Chapter 77: VPLS management
Overview
Purpose
VPLS is a class of virtual private network multipoint L2 service that allows multiple customer sites to be connected in a single bridged domain contained within the service provider-managed IP/MPLS network. Customer sites in the VPLS appear to be on the same LAN, even if the sites are geographically dispersed.
VPLS offers the following advantages:
-
Ethernet interfaces on the host access side simplify provisioning.
-
All routers in the VPLS are part of the same LAN, which simplifies IP addressing and allows customers to control and simplify their routing strategies.
-
VPLS is protocol independent, which means there is no L2 protocol conversion between LAN and WAN technologies.
You can use HVPLS to eliminate the need for a full mesh of virtual circuits between devices in the VPLS. See HVPLS in this section for more information.
A VPLS can span a single site or multiple sites. A VPLS that spans a single site is called a local VPLS. In a local VPLS, customer data enters the service through multiple access interfaces on a single PE device. No circuit provisioning is required for the local VPLS.
A VPLS that spans multiple sites is called a distributed VPLS. In a distributed VPLS, customer data enters the service using two or more interfaces on different PE devices. The VPLS is transported by service circuits over an IP/MPLS provider core network carried by service tunnels. Service tunnels are created using GRE or MPLS LSPs.
The NFM-P supports end-to-end VPLS configuration using tabbed configuration forms with an embedded navigation tree.
The General tab of the NFM-P service management form displays useful information about the operational state of the service and its sites through the Aggregated Operational State and State Cause indicators.
The Aggregated Operational State indicator has four possible values: Up, Down, Partially Down, and Unknown. The value is derived from the operational states of the sites that are part of the service, as follows:
When the Aggregated Service Site Operational State is Partially Down or Down, a check mark appears beside the appropriate State Cause indicator to identify the type of fault to the NFM-P operator. Alarms can be viewed on the Faults page.
When you use the NFM-P to create or discover a service, the NFM-P assigns a default tier value to the service. The Service Tier parameter value is relevant only in the context of composite service topology map views. See Chapter 85, Composite service management for more information about the hierarchical organization of composite services.
Common to all services, such as VPLS, are policies that are assigned to the service. Policies are defined at a global level and can then be applied to components of the service, such as interfaces and circuits, when the service is configured or modified.
The following policies are common to all services:
-
QoS policies to define ingress classification, policing, shaping, and marking on the ingress side of the interface. QoS policies are configured using the Access Ingress Policy Manager and the Access Egress Policy Manager.
-
Policer control policies to control access ingress policers and access egress policers under a common hierarchy. Policer control policies are configured using the Policer Control Policy Manager.
-
Scheduling policies to define hierarchical rate limiting and scheduling to govern the scheduling of queues. Scheduler policies are configured using the Scheduler Policy Manager.
-
Port scheduler policies define hierarchical bandwidth allocation and scheduling at the egress port level. Port scheduler policies are configured using the Port Scheduler Policy and HSMDA Scheduler Policy forms.
-
Filter policies to control network traffic into or out of an interface or circuit based on IP or MAC matching criteria. Filter policies are configured using the ACL IP Filter Manager and the ACL MAC Filter Manager.
-
Accounting policies to count the traffic on a service to ensure proper billing and enforcement of SLAs. Accounting policies are configured using the Accounting Policy Manager.
-
ANCP policies provide status and control information based on port-up and port-down messages and current line rate changes between the edge device and the access node. ANCP policies are configured using the Manage Subscriber Policies form.
-
Time of day suites specify time and day restriction policies that are assigned to QoS policies and schedulers, ACL filters, and aggregation schedulers. Time of day suites and time range policies are configured using the Time of Day Suite form and Time Range form, respectively.
See Chapter 49, Policies overview for more information about policies.
Packets that arrive at an edge device are associated with a VPLS based on the access interface on which they arrive. An access interface is uniquely identified using the following parameters:
If there are service issues, the service provider can use OAM tools to troubleshoot service and network transport issues, and ensure problems are handled properly through the physical and logical network.
To provide a VPLS over an MPLS infrastructure, the device is configured to provide bridging and replication for each VPLS. The routers that are part of the VPLS are connected by MPLS LSPs. Multiple VPLS can use the same set of service tunnels. Multiple service tunnels can rely on multiple LSPs. The signaling is specified in sets of ingress and egress VC labels for each VPLS.
The following additional features are configured for the VPLS:
-
MAC learning for the access ports and tunnels, including filtering based on MAC addresses on a per SAP basis
-
MAC learning protection on SAPs to prevent DoS attacks from sourcing
-
rate limiting of broadcast, destination unknown, and multicast traffic on a per access port basis
-
FIB for each VPLS, including FIB size limits, static MAC addresses, alarms, and discarding unknown locations
You can run an OAM Validation test suite for the service by clicking on the Validate button. If the Validate button is not visible, click on More Actions and choose Validate. Alternatively, you can also perform a One Time Validation. If a check mark appears beside the OAM Validation Failed state cause indicator, the test has failed. In addition, the Tested Entity Result tab on the Tests tab displays detailed information about the OAM test result. OAM validation tests are not supported for HVPLS.
