F6 9D67 A006 link ID 0 on GigabitEthernet0 0 7 has changed due to VSM current is 500Mbps nominal is 600Mbps Apr 30 16 33 45 502 IST HA_EM 6 LOG DEGRADED eem started Example Configuring the TRUNK EFP with ACM Microwave The following example shows the configuration of MEP on a trunk EFP interface GigabitEthernet0 3 3 no ip address negotiation auto ethernet cfm mep domain md1 mpid 1 service ma1 ser...

Страница 262: ...d wiki Using Ethernet Operations Administration and Maintenance Operations Administration and Maintenance OAM Cisco IOS Carrier Ethernet Command Reference Carrier Ethernet commands complete command syntax command mode command history defaults usage guidelines and examples Cisco IOS Master Command List All Releases Cisco IOS commands master list of commands with complete command syntax command mode...

Страница 263: ...idth The following table provides release information about the feature or features described in this module This table lists only the software release that introduced support for a given feature in a given software release train Unless noted otherwise subsequent releases of that software release train also support that feature Use Cisco Feature Navigator to find information about platform support...

Страница 264: ...hat the degraded microwave link is bypassed and no longer used The degraded microwave link can still be used by one or more of the G 8032 ERP instances Only the affected G 8032 ERP instances are switched to alternate link In Cisco IOS Release 15 3 2 S support was added for the Cisco ASR 901 series Aggregation Services Router The following commands were introduced or modified action switch ring g80...

Страница 265: ...1 Configuration Examples for Configuring Ethernet page 275 Additional References page 280 Feature Information for Configuring Ethernet CFM page 282 Glossary page 282 Finding Feature Information Your software release may not support all the features documented in this module For the latest caveats and feature information see Bug Search Tool and the release notes for your platform and software relea...

Страница 266: ...d per physical wire protocol It is not end to end or service aware Ethernet Local Management Interface E LMI is confined between the user end provider edge uPE and CE and relies on CFM for reporting status of the metro Ethernet network to the CE The benefits of Ethernet CFM are End to end service level OAM technology Reduced operating expense for service provider Ethernet networks Competitive adva...

Страница 267: ...e than one entity which is not allowed Domains may nest or touch but when two domains nest the outer domain must have a higher maintenance level than the domain nested within it Nesting maintenance domains is useful in the business model where a service provider contracts with one or more operators to provide Ethernet service to a customer Each operator would have its own maintenance domain and th...

Страница 268: ...Up MEPs varies by Cisco release When the continuity check static rmep command is configured on a port MEP and continuity checking does not detect a removed MEP the port is set to MAC operation down and the interface protocol is set to down Normal traffic is stopped because the line protocol is down but CFM packets still pass MEP configurations can be removed after all pending loopback and tracerou...

Страница 269: ...ng MEP For each visible MIP linktrace messages indicate ingress action relay action and egress action Linktrace messages include the destination MAC address VLAN and maintenance domain and they have Time To Live TTL to limit propagation within the network They can be generated on demand using the CLI LTMs are multicast and LTRs are unicast Loopback Messages Ethernet CFM loopback messages LBMs are ...

Страница 270: ...raps continuity check CC traps and cross check traps CC Traps MEP up Sent when a new MEP is discovered the status of a remote port changes or connectivity from a previously discovered MEP is restored after interruption MEP down Sent when a timeout or last gasp event occurs Cross connect Sent when a service ID does not match the VLAN Loop Sent when a MEP receives its own CCMs Configuration error Se...

Страница 271: ...r level MEPs 3 Determine service provider MIPs 4 Determine service provider MEPs 5 Determine customer MIPs 6 Determine customer MEPs DETAILED STEPS Purpose Command or Action Follow these steps Determine operator level MIPs Step 1 Starting at lowest operator level domain assign a MIP at every interface internal to the operator network to be visible to CFM Proceed to next higher operator level and a...

Страница 272: ... MEP at a lower level should have either a MIP or a MEP at a higher level Customer MIPs are allowed only on the UNIs at the uPEs if the service provider allows the customer to run CFM Otherwise the service provider can configure Cisco devices to block CFM frames Determine customer MIPs Step 5 Configure a MIP on every uPE at the UNI port in the customer maintenance domain Ensure the MIPs are at a m...

Страница 273: ...Carrier Ethernet Configuration Guide Cisco ASR 920 Series 255 Configuring Ethernet CFM Designing CFM Domains ...

Страница 274: ...snmp server enable traps ethernet cfm crosscheck mep unknown mep missing service up 13 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Enters global configuration mode configure terminal Example Device configure terminal Step 2 Defines a CFM maintenance domain at a particular maintenance level and enters ...

Страница 275: ... CFM data learned through traceroute messages ethernet cfm traceroute cache Example Device config ethernet cfm traceroute cache Step 8 Sets the maximum size for the CFM traceroute cache table ethernet cfm traceroute cache size entries Example Device config ethernet cfm traceroute cache size 200 Step 9 Sets the amount of time that CFM traceroute cache entries are retained ethernet cfm traceroute ca...

Страница 276: ...ure terminal 3 ethernet cfm domain domain name level level id direction outward 4 mep archive hold time minutes 5 exit 6 ethernet cfm global 7 ethernet cfm ieee 8 ethernet cfm traceroute cache 9 ethernet cfm traceroute cache size entries 10 ethernet cfm traceroute cache hold time minutes 11 snmp server enable traps ethernet cfm cc mep up mep down config loop cross connect 12 snmp server enable tra...

Страница 277: ...turns the device to global configuration mode exit Example Device config ecfm exit Step 5 Example Enables CFM processing globally on the device ethernet cfm global Example Device config ethernet cfm global Step 6 Enables the CFM IEEE version of CFM ethernet cfm ieee Step 7 Example Device config ethernet cfm ieee This command is automatically issued when the ethernet cfm global command is issued En...

Страница 278: ... service up continuity snmp server enable traps ethernet cfm crosscheck mep unknown mep missing service up Step 12 check events in relation to the cross check operation Example Device config snmp server enable traps ethernet cfm crosscheck mep unknown between statically configured MEPs and those learned via CCMs Returns the device to privileged EXEC mode end Example Device config end Step 13 Examp...

Страница 279: ...cfm traceroute cache hold time minutes 16 interface slot subslot port 17 ethernet cfm mep domain domain name mpid mpid port vlan vlan id 18 ethernet cfm mep domain domain name mpid mpid port vlan vlan id 19 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Router enable Enter your password if prompted Enters global configuration mode configure terminal...

Страница 280: ...p Step 5 Example Router config ecfm srv continuity check Configures the time period between CCM transmissions continuity check interval time loss threshold threshold static rmep Step 6 The values supported are platform dependent Example Router config ecfm srv continuity check interval 10s Sets the number of CCMs that should be missed before declaring that a remote MEP is down continuity check inte...

Страница 281: ...raceroute cache table ethernet cfm traceroute cache size entries Example Router config ethernet cfm traceroute cache size 200 Step 14 Sets the amount of time that CFM traceroute cache entries are retained ethernet cfm traceroute cache hold time minutes Example Router config ethernet cfm traceroute cache hold time 60 Step 15 Specifies an interface and enters interface configuration mode interface s...

Страница 282: ...n id vlan id vpn id vpn id port vlan vlan id direction down 6 continuity check interval time loss threshold threshold static rmep 7 continuity check interval time loss threshold threshold static rmep 8 continuity check interval time loss threshold threshold static rmep 9 exit 10 exit 11 ethernet cfm global 12 ethernet cfm ieee 13 ethernet cfm traceroute cache 14 ethernet cfm traceroute cache size ...

Страница 283: ...tenance domain and enters CFM service configuration mode service ma name ma num evc evc name vlan id vlan id vpn id vpn id port vlan vlan id direction down Example Device config ecfm service MA1 evc evc1500 vlan 1500 direction down Step 5 If a service is already configured and you configure a new MA name and also specify the direction down keyword a second service is added that maps to the same VL...

Страница 284: ... processing globally on the device ethernet cfm global Example Device config ethernet cfm global Step 11 Enables the CFM IEEE version of CFM ethernet cfm ieee Step 12 Example Device config ethernet cfm ieee This command is automatically issued when the ethernet cfm global command is issued Enables caching of CFM data learned through traceroute messages ethernet cfm traceroute cache Example Device ...

Страница 285: ...vel id inward outward domain domain name mpid id vlan any vlan id vlan id vlan id vlan id vlan id vlan id Step 17 Example Device config if ethernet cfm mep level 7 outward domain Customer mpid 701 vlan 100 Returns the device to privileged EXEC mode end Example Device config if end Step 18 Example Device Configuring and Enabling the Cross Check Function CE A Perform this task to configure and enabl...

Страница 286: ...Device configure terminal Step 2 Defines a CFM domain at a specified level and enters Ethernet CFM configuration mode ethernet cfm domain domain name level level id Example Device config ethernet cfm domain Customer level 7 Step 3 Configures a maintenance association within a maintenance domain and enters Ethernet connectivity fault management CFM service configuration mode service short ma name e...

Страница 287: ...MEPs learned through CCMs ethernet cfm mep crosscheck enable disable domain domain name port vlan vlan id vlan id vlan id vlan id vlan id Example Device ethernet cfm mep crosscheck enable domain cust4 vlan 100 Step 9 Configuring and Enabling the Cross Check Function CE B SUMMARY STEPS 1 enable 2 configure terminal 3 ethernet cfm domain domain name level level id 4 service short ma name evc evc nam...

Страница 288: ...ice short ma name evc evc name vlan vlanid direction down Example Device config ecfm service s41 evc 41 vlan 41 direction down Step 4 Statically defines the MEPs within a maintenance association mep mpid mpid Example Device config ecfm mep mpid 702 Step 5 Returns the device to global configuration mode exit Example Device config ecfm exit Step 6 Configures the maximum amount of time that the devic...

Страница 289: ...s with up direction should be configured on the UNIs with the associated BDs to monitor the service backhaul connection To achieve this use the alias command to configure a Connectivity Fault Management CFM Maintenance Association MA For example MA2 can be an alias to another MA MA1 As a result MA1 behaves as though it is configured as MA2 on a different BD associated with it MA1 and MA2 function ...

Страница 290: ...ng Multi UNI CFM MEPs in the Same VPN SUMMARY STEPS 1 configure terminal 2 platform cfm 3 ethernet cfm global 4 ethernet cfm domain domain name level level id 5 service ma name ma number vpn id vpn vlan vlan id direction down port 6 continuity check 7 continuity check interval value 8 continuity check loss threshold threshold value 9 alias alias short ma name icc icc code meg id number ma number v...

Страница 291: ...rt Configure port MEP a down MEP that is untagged and not associated with a VLAN Enable sending and receiving of continuity check messages continuity check Example Router config ecfm srv continuity check Step 6 Optional Set the interval at which continuity check messages are sent The available values are 100 ms 1 second 10 seconds 1 minute and 10 minutes The default is 10 seconds continuity check ...

Страница 292: ...nt local command to verify the Multi UNI CFMs over EVC configuration This command shows the basic configuration information for Multi UNI CFM Router show ethernet cfm maintenance points local Local MEPs MPID Domain Name Lvl MacAddress Type CC Ofld Domain Id Dir Port Id MA Name SrvcInst Source EVC name 30 MD6 6 88f0 7768 2180 BD V Y No MD6 Up Gi0 0 0 30 MA1 30 Static evc30 40 MD6 6 88f0 7768 2185 B...

Страница 293: ...n ethernet cfm global ethernet cfm ieee ethernet cfm traceroute cache ethernet cfm traceroute cache size 200 ethernet cfm traceroute cache hold time 60 ethernet cfm mip auto create level 7 vlan 1 4094 interface gigabitethernet0 0 2 ethernet cfm mip level 7 vlan 101 Manual MIP ethernet cfm mep domain ServiceProvider L4 mpid 401 vlan 101 ethernet cfm mep domain OperatorA L1 mpid 101 vlan 101 interfa...

Страница 294: ... domain ServiceProvider L4 level 4 mep archive hold time 60 mip auto create service MetroCustomer1 vlan 101 continuity check ethernet cfm domain OperatorA level 1 mep archive hold time 65 mip auto create service MetroCustomer1OpA vlan 101 continuity check interface gigabitethernet0 0 2 ethernet cfm mip level 1 manual MIP interface gigabitethernet0 0 2 ethernet cfm mip level 4 manual MIP snmp serve...

Страница 295: ... traceroute cache ethernet cfm traceroute cache size 200 ethernet cfm traceroute cache hold time 60 ethernet cfm domain ServiceProvider level 4 mep archive hold time 60 mip auto create service MetroCustomer1 vlan 101 continuity check ethernet cfm domain OperatorB level 2 mep archive hold time 65 mip auto create service MetroCustomer1OpB vlan 101 continuity check interface ethernet cfm mip level 2 ...

Страница 296: ...7 vlan 1 4094 ethernet cfm domain ServiceProvider L4 level 4 mep archive hold time 60 service MetroCustomer1 vlan 101 continuity check ethernet cfm domain OperatorA L1 level 1 mep archive hold time 65 mip auto create service MetroCustomer1OpA vlan 101 continuity check interface gigabitethernet0 0 2 ethernet cfm mip level 7 vlan 101 Manual MIP ethernet cfm mep domain ServiceProvider L4 mpid 401 vla...

Страница 297: ...ute cache hold time 60 ethernet cfm domain Customer L7 level 7 mip auto create service Customer1 vlan 101 direction down ethernet cfm domain ServiceProvider L4 level 4 mep archive hold time 60 service MetroCustomer1 vlan 101 continuity check ethernet cfm domain OperatorB level 2 mep archive hold time 65 service MetroCustomer1OpB vlan 101 continuity check interface gigabitethernet0 0 2 ethernet cfm...

Страница 298: ...dditional References Related Documents Document Title Related Topic Cisco IOS Carrier Ethernet Command Reference CFM commands complete command syntax command mode command history defaults usage guidelines and examples Cisco IOS Master Command List All Releases Cisco IOS commands master list of commands with complete command syntax command mode command history defaults usage guidelines and examples...

Страница 299: ...ER CFM MIB RFCs Title RFC No new or modified RFCs are supported by this feature and support for existing RFCs has not been modified Technical Assistance Link Description http www cisco com cisco web support index html The Cisco Support and Documentation website provides online resources to download documentation software and tools Use these resources to install and configure the software and to tr...

Страница 300: ...eceiving a CCM EVC Ethernet virtual connection An association of two or more user network interfaces fault alarm An out of band signal typically an SNMP notification that notifies a system administrator of a connectivity failure inward facing MEP A MEP that resides in a bridge and transmits to and receives CFM messages from the direction of the bridge relay entity maintenance domain The network or...

Страница 301: ...r Entity that provides a service provider a single network of provider bridges or a single Layer 2 or Layer 3 backbone network An operator may be identical to or a part of the same organization as the service provider For purposes of IEEE P802 1ag Draft Standard for Local and Metropolitan Area Networks the operator and service provider are presumed to be separate organizations Terms such as custom...

Страница 302: ...Carrier Ethernet Configuration Guide Cisco ASR 920 Series 284 Configuring Ethernet CFM Glossary ...

Страница 303: ...e LMI an OAM protocol on a provider edge PE device Prerequisites for Configuring Ethernet Local Management Interface at a Provider Edge page 285 Restrictions for Configuring Ethernet Local Management Interface at a Provider Edge page 286 Information About Configuring Ethernet Local Management Interface at a Provider Edge page 286 How to Configure Ethernet Local Management Interface at a Provider E...

Страница 304: ...LMI provides CE devices with the status of Ethernet virtual circuits EVCs for large Ethernet metropolitan area networks MANs and WANs and provides information that enables CE devices to autoconfigure Specifically Ethernet LMI runs on the PE CE User Network Interface UNI link and notifies a CE device of the operating state of an EVC and the time when an EVC is added or deleted Ethernet LMI also com...

Страница 305: ...manager to Ethernet LMI on the UPE side of the device An information exchange results from an Ethernet LMI request or is triggered by the OAM manager when it receives notification from the OAM protocol that the number of UNIs has changed A change in the number of UNIs may cause a change in Ethernet virtual circuit EVC status The OAM manager calculates EVC status given the number of active user net...