Contents
To modify a VLPS using the topology view
To view the service topology associated with a VPLS
To view the VPLS operational status
To configure a VPLS for AA reporting
To configure an Ethernet segment
To assign a multicast package policy to a VPLS
To configure bandwidth management for a VPLS
To add protected MAC addresses to a VPLS
To connect a G.8032 Ethernet ring to a VPLS
To configure custom object attributes for AA reporting
To create a B-site for VPLS or MVPLS
To view SPB fate-shared objects
To list the SPB instances on an NE
To create a static ISID range on a VPLS B-L2 access interface or spoke SDP binding
To run a VPLS service OAM validation test
To add or modify FIB entries associated with a VPLS
To list FIB entries associated with a VPLS
To view IGMP snooping queriers
VPLS site management procedures
To configure a GNE site on a VPLS service
To configure MFIB, STP, FIB, and MAC learning protection for a VPLS site
To configure SHCV for a VPLS site
To configure a default gateway for a VPLS site
To configure ingress multicast forwarding on a VPLS site
To configure a provider tunnel for a VPLS site
To configure service tunnel required bandwidth for a VPLS site
To configure IGMP snooping on a VPLS site
To configure PIM snooping on a VPLS site
To create an endpoint for redundancy (dual homing) on a VPLS site
To configure an SHG on a VPLS site
To configure an EVPN gateway on a VPLS site
To configure proxy ARP for a VPLS site
To configure proxy node discovery for a VPLS site
To configure MVR for a VPLS site
To configure a GSMP group on a VPLS site
To configure L2 management interfaces on a VPLS site
To configure MLD snooping on a VPLS site
To create a Virtual MEP on a VPLS site
To configure MVR for MLD on a VPLS site
To configure IGMP host tracking on a VPLS site
To configure WLAN GW L2 wholesale forwarding on a VPLS site
To configure a non-system IP address VXLAN termination
To configure EVPN on a VPLS site
To configure segment routing v6 on a VPLS site
To configure PBB-EVPN on a VPLS site
To configure a black hole MAC address on a VPLS site
To enable SPB on a control B-VPLS site
To enable SPB on a user B-VPLS site
To view the last cleared BFD statistics and sessions on a VPLS site
To enable the automatic selection of an RD on a VPLS site
To create a static B-MAC on a B-VPLS site
To create an ISID policy on a control or user B-VPLS site
VPLS access interface management procedures
To create a VPLS or MVPLS L2 access interface
To configure LAG per-link hashing on a VPLS L2 access interface
To assign QoS policies or to enable a MAC override address to a VPLS or MVPLS L2 access interface
To assign ingress and egress QoS policies to a VPLS L2 access interface on a 7210 SAS site
To configure scheduling on an L2 access interface
To configure BPDU Termination, STP, and FIB parameters for the VPLS L2 access interface
To assign a DoS protection policy or DDoS protection policy to the VPLS L2 access interface
To configure residential subscriber management for the VPLS L2 access interface
To configure an Ethernet tunnel on a VPLS L2 access interface
To configure a redundant VLAN range on a VPLS L2 access interface
To configure IGMP snooping for a VPLS L2 access interface
To configure the ARP host for the VPLS L2 access interface
To configure DHCP for the VPLS L2 access interface
To configure MVR for a VPLS L2 access interface
To configure anti-spoofing filters for a VPLS L2 access interface
To create MIPs and MEPs on a VPLS L2 access interface
To assign an ANCP policy to a VPLS L2 access interface
To configure PIM snooping on a VPLS L2 access interface
To configure MLD snooping for a VPLS L2 access interface
To configure MVR (MLD) for a VPLS L2 access interface
To create a VPLS or MVPLS B-L2 access interface
To create a VPLS I-L2 access interface
To configure ETree on a VPLS L2 access interface
To configure DHCPv6 snooping for a VPLS or MVPLS L2 access interface
To create a VPLS or MVPLS mesh SDP binding
To create a VPLS or MVPLS spoke SDP binding
To configure an MPLS-TP static pseudowire on a VPLS spoke SDP binding
To assign a DoS protection policy to a VPLS SDP binding
To configure DHCP for the VPLS SDP binding
To configure IGMP snooping for the VPLS SDP binding
To configure ETree on a VPLS SDP binding
To create a MIP on a VPLS SDP binding
To create a MEP on a VPLS SDP binding
To configure MLD Snooping for the VPLS SDP binding
To configure BFD on a VPLS SDP binding
To clear BFD sessions and statistics on a VPLS SDP binding
To view the BFD session status on a VPLS SDP binding
To configure PIM snooping for a VPLS spoke SDP binding
To configure learning protection parameters on a VPLS SDP binding
To configure custom object attributes for AA reporting for a spoke SDP binding
To force a switchover to a redundant spoke SDP binding
To configure DHCPv6 snooping for the VPLS or MVPLS SDP binding
BGP AD and BGP VPLS procedures
To configure the VPLS for BGP auto-discovery
To configure a site for BGP AD or BGP VPLS
To configure a site for BGP VPLS Multi-homing
To re-evaluate the PW Templates associated with a BGP AD or BGP VPLS
To assign tunnel administrative groups to a BGP or BGP AD VPLS