Страница 306: ...r example EVC definitions on PE devices on both sides of a metro network CFM and OAM interworking requires an inward facing Maintenance Entity Group End Point MEP Configuring the OAM Manager If you configure change or remove a user network interface UNI service type Ethernet virtual circuit EVC Ethernet service instance or customer edge CE VLAN configuration all configurations are checked to ensur...

Страница 307: ... vlan id untagged any default untagged 17 ethernet lmi interface 18 encapsulation dot1q vlan id 19 bridge domain domain number 20 cfm mep domain domain name mpid mpid id 21 exit 22 service instance service instance id ethernet 23 encapsulation untagged 24 l2protocol peer 25 bridge domain bridge domain number 26 exit 27 ethernet uni bundle all to one id uni id multiplex 28 end DETAILED STEPS Purpos...

Страница 308: ...an 10 Step 4 Enables the transmission of continuity check messages CCMs continuity check Example Device config ecfm srv continuity check Step 5 Enables the transmission of continuity check messages CCMs at specific intervals continuity check interval time Example Device config ecfm srv continuity check interval 1s 10s 1m 10m Step 6 Returns to Ethernet CFM configuration mode exit Example Device con...

Страница 309: ...I count less than the number of endpoints status might be active even if all endpoints are not up Note Returns to global configuration mode exit Example Device config evc exit Step 12 Repeat Steps 3 through 12 to define other CFM domains that you want OAM manager to monitor Step 13 Example Specifies a physical interface connected to the CE device and enters interface configuration mode interface t...

Страница 310: ...ervice instance to a bridge domain instance bridge domain domain number Example Device config if srv bridge domain 1 Step 19 Configures a maintenance endpoint MEP for a domain cfm mep domain domain name mpid mpid id Example Device config if srv cfm mep domain provider mpid 10 Step 20 Returns to interface configuration mode exit Example Device config if srv exit Step 21 Configures an Ethernet servi...

Страница 311: ...config if ethernet uni bundle Returns to privileged EXEC mode end Example Device config if end Step 28 Enabling Ethernet LMI The order in which the global and interface configuration commands are issued determines the configuration The last command that is issued has precedence Perform this task to enable Ethernet Local Management Interface LMI on a device or on an interface SUMMARY STEPS 1 enable...

Страница 312: ...es unless you disable it on specific interfaces If Ethernet LMI is disabled globally you can use this command to enable it on specified interfaces Configures Ethernet LMI parameters for the UNI ethernet lmi n393 value t392 value Example Device config if ethernet lmi n393 10 Step 5 Returns to privileged EXEC mode end Example Device config if end Step 6 Displaying Ethernet LMI and OAM Manager Inform...

Страница 313: ...umber uni map interface type number Step 2 Example Device show ethernet lmi evc Displays information about all Ethernet virtual circuits EVCs or about a specified EVC show ethernet service evc detail id evc id detail interface type number detail Example Device show ethernet service evc Step 3 Displays information about customer service instances show ethernet service instance detail id id interfac...

Страница 314: ...how ethernet service instance detail Service Instance ID 400 Associated Interface GigabitEthernet0 0 2 Associated EVC 50 CE Vlans 30 State AdminDown EFP Statistics Pkts In Bytes In Pkts Out Bytes Out 0 0 0 0 Configuration Examples for Ethernet Local Management Interface at a Provider Edge Example Ethernet OAM Manager on a PE Device Configuration This example shows a sample configuration of Operati...

Страница 315: ...v continuity check Device config ecfm srv continuity check interval 1s 10s 1m 10m Device config ecfm srv exit Device config ecfm exit Device config ethernet evc test1 Device config evc oam protocol cfm domain provider Device config evc exit Device config interface gigabitEthernet 0 0 2 Device config if ethernet lmi interface Device config if ethernet uni id CISCO Device config if service instance ...

Страница 316: ...support To access Cisco Feature Navigator go to www cisco com go cfn An account on Cisco com is not required Table 14 Feature Information for Configuring Ethernet Local Management Interface at a Provider Edge Feature Information Releases Feature Name This feature was introduced on the Cisco ASR 920 Series Aggregation Services Router ASR 920 12CZ A ASR 920 12CZ D ASR 920 4SZ A ASR 920 4SZ D Cisco I...

Страница 317: ...viders where networks are substantially larger and more complex than enterprise networks and the user base is wider makes operational management of link uptime crucial Information About Using Ethernet Operations Administration and Maintenance page 299 How to Set Up and Configure Ethernet Operations Administration and Maintenance page 304 Configuration Examples for Ethernet Operations Administratio...

Страница 318: ...lude the MAC client or link aggregation and the other interface facing toward the subordinate MAC control sublayer The OAM sublayer provides a dedicated interface for passing OAM control information and OAM PDUs to and from a client The OAM sublayer is made up of three components control block multiplexer and packet parser p parser Each component is described in the following sections Control Bloc...

Страница 319: ... the network and their OAM capabilities Discovery uses information OAM PDUs During the discovery phase the following information is advertised within periodic information OAM PDUs OAM mode Conveyed to the remote OAM entity The mode can be either active or passive and can be used to determine device functionality OAM configuration capabilities Advertises the capabilities of the local OAM entity Wit...

Страница 320: ...k fault applies only when the physical sublayer is capable of independently transmitting and receiving signals Dying Gasp An unrecoverable condition has occurred for example when an interface is shut down This type of condition is vendor specific A notification about the condition may be sent immediately and continuously Critical Event An unspecified critical event has occurred This type of event ...

Страница 321: ...me stamp when generated Loopback control OAM PDU An OAM PDU fixed at 64 bytes in length that is used to enable or disable the remote loopback command Vendor specific OAM PDU A variable length OAM PDU that allows the addition of vendor specific extensions to OAM IEEE 802 3ah Link Fault RFI Support The IEEE 802 3ah Link Fault RFI Support feature provides a per port configurable option that moves a p...

Страница 322: ... Interface Ethernet OAM is by default disabled on an interface SUMMARY STEPS 1 enable 2 configure terminal 3 interface type number 4 ethernet oam max rate oampdus min rate num seconds mode active passive timeout seconds 5 exit DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Enters global configuration mode co...

Страница 323: ... monitoring sessions Disabling a Link Monitoring Session Perform this task to disable a link monitoring session SUMMARY STEPS 1 enable 2 configure terminal 3 interface type number 4 ethernet oam max rate oampdus min rate num seconds mode active passive timeout seconds 5 no ethernet oam link monitor supported 6 exit DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1...

Страница 324: ... link monitoring on the interface no ethernet oam link monitor supported Example Device config if no ethernet oam link monitor supported Step 5 Returns to global configuration mode exit Example Device config if exit Step 6 Enabling a Link Monitoring Session Perform this task to reenable a link monitoring session after it was previously disabled SUMMARY STEPS 1 enable 2 configure terminal 3 interfa...

Страница 325: ...itor supported Step 4 Returns to global configuration mode exit Example Device config if exit Step 5 Stopping and Starting Link Monitoring Operations Link monitoring operations start automatically when Ethernet OAM is enabled on an interface When link monitoring operations are stopped the interface does not actively send or receive event notification OAM PDUs The tasks in this section describe how...

Страница 326: ... and enters interface configuration mode interface type number Example Device config interface gigabitethernet 0 0 2 Step 3 Enables Ethernet OAM ethernet oam max rate oampdus min rate num seconds mode active passive timeout seconds Step 4 Example Device config if ethernet oam Stops link monitoring operations no ethernet oam link monitor on Example Device config if no ethernet oam link monitor on S...

Страница 327: ...igure terminal Example Device configure terminal Step 2 Specifies an interface and enters interface configuration mode interface type number Example Device config interface gigabitethernet 0 0 2 Step 3 Starts link monitoring operations ethernet oam link monitor on Example Device config if ethernet oam link monitor on Step 4 Returns to global configuration mode exit Example Device config if exit St...

Страница 328: ...onitor receive crc threshold high high frames none low low frames window milliseconds 9 ethernet oam link monitor transmit crc threshold high high frames none low low frames window milliseconds 10 ethernet oam link monitor symbol period threshold high none high symbols low low symbols window symbols 11 exit DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example...

Страница 329: ... counted ethernet oam link monitor frame seconds threshold high none high frames low low frames window milliseconds Step 7 Example Device config if ethernet oam link monitor frame seconds window 699 Configures an Ethernet OAM interface to monitor ingress frames with cyclic redundancy check CRC errors for a period of time ethernet oam link monitor receive crc threshold high high frames none low low...

Страница 330: ...t Example Device config if exit Step 11 Example Configuring Global Ethernet OAM Options Using a Template Perform this task to create a template to use for configuring a common set of options on multiple Ethernet OAM interfaces Steps 4 through 10 are optional and can be performed in any sequence These steps may also be repeated to configure different options Carrier Ethernet Configuration Guide Cis...

Страница 331: ... frames window frames 9 ethernet oam link monitor frame seconds threshold high none high frames low low frames window milliseconds 10 exit 11 interface type number 12 source template template name 13 exit 14 exit 15 show running config DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Enters global configuratio...

Страница 332: ...ld high 299 Step 6 Configures a number for error frames that when reached triggers an action ethernet oam link monitor frame threshold high none high frames low low frames window milliseconds Step 7 Example Device config template ethernet oam link monitor frame window 399 Configures a number of frames to be polled ethernet oam link monitor frame period threshold high none high frames low low frame...

Страница 333: ...d EXEC mode exit Example Device config exit Step 14 Displays the updated running configuration show running config Example Device show running config Step 15 Configuring a Port for Link Fault RFI Support Perform this task to put a port into a blocking state when an OAM PDU control request packet is received with the Link Fault Status flag set SUMMARY STEPS 1 enable 2 configure terminal 3 interface...

Страница 334: ...dge device and provider edge device Configure a global OAM template for both PE and CE configuration Device config template oam Device config template ethernet oam link monitor symbol period threshold low 10 Device config template ethernet oam link monitor symbol period threshold high 100 Device config template ethernet oam link monitor frame window 100 Device config template ethernet oam link mon...

Страница 335: ...s Ethernet OAM configurations and activities Verifying an OAM Session The following example shows that the local OAM client Gigabit Ethernet interface Gi0 0 1 is in session with a remote client with MAC address 0012 7fa6 a700 and OUI 00000C which is the OUI for Cisco The remote client is in active mode and has established capabilities for link monitoring and remote loopback for the OAM session Dev...

Страница 336: ... Control OAMPDU Rx 0 Variable Request OAMPDU Tx 0 Variable Request OAMPDU Rx 0 Variable Response OAMPDU Tx 0 Variable Response OAMPDU Rx 0 Cisco OAMPDU Tx 4 Cisco OAMPDU Rx 0 Unsupported OAMPDU Tx 0 Unsupported OAMPDU Rx 0 Frames Lost due to OAM 0 Local Faults 0 Link Fault records 2 Dying Gasp records Total dying gasps 4 Time stamp 00 30 39 Total dying gasps 3 Time stamp 00 32 39 0 Critical Event ...

Страница 337: ...ocal client interface Gi6 1 1 is connected to a remote client Note the values in the Mode and Capability fields Device show ethernet oam summary Symbols Master Loopback State Slave Loopback State Capability codes L Link Monitor R Remote Loopback U Unidirection V Variable Retrieval Local Remote Interface MAC Address OUI Mode Capability Gi6 1 1 0012 7fa6 a700 00000C active L R Feature Information fo...

Страница 338: ...0 Series Aggregation Services Router ASR 920 12CZ A ASR 920 12CZ D ASR 920 4SZ A ASR 920 4SZ D Cisco IOS XE Release 3 13 0S Using Ethernet Operations Administration and Maintenance Carrier Ethernet Configuration Guide Cisco ASR 920 Series 320 Using Ethernet Operations Administration and Maintenance Feature Information for Using Ethernet Operations Administration and Maintenance ...

Страница 339: ...etwork page 321 Information About ITU T Y 1731 Performance Monitoring in a Service Provider Network page 322 How to Configure ITU T Y 1731 Performance Monitoring in a Service Provider Network page 324 Configuration Examples for Configuring ITU T Y 1731 Performance Monitoring Functions page 325 Feature Information for ITU T Y 1731 Performance Monitoring in a Service Provider Network page 325 Prereq...

Страница 340: ...rmance Monitoring PM is not supported on MEPs that are configured on TEFP Y 1731 Performance Monitoring PM is not supported on MEPs that are configured on ports In ITU T Y1731 1DM measurement should mandate only PTP to have clock sync between sender receiver Note Information About ITU T Y 1731 Performance Monitoring in a Service Provider Network Frame Delay and Frame Delay Variation The Frame Dela...

Страница 341: ...and the TxTimeStampf value copied from the ETH DM request information Two way frame delay is calculated as frame delay RxTimeb TxTimeStampf where RxTimeb is the time that the frame with ETH DM reply information was received Two way frame delay and variation can be measured using only DMM and DMR frames To allow more precise two way frame delay measurement the MEP replying to a frame with ETH DM re...

Страница 342: ...plifies their operations How to Configure ITU T Y 1731 Performance Monitoring in a Service Provider Network Configuring Performance Monitoring Parameters The following new commands were introduced that can be used to configure and display performance monitoring parameters debug ethernet cfm pm monitor loss counters and show ethernet cfm pm For more information about CFM and Y 1731 performance moni...

Страница 343: ...platform support and Cisco software image support To access Cisco Feature Navigator go to www cisco com go cfn An account on Cisco com is not required Table 16 Feature Information for ITU T Y 1731 Performance Monitoring in a Service Provider Network Feature Information Releases Feature Name ITU T Y 1731 performance monitoring provides standard based Ethernet performance monitoring that encompasses...

Страница 344: ...Ethernet Configuration Guide Cisco ASR 920 Series 326 ITU T Y 1731 Performance Monitoring in a Service Provider Network Feature Information for ITU T Y 1731 Performance Monitoring in a Service Provider Network ...

Страница 345: ...s for Using Link Layer Discovery Protocol in Multivendor Networks page 328 Information About Using Link Layer Discovery Protocol in Multivendor Networks page 328 How to Configure Link Layer Discovery Protocol in Multivendor Networks page 332 Configuration Examples for Link Layer Discovery Protocol in Multivendor Networks page 344 Additional References for Using Link Layer Discovery Protocol in Mul...

Страница 346: ...or networks Discovery information includes device identifiers port identifiers versions and other details As a protocol that aids network management LLDP provides accurate network mapping inventory data and network troubleshooting information LLDP is unidirectional operating only in an advertising mode LLDP does not solicit information or monitor state changes between LLDP nodes LLDP periodically ...

Страница 347: ...and network connectivity devices such as routers and switches By default a network connectivity device sends out only LLDP packets until it receives LLDP MED packets from an endpoint device The network device then sends out LLDP MED packets until the remote device to which it is connected ceases to be LLDP MED capable Classes of Endpoints LLDP MED network connectivity devices provide IEEE 802 netw...

Страница 348: ...ntory details LAN speed and duplex Devices discover mismatches in speed and duplex settings Location identification An endpoint particularly a telephone learns its location from a network device This location information may be used for location based applications on the telephone and is important when emergency calls are placed Network policy Network connectivity devices notify telephones about t...

Страница 349: ...y switch obtain its VLAN number and then start communicating with the call control By defining a network policy profile TLV you can create a profile for voice and voice signalling by specifying the values for VLAN class of service CoS differentiated services code point DSCP and tagging mode These profile attributes are then maintained centrally on the switch and propagated to the phone Power manag...

Страница 350: ...n are street address road name and postal community name information ELIN location information Provides the location information of a caller The location is determined by the Emergency location identifier number ELIN which is a phone number that routes an emergency call to the local public safety answering point PSAP and which the PSAP can use to call back the emergency caller Benefits of LLDP Fol...

Страница 351: ...p 2 Enables LLDP globally To disable LLDP globally use the no lldp run command Note lldp run Example Device config lldp run Step 3 Returns to privileged EXEC mode end Example Device config end Step 4 Disabling LLDP Globally Perform this task to disable LLDP globally SUMMARY STEPS 1 enable 2 configure terminal 3 no lldp run 4 end Carrier Ethernet Configuration Guide Cisco ASR 920 Series 333 Using L...

Страница 352: ...ng and Enabling LLDP on a Supported Interface LLDP is enabled by default on all supported interfaces This section describes the tasks for disabling and enabling LLDP on a supported interface Disabling LLDP on a Supported Interface Perform this task to disable LLDP on a supported interface SUMMARY STEPS 1 enable 2 configure terminal 3 interface type number 4 no lldp med tlv select tlv receive trans...

Страница 353: ...rface use the lldp med tlv select tlv receive transmit command Note no lldp med tlv select tlv receive transmit Example Device config if no lldp receive Step 4 Returns to privileged EXEC mode end Example Device config if end Step 5 Enabling LLDP on a Supported Interface LLDP information can be transmitted and received only on an interface where LLDP is configured and enabled Perform this task to e...

Страница 354: ...ransmission on a supported interface lldp med tlv select tlv receive transmit Example Device config if lldp transmit Step 4 Returns to privileged EXEC mode end Example Device config if end Step 5 Setting LLDP Packet Hold Time Hold time is the duration that a receiving device should maintain LLDP neighbor information before aging it Perform this task to define a hold time for an LLDP enabled device...

Страница 355: ...tep 3 Returns to privileged EXEC mode end Example Device config end Step 4 Setting LLDP Packet Frequency Perform this task to specify an interval at which the Cisco software sends LLDP updates to neighboring devices SUMMARY STEPS 1 enable 2 configure terminal 3 lldp timer rate 4 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Carrier Ethernet Configuration G...

Страница 356: ...rks Perform this task to monitor and maintain LLDP in multivendor networks This task is optional and Steps 2 and 3 can be performed in any sequence SUMMARY STEPS 1 enable 2 show lldp entry word errors interface ethernet number neighbors ethernet number detail traffic 3 clear lldp counters table 4 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device...

Страница 357: ...r lldp counters Step 3 Returns to user EXEC mode end Example Device end Step 4 Enabling and Disabling LLDP TLVs LLDP TLV support is enabled by default if LLDP is enabled globally and locally on a supported interface Specific TLVs however can be enabled and suppressed Enabling LLDP TLVs Perform this task to enable an LLDP TLV on a supported interface SUMMARY STEPS 1 enable 2 configure terminal 3 in...

Страница 358: ...DP TLV on a supported interface To disable LLDP TLVs use the no lldp tlv select tlv Note lldp tlv select tlv Example Device config if lldp tlv select power management Step 4 Returns to privileged EXEC mode end Example Device config if end Step 5 Disabling LLDP TLVs Perform this task to disable an LLDP TLV on a supported interface SUMMARY STEPS 1 enable 2 configure terminal 3 interface type number ...

Страница 359: ...on a supported interface no lldp tlv select tlv Example Device config if no lldp tlv select system description Step 4 Returns to privileged EXEC mode end Example Device config if end Step 5 Enabling and Disabling LLDP MED TLVs LLDP MED TLV support is enabled by default if LLDP is enabled globally and locally on a supported interface Specific TLVs however can be enabled and suppressed Enabling LLDP...

Страница 360: ...nterface type number Example Device config interface Gigabitethernet 0 1 Step 3 Enables a specific LLDP MED TLV on a supported interface To disable LLDP MED TLVs use the no lldp med tlv select tlv command Note lldp med tlv select tlv Example Device config if lldp med tlv select inventory management Step 4 Returns to privileged EXEC mode end Example Device config if end Step 5 Disabling LLDP MED TL...

Страница 361: ...ace type and number on which to disable LLDP MED and enters interface configuration mode interface type number Example Device config interface ethernet 0 1 Step 3 Disables a specific LLDP MED TLV from a supported interface no lldp med tlv select tlv Example Device config if no lldp med tlv select inventory management Step 4 Returns to privileged EXEC mode end Example Device config if end Step 5 Ca...

Страница 362: ...ions configured Device1 show running config Building configuration Current configuration 1397 bytes version 12 2 service timestamps debug uptime service timestamps log uptime no service password encryption hostname Device1 boot start marker boot end marker no aaa new model clock timezone PST 8 ip subnet zero lldp timer 15 lldp holdtime 150 Configure LLDP on Device 2 with hold time timer and TLV op...

Страница 363: ... Total frames discarded 0 Total TLVs unrecognized 0 Device1 show lldp neighbors Capability codes R Router B Bridge T Telephone C DOCSIS Cable Device W WLAN Access Point P Repeater S Station O Other Device ID Local Intf Hold time Capability Port ID Device2 Et0 0 150 R Et0 0 Total entries displayed 1 Device2 show lldp traffic LLDP traffic statistics Total frames out 15 Total entries aged 0 Total fra...

Страница 364: ...Port Location Configuration Per Port Location configurations LLDP MED and Cisco Discovery Protocol Comparison of LLDP Media Endpoint Discovery MED and Cisco Discovery Protocol Standards and RFCs Title Standards RFCs Station and Media Access Control Connectivity Discovery IEEE 802 1ab Physical Topology MIB RFC 2922 MIBs MIBs Link MIB To locate and download MIBs for selected platforms Cisco software...

Страница 365: ... a given feature in a given software release train Unless noted otherwise subsequent releases of that software release train also support that feature Use Cisco Feature Navigator to find information about platform support and Cisco software image support To access Cisco Feature Navigator go to www cisco com go cfn An account on Cisco com is not required Table 17 Feature Information for Link Layer ...

Страница 366: ...Carrier Ethernet Configuration Guide Cisco ASR 920 Series 348 Using Link Layer Discovery Protocol in Multivendor Networks Feature Information for Link Layer Discovery Protocol in Multivendor Networks ...

Страница 367: ...mation for Configuring IEEE 802 3ad Link Bundling page 379 Finding Feature Information Your software release may not support all the features documented in this module For the latest caveats and feature information see Bug Search Tool and the release notes for your platform and software release To find information about the features documented in this module and to see a list of the releases in wh...

Страница 368: ... channels Information About Configuring IEEE 802 3ad Link Bundling Gigabit EtherChannel Gigabit EtherChannel GEC is high performance Ethernet technology that provides Gigabit per second Gb s transmission rates A Gigabit EtherChannel bundles individual Ethernet links Gigabit Ethernet or Ten Gigabit Ethernet into a single logical link that provides the aggregate bandwidth of up to eight physical lin...

Страница 369: ...if they can form an EtherChannel based on criteria such as port speed and trunking state Layer 2 EtherChannels also use VLAN numbers LAN ports can form an EtherChannel when they are in compatible LACP modes as in the following examples A LAN port in active mode can form an EtherChannel with another LAN port that is in active mode A LAN port in active mode can form an EtherChannel with another LAN ...

Страница 370: ...operational port fails LACP Enhancements The following LACP enhancements are supported Four member links per LACP bundle Cisco nonstop forwarding NSF and nonstop routing NSR on Gigabit EtherChannel bundles Link failover time of 250 milliseconds or less and a maximum link failover time of 2 seconds port channels remain in the LINK_UP state to eliminate reconvergence by the Spanning Tree Protocol Sh...

Страница 371: ...elease Supported Access control lists ACLs per bundle 2 5 Supported All Ethernet routing protocols Not Supported Intelligent Service Gateway ISG IP sessions Supported Interface statistics Supported IP switching Supported IPv4 unicast and multicast Supported IPv6 unicast without load balancing across member links Supported IPv6 multicast Supported Layer 2 Tunneling Protocol Version 3 L2TPv3 IPinIP ...

Страница 372: ...allowed Bundled ports can be configured on different line cards in a chassis Maximum transmission units MTUs must be configured on only port channel interfaces MTUs are propagated to the bundled ports QoS and committed access rate CAR are applied at the port level Access control lists ACLs are applied on port channels MAC configuration is allowed only on port channels MPLS IP should be enabled on ...

Страница 373: ...by If the active link goes down the EtherChannel stays up and the system performs fast switchover to the hot standby link When the failed link becomes operational again the EtherChannel performs another fast switchover to revert to the original active link For the LACP 1 1 redundancy feature to work correctly especially the fast switchover capability the feature needs to be enabled at both ends of...

Страница 374: ...e exit Example Device config if exit Step 5 Specifies the port to bundle interface type slot subslot port Example Device config interface gigabitethernet 0 0 2 Step 6 Disables the IP address on the port channel interface no ip address Example Device config if no ip address Step 7 Configures the interface in a channel group and sets it as active channel group channel group number mode active passiv...

Страница 375: ...erminal Step 2 Identifies the interface port channel and enters interface configuration mode interface port channel channel number Example Device config interface port channel 10 Step 3 Configures three active links on the port channel The remaining links are in standby mode Traffic is load balanced among the active links lacp max bundle max bundles Example Device config if lacp max bundle 3 Step ...

Страница 376: ...s that must be in the link up state and bundled in the EtherChannel for the port channel interface to transition to the link up state You can use the EtherChannel Min Links feature to prevent low bandwidth LACP EtherChannels from becoming active This feature also causes LACP EtherChannels to become inactive if they have too few active member ports to supply your required minimum bandwidth To confi...

Страница 377: ...xample Device config if lacp min bundle 2 Step 4 Exits configuration mode end Example Device config if end Step 5 Displays the port channel configuration show running config interface port channel group number Example Device show running config interface port channel 1 Step 6 show interfaces port channelgroup number Step 7 Example Device config show interfaces port channel 1 Although the EtherChan...

Страница 378: ... configure terminal 3 interface port channel number 4 ip address ip address mask 5 exit 6 interface type slot subslot port 7 no ip address 8 channel group channel group number mode active passive 9 exit 10 interface type slot subslot port 11 no ip address 12 channel group channel group number mode active passive 13 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable St...

Страница 379: ...p and sets the LACP mode channel group channel group number mode active passive Step 8 Example Device config if channel group 1 mode active channel group number Valid range is 1 to 64 active Places a port into an active negotiating state in which the port initiates negotiations with other ports by sending LACP packets passive Places a port into a passive negotiating state in which the port respond...

Страница 380: ...ble Device configure terminal Device config interface port channel 1 Device config if ip address 10 1 1 1 255 255 255 0 Device config if interface gigabitethernet 0 0 2 Device config if no ip address Device config if channel group 1 mode active Device config if exit Device config interface gigabitethernet 0 0 4 Device config if no ip address Device config if channel group 1 mode active Device conf...

Страница 381: ...ts an LACP port channel interface interface port channel group number Example Device config interface port channel 10 Step 3 Enables the fast switchover feature for this EtherChannel lacp fast switchover Example Device config if lacp fast switchover Step 4 Sets the maximum number of active member ports to 1 lacp max bundle max bundles Example Device config if lacp max bundle 1 Step 5 The minimum n...

Страница 382: ... enable Device configure terminal Device config lacp system priority 33000 Device config interface range fastethernet 5 6 7 Device config if channel group 1 mode active Device config interface fastethernet 5 6 Device config if lacp port priority 33000 Device config interface port channel 1 Device config if lacp fast switchover Device config if lacp max bundle 1 Device config if end Setting LACP Sy...

Страница 383: ...et the LACP port priority and enters interface configuration mode interface slot subslot port Example Device config interface gigabitethernet 0 1 1 Step 4 Specifies the priority for the physical interface lacp port priority priority Step 5 Example Device config if lacp port priority 500 priority Valid range is from 1 to 65535 The higher the number the lower the priority Returns to privileged EXEC ...

Страница 384: ...nel group channel group number 6 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Enters global configuration mode configure terminal Example Device configure terminal Step 2 Configures a Gigabit Ethernet interface interface type slot subslot port Example Device config interface gigabitethernet 0 0 5 Step ...

Страница 385: ...m a physical port SUMMARY STEPS 1 enable 2 configure terminal 3 no interface port channel number 4 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Enters global configuration mode configure terminal Example Device configure terminal Step 2 Removes the specified port channel group from a physical port no i...

Страница 386: ...vileged EXEC mode enable Step 1 Example Device enable Enter your password if prompted Displays internal device information show lacp number counters internal neighbor sys id Step 2 Example Device show lacp internal Troubleshooting Tips To verify and isolate a fault start at the highest level maintenance domain and do the following 1 Check the device error status 2 When a error exists perform a loo...

Страница 387: ...how interface counters 00 04 40 Input queue 0 75 0 0 size max drops flushes Total output drops 0 Interface Port channel1 queueing strategy PXF First In First Out Output queue 0 8192 0 drops input queue 0 75 0 drops 5 minute input rate 0 bits sec 0 packets sec 5 minute output rate 0 bits sec 0 packets sec 0 packets input 0 bytes 0 no buffer Received 0 broadcasts 0 IP multicasts 0 runts 0 giants 0 t...

Страница 388: ...is channel Number of the bundled port and associated Gigabit Ethernet port channel interface Member no Gigabit Ethernet no no no Number of hours minutes and seconds since the last packet was successfully received by an interface and processed locally on the Device Useful for knowing when a dead interface failed This counter is updated only when packets are process switched not when packets are fas...

Страница 389: ...ber of bits and packets received or transmitted per second in the last 5 minutes 5 minute input rate 5 minute output rate Total number of error free packets received by the system packets input Total number of bytes including data and MAC encapsulation in the error free packets received by the system bytes input Number of received packets discarded because there was no buffer space in the main sys...

Страница 390: ... problems frame Number of times the serial receiver hardware was unable to pass received data to a hardware buffer because the input rate exceeded the receiver s capacity for handling the data overrun Number of received packets ignored by the interface because the interface hardware ran low on internal buffers These buffers are different than the system buffers mentioned previously in the buffer d...

Страница 391: ...rface Interface resets can also occur when an unrecoverable interface processor error occurred or when an interface is looped back or shut down interface resets The transmit jabber timer expired babbles Number of late collisions Late collision happens when a collision occurs after transmitting the preamble The most common cause of late collisions is that your Ethernet cable segments are too long f...

Страница 392: ...ing a Channel Group with a Port Channel This example shows how to configure channel group number 5 and include it in the channel group Device1 configure terminal Enter configuration commands one per line End with CNTL Z Device1 config interface port 5 Device1 config if Aug 20 17 06 14 417 LINEPROTO 5 UPDOWN Line protocol on Interface Port channel5 changed state to down Aug 20 17 06 25 413 LINK 3 U...

Страница 393: ...ACPDUs A Device is in Active mode P Device is in Passive mode Channel group 5 LACP port Admin Oper Port Port Port Flags State Priority Key Key Number State Gi0 0 7 SA bndl 32768 0x5 0x5 0x43 0x3D Device1 show interface port 5 Port channel5 is up line protocol is up Hardware is GEChannel address is 0014 a93d 4aa8 bia 0000 0000 0000 MTU 1500 bytes BW 1000000 Kbit DLY 10 usec reliability 255 255 txlo...

Страница 394: ...ged state to up Device1 config if end Device1 Aug 20 17 10 27 653 SYS 5 CONFIG_I Configured from console by console Aug 20 17 11 40 717 GigabitEthernet0 0 7 added as member 2 to port channel5 Device1 show lacp internal Flags S Device is requesting Slow LACPDUs F Device is requesting Fast LACPDUs A Device is in Active mode P Device is in Passive mode Channel group 5 LACP port Admin Oper Port Port P...

Страница 395: ...ysical Port Link Down Device1 Aug 20 17 16 01 257 LINK 3 UPDOWN Interface GigabitEthernet0 0 7 changed state to up Aug 20 17 16 02 257 LINEPROTO 5 UPDOWN Line protocol on Interface GigabitEthernet0 0 7 changed state to up Device1 show lacp internal Flags S Device is requesting Slow LACPDUs F Device is requesting Fast LACPDUs A Device is in Active mode P Device is in Passive mode Channel group 5 LA...

Страница 396: ...3 Full duplex 1000Mb s Member 1 GigabitEthernet0 0 7 Full duplex 1000Mb s Last input 00 00 05 output never output hang never Last clearing of show interface counters 00 04 40 Input queue 0 75 0 0 size max drops flushes Total output drops 0 Interface Port channel1 queueing strategy PXF First In First Out Output queue 0 8192 0 drops input queue 0 75 0 drops 5 minute input rate 0 bits sec 0 packets s...

Страница 397: ...resolve technical issues with Cisco products and technologies Access to most tools on the Cisco Support and Documentation website requires a Cisco com user ID and password Feature Information for Configuring IEEE 802 3ad Link Bundling The following table provides release information about the feature or features described in this module This table lists only the software release that introduced su...

Страница 398: ...n the Cisco ASR 920 Series Aggregation Services Router ASR 920 12CZ A ASR 920 12CZ D ASR 920 4SZ A ASR 920 4SZ D Cisco IOS XE Release 3 13 0S Configuring IEEE 802 3ad Link Bundling Carrier Ethernet Configuration Guide Cisco ASR 920 Series 380 Configuring IEEE 802 3ad Link Bundling Feature Information for Configuring IEEE 802 3ad Link Bundling ...

Страница 399: ...e Information Your software release may not support all the features documented in this module For the latest caveats and feature information see Bug Search Tool and the release notes for your platform and software release To find information about the features documented in this module and to see a list of the releases in which each feature is supported see the feature information table Use Cisco...

Страница 400: ...hannel interfaces or port channel member links is not supported Combined Egress local SPAN bandwidth supported is 1 GB Local SPAN is not supported on logical interfaces such as VLANs or EFPs Up to 14 active local SPAN sessions ingress and egress are supported The router supports up to 14 ingress sessions and up to 12 egress sessions Only one local SPAN destination interface is supported You cannot...

Страница 401: ...terface with a set of source interfaces You can configure local SPAN sessions to monitor all traffic in a specified direction Local SPAN sessions allow you to monitor traffic on one or more interfaces and to send either ingress traffic egress traffic or both to one destination interface Local SPAN sessions do not interfere with the normal operation of the switch You can enable or disable SPAN sess...

Страница 402: ... ports or Vlans across your network with an RSPAN Vlan The RSPAN Vlan BD on the router is the destination RSPAN session RSPAN Traffic RSPAN supports source ports and source Vlans in the source switch and destination as RSPAN Vlan BD The figure below shows the original traffic from the Host A to Host B via the source ports or Vlans on Host A The source ports or Vlans of Host A is mirrored to Host B...

Страница 403: ...re associated with the RSPAN Vlan towards the destination side On the destination side a port belonging to the RSPAN Vlan or EVC BD is connected to sniffer device Destination Interface A destination interface also called a monitor interface is a switched interface to which SPAN or RSPAN sends packets for analysis You can have only one destination interface for SPAN sessions An interface configured...

Страница 404: ...rted rewrite traffic for RSPAN on the EFP Trunk with the associated RSPAN bridge domains Table 22 Rewrite Traffic for RSPAN BD EFP Trunk associated with RSPAN BD Source Rewrite Operations Only Pop1 Pop1 Pop2 Push1 no rewrite The following tables lists the format of the spanned packets at the destination port for both Ingress and Egress RSPAN The tables lists the formats of untagged single and doub...

Страница 405: ...tag packet RSPAN BD tag source outer tag source inner tag packet no rewrite pop1 tag pop2 tag push1 tag Table 24 Destination Port Ingress and Egress Spanned Traffic for TEFP RSPAN BD Egress Traffic Ingress Traffic RSPAN Vlan BD rewrite pop1 tag symmetric RSPAN Vlan BD rewrite pop1 tag symmetric Untagged traffic Source port rewrite RSPAN BD tag packet RSPAN BD tag packet no rewrite NA NA pop1 tag N...

Страница 406: ...or RSPAN BD with VPLS Pseudowire Egress Traffic Ingress Traffic RSPAN Vlan BD rewrite pop1 tag symmetric RSPAN Vlan BD rewrite pop1 tag symmetric Untagged traffic Source port rewrite RSPAN BD tag packet RSPAN BD tag packet no rewrite NA NA pop1 tag NA NA pop2 tag NA NA push1 tag RSPAN Vlan BD rewrite pop1 tag symmetric RSPAN Vlan BD rewrite pop1 tag symmetric Single traffic Source port rewrite RSP...

Страница 407: ...ot subslot port rx tx both 4 destination interface interface_type slot subslot port 5 no shutdown DETAILED STEPS Purpose Command or Action Enters global configuration mode configure terminal Example Router configure terminal Step 1 Specifies the local SPAN session number and enters the local monitoring configuration mode monitor session session_number type local Example Router config monitor sessi...

Страница 408: ... config mon local destination interface gigabitethernet 0 2 4 interface_type Specifies the Gigabit Ethernet or Ten Gigabit Ethernet interface slot subslot port The location of the interface List of interfaces Range of interfaces Enables the local SPAN session no shutdown Example Router config mon local no shutdown Step 5 Removing Sources or Destinations from a Local SPAN Session To remove sources ...

Страница 409: ...ring RSPAN Source Session To configure the source for a RSPAN session SUMMARY STEPS 1 enable 2 configure terminal 3 monitor session RSPAN_source_session_number type rspan source 4 source single_interface slot subslot port single_vlan rx tx both 5 destination remote vlan rspan_vlan_ID 6 no shutdown 7 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Rou...

Страница 410: ...gabit Ethernet interface slot subslot port The location of the interface session 1 source interface gigabitethernet 0 2 1 tx single_vlan Specifies the single VLAN both Optional Monitors the received and the transmitted traffic rx Optional Monitors the received traffic only tx Optional Monitors the transmitted traffic only Associates the RSPAN source session number session number with the RSPAN VLA...

Страница 411: ... RSPAN_destination_session_number Valid sessions are 1 to 80 Example Router config monitor session 1 type rspan destination rspan destination Enters the RSPAN destination session configuration mode Associates the RSPAN destination session number RSPAN VLAN source remote vlan rspan_vlan_ID Example Router config mon rspan dst source remote vlan2 Step 4 rspan_vlan_ID Specifies the Vlan ID Associates ...

Страница 412: ...e_vlan both rx tx 5 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Router enable Enter your password if prompted Enters global configuration mode configure terminal Example Router configure terminal Step 2 Configures an RSPAN source session number and enters RSPAN source session configuration mode for the session monitor session session_number Examp...

Страница 413: ...al Monitors the transmitted traffic only Exits configuration mode end Example Router config mon rspan src end Step 5 Sample Configurations The following sections contain configuration example for SPAN and RSPAN on the router Configuration Example Local SPAN The following example shows how to configure local SPAN session 8 to monitor bidirectional traffic from source interface Gigabit Ethernet inte...

Страница 414: ...n The following example shows how to configure interface Gigabit Ethernet 0 0 1 as the destination for RSPAN session 2 Router config monitor session 2 type RSPAN destination Router config mon RSPAN dst source remote VLAN 100 Router config mon RSPAN dst destination interface gigabitEthernet 0 0 1 Router config mon RSPAN dst end Verifying Local SPAN and RSPAN Use the show monitor session command to ...

Страница 415: ...tps www cisco com c en us td docs ios xml ios mcl allreleasemcl all book html Cisco IOS commands Standards and RFCs Title Standard RFC No specific Standards and RFCs are supported by the features in this document MIBs MIBs Link MIB To locate and download MIBs for selected platforms Cisco IOS releases and feature sets use Cisco MIB Locator found at the following URL http www cisco com go mibs Carri...

Страница 416: ... in a given software release train Unless noted otherwise subsequent releases of that software release train also support that feature Use Cisco Feature Navigator to find information about platform support and Cisco software image support To access Cisco Feature Navigator go to www cisco com go cfn An account on Cisco com is not required Table 26 Feature Information for Local SPAN and RSPAN Featur...

Страница 417: ...Carrier Ethernet Configuration Guide Cisco ASR 920 Series 399 Configuring Switched Port Analyzer Feature Information for Local SPAN and RSPAN ...

Страница 418: ...Carrier Ethernet Configuration Guide Cisco ASR 920 Series 400 Configuring Switched Port Analyzer Feature Information for Local SPAN and RSPAN ...

Страница 419: ...ayer 2 control frames such as spanning tree Bridge Protocol Data Units BPDUs or Cisco proprietary protocol frames such as Cisco Discovery Protocol CDP without mixing the service provider s own traffic and with other customer traffic in the service provider s network A provider bridge is just like a standard 802 1Q bridge but it imposes a set of requirements defined by IEEE 802 1ad standards on a p...

Страница 420: ...upported Termination of Layer3 interfaces is not supported QoS support is same as supported on the 802 1q EVCs QoS support for classification marking weighted tail drop is not supported on 802 1ad EVCs Routing over BDI with 802 1ad EVC is not supported Outer tag Ethertype 0X88a8 is only supported Global dot1ad command is not supported Ethernet 802 1ad is not supported on port channels VPLS is not ...

Страница 421: ...ush Cross Connect Not supported Supported Push C UNI S UNI NA NA NA NNI Information About 802 1ad 802 1ad Ports In 802 1ad a port is configured as either a customer user network interface C UNI a service provider UNI S UNI or a network to network interface NNI Only Layer 2 interfaces can be 802 1ad ports C UNI an be either an access port or an 802 1Q trunk port The port uses the customer bridge ad...

Страница 422: ...customer must be isolated from one another For Layer 2 protocols within customer domains to function properly geographically separated customer sites must appear to be connected via a LAN and the provider network must be transparent The IEEE has reserved 33 Layer 2 MAC addresses for customer devices that operate Layer 2 protocols If a provider bridge uses these standard MAC addresses for its Layer...

Страница 423: ...ents are C VLAN aware and can insert or remove a C VLAN 802 1Q tag The C bridge UNI port is capable of identifying the customer 802 1Q tag and inserting or removing an S tag on the packet on a per service instance or C VLAN basis A C VLAN tagged service instance allows service instance selection and identification by C VLAN The 801 1ad customer user network interfaces C UNIs implement the C compon...

Страница 424: ... 00 00 0F Reserved for future standardization The table below shows Layer 2 MAC addresses that are reserved for the S VLAN component These addresses are a subset of the C VLAN component addresses and the C bridge does not forward the bridge protocol data units BPDUs of a provider to a customer network Table 28 Reserved Layer 2 MAC Addresses for the S VLAN Component Value Assignment 01 80 C2 00 00 ...

Страница 425: ...rotocol Data Units BPDUs 01 80 C2 00 00 00 Drop Drop Drop 802 3X Pause Protocol 01 80 C2 00 00 01 Peer Peer Peer Slow protocol address 802 3ad LACP 802 3ah OAM 01 80 C2 00 00 02 Not supported Not supported Not supported 802 1x 01 80 C2 00 00 03 Drop Drop Drop Reserved for future media access method 01 80 C2 00 00 04 Drop Drop Drop Reserved for future media access method 01 80 C2 00 00 05 Drop Drop...

Страница 426: ...ol GVRP address 01 80 C2 00 00 0D Data Data may Peer 802 1ab Link Layer Discovery Protocol LLDP 01 80 C2 00 00 0E Drop Drop Drop Reserved for future C bridge or Q bridge use 01 80 C2 00 00 0F Not supported Not supported Not supported All bridge domains 01 80 C2 00 00 10 Data Data Data GARP Multicast Registration Protocol GMRP 01 80 C2 00 00 20 Data Data Data Generic VLAN Registration Protocol GVRP...

Страница 427: ...he IEEE 802 1ad on Service Instances Note Only encapsulation default command is supported on S UNI ports SUMMARY STEPS 1 enable 2 configure terminal 3 interface interface id 4 ethernet dot1ad nni uni c port s port 5 service instance number ethernet name 6 encapsulation default dot1q priority tagged untagged 7 bridge domain bridge id split horizon group group id 8 rewrite ingress tag pop 1 2 symmet...

Страница 428: ...identifier an integer from 1 to 4000 Optional ethernet name is the name of a previously configured EVC You do not need to use an EVC name in a service instance Configure encapsulation type for the service instance encapsulation default dot1q priority tagged untagged Step 6 default Configure to match all unmatched packets Example Router config if srv encapsulation dot1q 10 dot1q Configure 802 1Q en...

Страница 429: ... do1ad tag Valid Vlan ID range is from 1 to 4094 dot1q vlan id Specifies the 802 1 do1q tag Valid Vlan ID range is from 1 to 4094 Return to privileged EXEC mode end Example Router config if srv end Step 9 Configuration Examples The example shows the C UNI port interface GigabitEthernet0 3 7 ethernet dot1ad uni c port service instance 20 ethernet encapsulation dot1q 20 rewrite ingress tag push dot1...

Страница 430: ...nter your password if prompted Enter global configuration mode configure terminal Example Router configure terminal Step 2 Enter interface configuration mode Valid interfaces are physical ports interface interface id Example Router config interface gigabitethernet0 0 1 Step 3 Configures Trunk EFP on dot1ad NNI and C UNI ports on the interface ethernet dot1ad nni uni c port Example Router config if...

Страница 431: ...on packets at ingress rewrite ingress tag pop 1 2 symmetric Example Router config if srv rewrite ingress tag pop 1 symmetric Step 8 pop 1 Pop remove the outermost tag pop 2 Pop remove the two outermost tags symmetric Configure the packet to undergo the reverse of the ingress action at egress If a tag is popped at ingress it is pushed added at egress This keyword is required for rewrite to function...

Страница 432: ...fault dot1q priority tagged untagged 7 rewrite ingress tag push dot1ad vlan id dot1q vlan id symmetric 8 xconnect peer router id vcid pw class pw class name 9 end DETAILED STEPS Purpose Command or Action Enables privileged EXEC mode enable Step 1 Example Router enable Enter your password if prompted Enter global configuration mode configure terminal Example Router configure terminal Step 2 Enter i...

Страница 433: ...q 10 dot1q Configure 802 1Q encapsulation See Encapsulation for details about options for this keyword priority tagged Specify priority tagged frames VLAN ID 0 and CoS value of 0 to 7 untagged Map to untagged VLANs Only one EFP per port can have untagged encapsulation Optional Specify that encapsulation modification to occur on packets at ingress rewrite ingress tag push dot1ad vlan id dot1q vlan ...

Страница 434: ...GigabitEthernet0 3 7 ethernet dot1ad uni s port service instance 20 ethernet encapsulation default rewrite ingress tag push dot1ad 30 symmetric xconnect 2 2 2 2 20 encap mpls The example shows the NNI port interface GigabitEthernet0 3 7 ethernet dot1ad nni service instance 20 ethernet encapsulation dot1ad 20 xconnect 2 2 2 2 20 encap mpls Verifying IEEE 802 1ad Use the show ethernet do1adcommands ...

Страница 435: ...ment Title Related Topic https www cisco com c en us td docs ios xml ios mcl allreleasemcl all book html Cisco IOS commands Standards and RFCs Title Standard RFC No specific Standards and RFCs are supported by the features in this document MIBs MIBs Link MIB To locate and download MIBs for selected platforms Cisco IOS releases and feature sets use Cisco MIB Locator found at the following URL http ...

Страница 436: ...atures described in this module This table lists only the software release that introduced support for a given feature in a given software release train Unless noted otherwise subsequent releases of that software release train also support that feature Use Cisco Feature Navigator to find information about platform support and Cisco software image support To access Cisco Feature Navigator go to www...

Страница 437: ...ing MAC Address Limiting on a Service Instance 99 D default configuration 20 EVCs 20 Displaying the Last Violation on a Specific Service Instance 117 Example 117 Displaying the MAC Addresses of All Secured Service Instances 118 Example 118 Displaying the MAC Addresses on a Specific Secure EFP 117 Example 117 Displaying the MAC Addresses on all Service Instances for a Bridge Domain 118 Example 118 ...

Страница 438: ... and Bridge Domains 82 R Restrictions for MAC Address Limiting for Service Instances and Bridge Domains 82 Restrictions for MAC Address Limiting on Service Instances and Bridge Domains 82 S service instance 14 15 21 configuration mode 14 configuring 21 creating 14 defined 14 encapsulation 15 Showing the Last Violation Recorded on Each Service Instance on a Specific Bridge Domain 112 Showing the MA...

Отзывы:

Нет отзывов

Похожие инструкции для ASR 920 series

Бренд: Hama Страницы: 10

Бренд: Zonet Страницы: 8

Бренд: C-Data Страницы: 26

Бренд: Allnet Страницы: 12

Бренд: Telebyte Страницы: 19

Бренд: NETGEAR Страницы: 84

Бренд: Teknim Страницы: 10

Бренд: Ruckus Wireless Страницы: 2

Бренд: Rosewill Страницы: 10

8677 - BladeCenter Rack-mountable - Power Supply

Бренд: IBM Страницы: 126

Бренд: UfiSpace Страницы: 34

Бренд: ZyXEL Communications Страницы: 3

Бренд: Buffalo Страницы: 2

airPoint Nexus sB3210

Бренд: SmartBridges Страницы: 55

Бренд: H3C Страницы: 62

LN1000 - RELEASE NOTES 8-27-2010

Бренд: Juniper Страницы: 64

ReadyNAS Duo v2

Бренд: NETGEAR Страницы: 100

Бренд: Thecus Страницы: 90

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды