VPLS
This chapter provides an overview of virtual private LAN service (VPLS) on the 7705 SAR.
Topics in this chapter include:
VPLS overview
Virtual private LAN service (VPLS), as described in RFC 4762, Virtual Private LAN Service (VPLS) Using Label Distribution Protocol (LDP) Signaling, is a type of virtual private network service that allows the connection of multiple sites in a single bridged domain over a provider-managed IP/MPLS network or a Layer 2 Ethernet bridged network. The customer sites in a VPLS instance appear to be on the same LAN, regardless of their location. VPLS uses a native Ethernet SAP or a bridged PDU encapsulated SAP on the customer-facing (access) side, which simplifies the LAN/WAN boundary and allows for rapid and flexible service provisioning.
VPLS offers a balance between point-to-point pseudowire service (such as Epipe and Ipipe) and outsourced routed services (VPRN). Unlike VPRN service, VPLS enables each customer to maintain control of their own routing strategies. All customer routers in the VPLS service are part of the same subnet (LAN), which simplifies the IP addressing plan, especially when compared to a mesh architecture constructed from many separate point-to-point connections. The VPLS service management is simplified because the service is not aware of, nor participates in, the IP addressing and routing.
A VPLS service provides connectivity between two or more SAPs on one (local service) or more (distributed service) service routers. The connection appears to be a bridged domain to the customer sites so that protocols, including routing protocols, can traverse the VPLS service.
Other VPLS advantages include:
VPLS is a transparent, protocol-independent bridged service
no Layer 2 protocol conversion between LAN and WAN technologies
no need to design, manage, configure, and maintain separate WAN access equipment, thereby eliminating the need to train personnel on WAN technologies such as ATM, IP over ATM, IP over PPP, and so on
VPLS is supported on the cards and platforms listed below. A VPLS SAP can reside on the following ports:
any Ethernet port (null or tagged) in access mode
on a 6-port Ethernet 10Gbps Adapter card with CLI identifier a6-eth-10G or a6-eth-10G-e installed on a 7705 SAR-8 Shelf V2 or a 7705 SAR-18
on an 8-port Gigabit Ethernet Adapter card with CLI identifier a8-1gb-sfp, a8-1gb-v2-sfp, or a8-1gb-v3-sfp installed on a 7705 SAR-8 Shelf V2 or 7705 SAR-18
on a 10-port 1GigE/1-port 10GigE X-Adapter card in 10-port 1GigE mode with CLI identifier for mda-mode x10-1gb-sfp installed on a 7705 SAR-18
on a 7705 SAR-M with CLI identifier i7-1gb
on a 4-port SAR-H Fast Ethernet module
on a 6-port SAR-M Ethernet module
on a 7705 SAR-A
on a 7705 SAR-Ax
on a 7705 SAR-Wx
on a 7705 SAR-H with CLI identifier i8-1gb
on a 7705 SAR-Hc with CLI identifier i6-1gb
on a 7705 SAR-X with CLI identifier i7-mix-eth
any port using ATM encapsulation on a 4-port OC3/STM1 Clear Channel Adapter card installed on a 7705 SAR-8 Shelf V2 or 7705 SAR-18
The transport of VPLS service is supported by LDP, GRE, and RSVP-TE tunnels, as well as static LSPs and dot1q-, qinq-, or null-encapsulated Ethernet SAPs at uplink.
VPLS scalability can be enabled with the vpls-high-scale command, allowing the 7705 SAR-8 Shelf V2 and 7705 SAR-18 to support up to 255 VPLS instances on access and network links on the following cards:
2-port 10GigE (Ethernet) Adapter card
8-port Gigabit Ethernet Adapter card
10-port 1GigE/1-port 10GigE X-Adapter card
Packet Microwave Adapter card
4-port OC3/STM1 / 1-port OC12/STM4 Adapter card
See the 7705 SAR Basic System Configuration Guide, ‟System Command Reference”, for more information.
VPLS redundancy
Redundancy for a VPLS instance is provided using the endpoint concept to define primary and secondary spoke SDPs. This type of redundancy functions in a similar manner to PW redundancy. See Pseudowire redundancy for more information.
In addition, VPLS supports Spanning Tree Protocol (STP) on a per-VPLS instance basis, as well as management VPLS (mVPLS), where several VPLS instances are associated with a single STP instance running over redundant SAPs. The result of this STP is applied to the other VPLS services associated with the mVPLS instance. The VLAN range covering SAPs to be managed by a mVPLS instance is set under a specific mVPLS SAP definition. The 7705 SAR supports RSTP on the designated VLAN for fast detection of failures. See VPLS and spanning tree protocol for more information.
Access control and traffic management
Access control to and within VPLS is controlled via IP and MAC filter policies for ingress SAPs and SDPs (spoke and mesh), and IP filter policies for egress Ethernet SAPs. Traffic Management (TM) support at ingress and egress for unicast traffic is almost the same as TM support for an Ethernet PW SAP. The TM implementation is extended to support:
at SAP ingress, queue selection for unicast and for broadcast, multicast, and unknown (BMU) traffic
at network ingress, separate unicast and BMU queues
at access ingress, ATM traffic (unicast and BMU) mapped to a single queue
Split horizon
Within the context of VPLS services, a loop-free topology within a fully meshed VPLS core is achieved by applying a split-horizon forwarding concept whereby packets received from a mesh SDP are never forwarded to other mesh SDPs within the same service. The advantage of this approach is that no protocol is required to detect loops within the VPLS core network.
The 7705 SAR supports split horizon groups (SHGs) and residential SHGs, making it possible to control how traffic is propagated via configuring and applying forwarding directions to the received traffic. SHGs prevent multicast traffic from flowing within the same group, thereby preventing any loops.
In applications such as DSL aggregation, it is useful to extend the split-horizon concept to groups made up of SAPs and spoke SDPs. This extension is referred to as a split horizon group or residential bridging.
Traffic arriving on a SAP or a spoke SDP within a split horizon group is not copied to other SAPs and spoke SDPs in the same split horizon group; however, it is copied to SAPs and spoke SDPs in other split horizon groups, if these exist within the same VPLS.
Residential SHGs are only supported by ATM encapsulated SAPs. Residential (ATM) SAPs do not forward broadcast or unknown traffic; they only process known unicast traffic. Residential SAPs allow one queue per direction (ingress and egress) for all traffic types (unicast and BMU). In addition, OAM processing is allowed on residential (ATM) SAPs.
OAM support includes support for VPLS mac-ping, mac-trace, and cpe-ping.
Additional 7705 SAR support for VPLS service includes capabilities such as DHCP relay (on Ethernet SAPs). See VPLS enhancements.
VPLS packet walkthrough
This section describes an example of VPLS processing based on the network shown in the following figure.
PE router A (Access port ingress packet format and lookup):
Service packets arriving at PE A are associated with a VPLS service instance (VPLS service 2) based on the combination of the physical port and the IEEE 802.1Q tag (VLAN ID) in the packet, if applicable.
PE A learns the source MAC address in the packet and creates an entry in the forwarding database (FDB) table that associates the MAC address with the SAP on which it was received.
The destination MAC address in the packet is looked up in the FDB table for the VPLS instance. There are two possibilities: either the destination MAC address has already been learned (known MAC address) or the destination MAC address is not yet learned (unknown MAC address).
Figure 2. Access port ingress packet format and lookup 
For a known MAC Address (Network port egress packet format and flooding):
If the destination MAC address has already been learned by PE A, an existing entry in the FDB table identifies the far-end PE router and the service VC label (inner label) to be used before sending the packet to far-end PE C.
PE A chooses a transport LSP to send the customer packets to PE C. The customer packet is sent on this LSP when the IEEE 802.1Q tag is stripped and the service VC label (inner label) and the transport label (outer label) are added to the packet.
For an unknown MAC Address (Network port egress packet format and flooding):
If the destination MAC address has not been learned, PE A will flood the packet to both PE B and PE C that are participating in the service by using the VC labels that each PE router previously signaled for the VPLS instance. The packet is not sent to PE D because this VPLS service does not exist on that PE router.
Figure 3. Network port egress packet format and flooding 
Core router switching:
All the core routers (P routers in IETF nomenclature) between PE A and routers PE B and PE C are label switching routers (LSRs) that switch the packet based on the transport (outer) label of the packet until the packet arrives at the far-end PE router. All core routers are unaware of the content of the LSP payload (that is, the core routers do not know that this traffic is associated with a VPLS service).
PE router C:
PE C strips the transport label of the received packet to reveal the inner VC label. The VC label identifies the VPLS service instance to which the packet belongs.
PE C learns the source MAC address in the packet and creates an entry in the FDB table that associates the MAC address to PE A and the VC label that PE A signaled for the VPLS service.
The destination MAC address in the packet is looked up in the FDB table for the VPLS instance. Again, there are two possibilities: either the destination MAC address has already been learned (known MAC address) or it has not been learned on the access side of PE C (unknown MAC address).
For a known MAC Address (Access port egress packet format and lookup):
If the destination MAC address has been learned by PE C, an existing entry in the FDB table identifies the local access port and the IEEE 802.1Q tag to be added before sending the packet to customer Location-C. The egress Q tag may be different from the ingress Q tag.
For an unknown MAC Address (Access port egress packet format and lookup):
PE C will flood packets, as applicable.
Figure 4. Access port egress packet format and lookup
Bridged mobile backhaul
The following figure shows a PW-based backhaul option for mobile operators, where 7705 SAR-initiated Ethernet PWs terminate at 7750 SR nodes. In most cases, the 7705 SAR-initiated PWs terminate into a VPRN or IES service for routing purposes, or into a VPLS service for MAC forwarding purposes. PW termination into VPLS prevents unwanted exposure of IP addresses and eliminates concerns about the effect of IP addresses that change, thereby avoiding reconfiguration of the VPRN or IES access interfaces and routing entries.
In addition, capacity changes in a radio network could make mobile operators shuffle their transmission links. A simple Layer 2-based backhaul could avoid this complication because the IP addresses are not required to be configured on SAPs (that is, the interfaces facing the base stations or similar equipment), meaning that the 7705 SAR and the backhaul network would not be impacted by mobile layer IP changes. Alternatively, the 7705 SAR implements VPLS to provide any-to-any connectivity at the Layer 2 level and an IP-agnostic network build-out option.
As is the case with VPRN, VPLS also supports multiple virtual forwarding instances. For example, in Local VPLS on 7705 SAR in mobile backhaul, the 7705 SAR access SAPs facing NodeB-1 and NodeB-2 are bound to VPLS-3G. Another VPLS instance can be configured on the same 7705 SAR for handling eNB 4G traffic. In such a scenario, MAC addresses learned via these two different VPLS instances are stored in separate FDBs ensuring virtualization, which is similar to multiple IP-VPN instances.
For the VPLS-3G example in the figure, upon receiving an Ethernet frame from a SAP, the 7705 SAR learns the MAC address and records it together with information from that SAP. If the destination MAC address is known, the 7705 SAR switches the received Ethernet frame to its destination. If the destination MAC address is not known, the 7705 SAR floods the frame to all possible destinations that are part of the same VPLS instance (that is, all the SAPs and the network site links).
On the network side, the 7705 SAR supports spoke SDPs to transport customer MAC frames. At ingress, the 7705 SAR strips off the dot1q or qinq header associated with the SAP and switches the Ethernet frame to its destination over the Ethernet PW. Loops can be avoided by using PW redundancy with standby signaling for spoke SDPs and mesh SDPs to ensure proper propagation of broadcast, multicast, and unknown (BMU) frames. Using standby signaling for spoke SDPs, the 7705 SAR ensures that only one spoke is active in the redundant PW deployment model. As a consequence, the 7750 SR disables the spoke SDP binding to VPLS for the standby PWs in order to ensure loop-free operation.
In the case where the 7705 SAR receives an Ethernet frame from a SAP bound to a VPLS and the destination MAC address is not known, it replicates the frame to all other SAPs that are part of the same VPLS and switches a copy of the frame over all the active Ethernet spoke and mesh SDPs. In the figure, the 7705 SAR would switch the incoming frame over an Ethernet PW to 7750 SR-1 after stripping off the incoming dot1q or qinq header.
In terms of label activity, the inner label (the Ethernet PW label for VPLS) identifies the VPLS instance to which the frame belongs, and the outer label identifies the far-end LER node. Using a two-label model means that the traffic from multiple VPLS instances can be transported over a single tunnel between two LER nodes with unique PW labels on a per-VPLS instance basis.
Upon receiving a VPLS packet, an LER uses the inner label to locate the correct FDB from which to perform MAC lookups. The associated FDB is checked against known and learned MAC addresses. If the lookup is successful, the frame is forwarded to the identified SAP with the appropriate dot1q or qinq header. If the lookup fails, the LER floods the frame to all SAPs that are members of the VPLS instance (that is, the VPLS instance designated by the inner PW label).
Multi-tenant unit termination
Local VPLS on 7705 SAR in mobile backhaul can also be used to show how the 7705 SAR can serve as an MTU as described in RFC 4762, section 10.2, to help the scalability of a VPLS core mesh architecture. To function as multi-tenant unit (MTU), the 7705 SAR is spoke SDP-terminated to a VPLS node (7750 SR node in the figure), eliminating the necessity to have a full mesh architecture for all VPLS-enabled nodes. Therefore the mesh requirement is "pushed" to the core nodes only (that is, to the 7750 SR nodes).
The 7750 SR nodes can be replaced by 7705 SAR nodes. Spoke-SDP termination to VPLS using 7705 SAR-18 routers illustrates this scenario, where a 7705 SAR MTU is spoke SDP-terminated to two 7705 SAR-18 nodes (7705 SAR-18_1 and 7705 SAR-18_2).
Using spoke-SDP termination means that it is important that the PW-signaling master node is a 7705 SAR (in Spoke-SDP termination to VPLS using 7705 SAR-18 routers, the node that initiates the redundant PWs is the cell site 7705 SAR). Therefore, only the 7705 SAR-18 that hosts the active spoke SDP will forward the Ethernet traffic to the 7705 SAR and the other 7705 SAR-18 will keep its spoke SDP in the operationally down state. If any failure of the active spoke SDP occurs (that is, if the PW activity switch takes place and the active endpoint of the PW moves from one 7705 SAR-18 to the other one), a mac-flush message is sent, which improves convergence times. In addition, the 7705 SAR-18 nodes can be configured to ignore standby signaling, which improves reconvergence times around failures for services that can tolerate dual-stream reception, such as broadcast TV.
VPLS features
Topics in this section include:
VPLS enhancements
The Nokia VPLS implementation includes several enhancements to basic VPN connectivity. The following VPLS features can be configured individually for each VPLS:
MAC and IP filter support (up to Layer 4). MAC and IP filters can be applied on a per-SAP ingress and per-SDP ingress (mesh and spoke) basis. IP filters can also be applied on a per-SAP egress basis (Ethernet SAPs only).
FDB management features on a per-service level, including:
configurable FDB size limit
FDB size alarms
MAC learning disable
discard unknown
separate aging timers for locally and remotely learned MAC addresses
ingress rate limiting for broadcast, multicast, and (destination) unknown (BMU) flooding on a per-SAP basis
implementation of STP parameters on a per-VPLS and per-SAP basis
SHG on a per-SAP and per-spoke SDP basis
DHCP snooping on a per-SAP basis
IGMP and MLD snooping on a per-SAP and per-SDP basis
optional spoke SDP redundancy to protect against node failure
The following figure illustrates VPLS enhancements using an example of ATM DSLAM backhaul, where the 7705 SAR may not be used solely for DSLAM backhaul purposes or not all the services might be bound to VPLS. In the figure, colocated IP DSLAM (ISAM) traffic can also be transported by the 7705 SAR.
Fabric mode
Similar to IES and VPRN services, to configure a VPLS instance, the fabric mode must be set to aggregate mode (not per-destination mode). VPLS service is therefore only supported by aggregate-mode fabric profiles. The CLI blocks the creation of a VPLS instance when the fabric mode is set to per-destination. When a VPLS instance is configured, attempting to change the fabric mode to per-destination is blocked.
Subscriber VLAN
The subscriber VLAN feature can be enabled for ATM SAPs bound to a VPLS instance. Subscriber VLAN supports only residential ATM SAPs.
The subscriber VLAN pushes a VLAN tag onto the received bridged PDU on a per-subscriber basis, which helps to uniquely identify subscribers throughout the entire network. After ATM-layer VC termination—where each subscriber has a unique identifier (port:vpi/vci)—all the subscribers would be sharing the same uplink. This may present problems to CO IP nodes (such as a BRAS) that want to offer per-subscriber services and identify the subscribers based on dot1q and VLAN tags, which is compatible with the model offered in a native Ethernet model. To maintain the uniqueness of a subscriber, a subscriber VLAN tag can be pushed as per the configuration settings (commonly referred to as customer-tag, or c-tag).
A subscriber VLAN has the following characteristics.:
When subscriber VLAN is enabled, a VLAN tag (c-tag) is pushed at ATM ingress and removed at ATM egress. In other words, a symmetrical push/pop operation is supported and cannot be enabled/disabled on a per-direction basis. The exception to this occurs when the Ethernet frame received from the network side does not have any additional VLAN tags; in this case, the received frame is forwarded over the ATM SAP "as is". That is, there is no pop operation or error message generated.
The ATM port is always considered to be "NULL", which means that when a frame is received at ATM egress from a dot1q port (Ethernet SAP to ATM SAP) or from a VLAN vc-type (network), the outer-most VLAN tag is removed (the subscriber tag, or s-tag). If subscriber VLAN is also enabled, the first two outer-most VLAN tags are removed (that is, the s-tag and the c-tag).
Because the ATM port is considered to be "NULL", when a frame is received at ATM ingress and is going out on a dot1q Ethernet SAP (SAP-to-SAP) or VLAN vc-type (network), a new VLAN tag is pushed (s-tag). If the subscriber VLAN is also enabled, a c-tag and an s-tag are pushed. In short, Ethernet frames at ATM ingress or egress are manipulated in the same way as a null encapsulated Ethernet port.
ATM encapsulated residential SAPs
For ATM encapsulated residential SAPs:
the 7705 SAR always transmits the bridge PDU (BPDU) without FCS (PID = 0x00-07)
the 7705 SAR supports reception of a BPDU both with FCS (PID = 0x00-01) and without FCS (PID = 0x00-07)
VPLS over MPLS
The VPLS architecture proposed in RFC 4664, Framework for Layer 2 Virtual Private Networks (L2VPNs) and RFC 4665, Service Requirements for Layer 2 Provider-Provisioned Virtual Private Networks, specifies the use of provider equipment (PE) that is capable of learning, bridging, and replicating on a per-VPLS basis. The PE routers that participate in the service are connected using MPLS LSP tunnels in a full mesh composed of mesh SDPs or based on an LSP hierarchy composed of mesh SDPs at the core and spoke SDPs as the access points.
Multiple VPLS instances can be offered over the same set of LSP tunnels. Signaling specified in RFC 4905, Encapsulation Methods for Transport of Layer 2 Frames over MPLS Networks, is used to negotiate a set of ingress and egress VC labels on a per-service basis. The VC labels are used by the PE routers for demultiplexing traffic arriving from different VPLS services over the same set of LSP tunnels.
VPLS is provided over MPLS by:
connecting bridging-capable PE routers with a full mesh of MPLS LSP tunnels
negotiating per-service VC labels using draft-Martini encapsulation
replicating unknown and broadcast traffic in a service domain
enabling MAC learning over tunnel and access ports (see VPLS MAC learning and packet forwarding)
using a separate forwarding database (FDB) per VPLS service
VPLS MAC learning and packet forwarding
The 7705 SAR edge devices perform the packet replication required for broadcast and multicast traffic across the bridged domain. MAC address learning is performed by the 7705 SAR to reduce the amount of unknown destination MAC address flooding.
7705 SAR routers learn the source MAC addresses of the traffic arriving on their access and network ports. Each 7705 SAR maintains an FDB for each VPLS service instance, and learned MAC addresses are populated in the FDB table of the service. All traffic is switched based on MAC addresses and forwarded between all participating 7705 SAR routers using the LSP tunnels. Unknown destination packets (for example, the destination MAC address has not been learned) are forwarded on all LSPs to the participating 7705 SAR routers for that service until the target station responds and the MAC address is learned by the 7705 SAR associated with that service.
Pseudowire control word
The control-word command enables the use of the control word individually on each mesh SDP or spoke SDP. The control word is optional and is disabled by default. When the control word is enabled, all VPLS packets are encapsulated along with the control word. The T-LDP control word signaling behavior is the same as that for the control word for VLL services. The configuration at the two endpoints of the VPLS service must match.
Agent circuit ID insertion
One of the main applications for VPLS is ATM DSLAM backhaul. DSL operators typically make use of PPPoE over ATM DSL lines for subscriber authentication, authorization, and accounting. When an ATM DSLAM is connected to VPLS service on a 7705 SAR such that the 7705 SAR offers an interworking function for ATM traffic to Ethernet traffic, the 7705 SAR can append the agent-circuit ID to the PPPoE frames received from the ATM DSLAM.
In accordance with RFC 4679, section 3.3.1: Agent-Circuit-ID, agent circuit ID information can be appended to PPPoE Active Discovery Initiation (PADI) and PPPoE Active Discovery Request (PADR) frames on bridged llc-snap encapsulated SAPs bound to an ATM VPLS instance. The following figure illustrates the signaling.
The following figure illustrates the agent circuit ID information, where the following definitions apply:
vendor-type is always the value 1
vendor-length is less than or equal to 65 bits
string is the access-node identifier (atm card/slot/port:vpi/vci), which is automatically assigned by the 7705 SAR to be the system-name (hostname)
Appending the agent circuit ID to a PADI or PADR frame is enabled and disabled via the pppoe-circuit-id command, which can be issued at the VPLS service and VPLS residential SAP levels. At the service level, the command sets the default value for all SAPs in the VPLS instance. At the SAP level, the command overrides the service level default. If there is a mix of enabled and disabled pppoe-circuit-id settings, reissuing the command at the service level will reset all SAPs to the new service level value.
As per the DSL Forum TR-101 April'06 specification, section 3.9.3, any PPPoE vendor-specific tag that may already be present in the received frame is replaced by the 7705 SAR client-id tag.
MAC filters
MAC filters offer the ability to transport Ethernet frames that match specific criteria over the service to which the frames are bound. The 7705 SAR supports MAC filters at a VPLS ingress SAP and ingress SDP (spoke and mesh). MAC filters can be set to accept or reject the transport of filtered Ethernet frames over the VPLS. Via MAC filters, it is possible to filter traffic received from a defined source or destined for a specific host. MAC filters are the equivalent of IP ACLs, but apply to the Layer 2 MAC layer.
MAC filters support the following fields:
source MAC address
destination MAC address
Ethertype
Any single item or combination of items can be used to define a MAC filter entry. For information on configuring MAC filters, see "Filter policies" in the 7705 SAR Router Configuration Guide.
FDB table management
The following sections describe VPLS features related to management of the FDB, including:
FDB size
FDB size alarms
local and remote aging timers
unknown MAC discard
These MAC table management features are required for each instance of a SAP or spoke SDP within a particular VPLS instance.
FDB size
Users can configure the MAC FDB size limits to specify the maximum number of MAC FDB entries that are learned locally for a SAP or a spoke SDP. If the configured limit is reached, no new addresses will be learned from the SAP until at least one FDB entry is aged out or cleared:
-
When the limit is reached on a SAP, packets with unknown source MAC addresses are still forwarded (this default behavior can be changed via configuration). By default, if the destination MAC address is known, it is forwarded based on the FDB, and if the destination MAC address is unknown, it is flooded. Alternatively, if discard unknown is enabled at the VPLS service level, any packets from unknown source MAC addresses are discarded at the SAP.
-
The log event "SAP MAC limit reached" is generated when the limit is reached. When the condition is cleared, the log event "SAP MAC Limit Reached Condition Cleared" is generated.
-
disable-learning allows users to disable the dynamic learning function on a SAP or a spoke SDP of a VPLS instance
-
disable-aging allows users to turn off aging for learned MAC addresses on a SAP or a spoke SDP of a VPLS instance
FDB size alarms
The size of the VPLS FDB can be configured with a low-water mark and a high-water mark, expressed as a percentage of the total FDB size limit. If the actual FDB size grows above the configured high-water mark percentage, an alarm is generated. If the FDB size falls below the configured low-water mark percentage, the alarm is cleared by the system.
Local and remote aging timers
Similar to a Layer 2 switch, learned MACs within a VPLS instance can be aged out if no packets are sourced from the MAC address for a specified period of time (the aging time). In each VPLS instance, there are independent aging timers for locally learned MAC and remotely learned MAC entries in the FDB.
A local MAC address is a MAC address associated with a SAP because it ingressed on a SAP. A remote MAC address is a MAC address received via an SDP from another 7705 SAR router for the VPLS instance. The local-age timer for the VPLS instance specifies the aging time for locally learned MAC addresses, and the remote-age timer specifies the aging time for remotely learned MAC addresses.
In general, the remote-age timer is set to a longer period than the local-age timer to reduce the amount of flooding required for destination unknown MAC addresses. The aging mechanism is considered a low-priority process. In most situations, the aging out of MAC addresses can happen in within tens of seconds beyond the age time. To minimize overhead, local MAC addresses and remote MAC addresses, in some circumstances, can take about two times their respective age timers to be aged out.
Disable MAC aging
Users can disable MAC aging timers to prevent any learned MAC entries from being aged out of the FDB. When aging is disabled, it is still possible to manually delete or flush learned MAC entries. Aging can be disabled for learned MAC addresses on a SAP or a spoke SDP of a VPLS instance.
Disable MAC learning
When MAC learning is disabled for a service, new source MAC addresses are not entered in the VPLS FDB, whether the MAC address is local or remote. MAC learning can be disabled for individual SAPs or spoke SDPs.
Unknown MAC discard
Unknown MAC discard is a feature that discards all packets that ingress the service whose destination MAC address is not in the FDB. The normal behavior is to flood these packets to all endpoints in the service.
Unknown MAC discard can be used with the disable MAC learning and disable MAC aging options to create a fixed set of MAC addresses allowed to ingress and traverse the service.
VPLS and rate limiting via QoS policy
Traffic that is normally flooded throughout the VPLS can be rate-limited on SAP ingress through the use of service ingress QoS policies. In a service ingress QoS policy, individual queues can be defined per forwarding class to provide shaping of broadcast traffic, MAC multicast traffic and unknown destination MAC traffic.
For more information about QoS policies for broadcast, multicast, and unknown (BMU) traffic, see "Filter policies" in the 7705 SAR Quality of Service Guide.
MAC move
The MAC move feature is useful to protect against undetected loops in a VPLS topology when STP is not used. It also protects against the presence of duplicate MACs in a VPLS service.
A sustained high relearn rate can be a sign of a loop somewhere in the VPLS topology. Typically, STP detects loops in the topology, but for those networks that do not run STP, the MAC move feature is an alternative way to protect your network against loops.
When enabled in a VPLS, MAC move monitors the relearn rate of each MAC address. If the rate exceeds the configured maximum allowed limit, MAC move disables the SAP where the source MAC address was last seen. The SAP can be disabled permanently (until a shutdown/no shutdown command is executed) or for a length of time that grows linearly with the number of times the given SAP was disabled. A SAP can be optionally configured as non-blockable, meaning that when the relearn rate has exceeded the limit, another (blockable) SAP will be disabled instead. By default, all SAPs and spoke SDPs are configured as blockable when MAC move is enabled.
When MAC move is enabled and the relearn rate exceeds the maximum limit, the 7705 SAR sends a "Mac move rate for MAC ... exceeded" alarm. This alarm is raised for both blockable and non-blockable SAPs and spoke SDPs. The alarm frequency for non-blockable SAPs and spoke SDPs decreases if the MAC move condition persists.
The mac-move command enables the feature at the service level for SAPs and spoke SDPs. The operation of this feature is the same on the SAP and spoke SDP. For example, if a MAC address moves from SAP to SAP, SAP to spoke SDP, or between spoke SDPs, it will block one of them to prevent thrashing. The relearn rate is computed as the number of times a MAC address moves in a 5 s interval. Therefore, the fastest a loop can be detected and broken is 5 s.
MAC move allows sequential order port blocking. By configuration, some VPLS ports can be configured as "non-blockable", which allows a simple level of control over which ports are being blocked during loop occurrence.
There are two control mechanisms that allow blocking of ports in a sequential order:
configuration capabilities to group VPLS ports and to define the order in which they should be blocked
criteria defining when individual groups should be blocked
For the first mechanism, the configuration CLI is extended by definition of "primary" and "secondary" ports. As the default, all VPLS ports are considered "tertiary" ports unless they are explicitly declared primary or secondary. The order of blocking always follows a strict order, starting from tertiary, to secondary, and then to primary.
The criterion for the second control mechanism is the number of periods during which the given relearn rate has been exceeded. The mechanism is based on the "cumulative" factor for every group of ports. Tertiary VPLS ports are blocked if the relearn rate exceeds the configured threshold during one period, while secondary ports are blocked only when relearn rates are exceeded during two consecutive periods, and so forth. The retry timeout period must be larger than the period before blocking the highest-priority port so it sufficiently spans across the period required to block all ports in sequence. The period before blocking the highest-priority port is the cumulative factor of the highest configured port multiplied by 5 s (the retry timeout can be configured through the CLI).
Split horizon groups (SAP and spoke SDP)
Within the context of VPLS services, a loop-free topology within a fully meshed VPLS core is achieved by applying a split horizon forwarding concept whereby packets received from a mesh SDP are never forwarded to other mesh SDPs within the same service. The advantage of this approach is that no protocol is required to detect loops within the VPLS core network.
In applications such as DSL aggregation, it is useful to extend the split horizon concept to groups of SAPs or spoke SDPs. This extension is referred to as a split horizon SAP group or residential bridging.
Traffic arriving on a SAP or a spoke SDP within a split horizon group will not be copied to other SAPs and spoke SDPs in the same split horizon group (but will be copied to SAPs or spoke SDPs in other split horizon groups if these exist within the same VPLS).
A split horizon group must be created before SAPs and spoke SDPs can be assigned to the group.
The split horizon group is defined within the context of a single VPLS. The same group name can be reused in different VPLS instances. Up to 30 split horizon groups can be defined per VPLS instance. A split horizon group can contain a combination of spoke SDPs and SAPs.
A SAP or spoke SDP can only be added to a split horizon group during its creation. Similarly, a SAP or spoke SDP can be removed from a split horizon group only by its deletion. A split horizon group can be deleted only after all its members have been deleted.
Residential split horizon groups
Residential split horizon groups are supported on ATM SAPs connected to VPLS on 4-port OC3/STM1 Clear Channel Adapter cards. While split horizon groups prevent multicast traffic from flowing within the same group, residential ATM SAPs do not forward broadcast or unknown traffic; they only process known unicast traffic. Residential split horizon groups allow one queue per direction (ingress and egress) for all traffic types (unicast and BMU). OAM processing is also allowed on residential ATM SAPs.
Multicast for VPLS and routed VPLS (IGMP and MLD snooping)
IGMP and MLD snooping allows a 7705 SAR to listen to the IGMP traffic between hosts and routers. The 7705 SAR extracts information from the traffic to create and maintain a multicast forwarding information base (MFIB) to track which hosts want which IP multicast streams. Multicasts may be filtered to control which ports receive specific multicast traffic.
For example, service providers that use a flat IP network to deliver video over a mobile backhaul network can take advantage of Layer 2 services (VPLS) to save IPv4 addresses. A Layer 2 domain with n nodes needs n IP addresses, whereas a point-to-point connections requires 2×n addresses. Service providers using VPLS and IGMP or MLD snooping to relay IGMP or MLD requests to uplink (network) PIM interfaces will save addresses.
This section contains information about the following topics:
For more information about multicast, see "IP multicast" in the 7705 SAR Routing Protocols Guide.
Application examples
The following figure shows a typical deployment. Host traffic arrives at the routed VPLS (r-VPLS), where IGMP or MLD snooping extracts all IGMP or MLD packets and sends them to the CSM, and from the CSM the packets are forwarded via PIM to the head-end 7750 SR nodes. The VPLS multicast FIB (MFIB) tracks all the IGMP or MLD join requests in an internal 7705 SAR forwarding table. On the upstream nodes, PIM builds the multicast tree from the 7705 SAR to the 7750 SR. In the reverse direction, the video source sends multicast traffic, which is forwarded by the PIM nodes to the addresses in the previously built multicast tree. As traffic from various sources arrives at the 7705 SAR, the r-VPLS MFIB directs each multicast stream to the correct eNodeB.
Metro cell multicast shows another example of IGMP and MLD snooping, where service providers can offer evolved multimedia broadcast multicast services (eMBMS) on their metro cell network (data services).
In the figure, the data VPLS performs IGMP or MLD snooping to build the MFIB. The extracted IGMP and MLD requests are forwarded via PIM over an Epipe or, preferably, via PIM over a Layer 3 spoke SDP to remove the external physical connection between two ports from the 7705 SAR. The traffic between IES access and NAT is unicast traffic. The Layer 3 spoke-SDP traffic is transported over a GRE tunnel via the Internet to the evolved packet core (EPC), where a secure gateway forwards the PIM join message to the multicast source servers. The GRE logical Layer 3 spoke SDP does not need to be part of the NAT function; if it is not, this logical interface must obtain its own public interface IP address.
The figure also shows the typical metro cell deployment, where IGMP snooping is done on the r-VPLS of the data IES service. The IGMP join messages translate to PIM SSM via the uplink network interface, as described at the beginning of this section.
MLD snooping allows support for IPv6 addresses through the use of r-VPLS for IPv6, allowing the network design for IPv4 and IPv6 domains to be the same.
Group and addressing support
This section contains information about the following topics:
IPv4 multicast support
The 7705 SAR supports (S,G) and (*,G) for IPv4 multicast in Layer 2 services only, including Layer 2 services within the context of VPLS and r-VPLS.
7705 SAR supports PIM-SSM only. For IPv4 multicast services, PIM SSM requires SSM translation in the r-VPLS interface context for (*,G) joins.
IPv6 Layer 2 multicast support and group address
The 7705 SAR supports (S,G) and (*,G) for IPv6 multicast in Layer 2 services only, including Layer 2 services within the context of VPLS and r-VPLS, and uses the MAC-format group-addressing scheme to minimize the size of the MFIB.
The multicast MAC-format group address consists of the IPv6 multicast prefix (33:33) and the four least significant bytes of the IPv6 address. In the CLI display below, for the IPv6 address FF04::1:FFFF:0011, the representation of the group address is 33:33:FF:FF:00:11.
Multicast FIB, Service 50
===============================================================================
Source Address Group Address Sap/Sdp Id Svc Id Fwd/Blk
-------------------------------------------------------------------------------
* 33:33:FF:FF:00:11 sap:1/1/1:50 Local Fwd
===============================================================================
7705 SAR supports PIM-SSM only. For IPv6 multicast services, PIM SSM requires SSM translation in the r-VPLS interface context for (*,G) joins.
IP multicast in r-VPLS
When creating a Layer 2 multicast service in the context of an r-VPLS with PIM configuration on the r-VPLS Layer 3 interface, the 7705 SAR creates two multicast groups: one Layer 2 multicast group and one Layer 3 multicast group. When the Layer 2 group is created, the Layer 3 group is created automatically. The 7705 SAR uses one Layer 3 multicast group per source, and one Layer 2 multicast group per source per VPLS.
Multiple hosts in an r-VPLS receiving the same channel and Multiple hosts in an r-VPLS receiving different channels illustrate how Layer 2 multicast interacts with Layer 3 multicast.
In the following figure, there are three hosts and one channel. The Layer 3 multicast group forwards source traffic to each port for which there is a corresponding Layer 2 multicast instance of a Layer 2 FIB entry. All three Layer 2 FIB entries are within the same r-VPLS. To configure this scenario, create three Layer 2 FIB entries on the 7705 SAR (one for each host), and one Layer 3 group for the source. The single Layer 3 multicast group streams the multicast traffic to all three hosts.
In the following figure, there are three hosts and three channels. Each host connects to a different port and wants to receive a different (S,G) group (that is, a different channel). Therefore, three Layer 3 (S,G) groups are needed. To achieve this scenario, create three Layer 2 multicast groups (one for each host) and three Layer 3 multicast groups (one for each channel).
IPv6 multicast forwarding behavior in r-VPLS
In general, the behavior of IPv6 multicast in r-VPLS is as follows:
Multicast in Layer 2 is only supported by (*,G). That is, (S,G) in Layer 3 gets translated to (*,G) in Layer 2.
Multicast in Layer 3 is only supported by (S,G).
The IPv6 multicast control plane behavior is as follows:
(S,G) is forwarded from the Layer 2 snooping interface to PIM without translation to (*,G).
The Layer 2 multicast forwarding table is built based on (*,G) and the MAC-format multicast-group address scheme, using the four least significant bytes of the IPv6 address (see IPv6 Layer 2 multicast support and group address)
The Layer 3 multicast forwarding table is built based on (S,G) and the full IPv6 multicast group address.
The IPv6 multicast data plane behavior is as follows:
The Layer 2 forwarding table (see bullet 2 above) is downloaded to the data plane.
The Layer 3 forwarding table (see bullet 3 above) is downloaded to the data plane.
Layer 3 multicast for IPv6 supports the entire range of multicast addresses.
The Layer 2 multicast address is limited and unique to prefix /96. That is, only the four least significant bytes of the IPv6 multicast address are used. Note the following items.
It is useful to keep the multicast table small at the network edge, where multicast groups can be effectively managed via 32-bit (4-byte) addressing.
A 32-bit multicast address can provide 4 bytes of multicast group addressing.
Optionally, multicast zones can be created on the access side with overlapping 32-bit addresses, but in the core—where the entire IPv6 multicast group is available—multicast zones can guide traffic correctly to the corresponding access group.
Multicast router ports
Membership reports are only sent to multicast router (mrouter) ports. An mrouter port is a port through which membership queries are received. An mrouter port can be configured manually on a VPLS SAP or SDP using the mrouter-port command under igmp-snooping or mld-snooping.
Tagged access traffic
The 7705 SAR processes tagged querier requests arriving on a null-encapsulated port and installs the querier message. This means that an IGMP or MLD router is recognized to exist on that port and reports (joins and leaves) will be forwarded out that port.
Similarly, for multicast data, the 7705 SAR processes tagged multicast traffic arriving on a null-encapsulated port according to the MFIB.
Hardware support
Multicast VPLS and r-VPLS are supported on the following 7705 SAR hardware:
8-port Gigabit Ethernet Adapter card
10-port 1GigE/1-port 10GigE X-Adapter card
6-port Ethernet 10Gbps Adapter card
Packet Microwave Adapter card
standalone platforms, including the 7705 SAR-M, 7705 SAR-A, 7705 SAR-Ax, 7705 SAR-H, 7705 SAR-Hc, 7705 SAR-Wx, and 7705 SAR-X
4-port SAR-H Fast Ethernet module
hardware that supports PPP/MLPPP for uplink spoke SDPs
PIM snooping for VPLS
PIM snooping is used in Layer 2 networks to stitch together the PIM session of two disjointed Layer 3 networks. In most provider networks, strategic industry (SI) applications, or mobile backhaul applications, the access routers are connected to the core Layer 3 network via a Layer 2 network. For multicast scenarios, PIM can be used to build the multicast data trees (MDTs) on the Layer 3 routers. However, PIM is a Layer 3 protocol and Layer 2 networks do not understand PIM messages. This creates an inefficient multicast domain in the Layer 2 network, as all packets will be broadcast. PIM snooping in a Layer 2 network can be used to stitch the PIM session from the access routers to the core Layer 3 network. The following figure illustrates this scenario.
Because PIM snooping stitches the PIM session between two routers, it may be desirable to start the PIM session from the same router (a 7705 SAR) that initiates the VPLS PIM snooping service. In this case, an external loop cable can be used to connect the network Layer 3 interface, which has PIM configured, to the SAP of the VPLS that is performing the PIM snooping (as shown in the following figure), thereby simulating routed VPLS.
PIM snooping supports both (*,G) as well as (S,G) to address scenarios where the sources only support PIM ASM.
The 7705 SAR supports PIM snooping for IPv4 and IPv6.
Snooping versus proxy mode
Snooping mode does not stop or intercept a PIM message. Snooping listens to network traffic between hosts and routers, and maintains a table that maps multicast streams between sources and hosts.
Proxy mode intercepts PIM messages and generates a single message when necessary. Proxy allows a switch to send PIM messages on behalf of routers. For example, when multiple routers are connected to the same PIM-enabled switch and all the routers want to join to the same source, the proxy can intercept the messages and generate a single message in order to minimize the flood of PIM messages in the Layer 2 domain.
Configure snooping or proxy mode by using the config>service>vpls> pim-snooping>mode command. By default, proxy mode is enabled in VPLS.
MPLS entropy label
The router supports the MPLS entropy label as per RFC 6790. The entropy label provides greater granularity for load balancing on an LSR where load balancing is typically based on the MPLS label stack.
For more information,see "MPLS entropy labels" in the 7705 SAR MPLS Guide and "LAG and ECMP hashing" in the 7705 SAR Interface Configuration Guide.
Ethernet OAM
The 7705 SAR supports Ethernet OAM functions for ETH-CFM (according to the 802.1ag and Y.1731 standards) and for Y.1731 performance monitoring on VPLS Ethernet SAPs and SDPs. VPLS OAM MAC diagnostics are also supported.
For information about Ethernet OAM, see ETH-CFM (802.1ag and Y.1731); see also "Ethernet OAM capabilities" and "VPLS MAC diagnostics" in the 7705 SAR OAM and Diagnostics Guide.
Security zones and VPLS
The 7705 SAR supports a number of mechanisms for node security, including access control lists (ACLs), network address translation (NAT), and stateful, zone-based firewalls. For information about ACLs, NAT, and firewalls, see "Configuring security parameters" in the 7705 SAR Router Configuration Guide.
NAT and firewall security configurations are both based on zones. Zones segment a network, making it easier to control and organize traffic. A zone consists of a group of Layer 2 endpoints or Layer 3 interfaces with common criteria, bundled together. Security policies, which define a set of rules that determine how NAT or firewall should direct traffic, can be applied to the entire zone or to multiple zones. Layer 3 zones support both NAT and firewall security policies. Layer 2 zones support only firewalls. To enable NAT or firewall functionality, security policy and profile parameters must be configured under the config>security context in the CLI, and a security zone must be configured under one or more of the following contexts:
config>router>zone
config>service>epipe>zone
config>service>vpls>zone
config>service>vprn>zone
config>service>ies>zone
Layer 2 and Layer 3 firewalls share system resources; that is, they share the maximum number of policies, profiles, and session ID space supported by the system.
A zone is created by adding at least one Layer 2 endpoint or Layer 3 interface to the zone configuration. Multiple zones can be created within each Layer 3 service or within the router context. Layer 2 services support only one zone. Layer 2 endpoints or Layer 3 interfaces from different services cannot be grouped into a single common zone. The following table lists the supported interfaces and endpoints that can be added to zones in each CLI context for NAT or firewall.
CLI context |
Interface/endpoint type |
NAT |
Firewall |
|---|---|---|---|
Router |
Layer 3 |
✓ |
✓ |
Epipe |
SAP |
✓ |
|
Spoke-SDP termination |
✓ |
||
VPLS |
SAP |
✓ |
|
Spoke-SDP termination |
✓ |
||
Mesh SDP |
✓ |
||
EVPN |
|||
VPRN |
SAP |
✓ |
✓ |
Spoke-SDP termination |
✓ |
✓ |
|
IPSec private |
✓ |
✓ |
|
IPSec public |
✓ |
||
Routed VPLS |
✓ |
✓ |
|
IES |
SAP |
✓ |
✓ |
Spoke-SDP termination |
✓ |
✓ |
|
IPSec public |
✓ |
||
Routed VPLS |
✓ |
✓ |
A zone configured under a Layer 2 service (VPLS or Epipe context) allows the 7705 SAR to perform Layer 3 firewall functionality on IPv4 packets.
NAT is not supported for zones configured under a Layer 2 service. A zone cannot be configured on a VPLS service with EVPN.
Unicast, multicast, and broadcast IPv4 packets are firewalled when they cross a Layer 2 service zone boundary.
If routed VPLS is configured on a VPLS service, and traffic is traversing between two Layer 2 endpoints, the firewall security policies for the Layer 2 service are used. If the traffic is traversing between Layer 2 and Layer 3, the Layer 3 security policy in IES or VPRN is used. The system ignores the firewall rules for the Layer 2 service and instead uses the Layer 3 NAT and firewall rules. Firewall rules for Layer 2 services are always ignored when traffic is traversing between Layer 2 and Layer 3, even when there are no Layer 3 firewall rules.
Users can configure bypass policies to allow specific traffic, such as control plane protocols (OSPF, RIP, BGP, IGMP, PIM, LDP, RSVP, VRRP, DHCP, NTP, and so on) to bypass a firewall in a Layer 2 service. For information, see "Bypass policies for firewalls in a Layer 2 service" in the 7705 SAR Router Configuration Guide. If not configured to bypass the zone, these packets are firewalled as normal unicast, multicast, or broadcast traffic and should be regulated by configuring firewall security policies for these protocols.
Routed VPLS
Topics in this section include:
Hosts within the same subnet communicate directly with each other without the need for a router, but any communication with a host that is external to the subnet requires routing. With routed VPLS, you can use bridging for local destinations when possible and routing for non-local destinations that cannot be reached directly.
Routed VPLS appears similar to a LAN Ethernet switch and a router. The VPLS instance on the 7705 SAR node grants Ethernet switch functionality among connected nodes. When the destination IP is not local, the 7705 SAR routes the traffic by means of the VPRN or the IES instance.
Routed VPLS is enabled for IPv4 and IPv6 forwarding.
IES or VPRN IP interface binding
A standard IP interface within an existing IES or VPRN service context can be bound to a VPLS service. A VPLS service only supports binding for a single IP interface.
Although an IP interface can only be bound to a single VPLS service, the routing context containing the IP interface (IES or VPRN) can have other IP interfaces bound to other VPLS service contexts.
Topics in this section include:
Assigning a service name to a VPLS service
If a service name is applied to a VPLS service context, the name and service ID association is registered with the system. A service name cannot be assigned to more than one service ID.
If the config>service>vpls>allow-ip-int-binding command is enabled on the VPLS service, when the service name is applied to the VPLS service, the system will scan the existing IES and VPRN services for an IP interface that is bound to the specified service name. If found, the IP interface will be attached to the VPLS service associated with the service name. Only one interface can be bound to the specified service name.
If the allow-ip-int-binding command is not enabled on the VPLS service, the system will not attempt to resolve the VPLS service name to an IP interface. As soon as the allow-ip-int-binding flag is enabled on the VPLS, the corresponding IP interface will be attached and become operationally up. There is no need to toggle the shutdown/no shutdown command.
Binding a service name to an IP interface
An IP interface within an IES or VPRN service context can be bound to a service name at any time. Only one interface can be bound to a service name.
If an IP interface is bound to a service name and the IP interface is administratively up, the system scans for a VPLS service context using the service name and takes the following actions:
if the service name is not currently in use by a service, the IP interface is placed in an operationally down: Non-existent service name or inappropriate service type state
if the service name is currently in use by a VPLS service without the allow-ip-int-binding flag set, the IP interface is placed in the operationally down: VPLS service allow-ip-int-binding flag not set state
if the service name is currently in use by a valid VPLS service and the allow-ip-int-binding flag is set, the IP interface is attached to the VPLS service
Removing a bound VPLS service or service name
A VPLS service that is currently attached to an IP interface cannot be deleted from the system unless the IP interface is unbound from the VPLS service name.
If an IP interface has been bound to a VPLS service by the VPLS service name, the VPLS service name cannot be removed or changed unless the IP interface is first unbound from the VPLS service name.
If an IP interface is attached to a VPLS service, the allow-ip-int-binding flag cannot be reset. The IP interface must first be unbound from the VPLS service name to reset the flag.
IP interface and VPLS operational state coordination
If the IP interface is successfully attached to a VPLS service, the operational state of the IP interface is dependent upon the operational state of the VPLS service.
The VPLS service remains down until at least one virtual port (SAP, spoke SDP or mesh SDP) is operational.
IP interface MTU and fragmentation
The VPLS service is affected by two MTU values: port MTUs and the VPLS service MTU. The MTU on each physical port defines the largest Layer 2 packet (including all DLC headers) that may be transmitted out of a port. The VPLS itself has a service-level MTU that defines the largest packet supported by the service. This MTU does not include the local encapsulation overhead for each port (dot1q, qinq, or SDP service delineation fields and headers) but does include the remainder of the packet. As virtual ports are created in the system, a virtual port cannot become operational unless the configured port MTU minus the virtual port service delineation overhead is greater than or equal to the configured VPLS service MTU. This ensures that an operational virtual port can support the largest packet traversing the VPLS service. The service delineation overhead on each Layer 2 packet is removed before forwarding into a VPLS service. VPLS services do not support fragmentation and must discard any Layer 2 packet larger than the service MTU after the service delineation overhead is removed.
If an IP interface is associated with a VPLS service, the IP MTU is based on either the administrative value configured for the IP interface or an operational value derived from the VPLS service MTU. The operational IP MTU cannot be greater than the VPLS service MTU minus 14, 18, or 22 bytes (for null, dotq1, or qinq port encapsulations, respectively) to account for the Layer 2 headers and tags.
If the configured (administrative) IP MTU is configured for a value greater than the normalized IP MTU, based on the VPLS service MTU, then the operational IP MTU is reset to equal the normalized IP MTU value (VPLS service MTU – 14 bytes).
If the configured (administrative) IP MTU is configured for a value less than or equal to the normalized IP MTU, based on the VPLS service MTU, the operational IP MTU is set to equal the configured (administrative) IP MTU value.
The VPLS service MTU and the IP interface MTU parameters can be changed at any time.
ARP/ND and VPLS FIB interactions
Two address-oriented table entries are used when routing into a VPLS service. On the routing side, an ARP entry is used to determine the destination MAC address used by an IP next hop. If the destination IP address in the routed packet is a host on the local subnet represented by the VPLS instance, the destination IP address is used as the next-hop IP address in the ARP cache lookup. If the destination IP address is in a remote subnet that is reached by another router attached to the VPLS service, the routing lookup returns the local IP address on the VPLS service of the remote router. If the next hop is not currently in the ARP cache, the system generates an ARP request to determine the destination MAC address associated with the next-hop IP address. IP routing to all destination hosts associated with the next-hop IP address stops until the ARP cache is populated with an entry for the next hop. The ARP cache can be populated with a static ARP entry for the next-hop IP address. Dynamically populated ARP entries will age out according to the ARP aging timer; static ARP entries never age out.
The second address table entry that affects VPLS routed packets is the MAC destination lookup in the VPLS service context. The MAC address associated with the ARP table entry for the IP next hop may or may not currently be populated in the VPLS Layer 2 FIB table. If the destination MAC address is unknown (not populated in the VPLS FIB), the system floods all packets destined for that MAC address (routed or bridged) to all virtual ports within the VPLS service context. Once the MAC address is known (populated in the VPLS FIB), all packets destined for the MAC address (routed or bridged) are targeted to the specific virtual port where the MAC address has been learned. As with ARP entries, static MAC address entries can be created in the VPLS FIB. Dynamically learned MAC addresses are allowed to age out or be flushed from the VPLS FIB while static MAC address entries always remain associated with a specific virtual port. Dynamic MAC addresses can also be relearned on another VPLS virtual port other than the current virtual port in the FIB. In this case, the system automatically moves the MAC FIB entry to the new VPLS virtual port.
Routed VPLS specific ARP/ND cache behavior
In typical routing behavior, the system uses the IP routing table to select the egress interface, and at the egress forwarding engine, an ARP entry is used to forward the packet to the appropriate Ethernet MAC address. With routed VPLS, the egress IP interface can be represented by multiple egress forwarding engines (wherever the VPLS service virtual ports exist). To optimize routing performance, the ingress forwarding engine performs an ingress ARP lookup in order to resolve which VPLS MAC address the IP frame must be routed toward. The following tables describe how the ARP cache and MAC FIB entry states interact at ingress and the corresponding egress behavior.
Layer 3 next-hop ARP cache entry |
Next-hop MAC FIB entry |
Ingress behavior |
|---|---|---|
ARP Cache Miss (No Entry) |
Known or Unknown |
Flood to all egress forwarding engines associated with the VPLS context |
ARP Cache Hit |
Known |
Forward to specific egress forwarding engine associated with VPLS virtual port |
Unknown |
Flood to all egress forwarding engines associated with the VPLS for forwarding out to all VPLS virtual ports |
Layer 3 next-hop ARP cache entry |
Next-hop MAC FIB entry |
Egress behavior |
|---|---|---|
ARP Cache Miss (No Entry) |
Known |
No ARP entry. The MAC address is unknown and the ARP request is flooded out to all virtual ports of the VPLS instance. |
Unknown |
ARP processing request transmitted out to all virtual ports associated with the VPLS service. Only the first egress forwarding engine ARP processing request triggers the egress ARP request. |
|
ARP Cache Hit |
Known |
Forward out to specific egress VPLS virtual port where MAC address has been learned |
Unknown |
Flood to all egress VPLS virtual ports on forwarding engine |
The allow-ip-int-binding VPLS flag
The allow-ip-int-binding flag on a VPLS service context informs the system that the VPLS service is enabled for routing support. The system uses the setting of the flag as a key to determine what type of ports and forwarding planes the VPLS service can span.
The system also uses the flag state to define which VPLS features are configurable on the VPLS service to prevent enabling a feature that is not supported if routing support is enabled.
When the allow-ip-int-binding flag is set (routing support enabled) on a VPLS service, SAPs within the service can be created on standard Ethernet ports. ATM SAPs are not supported.
VPLS feature restrictions with allow-ip-int-binding
If the allow-ip-int-binding flag is set on a VPLS service, the following features are disabled:
residential SHG
DHCP
mVPLS
mac-subnet-length
GRE SDP (cannot be bound to the VPLS)
DSCP marking
Egress DSCP re-marking is supported on routed VPLS service for bridged packets only. It is not supported for packets routed out from a VPLS SAP.
The egress re-marking defined in the SAP egress QoS policy is not performed for packets that are routed out an egress VPLS SAP.
VPLS ingress IP filter override
If an IP interface is attached to a VPLS service context, the VPLS SAP or SDP configured IP or MAC filter for ingress routed packets can be optionally overridden in order to provide special ingress filtering for routed packets. This allows different filtering for routed packets and non-routed packets. The filter override is defined on the IP interface bound to the VPLS service name. A separate override filter can be specified for IPv4 and IPv6 packet types.
If filter override is configured, the IP or MAC filter configured on the SAP or SDP applies to non-routed packets. If filter override is not configured, the IP or MAC filter configured on the SAP or SDP applies to both routed and non-routed packets.
Routed VPLS supported routing-related protocols
VPLS and spanning tree protocol
Topics in this section include:
The Nokia VPLS service provides a bridged or switched Ethernet Layer 2 network. Equipment connected to SAPs or spoke SDPs forward Ethernet packets into the VPLS service. The 7705 SAR participating in the service learns where the customer MAC addresses reside on ingress SAPs or ingress SDPs.
Unknown destinations, broadcasts, and multicasts are flooded to all other SAPs or spoke SDPs in the service. If SAPs or spoke SDPs are connected together, either through misconfiguration or for redundancy purposes, loops can form and flooded packets can keep flowing through the network. The Nokia implementation of STP is designed to remove these loops from the VPLS topology. This is done by putting one or more SAPs or spoke SDPs in the discarding state.
STP parameters allow a balance between resiliency and speed of convergence extremes. Modifying particular parameters can affect the behavior. For information about command usage, descriptions, and CLI syntax, see Configuring a VPLS service with CLI.
Each VPLS instance on the 7705 SAR operates in rapid spanning tree protocol (RSTP) mode and is compliant with IEEE 802.1D-2004 - default mode.
VPLS redundancy
The VPLS standard (RFC 4762, Virtual Private LAN Services Using LDP Signalling) includes provisions for hierarchical VPLS using point-to-point spoke SDPs. Two applications have been identified for spoke SDPs:
connecting MTUs to PEs in a metro area network
interconnecting the VPLS nodes of two metro networks
In both applications, the spoke SDPs improve the scalability of VPLS. Because node redundancy is implicit in non-hierarchical VPLS services (using a full mesh of SDPs between PEs), node redundancy for spoke SDPs needs to be provided separately.
Nokia routers have implemented special features for improving the resilience of hierarchical VPLS instances, in both MTU and inter-metro applications.
Spoke SDP redundancy for metro interconnection
When two or more meshed VPLS instances, such as in the following figure, are interconnected by redundant spoke SDPs, a loop in the topology results. To remove a topology loop, STP can be run over the SDPs (links) that form the loop, which then blocks one of the SDPs.
To avoid the inefficiency of running STP separately in every VPLS in the topology, the node can associate a number of VPLS services with a single STP instance running over redundant SDPs. Node redundancy is achieved by running STP in one VPLS, and then applying the conclusions of this STP to the other VPLS services. The VPLS instance running STP is referred to as the management VPLS, or mVPLS.
If the active node fails, STP on the mVPLS on the standby node changes the link state from disabled to active. The standby node broadcasts a MAC flush LDP control message in each of the protected VPLS instances so that the address of the newly active node can be relearned by all PEs in the VPLS.
It is possible to configure two mVPLS services, where both mVPLS services have different active spokes (this is achieved by changing the path cost in STP). Load balancing across the spokes is achieved by associating different user VPLS services with the two mVPLS services.
Spoke SDP-based redundant access
This feature provides the ability to have a node deployed as MTU switches to be multi-homed for VPLS to multiple routers deployed as PEs without requiring the use of mVPLS.
In the configuration example displayed in H-VPLS with spoke SDP redundancy, the MTUs have spoke SDPs to two PE devices. One is designated as the primary and one as the secondary spoke SDP. This is based on a precedence value associated with each spoke SDP.
The secondary spoke SDP is in a blocking state (both on receive and transmit) as long as the primary spoke SDP is available. If the primary spoke SDP becomes unavailable (due to link failure, PEs failure, and so on), the MTU immediately switches traffic to the backup spoke SDP and starts receiving traffic from the standby spoke SDP. Optional revertive operation (with configurable switch-back delay) is supported. Forced manual switchover is also supported.
To speed up the convergence time during a switchover, MAC flush is configured. The MTUs generate a MAC flush message over the newly unblocked spoke SDP when a spoke SDO change occurs. As a result, the PEs receiving the MAC flush will flush all MACs associated with the impacted VPLS instance and forward the MAC flush to the other PEs in the VPLS network if propagate-mac-flush is enabled.
VPLS access redundancy
Another application of hierarchical VPLS uses MTUs that are not MPLS-enabled and must have Ethernet links to the closest PE node. To protect against failure of the PE node, an MTU can be dual-homed and have two SAPs on two PE nodes.
On the 7705 SAR, the mechanism used to resolve a loop in an access circuit uses STP-based access, with or without mVPLS.
STP-based redundant access to VPLS
In the configuration shown in the following figure, STP is activated on the MTU and two PEs in order to resolve a potential loop. STP needs to run only in a single VPLS instance, and the results of the STP calculations are applied to every VPLS on the link. In this configuration, the scope of the STP domain is limited to the MTU and PEs but any topology change must be propagated across the whole VPLS domain, including mesh SDPs. This is done with MAC flush messages defined by RFC 4762.
When STP is used as a loop resolution mechanism, every topology change notification (TCN) received in an STP instance is translated into a MAC flush message request to clear all FDB entries except the ones learned from the originating PE. MAC flush messages are sent to all PE peers connected through mesh and spoke SDPs in the context of the VPLS services managed by the STP instance.
MAC flush message processing
The previous sections describe the operating principle of redundancy mechanisms available in the context of a VPLS service. All of them rely on MAC flush messages as a tool to propagate topology change in the context of the VPLS. This section summarizes basic rules for generation and processing of these messages.
The 7705 SAR supports two types of MAC flush message, flush-all-but-mine and flush-mine. The main difference between these messages is the type of action they signal.
Flush-all-but-mine requests the clearing of all FDB entries learned from all other LDP peers except the originating PE. This type is also defined by RFC 4762 as an LDP MAC address withdrawal with an empty MAC address list.
Flush-mine requests the clearing of all FDB entries learned from the originating PE. This means that this message has the opposite effect of the flush-all-but-mine message. This type is not included in the RFC 4762 definition and is implemented using vendor-specific TLV.
Upon reception of MAC flush messages (regardless of the type), the 7705 SAR PE takes the following actions:
clears the FDB entries of all indicated VPLS services conforming to the definition
propagates the message (preserving the type) to all LDP peers, if the propagate-mac-flush flag is enabled at the corresponding VPLS level
The flush-all-but-mine message is generated under the following conditions:
The flush-all-but-mine message is received from an LDP peer and the propagate-mac-flush flag is enabled. The message is sent to all LDP peers in the context of the VPLS service in which it was received.
A flush-all-but-mine message is generated when a switchover occurs between spoke SDPs of the same endpoint. The message is sent to the LDP peer connected through the newly active spoke SDP.
A flush-all-but-mine message is generated when a TCN message is received in an STP context and the propagate-mac-flush flag is enabled. The message is sent to all LDP peers connected by spoke and mesh SDPs in the context of the VPLS service controlled by the STP instance, as determined by the mVPLS definition.
If all LDP peers are in the STP domain, it means that the mVPLS and the VPLS both have the same topology and the 7705 SAR will not send any flush-all-but-mine messages. If there are VPLS LDP peers outside the STP domain, the router sends flush-all-but-mine messages to all its VPLS peers. When a TCN occurs in the Layer 2 domain, the MAC flush message is propagated over spoke SDPs.
The 7705 SAR will only send a withdrawal request if the mVPLS contains a mesh SDP.
The flush-mine message is generated under the following conditions:
The flush-mine message is received from an LDP peer and the propagate-mac-flush flag is enabled. The message is sent to all LDP peers in the context of the VPLS service in which it was received.
The flush-mine message is generated when on a SAP or SDP transition from an operationally up to an operationally down state and the send-flush-on-failure flag is enabled in the context of the VPLS service. The message is sent to all LDP peers connected in the context of the VPLS service. The send-flush-on-failure flag is blocked in mVPLS and is only allowed to be configured in a VPLS service managed by mVPLS. This is to prevent both messages being sent at the same time.
The flush-mine message is generated when an MC-LAG SAP or MC-APS SAP transitions from an operationally up state to an operationally down state. The message is sent to all LDP peers connected in the context of the VPLS service.
Dual homing to a VPLS service
The following figure illustrates a dual-homed connection to a VPLS service (PE-A, PE-B, PE-C, PE-D) and the operation in case of link failure (between PE-C and L2-B). Upon detection of a link failure, PE-C sends MAC Address Withdraw messages, which indicate to all LDP peers that they should flush all MAC addresses learned from PE-C. This triggers packets to be broadcast addressing the affected hosts and a relearning process in case an alternative route exists.
The MAC Address Withdraw message is different from the message described in draft-ietf-l2vpn-vpls-ldp-xx, Virtual Private LAN Services over MPLS. The difference is in the interpretation and action performed at the receiving PE. According to the draft definition, upon receipt of a MAC withdraw message, all MAC addresses, except the ones learned from the source PE, are flushed. In the 7705 SAR implementation, upon receipt of the MAC Address Withdraw message, all MAC addresses learned from the source are flushed. In this implementation, this message is an LDP address message with vendor-specific TLV, and is called the flush-all-from-ME message.
The message as defined in the draft definition is currently used in any mVPLS that is using RSTP to recover from failures in Layer 2 topologies. The advantage of the alternative messaging behavior over RSTP-based methods is that only MAC-affected addresses are flushed, not the full forwarding database. This method does not provide a mechanism to secure alternative loop-free topology. However, the convergence time depends on how quickly the particular CE device opens the alternative link (L2-B switch in the figure) as well as how quickly the PE routers flush their FDBs. Additionally, since this method relies on reacting to the physical failure of the link, it is effective only if the PE and CE are directly connected with no hub or bridge.
ATM PVC access and termination on a VPLS service
The application shown in the following figure provides access to a VPLS service for ATM users connected either directly or through an ATM access network to a 7705 SAR PE node. The 7705 SAR supports an ATM VC-delimited SAP terminating on a VPLS service.
RFC 2427-encapsulated or RFC 2684-encapsulated untagged Ethernet/802.3 frames (with or without frame check sequence (FCS)) or BPDUs from a customer’s bridge device are received on a SAP over an ATM interface on the 7705 SAR. The ATM-related encapsulation is stripped, and the frames (without FCS) are forwarded toward destination SAPs either locally or using SDPs associated with the VPLS service (as dictated by destination MAC address VPLS processing). In the egress direction, the received untagged frames are encapsulated into RFC 2427 or RFC 2684 (no Q-tags are added, no FCS in the forwarded frame) and sent over the ATM VC toward the customer CPE.
When AAL5 RFC 2427/2684 encapsulated tagged frames are received from the customer’s bridge on an ATM SAP, the tags are transparent and the frames are processed as described above, with the exception that the frames forwarded toward the destinations will have the received tags preserved. Similarly, in the egress direction, the received tagged Ethernet frames are encapsulated as is (Q-tags are again transparent and preserved) into RFC 2427/2684 and sent over the ATM PVC toward the customer CPE.
Because the tagging is transparent, the 7705 SAR performs unqualified MAC learning (for example, MAC addresses are learned without reference to the VLANs they are associated with). Therefore, MAC addresses used must be unique across all the VLANs used by the customer for a specific VPLS service instance. If a customer wants a per-VLAN separation, the VLAN traffic that needs to be separated must travel on different VCs (different SAPs) associated with different VPLS service instances.
All VPLS functionality available on the 7705 SAR is applicable to ATM-delimited VPLS SAPs. For example, bridged PDUs received over an ATM SAP can be tunneled through or dropped, all forwarding database (FDB) functionality applies, packet-level QoS and MAC filtering applies. Also, split horizon groups are applicable to ATM SAPs terminating on VPLS. In other words, frame forwarding between ATM SAPs, also referred to as VCI-to-VCI forwarding, is disabled within the same group.
The Ethernet pseudowire is established using Targeted LDP (T-LDP) signaling and uses the ether, vlan, or vpls VC type on the SDP. The SDP can be an MPLS or a GRE type.
VPLS service considerations
This section describes general 7705 SAR service features and any special capabilities or considerations as they relate to VPLS services:
SAP encapsulations
VPLS services are designed to carry Ethernet frame payloads; therefore, VPLS can provide connectivity between any SAPs and SDPs that pass Ethernet frames. The following SAP encapsulations are supported on the 7705 SAR VPLS service:
Ethernet null
Ethernet dot1q
Ethernet qinq
ATM VC with RFC 2684 llc-snap bridged encapsulation (see ATM PVC access and termination on a VPLS service)
VLAN processing
The SAP encapsulation definition on Ethernet ingress ports defines which VLAN tags are used to determine the service that the packet belongs to:
null encapsulation defined at ingress – any VLAN tags are ignored and the packet goes to a default service for the SAP
dot1q encapsulation defined at ingress – only the first label is considered
qinq encapsulation defined at ingress – only the topmost two labels are considered
Note: The SAP can be defined with a wildcard (*) for the inner label (for example, ‟SAP 100:100.*”). In this example, all packets with an outer label of 100 will be treated as belonging to the SAP. If, on the same physical link, there is also a SAP defined by the QinQ encapsulation of SAP 100:100.1, then traffic with 100:1 will go to that SAP while all other traffic with 100 as the first label will go to the SAP with the SAP 100:100.* definition.
For dot1q and qinq encapsulations, traffic encapsulated with tags for which there is no definition are discarded.
Tagging rules for VPLS
VLAN tagging rules for VPLS SAPs are the same as those for Epipe SAPs except that VPLS includes the force-c-vlan-forwarding command.
The force-c-vlan-forwarding command provides users with the ability to preserve a customer VLAN tag and append a configured egress SAP VLAN ID on top of the customer tag. See the force-c-vlan-forwarding command for details.
For information about tagging rules, see Tagging rules for Epipe.
QinQ (VPLS)
VPLS supports QinQ functionality. For details, see QinQ support.
Configuration notes
The following guidelines and restrictions apply to the implementation of VPLS:
fabric mode must be set to aggregate mode (not per-destination mode)
associating a service with a filter policy other than the default policy is optional
Configuring a VPLS service with CLI
This section provides information to configure VPLS services using the CLI.
Topics in this section include:
Basic configuration
The following fields require specific input (there are no defaults) to configure a basic VPLS service:
customer ID (see Configuring customer accounts)
for a local service, configure two SAPs, specifying local access ports and encapsulation values
for a distributed service, configure a SAP and an SDP for each far-end node
The following example displays a configuration of a local VPLS service on ALU-1.
*A:ALU-1>config>service>vpls# info
----------------------------------------------
...
vpls 9001 customer 6 create
description "Local VPLS"
sap 1/2/2:0 create
description "SAP for local service"
exit
sap 1/1/5:0 create
description "SAP for local service"
exit
no shutdown
----------------------------------------------
*A:ALU-1>config>service>vpls#
The following example displays a configuration of a distributed VPLS service between ALU-1, ALU-2, and ALU-3. The vc-id for all mesh SDPs must match the service-id.
*A:ALU-1>config>service# info
----------------------------------------------
...
vpls 9000 customer 6 create
shutdown
description "This is a distributed VPLS."
sap 1/1/5:16 create
description "VPLS SAP"
exit
spoke-sdp 2:22 create
exit
mesh-sdp 7:9000 create
exit
exit
...
----------------------------------------------
*A:ALU-1>config>service#
*A:ALU-2>config>service# info
----------------------------------------------
...
vpls 9000 customer 6 create
description "This is a distributed VPLS."
sap 1/1/5:16 create
description "VPLS SAP"
exit
spoke-sdp 2:22 create
exit
mesh-sdp 8:9000 create
exit
no shutdown
exit
...
----------------------------------------------
*A:ALU-2>config>service#
*A:ALU-3>config>service# info
----------------------------------------------
...
vpls 9000 customer 6 create
description "This is a distributed VPLS."
sap 1/1/3:33 create
description "VPLS SAP"
exit
spoke-sdp 2:22 create
exit
mesh-sdp 8:9000 create
exit
no shutdown
exit
...
----------------------------------------------
*A:ALU-3>config>service#
Common configuration tasks
This section provides a brief overview of the tasks that must be performed to configure both local and distributed VPLS services and provides the CLI commands.
For VPLS services:
Associate a VPLS service with a customer ID. For management VPLS, include the m-vpls keyword when creating the VPLS.
Define SAPs:
Select nodes and ports.
(optional) Select QoS policies other than the default (configured in the config>qos context).
(optional) Select filter policies (configured in the config>filter context).
(optional) Select accounting policy (configured in the config>log context).
Associate SDPs (for distributed services).
(optional) Modify STP default parameters (see VPLS and spanning tree protocol).
Enable the service.
Configuring VPLS components
Topics in this section include:
Creating a VPLS service
Use the following CLI syntax to create a VPLS service:
- CLI syntax:
config>service#vpls service-id [customer customer-id] [m-vpls] [create]description description-stringno shutdown
The following example displays a VPLS configuration:
*A:ALU-1>config>service>vpls# info
----------------------------------------------
...
vpls 9000 customer 6 create
description "This is a distributed VPLS."
shutdown
exit
exit
...
----------------------------------------------
*A:ALU-1>config>service>vpls#
Creating a split horizon group
Use the following CLI syntax to create a split horizon group for a VPLS instance. Including the residential-group parameter creates a residential split horizon group.
- CLI syntax:
config>service>vpls#split-horizon-group group-name [residential-group] [create]
The following example displays a VPLS configuration:
*A:ALU-1>config>service>vpls# info
----------------------------------------------
...
vpls 9000 customer 6 create
description "VPLS with split horizon"
split-horizon-group ‟SHG-group1” residential-group create
description "Residential Split horizon group"
exit
no shutdown
exit
...
----------------------------------------------
Enabling MAC move
The MAC move feature is useful to protect against undetected loops in the VPLS topology as well as the presence of duplicate MACs in a VPLS service. For example, if two clients in the VPLS have the same MAC address, the VPLS will experience a high relearn rate for the MAC and will shut down the SAP or spoke SDP when the threshold is exceeded. Use the following CLI syntax to configure MAC move parameters:
- CLI syntax:
config>servicevpls service-id [customer customer-id] [m-vpls] [create]mac-moveprimary-portsspoke-sdp spoke-idcumulative-factor cumulative-factorexitsecondary-portsspoke-sdp spoke-idsap sap-idexitmove-frequency frequencyretry-timeout timeoutno shutdown
The following example displays a MAC move configuration:
*A:ALU-2009>config>service>vpls>mac-move# show service id 500 mac-move
===============================================================================
Service Mac Move Information
===============================================================================
Service Id : 500 Mac Move :Enabled
Primary Factor : 4 Secondary Factor : 2
Mac Move Rate : 2 Mac Move Timeout : 10
Mac Move Retries : 3
-------------------------------------------------------------------------------
SAP Mac Move Information: 1/1/3:501
-------------------------------------------------------------------------------
Admin State : Up Oper State : Down
Flags : RelearnLimitExceeded
Time to come up : 1 seconds Retries Left : 1
Mac Move : Blockable Blockable Level : Tertiary
-------------------------------------------------------------------------------
SAP Mac Move Information: 1/1/3:502
-------------------------------------------------------------------------------
Admin State : Up Oper State : Up
Flags : None
Time to RetryReset : 267 seconds Retries Left : none
Mac Move : Blockable Blockable Level : Tertiary
-------------------------------------------------------------------------------
SDP Mac Move Information: 21:501
-------------------------------------------------------------------------------
Admin State : Up Oper State : Up
Flags : None
Time to RetryReset : never Retries Left : 3
Mac Move : Blockable Blockable Level : Secondary
-------------------------------------------------------------------------------
SDP Mac Move Information: 21:502
-------------------------------------------------------------------------------
Admin State : Up Oper State : Down
Flags : RelearnLimitExceeded
Time to come up : never Retries Left : none
Mac Move : Blockable Blockable Level : Tertiary
===============================================================================
*A:*A:ALU-2009>config>service>vpls>mac-move#
Configuring STP bridge parameters in a VPLS
Modifying some of the STP parameters allows the operator to balance STP between resiliency and speed of convergence extremes.
The following STP parameters can be modified at the VPLS level:
STP always uses the locally configured values for the first three parameters (admin state, mode, and priority).
For the parameters hello time and hold count, the locally configured values are only used when this bridge has been elected root bridge in the STP domain; otherwise, the values received from the root bridge are used. The exception to this rule is that hello time is always taken from the locally configured parameter.
Bridge STP admin state
The administrative state of STP at the VPLS level is controlled by the shutdown command. For SAPs, if STP on the VPLS is administratively disabled, any BPDUs are forwarded transparently through the 7705 SAR. If STP on the VPLS is administratively enabled, but the administrative state of a SAP is down, BPDUs received on such a SAP are discarded.
The 7705 SAR does not support BPDU extraction over spoke SDPs. If STP on the VPLS instance is disabled, BPDUs are forwarded transparently over the spoke SDP. If STP is enabled, the spoke SDP discards all BPDUs received.
- CLI syntax:
config>service>vpls service-id# stpno shutdown
Mode
The 7705 SAR operates in the rapid spanning tree protocol (RSTP) mode and is compliant with IEEE 802.1D-2004 – default mode.
- CLI syntax:
config>service>vpls service-id# stpmode {rstp}Default: rstp
Bridge priority
The bridge-priority command is used to populate the priority portion of the bridge ID field within outbound BPDUs (the most significant 4 bits of the bridge ID). It is also used as part of the decision process when determining the best BPDU between messages received and sent.
All values will be truncated to multiples of 4096, conforming with IEEE 802.1t and 802.1D-2004.
- CLI syntax:
config>service>vpls service-id# stppriority bridge-priorityRange: 1 to 65535Default: 32768Restore Default: no priority
Hello time
The hello-time command configures the STP hello time for the VPLS STP instance.
The seconds parameter defines the default timer value that controls the sending interval between BPDU configuration messages by this bridge, on ports where this bridge assumes the designated role.
On the 7705 SAR, the hello time for the spanning tree is determined by the locally configured parameter.
- CLI syntax:
config>service>vpls service-id# stphello-time hello-timeRange: 1 to 10 secondsDefault: 2 secondsRestore Default: no hello-time
Hold count
The hold-count command configures the peak number of BPDUs that can be transmitted in 1 second.
- CLI syntax:
config>service>vpls service-id# stphold-count count-valueRange: 1 to 10Default: 6Restore Default: no hold-count
Configuring a VPLS SAP
A default QoS policy is applied to each ingress and egress SAP. Additional QoS policies can be configured in the config>qos context. There are no default filter policies. Filter policies are configured in the config>filter context and must be explicitly applied to a SAP.
For information about configuring ETH-CFM parameters on VPLS (Ethernet) SAPs, see ETH-CFM (802.1ag and Y.1731) tasks.
Topics in this section include:
Local VPLS SAPs
To configure a local VPLS service, enter the sap sap-id command twice with different port IDs in the same service configuration.
All supported service types and corresponding uplink SAPs are specified in the following examples.
The following example displays a local VPLS configuration:
*A:ALU-1>config>service# info
----------------------------------------------
...
vpls 9000 customer 6 create
description "Local VPLS"
sap 1/2/2:0 create
description "SAP for local service"
exit
sap 1/1/5:0 create
description "SAP for local service"
exit
no shutdown
exit
----------------------------------------------
*A:ALU-1>config>service#
Distributed VPLS SAPs
To configure a distributed VPLS service, you must configure service entities on originating and far-end nodes. You must use the same service ID on all ends (for example, create a VPLS service ID 9000 on ALU-1, ALU-2, and ALU-3). A distributed VPLS consists of a SAP on each participating node and an SDP bound to each participating node.
For SDP configuration information, see Configuring SDPs. For SDP binding information, see Configuring SDP bindings.
The following example displays a configuration of VPLS SAPs configured for ALU-1, ALU-2, and ALU-3:
*A:ALU-1>config>service# info
--------------------------------------------
...
vpls 9000 customer 6 create
description "Distributed VPLS services."
shutdown
exit
sap 1/2/5:0 create
description "VPLS SAP"
exit
...
--------------------------------------------
*A:ALU-1>config>service#
*A:ALU-2>config>service# info
--------------------------------------------
...
vpls 9000 customer 6 create
description "Distributed VPLS services."
shutdown
exit
sap 1/1/2:22 create
description "VPLS SAP"
exit
...
--------------------------------------------
*A:ALU-2>config>service#
*A:ALU-3>config>service# info
----------------------------------------------
...
vpls 9000 customer 6 create
description "Distributed VPLS services."
shutdown
exit
sap 1/1/3:33 create
description "VPLS SAP"
exit
...
----------------------------------------------
Configuring SAP-specific STP parameters
When a VPLS has STP enabled, each SAP within the VPLS has STP enabled by default. The operation of STP on each SAP is governed by:
SAP STP administrative state
The administrative state of STP within a SAP controls how BPDUs are transmitted and handled when received. The allowable states are:
SAP admin up
The default administrative state is up for STP on a SAP. BPDUs are handled in the normal STP manner on a SAP that is administratively up.
SAP admin down
An administratively down state allows a service provider to prevent a SAP from becoming operationally blocked. BPDUs will not originate out the SAP toward the customer.
If STP is enabled on the VPLS level, but disabled on the SAP, received BPDUs are discarded. Discarding the incoming BPDUs allows STP to continue to operate normally within the VPLS service while ignoring the down SAP. The specified SAP will always be in an operationally forwarding state.
- CLI syntax:
config>service>vpls>sap>stp#[no] shutdownRange: shutdown or no shutdownDefault: no shutdown (SAP admin up)
SAP virtual port number
The virtual port number uniquely identifies a SAP within configuration BPDUs. The internal representation of a SAP is unique to a system and has a reference space much bigger than the 12 bits definable in a configuration BPDU. STP takes the internal representation value of a SAP and identifies it with its own virtual port number, which is unique to every other SAP defined on the VPLS. The virtual port number is assigned at the time that the SAP is added to the VPLS.
Because the order in which SAPs are added to the VPLS is not preserved between reboots of the system, the virtual port number may change between restarts of the STP instance. To achieve consistency after a reboot, the virtual port number can be specified explicitly.
- CLI syntax:
config>service>vpls>sap# stpport-num numberRange: 1 to 2047Default: (automatically generated)Restore Default: no port-num
SAP priority
SAP priority allows a configurable ‟tiebreaking” parameter to be associated with a SAP. When configuration BPDUs are being received, the configured SAP priority will be used in some circumstances to determine whether a SAP will be designated or blocked.
In traditional STP implementations (802.1D-1998), this field is called the port priority and has a value of 0 to 255. This field is coupled with the port number (0 to 255 also) to create a 16-bit value.
In the latest STP standard (802.1D-2004), only the upper 4 bits of the port priority field are used to encode the SAP priority. The remaining 4 bits are used to extend the port ID field into a 12-bit virtual port number field. The virtual port number uniquely references a SAP within the STP instance. See SAP virtual port number for details on the virtual port number.
STP computes the actual SAP priority by taking the configured priority value and masking out the lower four bits. The result is the value that is stored in the SAP priority parameter. For example, if a value of 0 was entered, masking out the lower 4 bits would result in a parameter value of 0. If a value of 255 was entered, the result would be 240.
The default value for SAP priority is 128. This parameter can be modified within a range of 0 to 255, 0 being the highest priority. Masking causes the values actually stored and displayed to be 0 to 240, in increments of 16.
- CLI syntax:
config>service>vpls>sap>stp#priority stp-priorityRange: 0 to 255 (240 largest value, in increments of 16)Default: 128Restore Default: no priority
SAP path cost
The SAP path cost is used by STP to calculate the path cost to the root bridge. The path cost in BPDUs received on the root port is incremented with the configured path cost for that SAP. When BPDUs are sent out other egress SAPs, the newly calculated root path cost is used.
STP suggests that the path cost is defined as a function of the link bandwidth. Because SAPs are controlled by complex queuing dynamics, in the 7705 SAR the STP path cost is a purely static configuration.
The default value for SAP path cost is 10. This parameter can be modified within a range of 1 to 200000000, 1 being the lowest cost.
- CLI syntax:
config>service>vpls>sap>stp#path-cost sap-path-costRange: 1 to 200000000Default: 10Restore Default: no path-cost
SAP edge port
The SAP edge-port command is used to reduce the time it takes a SAP to reach the forwarding state when the SAP is on the edge of the network and therefore has no further STP bridge to handshake with.
The edge-port command is used to initialize the internal OPER_EDGE variable. At any time, when OPER_EDGE is false on a SAP, the normal mechanisms are used to transition to the forwarding state. When OPER_EDGE is true, STP assumes that the remote end agrees to transition to the forwarding state without actually receiving a BPDU with an agreement flag set.
The OPER_EDGE variable will dynamically be set to false if the SAP receives BPDUs (the configured edge-port value does not change). The OPER_EDGE variable will dynamically be set to true if auto-edge is enabled and STP concludes there is no bridge behind the SAP.
When STP on the SAP is administratively disabled and re-enabled, the OPER_EDGE is reinitialized to the value configured for edge-port.
Valid values for SAP edge-port are enabled and disabled with disabled being the default.
- CLI syntax:
config>service>vpls>sap>stp#[no] edge-portDefault: no edge-port
SAP auto edge
The SAP auto-edge command is used to instruct STP to dynamically decide whether the SAP is connected to another bridge.
If auto-edge is enabled, and STP concludes there is no bridge behind the SAP, the OPER_EDGE variable will dynamically be set to true. If auto-edge is enabled and a BPDU is received, the OPER_EDGE variable will dynamically be set to false (see SAP edge port).
Valid values for SAP auto-edge are enabled and disabled, with enabled being the default.
- CLI syntax:
config>service>vpls>sap>stp#[no] auto-edgeDefault: auto-edge
SAP link type
The SAP link-type command instructs STP on the maximum number of bridges behind this SAP.
If there is only a single bridge, transitioning to the forwarding state is based on handshaking (fast transitions). If more than two bridges are connected by a shared media, their SAPs should all be configured as shared, and timer-based transitions are used.
Valid values for SAP link-type are shared and pt-pt, with pt-pt being the default.
- CLI syntax:
config>service>vpls>sap>stp#link-type {pt-pt|shared}Default: link-type pt-ptRestore Default: no link-type
STP SAP operational states
The operational state of STP on a SAP controls how BPDUs are transmitted and handled when received. Defined states are:
Operationally disabled
Operationally disabled is the normal operational state for STP on a SAP in a VPLS that has any of the following conditions:
VPLS state administratively down
SAP state administratively down
SAP state operationally down
If the SAP enters the operationally up state with the STP administratively up and the SAP STP state is up, the SAP will transition to the STP SAP discarding state.
When, during normal operation, the router detects a downstream loop behind a SAP, BPDUs can be received at a very high rate. To recover from this situation, STP will transition the SAP to the disabled state for the forward-delay duration of 15 s.
Operationally discarding
A SAP in the discarding state only receives and sends BPDUs, building the local correct STP state for each SAP while not forwarding actual user traffic.
Operationally learning
The learning state allows for the population of the MAC forwarding table before entering the forwarding state. In this state, no user traffic is forwarded.
Operationally forwarding
Configuration BPDUs are sent out a SAP in the forwarding state. Layer 2 frames received on the SAP are source-learned and destination-forwarded according to the FIB. Layer 2 frames received on other forwarding interfaces and destined for the SAP are also forwarded.
Configuring VPLS SAPs with split horizon
To configure a VPLS service with a split horizon group, add the split-horizon-group parameter when creating the SAP. Traffic arriving on a SAP within a split horizon group will not be copied to other SAPs in the same split horizon group.
The following example displays a VPLS configuration with split horizon enabled:
*A:ALU-1>config>service# info
----------------------------------------------
...
vpls 800 customer 6001 create
description "VPLS with split horizon for DSL"
sap 1/1/3:1/100 split-horizon-group ‟DSL-group1” create
description "SAP for residential bridging"
exit
sap 1/1/3:1/200 split-horizon-group ‟DSL-group1” create
description "SAP for residential bridging"
exit
split-horizon-group ‟DSL-group1” residential-group create
description "Split horizon group for DSL"
exit
no shutdown
exit
...
----------------------------------------------
*A:ALU-1>config>service#
Configuring SDP bindings
This section contains the following topics:
VPLS provides scaling and operational advantages. A hierarchical configuration eliminates the need for a full mesh of VCs between participating devices. Hierarchy is achieved by enhancing the base VPLS core mesh of VCs with access VCs (spoke) to form two tiers. Spoke SDPs are generally created between Layer 2 switches and placed at the Multi-Tenant Unit (MTU). The PE routers are placed at the service provider's Point of Presence (POP). Signaling and replication overhead on all devices is considerably reduced.
A spoke SDP is treated like the equivalent of a traditional bridge port, where flooded traffic received on the spoke SDP is replicated on all other ‟ports” (other spoke and mesh SDPs or SAPs) and not transmitted on the port it was received on (unless a split horizon group was defined on the spoke SDP; see Configuring VPLS spoke SDPs with split horizon).
A spoke SDP connects a VPLS service between two sites and, in its simplest form, could be a single tunnel LSP. A set of ingress and egress VC labels are exchanged for each VPLS service instance to be transported over this LSP. The PE routers at each end treat this as a virtual spoke connection for the VPLS service in the same way as the PE-MTU connections. This architecture minimizes the signaling overhead and avoids a full mesh of VCs and LSPs between the two metro networks.
A mesh SDP bound to a service is logically treated like a single bridge ‟port” for flooded traffic, where flooded traffic received on any mesh SDP on the service is replicated to other ‟ports” (spoke SDPs and SAPs) and not transmitted on any mesh SDPs.
A VC-ID can be specified with the SDP-ID. The VC-ID is used instead of a label to identify a virtual circuit. The VC-ID is significant between peer 7705 SAR routers on the same hierarchical level. The value of a VC-ID is conceptually independent from the value of the label or any other datalink-specific information of the VC.
The following figure displays an example of a distributed VPLS service configuration of spoke and mesh SDPs (unidirectional tunnels) between 7750 SR routers and 7705 SAR MTUs.
Configuring mesh SDP bindings
Use the following CLI syntax to create a mesh SDP binding with a distributed VPLS service. SDPs must be configured before binding. See Configuring SDPs for information about creating SDPs. For information about configuring ETH-CFM parameters on VPLS (Ethernet) mesh SDPs, see ETH-CFM (802.1ag and Y.1731) tasks.
Use the following CLI syntax to configure mesh SDP bindings:
- CLI syntax:
config>service# vpls service-idmesh-sdp sdp-id[:vc-id] [vc-type {ether | vlan}]egressvc-label egress-vc-labelingressfilter {ip ip-filter-id | mac mac-filter-id}vc-label ingress-vc-labelno shutdownstatic-mac ieee-addressvlan-vc-tag 0..4094
Configuring spoke SDPs
Topics in this section include:
Configuring spoke SDP bindings
Use the following CLI syntax to create a spoke SDP binding with a distributed VPLS service. SDPs must be configured before binding. See Configuring SDPs for information about creating SDPs. For information about configuring ETH-CFM parameters on VPLS (Ethernet) spoke SDPs, see ETH-CFM (802.1ag and Y.1731) tasks.
Use the following CLI syntax to configure spoke SDP bindings:
- CLI syntax:
config>service# vpls service-idspoke-sdp sdp-id:vc-id [vc-type {ether | vlan}] [split-horizon-group group-name]egressvc-label egress-vc-labelingressfilter {ip ip-filter-id | mac mac-filter-id}vc-label ingress-vc-labellimit-mac-move [non-blockable]no shutdownstatic-mac ieee-addressvlan-vc-tag [0..4094]
The following displays SDP binding configurations for ALU-1, ALU-2, and ALU-3 for VPLS service ID 9000 for customer 6:
*A:ALU-1>config>service# info
----------------------------------------------
vpls 9000 customer 6 create
description "This is a distributed VPLS."
sap 1/2/5:0 create
exit
spoke-sdp 2:22 create
exit
mesh-sdp 5:9000 create
exit
mesh-sdp 7:9000 create
exit
no shutdown
exit
----------------------------------------------
*A:ALU-1>config>service#
*A:ALU-2>config>service# info
----------------------------------------------
...
vpls 9000 customer 6 create
description "This is a distributed VPLS."
sap 1/1/2:22 create
exit
spoke-sdp 2:22 create
exit
mesh-sdp 5:9000 create
exit
mesh-sdp 7:9000 create
exit
no shutdown
exit
----------------------------------------------
*A:ALU-3>config>service# info
----------------------------------------------
...
vpls 9000 customer 6 create
description "This is a distributed VPLS."
sap 1/1/3:33 create
exit
spoke-sdp 2:22 create
exit
mesh-sdp 5:9000 create
exit
mesh-sdp 7:9000 create
exit
no shutdown
exit
----------------------------------------------
*A:ALU-3>config>service#
Configuring spoke SDP-specific STP parameters
When a VPLS has STP enabled, each spoke SDP in the VPLS has STP enabled by default. The operation of STP on each spoke SDP is governed by:
Spoke SDP STP administrative state
The administrative state of STP within a spoke SDP controls how BPDUs are transmitted and handled when received. The allowable states are:
spoke SDP admin up
The default administrative state is up for STP on a spoke SDP. BPDUs are handled in the normal STP manner on a spoke SDP that is administratively up.
spoke SDP admin down
An administratively down state allows a service provider to prevent a spoke SDP from becoming operationally blocked. BPDUs will not originate out the spoke SDP toward the customer.
If STP is enabled on the VPLS level but disabled on the spoke SDP, received BPDUs are discarded. Discarding the incoming BPDUs allows STP to continue to operate normally within the VPLS service while ignoring the down spoke SDP. The specified spoke SDP will always be in an operationally forwarding state.
- CLI syntax:
config>service>vpls>spoke-sdp>stp#[no] shutdown
Spoke SDP virtual port number
The virtual port number uniquely identifies a spoke SDP within configuration BPDUs. The internal representation of a spoke SDP is unique to a system and has a reference space much larger than the 12 bits definable in a configuration BPDU. STP takes the internal representation value of a spoke SDP and identifies it with its own virtual port number, which is unique to any other spoke SDP defined on the VPLS. The virtual port number is assigned at the time that the spoke SDP is added to the VPLS.
Because the order in which spoke SDPs are added to the VPLS is not preserved between reboots of the system, the virtual port number may change between restarts of the STP instance. To achieve consistency after a reboot, the virtual port number can be specified explicitly.
- CLI syntax:
config>service>vpls>spoke-sdp# stpport-num virtual-port-number
Spoke SDP priority
Spoke SDP priority allows a configurable ‟tiebreaking” parameter to be associated with a spoke SDP. When configuration BPDUs are being received, the configured spoke SDP priority will be used in some circumstances to determine whether a spoke SDP will be designated or blocked.
In traditional STP implementations (802.1D-1998), this field is called the port priority and has a value of 0 to 255. This field is coupled with the port number (also 0 to 255) to create a 16-bit value.
In the latest STP standard (802.1D-2004), only the upper 4 bits of the port priority field are used to encode the spoke SDP priority. The remaining 4 bits are used to extend the port ID field into a 12-bit virtual port number field. The virtual port number uniquely references a spoke SDP within the STP instance. See Spoke SDP virtual port number for details on the virtual port number.
STP computes the actual spoke SDP priority by taking the configured priority value and masking out the lower 4 bits. The result is the value that is stored in the spoke SDP priority parameter. For example, if a value of 0 was entered, masking out the lower 4 bits would result in a parameter value of 0. If a value of 255 was entered, the result would be 240.
The default value for spoke SDP priority is 128. This parameter can be configured within a range of 0 to 255, with 0 being the highest priority. Masking causes the values actually stored and displayed to be 0 to 240, in increments of 16.
- CLI syntax:
config>service>vpls>spoke-sdp>stp#priority stp-priority
Spoke SDP path cost
The spoke SDP path cost is used by STP to calculate the path cost to the root bridge. The path cost in BPDUs received on the root port is incremented with the configured path cost for that spoke SDP. When BPDUs are sent out other egress spoke SDPs, the newly calculated root path cost is used.
STP suggests that the path cost is defined as a function of the link bandwidth. Because spoke SDPs are controlled by complex queuing dynamics, in the 7705 SAR the STP path cost is a purely static configuration.
The default value for spoke SDP path cost is 10. This parameter can be configured within a range of 1 to 200000000, with 1 being the lowest cost.
- CLI syntax:
config>service>vpls>spoke-sdp>stp#path-cost stp-path-cost
Spoke SDP edge port
The spoke SDP edge-port command is used to reduce the time it takes a spoke SDP to reach the forwarding state when the spoke SDP is on the edge of the network and therefore has no further STP bridge to handshake with.
The edge-port command is used to initialize the internal OPER_EDGE variable. At any time, when OPER_EDGE is false on a spoke SDP, the normal mechanisms are used to transition to the forwarding state. When OPER_EDGE is true, STP assumes that the remote end agrees to transition to the forwarding state without actually receiving a BPDU with an agreement flag set.
The OPER_EDGE variable will dynamically be set to false if the spoke SDP receives BPDUs (the configured edge-port value does not change). The OPER_EDGE variable will dynamically be set to true if auto-edge is enabled and STP concludes there is no bridge behind the spoke SDP.
When STP on the spoke SDP is administratively disabled and re-enabled, the OPER_EDGE is reinitialized to the value configured for edge-port.
Valid values for spoke SDP edge-port are enabled and disabled, with disabled being the default.
- CLI syntax:
config>service>vpls>spoke-sdp>stp#[no] edge-port
Spoke SDP auto edge
The spoke SDP auto-edge command is used to instruct STP to dynamically decide whether the spoke SDP is connected to another bridge.
If auto-edge is enabled, and STP concludes there is no bridge behind the spoke SDP, the OPER_EDGE variable will dynamically be set to true. If auto-edge is enabled and a BPDU is received, the OPER_EDGE variable will dynamically be set to false (see Spoke SDP edge port).
Valid values for spoke SDP auto-edge are enabled and disabled, with enabled being the default.
- CLI syntax:
config>service>vpls>spoke-sdp>stp#[no] auto-edge
Spoke SDP link type
The spoke SDP link-type command instructs STP on the maximum number of bridges behind this spoke SDP.
If there is only a single bridge, transitioning to the forwarding state is based on handshaking (fast transitions). If more than two bridges are connected by a shared media, their spoke SDPs should all be configured as shared, and timer-based transitions are used.
Valid values for spoke SDP link-type are shared and pt-pt, with pt-pt being the default.
- CLI syntax:
config>service>vpls>spoke-sdp>stp#link-type {pt-pt|shared}
Configuring VPLS spoke SDPs with split horizon
To configure spoke SDPs with a split horizon group, add the split-horizon-group parameter when creating the spoke SDP. Traffic arriving on a SAP or spoke SDP within a split horizon group will not be copied to other SAPs or spoke SDPs in the same split horizon group.
The following example displays a VPLS configuration with split horizon enabled:
*A:ALU-1>config>service# info
----------------------------------------------
...
vpls 800 customer 6001 create
description "VPLS with split horizon for DSL"
spoke-sdp 51:15 split-horizon-group ‟DSL-group1” create
exit
split-horizon-group ‟DSL-group1”
description "Split horizon group for DSL"
exit
no shutdown
exit
...
----------------------------------------------
*A:ALU-1>config>service#
Configuring selective MAC flush
Use the following CLI syntax to enable selective MAC flush in a VPLS instance:
- CLI syntax:
config>service# vpls service-idsend-flush-on-failure
Use the following CLI syntax to disable selective MAC flush in a VPLS instance:
- CLI syntax:
config>service# vpls service-idno send-flush-on-failure
Configuring routed VPLS
To establish routed VPLS (r-VPLS), a VPLS service must be bound to a standard IP interface within an IES or VPRN service. This is done by giving the VPLS a service-name and setting the VPLS allow-ip-int-binding flag. The binding is completed when the IES or VPRN interface is associated with the VPLS service-name. See Routed VPLS for details.
A VPLS service only supports binding for a single IP interface.
Additionally, an ingress IPv4 or IPv6 filter can be assigned to the VPLS SAP and the IES or VPRN interface. Use the v4-routed-override-filter and v6-routed-override-filter commands to give the IP interface filter precedence over the VPLS SAP filter. See IES command reference and VPRN services command reference for command descriptions.
Use the following CLI syntax to set up routed VPLS in a VPLS instance:
- CLI syntax:
config>service# vpls service-idallow-ip-int-bindingservice-name service-name
Use the following CLI syntax to bind an IES or VPRN interface to the routed VPLS instance and to configure an override filter:
- CLI syntax:
config>service>ies# interface ip-interface-name [create]vpls service-nameingressv4-routed-override-filter ipv4-filter-idv6-routed-override-filter ipv6-filter-id
- CLI syntax:
config>service>vprn# interface ip-interface-name [create]vpls service-nameingressv4-routed-override-filter ipv4-filter-idv6-routed-override-filter ipv6-filter-id
Configuring IP multicast in VPLS
Use the config>service>vpls>igmp-snooping or mld-snooping command to enable IP multicast in VPLS. The igmp-snooping and mld-snooping commands stop the default flooding of multicast traffic and allow the creation of a multicast forwarding database (MFIB) on a per-port basis.
The following displays a VPLS configuration with IGMP snooping. Configuring MLD snooping is similar except that the mld-snooping command and IPv6 addresses are used instead of the igmp-snooping command and IPv4 addresses:
*A:ALU-1>config>service>vpls# info
----------------------------------------------
description "Default tls description for service id 1"
service-mtu 1400
stp
shutdown
exit
igmp-snooping
no shutdown
exit
service-name "snooper"
sap 1/1/5:12 create
description "Default sap description for service id 1"
exit
sap 1/1/5:34 create
description "Default sap description for service id 1"
exit
mesh-sdp 21:1 create
no shutdown
exit
spoke-sdp 23:1 create
no shutdown
exit
no shutdown
----------------------------------------------
*A:ALU-1>config>service>vpls#
Configuring IP multicast in r-VPLS
Configuring IP multicast in a routed VPLS requires several steps.
Creating a Layer 2 multicast service in the context of an r-VPLS with PIM translation configured on the r-VPLS Layer 3 interface creates two multicast groups: one Layer 2 multicast group and one Layer 3 multicast group. Creating the Layer 2 multicast group automatically creates the Layer 3 group. It is not necessary to create both groups. The 7705 SAR uses one Layer 3 multicast group per source, and one Layer 2 multicast group per source per VPLS. See IP multicast in r-VPLS for details.
Perform the following steps to create Layer 2 and Layer 3 multicast groups on a SAP or SDP:
Create an r-VPLS by using the vpls>allow-ip-int-binding command and the ies>interface>vpls service-name command.
Configure IGMP or MLD on IES to form the link between Layer 3 and Layer 2.
Configure PIM on a network interface to allow the propagation of multicast join messages into the network.
(Optional) Configure the Layer 2 multicast service parameters, as described in Configuring multicast parameters for VPLS and r-VPLS.
The following displays illustrate step 1 to step 3 for an r-VPLS configuration with IGMP snooping. Configuring MLD snooping is similar except that the mld-snooping command and IPv6 addresses are used instead of the igmp-snooping command and IPv4 addresses.
To create the r-VPLS:
*A:ALU-1>config>service>vpls# info
----------------------------------------------
description "Default tls description for service id 1"
service-mtu 1400
allow-ip-int-binding
stp
shutdown
exit
igmp-snooping
no shutdown
exit
service-name "snooper"
sap 1/1/5:12 create
description "Default sap description for service id 1"
exit
sap 1/1/5:34 create
description "Default sap description for service id 1"
exit
mesh-sdp 21:1 create
no shutdown
exit
spoke-sdp 23:1 create
no shutdown
exit
no shutdown
----------------------------------------------
*A:ALU-1>config>service>vpls#
*A:ALU-1>config>service>ies# info
----------------------------------------------
description "Default Ies description for service id 2"
interface "rvpls_ies" create
address 192.168.0.0/16
ipv6
address 2001:db8:a::123
exit
vpls "snooper"
exit
exit
service-name "XYZ Ies 2"
no shutdown
----------------------------------------------
*A:ALU-1>config>service>ies#
To link Layer 3 and Layer 2:
*A:ALU-1>config>router>igmp# info
----------------------------------------------
interface "rvpls_ies"
no shutdown
exit
no shutdown
----------------------------------------------
*A:ALU-1>config>router>igmp#
To configure PIM on a network interface:
*A:ALU-1>config>router>pim# info
----------------------------------------------
no ipv6-multicast-disable
interface "PimtoDut4"
exit
rp
exit
no shutdown
----------------------------------------------
*A:ALU-1config>router>pim#
Configuring multicast parameters for VPLS and r-VPLS
The 7705 SAR supports multicast for VPLS and r-VPLS through IGMP and MLD snooping at the VPLS service level, as well as at the VPLS SAP and SDP (mesh and spoke) levels. Note the following considerations for IGMP and MLD snooping on a SAP or SDP.
A filter policy can be imported on a SAP or SDP. Import policies are defined in the config>router>policy-options context. See the ‟Filter policies” section in the 7705 SAR Router Configuration Guide for details.
A SAP or SDP can be configured as a multicast router port (mrouter-port), meaning that a multicast router is attached to this port. However, the mrouter-port and the send-queries commands are mutually exclusive commands.
A static multicast group can be configured on a SAP or SDP (see Configuring a static multicast group).
The send-queries command must be enabled for the following commands to be operational: query-interval, query-response-interval, robust-count, and version.
Use the following CLI syntax to configure IGMP snooping parameters for VPLS and r-VPLS. Configuring MLD snooping parameters is similar except that the mld-snooping command and IPv6 addresses are used instead of the igmp-snooping command and IPv4 addresses.
- CLI syntax:
config>service>vpls# igmp-snoopingquery-interval secondsquery-src-ip ip-addressreport-src-ip ip-addressrobust-count robust-count
The following displays IGMP snooping configuration for a VPLS service:
*A:ALU-1>config>service>vpls>igmp-snooping# info detail
----------------------------------------------
no shutdown
query-interval 125
robust-count 2
report-src-ip 10.0.0.0
no query-src-ip
----------------------------------------------
*A:ALU-1>config>service>vpls>igmp-snooping#
Use the following CLI syntax to configure IGMP snooping on a SAP. Configuring IGMP snooping on an SDP is similar. Configuring MLD snooping on a SAP or SDP is also similar, except that the mld-snooping command and IPv6 addresses are used instead of the igmp-snooping command and IPv4 addresses, and the max-num-grp-sources and max-num-sources commands do not apply.
- CLI syntax:
config>service>vpls# sap sap-idconfig>service>vpls>sap# igmp-snoopingconfig>service>vpls>sap>igmp-snooping#[no] disable-router-alert-check[no] fast-leave[no] import policy-name[no] last-member-query-interval interval[no] max-num-groups max-num-groups[no] max-num-grp-sources max-num-grp-sources[no] max-num-sources max-num-sources[no] mrouter-port[no] query-interval seconds[no] query-response-interval seconds[no] robust-count robust-count[no] send-queries[no] static[no] group grp-ip-address[no] source ip-address[no] starg[no] version version
The following displays IGMP snooping configuration for a VPLS service:
*A:ALU-1>config>service>vpls>sap>igmp-snooping# info detail
----------------------------------------------
no fast-leave
no import
no max-num-groups
no max-num-sources
no max-num-grp-sources
last-member-query-interval 10
mrouter-port
query-interval 125
query-response-interval 10
robust-count 2
version 3
no send-queries
no disable-router-alert-check
----------------------------------------------
*A:ALU-1>config>service>vpls>sap>igmp-snooping#
Configuring a static multicast group
A static multicast group is not created until the source or starg—(*,G)—is specified. More than one group can be created per SAP or SDP, and more than one source can be added to a group. A static source cannot be added to a group if a starg already exists in the group.
Use the following CLI syntax to configure a static group for IGMP snooping on a VPLS SAP. Configuring a static group for IGMP snooping on an SDP is similar. Configuring a static group for MLD snooping on a SAP or SDP is also similar, except that the mld-snooping command and IPv6 addresses are used instead of the igmp-snooping command and IPv4 addresses.
- CLI syntax:
config>service>vpls>sap# igmp-snoopingconfig>service>vpls>sap>igmp-snooping#[no] static[no] group grp-ip-address[no] source ip-address[no] starg
The following displays a static group configuration for IGMP snooping on a VPLS SAP (multiple groups and multiple sources):
*A:ALU-1>config>service>vpls>sap>igmp-snooping# info
----------------------------------------------
send-queries
static
group 192.0.2.0
starg
exit
group 192.0.2.1
source 192.0.2.10
source 192.0.2.11
exit
exit
----------------------------------------------
*A:ALU-1>config>service>vpls>sap>igmp-snooping#
Configuring PIM snooping for VPLS
Use the pim-snooping command to connect a source in a Layer 2 access network to the host in a Layer 3 core network.
Use the following CLI syntax to configure PIM snooping for VPLS and to configure the maximum number of multicast groups for PIM snooping for VPLS SAPs and spoke SDPs.
- CLI syntax:
config>service>vpls#pim-snooping[no] group-policy grp-policy-name [grp-policy-name....up to 5 max][no] hold-time seconds[no] ipv4-multicast-disable[no] ipv6-multicast-disablemode [snoop | proxy]
- CLI syntax:
config>service>vpls>sap#pim-snooping[no] max-num-groups max-num-groups
- CLI syntax:
config>service>vpls>spoke-sdp#pim-snooping[no] max-num-groups max-num-groups
The following displays a VPLS configuration with PIM snooping.
*A:ALU>config>service>vpls>pim-snooping# info detail
----------------------------------------------
mode proxy
hold-time 90
no group-policy
no ipv4-multicast-disable
ipv6-multicast-disable
----------------------------------------------
*A:ALU>config>service>vpls>pim-snooping#
*A:ALU>config>service>vpls>sap>pim-snooping# info detail
----------------------------------------------
no max-num-groups
----------------------------------------------
*A:ALU>config>service>vpls>sap>pim-snooping#
Configuring a security zone within a VPLS
To configure firewall security functionality, you must:
configure a firewall security profile and policy in the config>security context
in the config>security>profile context, specify the timeouts for the TCP/UDP/ICMP protocols and configure logging and application assurance parameters. This step is optional. If you do not configure the profile, a default profile is assigned.
in the config>security>policy context, configure a security policy and specify the match criteria and the action to be applied to a packet if a match is found
configure a firewall bypass policy in the config>security context and assign it to the VPLS, as shown in the following CLI syntax. This step is optional. If you do not configure a bypass policy, the protocol packets are firewalled based on the firewall security policies.
configure a security zone and apply the policy ID to the zone, as shown in the following CLI syntax
- CLI syntax:
config>servicevpls service-id [customer customer-id] [create]fw-bypass-policy {bypass-id | name}zone zone-id [create]abortbegincommitdescription description-stringinboundmesh-sdp sdp-id:vc-idoutboundpolicy {policy-id | policy-name}sap sap-idshutdownspoke-sdp sdp-id:vc-id
The following example displays the security zone configuration output.
*A:Sar8 Dut-A>config>service>vpls# info
----------------------------------------------
stp
shutdown
exit
fw-bypass-policy 1
sap 1/2/2 create
no shutdown
zone 1 create
name "VPLS zone"
description "Sample zone"
sap ‟1/2/3”
policy "4"
inbound
limit
exit
exit
outbound
limit
exit
exit
commit
exit
no shutdown
----------------------------------------------
Service management tasks
This section discusses the following service management tasks:
Modifying VPLS service parameters
You can change existing service parameters. The changes are applied immediately.
To display a list of services, use the show service service-using vpls command. Enter the parameters, such as description, SAP, SDP, or service-MTU command syntax, then enter the new information.
The following displays a modified VPLS configuration:
*A:ALU-1>config>service>vpls# info
----------------------------------------------
description "This is a different description."
disable-learning
disable-aging
discard-unknown
local-age 500
remote-age 1000
stp
shutdown
exit
sap 1/1/5:22 create
description "VPLS SAP"
exit
spoke-sdp 2:22 create
exit
no shutdown
----------------------------------------------
*A:ALU-1>config>service>vpls#
Modifying management VPLS parameters
To modify the range of VLANs on an access port that are to be managed by an existing management VPLS, the new range should first be entered and then the old range removed. If the old range is removed before a new range is defined, all customer VPLS services in the old range will become unprotected and may be disabled.
- CLI syntax:
config>service# vpls service-idsap sap-idmanaged-vlan-list[no] range vlan-range
Deleting a management VPLS
As with normal VPLS service, a management VPLS cannot be deleted until SAPs are unbound (deleted), interfaces are shut down, and the service is shut down on the service level.
Use the following CLI syntax to delete a management VPLS service:
- CLI syntax:
config>service[no] vpls service-idshutdown[no] sap sap-idshutdown
Disabling a management VPLS
You can shut down a management VPLS without deleting the service parameters. When a management VPLS is disabled, all associated user VPLS services are also disabled (to prevent loops). If this is not wanted, first unmanage the user’s VPLS service by removing them from the managed-vlan-list.
- CLI syntax:
config>servicevpls service-idshutdown
- Example:
config>service# vpls 1config>service>vpls# shutdownconfig>service>vpls# exit
Deleting a VPLS service
A VPLS service cannot be deleted until SAPs and SDPs are unbound (deleted), interfaces are shut down, and the service is shut down on the service level.
Use the following CLI syntax to delete a VPLS service:
- CLI syntax:
config>service[no] vpls service-idshutdown[no] mesh-sdp sdp-idshutdownsap sap-id [split-horizon-group group-name]no sap sap-idshutdown
Disabling a VPLS service
Use the following CLI syntax to shut down a VPLS service without deleting the service parameters:
- CLI syntax:
config>service> vpls service-id[no] shutdown
- Example:
config>service# vpls 1config>service>vpls# shutdownconfig>service>vpls# exit
Re-enabling a VPLS service
To re-enable a VPLS service that was shut down:
- CLI syntax:
config>service> vpls service-id[no] shutdown
- Example:
config>service# vpls 1config>service>vpls# no shutdownconfig>service>vpls# exit
VPLS command reference
Command hierarchies
VPLS service configuration commands
Global commands
config
- service
- vpls service-id [customer customer-id] [m-vpls] [create]
- no vpls service-id
- bgp (see VPLS commands for EVPN)
- bgp-evpn (see VPLS commands for EVPN)
- description description-string
- no description
- [no] disable-aging
- [no] disable-learning
- [no] discard-unknown
- endpoint endpoint-name [create]
- no endpoint
- [no] block-on-mesh-failure
- description description-string
- no description
- [no] ignore-standby-signaling
- [no] mac-pinning
- max-nbr-mac-addr table-size
- no max-nbr-mac-addr
- revert-time {revert-time | infinite}
- no revert-time
- static-mac ieee-address [create]
- no static-mac
- [no] suppress-standby-signaling
- [no] fdb-table-high-wmark high-water-mark
- [no] fdb-table-low-wmark low-water-mark
- fdb-table-size table-size
- no fdb-table-size [table-size]
- igmp-snooping
- query-interval seconds
- no query-interval
- query-src-ip ip-address
- no query-src-ip
- report-src-ip ip-address
- no report-src-ip
- robust-count robust-count
- no robust-count
- [no] shutdown
- load-balancing
- [no] l4-load-balancing
- [no] per-service-hashing
- [no] spi-load-balancing
- [no] teid-load-balancing
- local-age aging-timer
- no local-age
- [no] mac-move
- move-frequency frequency
- no move-frequency
- number-retries number-retries
- no number-retries
- primary-ports
- cumulative-factor cumulative-factor
- no cumulative-factor
- [no] sap sap-id
- [no] spoke-sdp spoke-id
- retry-timeout timeout
- no retry-timeout
- secondary-ports
- cumulative-factor cumulative-factor
- no cumulative-factor
- [no] sap sap-id
- [no] spoke-sdp spoke-id
- [no] shutdown
- mac-subnet-length subnet-length
- no mac-subnet-length
- mld-snooping
- query-interval seconds
- no query-interval
- query-src-ip ipv6-address
- no query-src-ip
- report-src-ip ipv6-address
- no report-src-ip
- robust-count robust-count
- no robust-count
- [no] shutdown
- [no] pim-snooping
- group-policy grp-policy-name [grp-policy-name...(up to 5 max)]
- no group-policy
- hold-time seconds
- no hold-time
- [no] ipv4-multicast-disable
- [no] ipv6-multicast-disable
- mode mode
- [no] pppoe-circuit-id
- [no] propagate-mac-flush
- remote-age aging-timer
- no remote-age
- [no] send-flush-on-failure
- service-mtu octets
- no service-mtu
- service-name service-name
- no service-name
- [no] shutdown
- [no] split-horizon-group group-name [residential-group]
- description description-string
- no description
- static-mac (see Epipe commands for EVPN)
- stp
- hello-time hello-time
- no hello-time
- hold-count BDPU tx hold count
- no hold-count
- mode rstp
- no mode
- priority bridge-priority
- no priority
- [no] shutdown
- system
- fp
- options
- vpls-high-scale
- [no] shutdown
SAP commands
config
- service
- vpls service-id [customer customer-id] [create]
- no vpls service-id
- sap sap-id [split-horizon-group group-name] [eth-ring ring-index] [create]
- no sap sap-id
- accounting-policy acct-policy-id
- no accounting-policy
- atm
- egress
- traffic-desc traffic-desc-profile-id
- no traffic-desc
- encapsulation atm-encap-type
- oam
- [no] alarm-cells
- subscriber-vlan [vlan-id]
- no subscriber-vlan
- [no] cflowd
- [no] collect-stats
- description description-string
- no description
- dhcp
- description description-string
- no description
- [no] option
- action [dhcp-action]
- no action
- circuit-id [ascii-tuple | vlan-ascii-tuple] | no circuit-id
- [no] remote-id [mac | string string]
- [no] vendor-specific-option
- [no] client-mac-address
- [no] sap-id
- [no] service-id
- string text
- no string
- [no] system-id
- [no] shutdown
- [no] snoop
- [no] disable-aging
- [no] disable-learning
- [no] discard-unknown-source
- egress
- agg-rate-limit agg-rate [cir cir-rate]
- no agg-rate-limit
- filter ip ip-filter-id
- filter ipv6 ipv6-filter-id
- filter mac mac-filter-id
- no filter [ip ip-filter-id] [ipv6 ipv6-filter-id]
- [no] qinq-mark-top-only
- qos policy-id
- no qos
- scheduler-mode {4-priority | 16-priority}
- [no] shaper-group shaper-group-name
- eth-cfm
- mep mep-id domain md-index association ma-index [direction {up | down}]
- no mep mep-id domain md-index association ma-index
- [no] ais-enable
- client-meg-level [level [level ...]]
- no client-meg-level
- interval {1 | 60}
- no interval
- priority priority-value
- no priority
- [no] ccm-enable
- ccm-ltm-priority priority
- no ccm-ltm-priority
- description description-string
- no description
- [no] eth-test-enable
- bit-error-threshold bit-errors
- test-pattern {all-zeros | all-ones} [crc-enable]
- no test-pattern
- low-priority-defect {allDef | macRemErrXcon | remErrXcon | errXcon | xcon | noXcon}
- mac-address mac-address
- no mac-address
- one-way-delay-threshold seconds
- [no] shutdown
- [no] force-c-vlan-forwarding
- igmp-snooping
- [no] disable-router-alert-check
- [no] fast-leave
- import policy-name
- no import
- last-member-query-interval interval
- no last-member-query-interval
- max-num-groups max-num-groups
- no max-num-groups
- max-num-grp-sources max-num-grp-sources
- no max-num-grp-sources
- max-num-sources max-num-sources
- no max-num-sources
- [no] mrouter-port
- query-interval seconds
- no query-interval
- query-response-interval seconds
- no query-response-interval
- robust-count robust-count
- no robust-count
- [no] send-queries
- static
- [no] group grp-ip-address
- [no] source src-ip-address
- [no] starg
- version version
- no version
- ingress
- agg-rate-limit agg-rate [cir cir-rate]
- no agg-rate-limit
- filter ip ip-filter-id
- filter ipv6 ipv6-filter-id
- filter mac mac-filter-id
- no filter [ip ip-filter-id] [ipv6 ipv6-filter-id] [mac mac-filter-id]
- match-qinq-dot1p {top | bottom}
- no match-qinq-dot1p
- qos policy-id
- no qos
- scheduler-mode {4-priority | 16-priority}
- [no] shaper-group shaper-group-name
- limit-mac-move [blockable | non-blockable]
- no limit-mac-move
- [no] mac-pinning
- managed-vlan-list
- [no] range vlan-range
- max-nbr-mac-addr table-size
- no max-nbr-mac-addr
- mld-snooping
- [no] disable-router-alert-check
- [no] fast-leave
- import policy-name
- no import
- last-member-query-interval interval
- no last-member-query-interval
- max-num-groups max-num-groups
- no max-num-groups
- [no] mrouter-port
- query-interval seconds
- no query-interval
- query-response-interval seconds
- no query-response-interval
- robust-count robust-count
- no robust-count
- [no] send-queries
- static
- [no] group grp-ipv6-address
- [no] source src-ipv6-address
- [no] starg
- version version
- no version
- pim-snooping
- max-num-groups num-groups
- no max-num-groups
- [no] pppoe-circuit-id
- [no] shutdown
- [no] static-mac ieee-address [create]
- stp
- [no] auto-edge
- [no] edge-port
- link-type {pt-pt | shared}
- no link-type
- path-cost path-cost
- no path-cost
- [no] port-num virtual-port-number
- priority stp-priority
- no priority
- [no] root-guard
- [no] shutdown
Mesh SDP commands
config
- service
- [no] vpls service-id [customer customer-id] [create]
- mesh-sdp sdp-id[:vc-id] [vc-type {ether | vlan}]
- no mesh-sdp sdp-id[:vc-id]
- [no] control-word
- egress
- vc-label egress-vc-label
- no vc-label [egress-vc-label]
- [no] entropy-label
- eth-cfm
- mep mep-id domain md-index association ma-index [direction {up | down}]
- no mep mep-id domain md-index association ma-index
- [no] ccm-enable
- ccm-ltm-priority priority
- no ccm-ltm-priority
- description description-string
- no description
- low-priority-defect {allDef | macRemErrXcon | remErrXcon | errXcon | xcon | noXcon}
- [no] shutdown
- igmp-snooping
- [no] disable-router-alert-check
- [no] fast-leave
- import policy-name
- no import
- last-member-query-interval interval
- no last-member-query-interval
- max-num-groups max-num-groups
- no max-num-groups
- max-num-grp-sources max-num-grp-sources
- no max-num-grp-sources
- max-num-sources max-num-sources
- no max-num-sources
- [no] mrouter-port
- query-interval seconds
- no query-interval
- query-response-interval seconds
- no query-response-interval
- robust-count robust-count
- no robust-count
- [no] send-queries
- static
- [no] group grp-ip-address
- [no] source src-ip-address
- [no] starg
- version version
- no version
- ingress
- filter ip ip-filter-id
- filter ipv6 ipv6-filter-id
- filter mac mac-filter-id
- no filter [ip ip-filter-id] [ipv6 ipv6-filter-id] [mac mac-filter-id]
- vc-label ingress-vc-label
- no vc-label [ingress-vc-label]
- [no] mac-pinning
- mld-snooping
- [no] disable-router-alert-check
- [no] fast-leave
- import policy-name
- no import
- last-member-query-interval interval
- no last-member-query-interval
- max-num-groups max-num-groups
- no max-num-groups
- [no] mrouter-port
- query-interval seconds
- no query-interval
- query-response-interval seconds
- no query-response-interval
- robust-count robust-count
- no robust-count
- [no] send-queries
- static
- [no] group grp-ipv6-address
- [no] source src-ipv6-address
- [no] starg
- version version
- no version
- [no] shutdown
- [no] static-mac ieee-address
- vlan-vc-tag 0..4094
- no vlan-vc-tag [0..4094]
Spoke SDP commands
config
- service
- [no] vpls service-id [customer customer-id] [create]
- spoke-sdp sdp-id:vc-id [vc-type {ether | vlan}] [split-horizon-group group-name] [create] [no-endpoint]
- spoke-sdp sdp-id:vc-id [vc-type {ether | vlan}] [split-horizon-group group-name] [create] endpoint endpoint-name
- no spoke-sdp sdp-id:vc-id
- [no] block-on-mesh-failure
- [no] control-word
- [no] disable-aging
- [no] disable-learning
- [no] discard-unknown-source
- egress
- vc-label egress-vc-label
- no vc-label [egress-vc-label]
- [no] entropy-label
- eth-cfm
- mep mep-id domain md-index association ma-index [direction {up | down}]
- no mep mep-id domain md-index association ma-index
- [no] ccm-enable
- ccm-ltm-priority priority
- no ccm-ltm-priority
- description description-string
- no description
- low-priority-defect {allDef | macRemErrXcon | remErrXcon | errXcon | xcon | noXcon}
- [no] shutdown
- igmp-snooping
- [no] disable-router-alert-check
- [no] fast-leave
- import policy-name
- no import
- last-member-query-interval interval
- no last-member-query-interval
- max-num-groups max-num-groups
- no max-num-groups
- max-num-grp-sources max-num-grp-sources
- no max-num-grp-sources
- max-num-sources max-num-sources
- no max-num-sources
- [no] mrouter-port
- query-interval seconds
- no query-interval
- query-response-interval seconds
- no query-response-interval
- robust-count robust-count
- no robust-count
- [no] send-queries
- static
- [no] group grp-ip-address
- [no] source src-ip-address
- [no] starg
- version version
- no version
- [no] ignore-standby-signaling
- ingress
- filter ip ip-filter-id
- filter ipv6 ipv6-filter-id
- filter mac mac-filter-id
- no filter [ip ip-filter-id] [ipv6 ipv6-filter-id] [mac mac-filter-id]
- vc-label ingress-vc-label
- no vc-label [ingress-vc-label]
- limit-mac-move [blockable | non-blockable]
- no limit-mac-move
- [no] mac-pinning
- max-nbr-mac-addr table-size
- no max-nbr-mac-addr
- mld-snooping
- [no] disable-router-alert-check
- [no] fast-leave
- import policy-name
- no import
- last-member-query-interval interval
- no last-member-query-interval
- max-num-groups max-num-groups
- no max-num-groups
- [no] mrouter-port
- query-interval seconds
- no query-interval
- query-response-interval seconds
- no query-response-interval
- robust-count robust-count
- no robust-count
- [no] send-queries
- static
- [no] group grp-ipv6-address
- [no] source src-ipv6-address
- [no] starg
- version version
- no version
- pim-snooping
- max-num-groups num-groups
- no max-num-groups
- precedence [precedence-value | primary]
- no precedence
- [no] pw-status-signaling
- [no] shutdown
- [no] static-mac ieee-address
- stp
- [no] auto-edge
- [no] edge-port
- link-type {pt-pt | shared}
- no link-type
- path-cost path-cost
- no path-cost
- [no] port-num virtual-port-number
- priority stp-priority
- no priority
- [no] root-guard
- [no] shutdown
- vlan-vc-tag 0..4094
- no vlan-vc-tag [0..4094]
Routed VPLS commands
config
- service
- vpls service-id
- allow-ip-int-binding
- no allow-ip-int-binding
- service-name service-name
- no service-name
VPLS security configuration commands
config
- service
- vpls service-id
- fw-bypass-policy {bypass-id | name}
- no fw-bypass-policy
- zone {zone-id | name} [create]
- no zone {zone-id | name}
- abort
- begin
- commit
- description description-string
- no description
- inbound
- limit
- concurrent-sessions {tcp | udp | icmp | other} sessions
- no concurrent-sessions {tcp | udp | icmp | other}
- log {log-id | name}
- no log
- [no] mesh-sdp sdp-id:vc-id
- [no] shutdown
- name name
- no name
- outbound
- limit
- concurrent-sessions {tcp | udp | icmp | other} sessions
- no concurrent-sessions {tcp | udp | icmp | other}
- policy {policy-id | name}
- no policy
- [no] sap sap-id
- [no] shutdown
- [no] shutdown
- [no] spoke-sdp sdp-id:vc-id
- [no] shutdown
Show commands
show
- service
- egress-label start-label [end-label]
- fdb-info
- fdb-mac ieee-address [expiry]
- id service-id
- all
- base
- dhcp
- statistics [sap sad-id] | [sdp sdp-id:vc-id]
- statistics [interface interface-name | ip-address]
- summary
- endpoint
- fdb [sap sap-id | sdp sdp-id | mac ieee-address | endpoint endpoint | detail] [expiry]
- igmp-snooping
- all
- base
- port-db sap sap-id [detail]
- port-db sap sap-id group grp-address
- port-db sdp sdp-id:vc-id [detail]
- port-db sdp sdp-id:vc-id group grp-address
- proxy-db [detail]
- proxy-db group grp-ip-address
- querier
- static [sap sap-id | sdp sdp-id:vc-id]
- statistics [sap sap-id | sdp sdp-id:vc-id]
- labels
- mac-move
- macsec
- mld-snooping
- all
- base
- port-db sap sap-id [detail]
- port-db sap sap-id group grp-ipv6-address
- port-db sdp-id:vc-id [detail]
- port-db sdp sdp-id:vc-id group grp-ipv6-address
- proxy-db [detail]
- proxy-db group grp-ipv6-address
- querier
- static [sap sap-id | sdp sdp-id:vc-id]
- statistics [sap sap-id | sdp sdp-id:vc-id]
- pim-snooping
- group [grp-ip-address] [source ip-address] [type {starg | sg}] [detail] [family]
- neighbor [{sap sap-id | sdp sdp-id:vc-id} [address ip-address]] [detail] [family]
- port [sap sap-id | sdp sdp-id:vc-id] [group [grp-ip-address]] [detail] [family]
- statistics [sap sap-id] [sdp sdp-id:vc-id] [family]
- status [family]
- sap
- sap sap-id [atm | base | detail | qos | sap-stats | stats]
- sdp
- sdp {sdp-id[:vc-id] | far-end ip-address} [detail]
- split-horizon-group [group-name]
- stp [detail]
- ingress-label start-label [end-label]
- sap-using [sap sap-id]
- sap-using authentication-policy auth-plcy-name
- sap-using interface [ip-address | ip-int-name]
- sap-using description
- sap-using [ingress | egress] atm-td-profile td-profile-id
- sap-using [ingress | egress] filter filter-id
- sap-using [ingress | egress] qos-policy qos-policy-id
- sap-using [ingress | egress] scheduler-mode {4-priority | 16-priority}
- sap-using [ingress | egress] shaper-group shaper-group-name
Clear commands
clear
- service
- id service-id
- dhcp
- statistics [sap sap-id | sdp sdp-id[:vc-id] | interface [ip-address | ip-int-name]]
- fdb {all | mac ieee-address | sap sap-id | mesh-sdp sdp-id[:vc-id] | spoke-sdp sdp-id:vc-id}
- igmp-snooping
- port-db sap sap-id [group grp-address [source src-ip-address]]
- port-db sdp sdp-id:vc-id [group grp-address [source src-ip-address]]
- querier
- statistics [all | sap sap-id | sdp sdp-id:vc-id]
- mesh-sdp sdp-id[:vc-id] ingress-vc-label
- mld-snooping
- port-db sap sap-id [group grp-ipv6-address]
- port-db sap sap-id group grp-ipv6-address source src-ipv6-address
- port-db sdp sdp-id:vc-id [group grp-ipv6-address]
- port-db sdp sdp-id:vc-id group grp-ipv6-address source src-ipv6-address
- querier
- statistics all
- statistics sap sap-id
- statistics sdp sdp-id:vc-id
- pim-snooping
- database [[sap sap-id | sdp sdp-id:vc-id] [group grp-ip-address] [source src-ip-address]] [family]
- neighbor [ip-address | sap sap-id | sdp sdp-id:vc-id] [family]
- statistics [sap sap-id | sdp sdp-id:vc-id] [family]
- sap
- pppoe-circuit-id statistics
- spoke-sdp sdp-id:vc-id ingress-vc-label
clear
- service
- statistics
- id service-id
- cem
- counters
- spoke-sdp sdp-id:vc-id {all | counters | l2pt | mrp}
- stp
- sap sap-id {all | cem | counters | l2pt | stp | mrp}
- sdp sdp-id keep-alive
clear
- router
- dhcp
- statistics [interface ip-int-name | ip-address]
Debug commands
debug
- service
- id service-id
- [no] event-type {config-change | svc-oper-status-change | sap-oper-status-change | sdpbind-oper-status-change}
- [no] igmp-snooping
- detail-level {low | medium | high}
- no detail-level
- [no] mac ieee-address
- mode {dropped-only | ingr-and-dropped | egr-ingr-and-dropped}
- no mode
- [no] sap sap-id
- [no] sdp sdp-id:vc-id
- [no] mld-snooping
- detail-level {low | medium | high}
- no detail-level
- [no] mac ieee-address
- mode {dropped-only | ingr-and-dropped | egr-ingr-and-dropped}
- no mode
- [no] sap sap-id
- [no] sdp sdp-id:vc-id
- [no] pim-snooping
- [no] adjacency
- all [group grp-ip-address] [source src-ip-address] [detail]
- no all
- database [group grp-ip-address] [source src-ip-address] [detail]
- no database
- jp [group grp-ip-address] [source src-ip-address] [detail]
- no jp
- packet [hello | jp] [sap sap-id | sdp sdp-id:vc-id]
- [no] packet
- port [sap sap-id | sdp sdp-id:vc-id] [detail]
- no port
- red [detail]
- no red
- [no] sap sap-id
- stp
- all-events
- [no] bpdu
- [no] core-connectivity
- [no] exception
- [no] fsm-state-changes
- [no] fsm-timers
- [no] port-role
- [no] port-state
- [no] sap sap-id
See the 7705 SAR OAM and Diagnostics Guide for information about CLI commands and syntax for OAM and diagnostics commands.
Command descriptions
VPLS service configuration commands
Generic commands
shutdown
Syntax
[no] shutdown
Context
config>service>vpls
config>service>vpls>mac-move
config>service>vpls>split-horizon-group
config>service>vpls>sap
config>service>vpls>sap>dhcp
config>service>vpls>mesh-sdp
config>service>vpls>spoke-sdp
config>service>vpls>spoke-sdp>stp
config>service>vpls>stp
config>service>vpls>sap>stp
config>service>vpls>igmp-snooping
config>service>vpls>sap>igmp-snooping
config>service>vpls>spoke-sdp>igmp-snooping
config>service>vpls>mesh-sdp>igmp-snooping
config>service>vpls>zone
config>service>vpls>zone>mesh-sdp
config>service>vpls>zone>sap
config>service>vpls>zone>spoke-sdp
Description
This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.
The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they can be deleted.
Services are created in the administratively down (shutdown) state. When a no shutdown command is entered, the service becomes administratively up and then tries to enter the operationally up state. Default administrative states for services and service entities are described below in Special cases.
The no form of this command places the entity into an administratively enabled state.
Special cases
- Service admin state
bindings to an SDP within the service will be put into the out-of-service state when the service is shut down. While the service is shut down, all customer packets are dropped and counted as discards for billing and debugging purposes.
- Service operational state
a service is regarded as operational providing that two SAPs or one SDP are operational
- SDP (global)
when an SDP is shut down at the global service level, all bindings to that SDP are put into the out-of-service state and the SDP itself is put into the administratively and operationally down states. Packets that would normally be transmitted using this SDP binding will be discarded and counted as dropped packets.
- SDP (service level)
shutting down an SDP within a service only affects traffic on that service from entering or being received from the SDP. The SDP itself may still be operationally up for other services.
- SDP keepalives
enables SDP connectivity monitoring keepalive messages for the SDP ID. The default state is disabled (shutdown), in which case the operational state of the SDP-ID is not affected by the keepalive message state.
- VPLS SAPs and SDPs
SAPs are created in a VPLS and SDPs are bound to a VPLS in the administratively up default state. The created S̵͆AP will attempt to enter the operationally up state. An SDP will attempt to go into the in-service state once bound to the VPLS.
description
Syntax
description description-string
no description
Context
config>service>vpls
config>service>vpls>endpoint
config>service>vpls>sap
config>service>vpls>sap>dhcp
config>service>vpls>split-horizon-group
config>service>vpls>zone
Description
This command creates a text description stored in the configuration file for a configuration context.
The description command associates a text string with a configuration context to help identify the content in the configuration file.
The no form of this command removes the string from the configuration.
Default
n/a
Parameters
- description-string
the description character string.
VPLS service commands
vpls
Syntax
vpls service-id [customer customer-id] [m-vpls] [create]
no vpls service-id
Context
config>service
Description
This command creates or edits a virtual private LAN service (VPLS) instance. If the service-id does not exist, a context for the service is created. If the service-id exists, the context for editing the service is entered.
A VPLS service connects multiple customer sites together acting like a zero-hop, Layer 2 switched domain. A VPLS is always a logical full mesh.
When a service is created, the create keyword and the customer keyword and customer-id must be specified in order to associate the service with a customer. The customer-id must already exist (created using the customer command in the service context). Once a service has been created with a customer association, it is not possible to edit the customer association. To edit the customer association, the service must be deleted and recreated with a new customer association.
To create a management VPLS, include the m-vpls keyword when creating the VPLS. Associate a range of VLANs with the mVPLS by using the managed-vlan-list command.
When a service is created, the use of the customer customer-id is optional for navigating into the service configuration context. Attempting to edit a service with the incorrect customer-id specified will result in an error.
More than one VPLS service may be created for a single customer ID.
By default, no VPLS instances exist until they are explicitly created.
The no form of this command deletes the VPLS service instance with the specified service-id. The service cannot be deleted until all SAPs and SDPs defined within the service ID have been shut down and deleted, and the service has been shut down.
Parameters
- service-id
the unique service identification number or name that identifies the service in the service domain. This ID must be unique to this service and may not be used for any other service of any type. The service-id must be the same number or name used for every 7705 SAR on which this service is defined.
- customer customer-id
specifies the customer ID number to be associated with the service. This parameter is required on service creation and is optional for service editing or deleting. The customer-id is not used with routed VPLS.
- m-vpls
this keyword specifies that the VPLS is a management VPLS
- create
this keyword is mandatory when creating a VPLS service
block-on-mesh-failure
Syntax
[no] block-on-mesh-failure
Context
config>service>vpls>spoke-sdp
config>service>vpls>endpoint
Description
This command enables blocking (brings the entity to an operationally down state) after all configured SDPs or endpoints are in operationally down state. This event is signaled to a corresponding T-LDP peer by withdrawing the service label (status-bit-signaling non-capable peer) or by setting the ‟PW not forwarding” status bit in the T-LDP message (status-bit-signaling capable peer).
Default
disabled
disable-aging
Syntax
[no] disable-aging
Context
config>service>vpls
config>service>vpls>sap
config>service>vpls>spoke-sdp
Description
This command disables MAC address aging across a VPLS service or on a VPLS service SAP or spoke SDP.
As is the case for a Layer 2 switch, learned MACs can be aged out if no packets are sourced from the MAC address for a period of time (the aging time). In each VPLS service instance, there are independent aging timers for local learned MAC and remote learned MAC entries in the VPLS forwarding database (FDB). The disable-aging command turns off aging for local and remote learned MAC addresses.
When no disable-aging is specified for a VPLS, it is possible to disable aging for specific SAPs and/ or spoke SDPs by entering the disable-aging command at the appropriate level.
When the disable-aging command is entered at the VPLS level, the disable-aging state of individual SAPs or SDPs will be ignored.
The no form of this command enables aging on the VPLS service.
Default
no disable-aging
disable-learning
Syntax
[no] disable-learning
Context
config>service>vpls
config>service>vpls>sap
config>service>vpls>spoke-sdp
Description
This command disables learning of new MAC addresses in the VPLS forwarding database (FDB) for the service instance, SAP instance, or spoke SDP instance.
When disable-learning is enabled, new source MAC addresses will not be entered in the VPLS service forwarding database. This is true for both local and remote MAC addresses.
When disable-learning is disabled, new source MAC addresses will be learned and entered into the VPLS forwarding database.
This parameter is mainly used in conjunction with the discard-unknown command.
The no form of this command enables learning of MAC addresses.
Default
no disable-learning (Normal MAC learning is enabled)
discard-unknown
Syntax
[no] discard-unknown
Context
config>service>vpls
Description
By default, packets with unknown destination MAC addresses are flooded. If discard-unknown is enabled at the VPLS level, packets with an unknown destination MAC address will be dropped instead of being flooded (even when configured FDB size limits for VPLS or SAPs are not yet reached).
The no form of this command allows flooding of packets with unknown destination MAC addresses in the VPLS.
Default
no discard-unknown – packets with unknown destination MAC addresses are flooded
endpoint
Syntax
endpoint endpoint-name [create]
no endpoint
Context
config>service>vpls
Description
This command configures a service endpoint.
Parameters
- endpoint-name
specifies an endpoint name
- create
this keyword is mandatory when creating a service endpoint
ignore-standby-signaling
Syntax
[no] ignore-standby-signaling
Context
config>service>vpls>endpoint
config>service>vpls>spoke-sdp
Description
When this command is enabled, the node will ignores the standby bit received from T-LDP peers for the given spoke SDP and performs internal tasks without taking the standby bit into account—traffic can egress out to the spoke SDP.
This command is present at the endpoint level as well as at the spoke SDP level. If the spoke SDP is part of the explicit endpoint, it is not possible to change this setting at the spoke SDP level. The existing spoke SDP will become part of the explicit endpoint only if the setting is not conflicting. The newly created spoke SDP that is a part of the given explicit endpoint will inherit this setting from the endpoint configuration.
Default
enabled
revert-time
Syntax
revert-time {revert-time | infinite}
no revert-time
Context
config>service>vpls>endpoint
Description
This command configures the time to wait before reverting to the primary spoke SDP.
For a regular endpoint, the revert-time setting affects only the pseudowire defined as ‟primary” (precedence 0). If the primary pseudowire fails and is then restored, the revert timer is started. After the revert timer expires, the primary pseudowire takes the active role in the endpoint. This behavior does not apply if both pseudowires are defined as ‟secondary”. For example, if the active secondary pseudowire fails and is restored, it will stay in standby until a configuration change or a force command occurs.
Parameters
- revert-time
specifies the time to wait, in seconds, before reverting to the primary spoke SDP defined on this service endpoint, after having failed to move over to a backup spoke SDP
- infinite
specifying this keyword makes the endpoint non-revertive
static-mac
Syntax
static-mac ieee-address [create]
no static-mac
Context
config>service>vpls>endpoint
Description
This command assigns a static MAC address to the endpoint. In the FDB, the static MAC address is then associated with the active spoke SDP.
Default
n/a
Parameters
- ieee-address
specifies the static MAC address assigned to the endpoint
- create
this keyword is mandatory when creating a static MAC address
suppress-standby-signaling
Syntax
[no] suppress-standby-signaling
Context
config>service>vpls>endpoint
Description
When this command is enabled, the pseudowire standby bit (value 0x00000020) will not be sent to the T-LDP peer when the given spoke SDP is selected as a standby. This allows faster switchover because the traffic will be sent over this SDP and discarded at the blocking side of the connection. This is particularly applicable to multicast traffic.
Default
enabled
pim-snooping
Syntax
[no] pim-snooping
Context
config>service>vpls
config>service>vpls>sap
config>service>vpls>spoke-sdp
Description
This command enables PIM snooping for the VPLS service. When enabled, it is enabled for all SAPs except default SAPs. A default SAP is a SAP that has a wildcard VLAN ID, such as sap 1/1/1:*.
The no form of the command disables PIM snooping and removes the PIM snooping configuration.
group-policy
Syntax
group-policy grp-policy-name [grp-policy-name...(up to 5 max)]
no group-policy
Context
config>service>vpls>pim-snooping
Description
This command identifies one or more route policies for multicast groups applied to this VPLS entity. The sources of the multicast traffic must be members of the VPLS.
Routing policies are configured in the config>router>policy-options context. The router policy must be defined before it can be imported. The grp-policy-name variable is the same as the name variable in the policy-options>policy-statement name command.
For details on route policies, see the ‟Route Policies” section in the 7705 SAR Router Configuration Guide.
The no form of the command removes the policy association from the VPLS configuration.
Default
n/a
Parameters
- grp-policy-name
the group policy name
hold-time
Syntax
hold-time seconds
no hold-time
Context
config>service>vpls>pim-snooping
Description
This command configures the length of time during which the PIM snooping switch snoops all the PIM states in the VPLS. During the hold-time, multicast traffic is flooded in the VPLS. At the end of the hold-time, multicast traffic is forwarded using the snooped states. The snooped state consists of the forwarding state for the (S,G) and (*,G) groups, the incoming interface, and the outgoing interfaces.
When PIM snooping is enabled in VPLS, there is a period of time when the PIM snooping switch may not have built the complete snooping state. The switch cannot build states until the routers connected to the VPLS refresh their PIM messages.
This parameter is applicable only when PIM snooping is enabled.
Parameters
- seconds
specifies the PIM snooping hold time, in seconds
ipv4-multicast-disable
Syntax
[no] ipv4-multicast-disable
Context
config>service>vpls>pim-snooping
Description
This command disables PIM snooping for IPv4 multicast traffic within a VPLS service. By default, IPv4 multicast traffic is enabled.
The no form of the command enables PIM snooping for IPv4 multicast traffic within a VPLS service. To fully remove PIM snooping from a VPLS service, the no pim-snooping command must be used.
Default
enabled (no ipv4-multicast-disable)
ipv6-multicast-disable
Syntax
[no] ipv6-multicast-disable
Context
config>service>vpls>pim-snooping
Description
This command disables PIM snooping for IPv6 multicast traffic within a VPLS service. By default, IPv6 multicast traffic is disabled.
The no form of the command enables PIM snooping for IPv6 multicast traffic within a VPLS service. To fully remove PIM snooping from a VPLS service, the no pim-snooping command must be used.
Default
disabled (ipv6-multicast-disable)
mode
Syntax
mode mode
Context
config>service>vpls>pim-snooping
Description
This command sets the PIM snooping mode to proxy or plain snooping.
Parameters
- mode
specifies PIM snooping mode
pppoe-circuit-id
Syntax
[no] pppoe-circuit-id
Context
config>service>vpls
config>service>vpls>sap
Description
When enabled, this command appends Agent-Circuit-Id information to PADI and PADR packets received from an ATM SAP (the subscriber) that is bound to a VPLS instance. The Agent-Circuit-Id information is compliant with RFC 4679 section-3.3.1; Agent-Circuit-Id. The ATM SAP must be configured for bridged llc-snap encapsulation.
The pppoe-circuit-id command can be enabled or disabled for a VPLS instance or an individual ATM SAP. When applied to a VPLS instance, pppoe-circuit-id appends the Agent-Circuit-Id to all ATM SAPs bound to that VPLS instance. Furthermore, pppoe-circuit-id can be applied to individual SAPs bound to that VPLS instance in order to override the VPLS setting. If there is a mix of enabled and disabled SAPs bound to the VPLS instance, applying the command to the VPLS will override the mix, enabling (or disabling) pppoe-circuit-id on all the SAPs.
In addition, any newly created SAPs bound to the VPLS will default to match the VPLS setting.
As per the DSL Forum TR-101 April'06 specification, section 3.9.2, any PPPoE vendor-specific tag that may already be present in the received frame is replaced by the 7705 SAR client-id tag.
The no version of this command disables appending the Agent-Circuit-Id information.
Default
disabled
propagate-mac-flush
Syntax
[no] propagate-mac-flush
Context
config>service>vpls
Description
This command enables the propagation of mac-flush messages received from the given T-LDP on all spoke and mesh SDPs within the context of the VPLS service. The propagation conforms to split-horizon principles and any datapath blocking in order to avoid looping of these messages.
Default
disabled
fdb-table-high-wmark
Syntax
[no] fdb-table-high-wmark high-water-mark
Context
config>service>vpls
Description
This command specifies the upper threshold value for FDB entries. The high-water-mark is configured as a percentage of the FDB. When the number of FDB entries exceeds the high-water-mark, the system raises a log event.
Parameters
- high-water-mark
specifies the upper threshold for FDB entries, which when exceeded, causes the system to raise a log event
fdb-table-low-wmark
Syntax
[no] fdb-table-low-wmark low-water-mark
Context
config>service>vpls
Description
This command specifies the lower threshold value for FDB entries. The low-water-mark is configured as a percentage of the FDB. When the number of FDB entries drops below the low-water-mark, the system raises a log event.
Parameters
- low-water-mark
specifies the lower threshold for FDB entries, which when dropped below, causes the system to raise a log event
fdb-table-size
Syntax
fdb-table-size table-size
no fdb-table-size [table-size]
Context
config>service>vpls
Description
This command specifies the maximum number of MAC entries in the FDB for the VPLS instance on this node.
The fdb-table-size specifies the maximum number of FDB entries for both learned and static MAC addresses for the VPLS instance.
The no form of this command returns the maximum FDB table size to the default.
Default
250
Parameters
- table-size
the maximum number of MAC entries in the FDB for the VPLS instance on the node
load-balancing
Syntax
load-balancing
Context
config>service>vpls
Description
This command accesses the context to configure load balancing.
l4-load-balancing
Syntax
[no] l4-load-balancing
Context
config>service>vpls>load-balancing
Description
This command enables or disables Layer 4 load balancing for the VPLS instance. When enabled, Layer 4 source and destination port fields of incoming TCP/UDP packets are included in the hashing calculation to randomly determine the distribution of packets.
Adding the Layer 4 source and destination port fields to the hashing algorithm generates a higher degree of randomness and a more even distribution of packets across the available LAG ports.
You can add additional fields to generate more randomness and more equal distribution of packets with the teid-load-balancing command.
Hashing based on the l4-load-balancing and teid-load-balancing commands and hashing based on the per-service-hashing command are mutually exclusive.
The no form of the command disables Layer 4 load balancing.
Default
no l4-load-balancing
per-service-hashing
Syntax
[no] per-service-hashing
Context
config>service>vpls>load-balancing
Description
This command enables or disables hashing based on the service ID. The result of the hashing calculation is used to determine the distribution of packets.
Hashing based on the per-service-hashing command and hashing based on the l4-load-balancing and teid-load-balancing commands are mutually exclusive.
The no form of the command disables per-service hashing.
Default
no per-service-hashing
spi-load-balancing
Syntax
[no] spi-load-balancing
Context
config>service>vpls>load-balancing
Description
This command enables use of the SPI in hashing for ESP/AH encrypted IPv4 or IPv6 traffic at the interface level.
The no form of this command disables SPI hashing.
Default
no spi-load-balancing
teid-load-balancing
Syntax
[no] teid-load-balancing
Context
config>service>vpls>load-balancing
Description
This command enables or disables TEID load balancing for the VPLS instance. The TEID attribute is included in the header of GTP (general packet radio system tunneling protocol) packets. When TEID load balancing is enabled, the TEID field of incoming TCP/UDP packets is included in the hashing calculation to randomly determine the distribution of packets.
You can add additional fields to generate more randomness and more equal distribution of packets with the l4-load-balancing command.
Hashing based on the teid-load-balancing and l4-load-balancing commands and hashing based on the per-service-hashing command are mutually exclusive.
The no form of the command disables TEID load balancing.
Default
no teid-load-balancing
local-age
Syntax
local-age aging-timer
no local-age
Context
config>service>vpls
Description
This command specifies the aging time for locally learned MAC addresses in the FDB for the VPLS instance. In a VPLS service, MAC addresses are associated with a SAP or SDP. MACs associated with a SAP are classified as local MACs, and MACs associated with an SDP are remote MACs.
As is the case for a Layer 2 switch, learned MACs can be aged out if no packets are sourced from the MAC address for a period of time (the aging time). In each VPLS service instance, there are independent aging timers for locally learned MAC and remotely learned MAC entries in the FDB. The local-age timer specifies the aging time for locally learned MAC addresses.
The no form of this command returns the local aging timer to the default value.
Default
300
Parameters
- aging-timer
the aging time for local MACs expressed in seconds
mac-move
Syntax
[no] mac-move
Context
config>service>vpls
Description
This command enables the context to configure MAC move attributes. A sustained, high relearn rate can be a sign of a loop somewhere in the VPLS topology. Typically, the spanning tree protocol (STP) detects loops in the topology, but for those networks that do not run STP, the mac-move feature is an alternative way to protect the network against loops.
When enabled in a VPLS, mac-move monitors the relearn rate of each MAC. If the rate exceeds the configured maximum allowed limit, it disables the SAP where the source MAC was last seen. The SAP can be disabled permanently (until a shutdown/no shutdown command is executed) or for a length of time that increases linearly with the number of times the given SAP was disabled. A SAP can be configures as non-blockable with the limit-mac-move command. This means that when the relearn rate has exceeded the limit, another (blockable) SAP will be disabled instead. By default, all SAPs and spoke SDPs are configured as blockable when MAC move is enabled.
When MAC move is enabled and the relearn rate exceeds the maximum limit, the 7705 SAR sends a ‟Mac move rate for MAC ... exceeded” alarm. This alarm is raised for both blockable and non-blockable SAPs and spoke SDPs. The alarm frequency for non-blockable SAPs and spoke SDPs decreases if the MAC move condition persists.
The mac-move command enables the feature at the service level for SAPs and spoke SDPs, as only those objects can be blocked by this feature. Mesh SDPs are never blocked, but their relearn rates (SAP-to-mesh/spoke-to-mesh or vice versa) are still measured.
The operation of this feature is the same on the SAP and spoke SDP. For example, if a MAC address moves from SAP to SAP, from SAP to spoke SDP, or between spoke SDPs, one will be blocked to prevent thrashing. If the MAC address moves between a SAP and mesh SDP or spoke SDP and mesh SDP combinations, the respective SAP or spoke SDP will be blocked.
The mac-move command will disable a VPLS port when the number of relearns detected has reached the number of relearns needed to reach the move frequency in the 5-s interval. For example, when the move frequency is configured to 1 (1 relearn per second), mac-move will disable one of the VPLS ports when 5 relearns were detected during the 5-s interval because the average move frequency of 1 relearn per second has been reached. This can also occur in the first second if the relearn rate is 5 relearns per second or higher.
The no form of this command disables MAC move.
mac-subnet-length
Syntax
mac-subnet-length subnet-length
no mac-subnet-length
Context
config>service>vpls
Description
This command specifies the number of bits to be considered when performing MAC learning (MAC source) and MAC switching (MAC destination). Specifically, this value identifies how many bits are used, starting from the beginning of the MAC address. For example, if the mask value of 28 is used, MAC learning will only do a lookup for the first 28 bits of the source MAC address when comparing it with existing FDB entries. Then, it will install the first 28 bits in the FDB while zeroing out the last 20 bits of the MAC address. When performing switching in the reverse direction, only the first 28 bits of the destination MAC address will be used to perform an FDB lookup to determine the next hop.
The no form of this command switches back to full MAC lookup.
Parameters
- subnet-length
specifies the number of bits to be considered when performing MAC learning or MAC switching
move-frequency
Syntax
move-frequency frequency
no move-frequency
Context
config>service>vpls>mac-move
Description
This command indicates the maximum rate at which MACs can be relearned in the VPLS service before the SAP where the moving MAC was last seen is automatically disabled in order to protect the system against undetected loops or duplicate MACs.
The no form of the command reverts to the default value
Default
2 (when mac-move is enabled); for example, 10 relearns in a 5-s period.
Parameters
- frequency
specifies the rate, in 5-s intervals, for the maximum number of relearns
number-retries
Syntax
number-retries number-retries
no number-retries
Context
config>service>vpls>mac-move
Description
This command configures the number of times that retries are performed for re-enabling the SAP or SDP bindings.
Parameters
- number-retries
specifies the number of retries for re-enabling the SAP/SDP. A zero (0) value indicates an unlimited number of retries.
primary-ports
Syntax
primary-ports
Context
config>service>vpls>mac-move
Description
This command enables the context to define primary VPLS ports. VPLS ports that were declared as secondary prior to the execution of this command will be moved from secondary port level to primary port level. Changing a port to the tertiary level (default) can only be done by first removing it from the secondary port level.
cumulative-factor
Syntax
cumulative-factor cumulative-factor
no cumulative-factor
Context
config>service>vpls>mac-move>primary-ports
config>service>vpls>mac-move>secondary-ports
Description
This command configures a factor for the primary or secondary ports that defines how many MAC relearn periods should be used to measure the MAC relearn rate. The rate must be exceeded during consecutive periods before the corresponding ports (SAP and/or spoke SDP) are blocked by the mac-move feature.
Parameters
- cumulative-factor
specifies a MAC relearn period to be used for the MAC relearn rate
sap
Syntax
[no] sap sap-id
Context
config>service>vpls>mac-move>primary-ports
config>service>vpls>mac-move>secondary-ports
Description
This command configures the specified SAP to be a primary or secondary VPLS port.
Parameters
- sap-id
specifies the physical port identifier portion of the SAP definition. See SAP ID configurations for a full list of SAP IDs.
spoke-sdp
Syntax
[no] spoke-sdp spoke-id
Context
config>service>vpls>mac-move>primary-ports
config>service>vpls>mac-move>secondary-ports
Description
This command configures the specified spoke SDP to be a primary or secondary VPLS port.
Parameters
- spoke-id
specifies the spoke SDP to be used as the primary or secondary VPLS port
secondary-ports
Syntax
secondary-ports
Context
config>service>vpls>mac-move
Description
This command enables the context to define secondary VPLS ports. VPLS ports that were declared as primary prior to the execution of this command will be moved from the primary port level to the secondary port level. Changing a port to the tertiary level (default) can only be done by first removing it from the primary port level.
retry-timeout
Syntax
retry-timeout timeout
no retry-timeout
Context
config>service>vpls>mac-move
Description
This command indicates the time, in seconds, to wait before a SAP that has been disabled after exceeding the maximum relearn rate is re-enabled.
It is recommended that the timeout value be equal to or larger than 5 s ✕ cumulative factor of the highest-priority port so that the sequential order of port blocking will not be disturbed by reinitializing lower-priority ports.
A zero value indicates that the SAP will not automatically be re-enabled after being disabled. If, after the SAP is re-enabled it is disabled again, the effective retry timeout is doubled in order to avoid thrashing.
The no form of the command reverts to the default value.
Default
10 (when mac-move is enabled)
Parameters
- timeout
specifies the time, in seconds, to wait before a SAP that has been disabled after exceeding the maximum relearn rate is re-enabled
remote-age
Syntax
remote-age aging-timer
no remote-age
Context
config>service>vpls
Description
This command specifies the aging time for remotely learned MAC addresses in the FDB for the VPLS instance. In a VPLS service, MAC addresses are associated with a SAP or an SDP. MACs associated with a SAP are classified as local MACs, and MACs associated with an SDP are remote MACs.
As is the case for a Layer 2 switch, learned MACs can be aged out if no packets are sourced from the MAC address for a period of time (the aging time). In each VPLS service instance, there are independent aging timers for locally learned MAC and remotely learned MAC entries in the FDB. The remote-age timer specifies the aging time for remotely learned MAC addresses. To reduce the amount of signaling required between switches, configure this timer to be larger than the local-age timer.
The no form of this command returns the remote aging timer to the default value.
Default
900
Parameters
- seconds
the aging time for remote MACs expressed in seconds
send-flush-on-failure
Syntax
[no] send-flush-on-failure
Context
config>service>vpls
Description
This command enables sending out ‟flush-all-from-ME” messages to all LDP peers included in the affected VPLS, in the event of physical port failures or ‟oper-down” events of individual SAPs. This feature provides an LDP-based mechanism for recovering a physical link failure in a dual-homed connection to a VPLS service. This method provides an alternative to rapid spanning tree protocol (RSTP) solutions where dual homing redundancy and recovery, in the case of link failure, is resolved by RSTP running between a PE router and CE devices. If the endpoint is configured within the VPLS and send-flush-on-failure is enabled, ‟flush-all-from-ME” messages will be sent out only when all spoke SDPs associated with the endpoint go down.
Default
no send-flush-on-failure
service-mtu
Syntax
service-mtu octets
no service-mtu
Context
config>service>vpls
Description
This command configures the service payload maximum transmission unit (MTU), in bytes, for the service. This MTU value overrides the service-type default MTU. The service-mtu defines the payload capabilities of the service. It is used by the system to validate the SAP and SDP bindings’ operational state within the service.
The service MTU and a SAP’s service delineation encapsulation overhead (that is, 4 bytes for a dot1q tag or 8 bytes for a qinq tag) are used to derive the required MTU of the physical port or channel on which the SAP was created. If the required payload is larger than the port or channel MTU, the SAP will be placed in an inoperative state. If the required MTU is equal to or less than the port or channel MTU, the SAP will be able to transition to the operative state.
When binding an SDP to a service, the service MTU is compared to the path MTU associated with the SDP. The path MTU can be administratively defined in the context of the SDP. The default or administrative path MTU can be dynamically reduced due to the MTU capabilities discovered by the tunneling mechanism of the SDP or the egress interface MTU capabilities based on the next hop in the tunnel path. If the service MTU is larger than the path MTU, the SDP binding for the service will be placed in an inoperative state. If the service MTU is equal to or less than the path MTU, then the SDP binding will be placed in an operational state.
If a service MTU, port or channel MTU, or path MTU is dynamically or administratively modified, then all associated SAP and SDP binding operational states are automatically re-evaluated.
The no form of this command returns the default service-mtu for the indicated service type to the default value.
Default
VPLS: 1514
The following table shows MTU values for specific VC types.
VC-type example |
Service MTU |
Advertised MTU |
|---|---|---|
Ethernet |
1514 |
1500 |
Ethernet (with preserved dot1q) |
1518 |
1504 |
Ethernet (with preserved qinq) |
1522 |
1508 |
VPLS |
1514 |
1500 |
VPLS (with preserved dot1q) |
1518 |
1504 |
VPLS (with preserved qinq) |
1522 |
1508 |
VLAN (dot1p transparent to MTU value) |
1514 |
1500 |
Parameters
- octets
the size of the MTU, in octets, expressed as a decimal integer
service-name
Syntax
service-name service-name
no service-name
Context
config>service>vpls
Description
This command configures a service name that can be used in other configuration commands and show commands that reference the service.
Parameters
- service-name
up to 64 characters
split-horizon-group
Syntax
[no] split-horizon-group group-name [residential-group]
Context
config>service>vpls
Description
This command creates a new split horizon group (SHG) for the VPLS instance. Traffic arriving on a SAP or spoke SDP within this split horizon group will not be copied to other SAPs or spoke SDPs in the same split horizon group. If the residential-group keyword is included, the split horizon group is a residential SHG.
A split horizon group must be created before SAPs and spoke SDPs can be assigned to the group. The split horizon group is defined within the context of a single VPLS. The same group-name can be reused in different VPLS instances.
An ATM SAP must be in a residential SHGs. If an Ethernet SAP is in a SHG, then that SHG cannot be a residential SHG.
Up to 30 split horizon groups can be defined per VPLS instance.
The no form of the command removes the group name from the configuration.
Parameters
- group-name
specifies the name of the split horizon group to which the SAP or SDP belongs
- residential-group
defines a split horizon group as a residential split horizon group (RSHG). Doing so ensures that:
SAPs that are members of this RSHG have:
MAC pinning enabled per default (can be disabled)
broadcast and multicast packets are discarded at the SAP egress point, thus blocking unknown flooded traffic
downstream multicast packets are allowed when IGMP snooping is enabled
Spoke SDPs that are members of this RSHG have:
broadcast and multicast packets are NOT discarded at the spoke SDP egress point, thus allowing the unknown flooded traffic
MAC pinning enabled per default (can be disabled)
VPLS SAP commands
sap
Syntax
sap sap-id [split-horizon-group group-name] [eth-ring ring-index] [create]
no sap sap-id
Context
config>service>vpls
Description
This command creates a service access point (SAP) within a service. A SAP is a combination of port and encapsulation parameters that identify the service access point on the interface and within the 7705 SAR. Each SAP must be unique. All SAPs must be explicitly created. If no SAPs are created within a service or on an IP interface, a SAP will not exist on that object.
Enter an existing SAP without the create keyword to edit SAP parameters. The SAP is owned by the service in which it was created.
A SAP can only be associated with a single service. A SAP can only be defined on a port that has been configured as an access port using the config interface port-type port-id mode access command. Channelized TDM ports are always access ports.
If a port is shut down, all SAPs on that port become operationally down. When a service is shut down, SAPs for the service are not displayed as operationally down although all traffic traversing the service will be discarded. The operational state of a SAP is relative to the operational state of the port on which the SAP is defined.
The split-horizon group can be associated with an Ethernet ring to prevent loops in cases where an Ethernet virtual ring is misconfigured on the main ring. Each A and B path in the major ring is configured in the group and associated with the sub-ring control instance in the VPLS service.
The no form of this command deletes the SAP with the specified port. When a SAP is deleted, all configuration parameters for the SAP will also be deleted. For Internet enhanced service (IES), the IP interface must be shut down before the SAP on that interface may be removed.
Default
n/a
Special cases
- VPLS SAP
a VPLS SAP can be defined on SONET/SDH channels or on Ethernet ports. Split horizon groups (SHGs) and residential SHGs can only be created in the scope of a VPLS service.
Parameters
- sap-id
specifies the physical port identifier portion of the SAP definition. See SAP ID configurations for a full list of SAP IDs.
- group-name
specifies the name of the split horizon group to which the SAP belongs
- ring-index
specifies the ring index of the Ethernet ring
- create
keyword used to create a SAP instance. The create keyword requirement can be enabled or disabled in the environment>create context
cflowd
Syntax
[no] cflowd
Context
config>service>vpls>sap
Description
This command enables cflowd to collect traffic flow samples through a SAP for analysis. When cflowd is enabled on a VPLS service SAP, the Ethernet traffic can be sampled and processed by the system’s cflowd engine and exported to cflowd version 10 collectors with the l2-ip template enabled.
When cflowd is enabled at the SAP level, all packets forwarded by the interface are subject to analysis according to the cflowd configuration.
For Layer 2 services, only ingress sampling is supported.
Default
no cflowd
discard-unknown-source
Syntax
[no] discard-unknown-source
Context
config>service>vpls>sap
config>service>vpls>spoke-sdp
Description
This command specifies that packets received on a SAP or a spoke SDP with an unknown source MAC address will be dropped only if the maximum number of MAC addresses for that SAP or spoke SDP (see max-nbr-mac-addr) has been reached. If max-nbr-mac-addr has not been set for the SAP or spoke SDP, enabling discard-unknown-source has no effect.
When disabled, the packets are forwarded based on the destination MAC addresses.
The no form of this command causes packets with an unknown source MAC addresses to be forwarded by destination MAC addresses in VPLS.
Default
no discard-unknown-source
limit-mac-move
Syntax
limit-mac-move [blockable | non-blockable]
no limit-mac-move
Context
config>service>vpls>sap
config>service>vpls>spoke-sdp
Description
This command indicates whether the MAC move agent, when enabled using mac-move, will limit the MAC relearn (move) rate on this SAP.
Default
blockable
Parameters
- blockable
when the relearn rate is exceeded, the SAP or spoke SDP is blocked and the 7705 SAR raises a ‟Mac move rate for MAC ... exceeded” alarm.
- non-blockable
when the relearn rate is exceeded, this SAP or spoke SDP is not blocked, another blockable SAP or spoke SDP is blocked instead, and the 7705 SAR raises a ‟Mac move rate for MAC ... exceeded” alarm. The alarm frequency decreases if the MAC move condition persists.
mac-pinning
Syntax
[no] mac-pinning
Context
config>service>vpls>endpoint
config>service>vpls>sap
config>service>vpls>mesh-sdp
config>service>vpls>spoke-sdp
Description
This command disables relearning of MAC addresses on other SAPs or SDPs within the VPLS. The MAC address will remain attached to a given SAP or SDP for the duration of its age timer.
The age of the MAC address entry in the FDB is set by the age timer. If mac-aging is disabled on a given VPLS service, any MAC address learned on a SAP or SDP with mac-pinning enabled will remain in the FDB on this SAP or SDP forever. Every event that would otherwise result in relearning will be logged (MAC address; original SAP; new SAP).
MAC addresses learned during DHCP address assignment (DHCP snooping enabled) are not impacted by this command. MAC pinning for such addresses is implicit.
Default
disabled, except enabled at the creation of the SAP or spoke SDP that is part of a residential split horizon group (RSHG)
max-nbr-mac-addr
Syntax
max-nbr-mac-addr table-size
no max-nbr-mac-addr
Context
config>service>vpls>sap
config>service>vpls>spoke-sdp
config>service>vpls>endpoint
Description
This command specifies the maximum number of FDB entries for both learned and static MAC addresses for this SAP, spoke SDP, or endpoint.
When the configured limit has been reached, and discard-unknown-source has been enabled for this SAP or spoke SDP (see discard-unknown-source), packets with unknown source MAC addresses will be discarded.
The no form of the command restores the global MAC learning limitations for the SAP or spoke SDP.
Default
no max-nbr-mac-addr
Parameters
- table-size
specifies the maximum number of learned and static entries allowed in the FDB of this service
static-mac
Syntax
[no] static-mac ieee-address [create]
Context
config>service>vpls>sap
Description
This command creates a local static MAC entry in the VPLS FDB associated with the SAP.
In a VPLS service, MAC addresses are associated with a SAP or an SDP. MACs associated with a SAP are classified as local MACs, and MACs associated with an SDP are remote MACs.
Local static MAC entries create a permanent MAC address-to-SAP association in the FDB for the VPLS instance so that the MAC address will not be learned on the edge device.
Static MAC definitions on one edge device are not propagated to other edge devices participating in the VPLS instance; that is, each edge device has an independent FDB for the VPLS.
Only one static MAC entry (local or remote) can be defined per MAC address per VPLS instance.
By default, no static MAC address entries are defined for the SAP.
The no form of this command deletes the static MAC entry with the specified MAC address associated with the SAP from the VPLS FDB.
Parameters
- ieee-address
specifies the 48-bit MAC address for the static ARP in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers (cannot be all zeros). Allowed values are any non-broadcast, non-multicast MAC, and non-IEEE reserved MAC addresses.
- create
this keyword is mandatory when specifying a static MAC address
VPLS SAP ATM commands
atm
Syntax
atm
Context
config>service>vpls>sap
Description
This command enables access to the context to configure ATM-related attributes. This command can only be used when a given context (for example, a channel or SAP) supports ATM functionality such as:
configuring an ATM port or ATM port-related functionality on adapter cards supporting ATM functionality
configuring ATM-related configuration for ATM-based SAPs that exist on adapter cards supporting ATM functionality
If ATM functionality is not supported for a given context, the command returns an error.
egress
Syntax
egress
Context
config>service>vpls>sap>atm
Description
This command enables the context to configure egress ATM attributes for the SAP.
traffic-desc
Syntax
traffic-desc traffic-desc-profile-id
no traffic-desc
Context
config>service>vpls>sap>atm>egress
Description
This command assigns an ATM traffic descriptor profile to a given context (for example, a SAP).
When configured under the egress context, the specified traffic descriptor profile defines the traffic contract in the backwards direction.
The no form of the command reverts to the default traffic descriptor profile.
Default
The default traffic descriptor (trafficDescProfileId. = 1) is associated with newly created PVCC-delimited SAPs
Parameters
- traffic-desc-profile-id
specifies a defined traffic descriptor profile (see ‟ATM QoS Traffic Descriptor Profiles” in the 7705 SAR Quality of Service Guide for information on the atm-td-profile traffic-desc-profile-id command)
encapsulation
Syntax
encapsulation atm-encap-type
Context
config>service>vpls>sap>atm
Description
This command specifies the data encapsulation for an ATM PVCC-delimited SAP. The definition references RFC 2684, Multiprotocol Encapsulation over ATM AAL5, and the ATM Forum LAN Emulation specification.
Ingress traffic that does not match the configured encapsulation will be dropped.
Default
The encapsulation is driven by the service for which the SAP is configured.
For VPLS SAPs, the default and only option is aal5snap-bridged.
Parameters
- atm-encap-type
specifies the encapsulation type
oam
Syntax
oam
Context
config>service>vpls>sap>atm
Description
This command enables the context to configure OAM functionality for a PVCC delimiting a SAP. The ATM-capable adapter cards support the following F5 end-to-end OAM functionality (AIS, RDI, loopback):
ITU-T Recommendation I.610 - B-ISDN Operation and Maintenance Principles and Functions version 11/95
GR-1248-CORE - Generic Requirements for Operations of ATM Network Elements (NEs), Issue 3 June 1996
GR-1113-CORE - Bellcore, Asynchronous Transfer Mode (ATM) and ATM Adaptation Layer (AAL) Protocols Generic Requirements, Issue 1, July 1994
alarm-cells
Syntax
[no] alarm-cells
Context
config>service>vpls>sap>atm>oam
Description
This command configures AIS/RDI fault management on a PVCC. Fault management allows PVCC termination to monitor and report the status of its connection by propagating fault information through the network and by driving a PVCC operational status.
When alarm-cells functionality is enabled, a PVCC operational status is affected when a PVCC goes into an AIS or RDI state because of AIS/RDI processing. This assumes that nothing else affects the PVCC operational status; for example, the PVCC goes down, or enters a fault state and comes back up, or exits that fault state. RDI cells are generated when a PVCC is operationally down. No OAM-specific SNMP trap is raised whenever an endpoint enters or exits an AIS or RDI state; however, if an OAM state change results in a change to the operational status of the PVCC, then a trap is expected from an entity that the PVCC is associated with (for example, a SAP).
The no form of the command disables alarm-cells functionality for a PVCC. When alarm-cells functionality is disabled, the PVCC operational status is no longer affected by the PVCC OAM state changes due to AIS/RDI processing. When alarm-cells is disabled, a PVCC will change operational status to up from down due to alarm-cell processing. RDI cells are not generated as result of PVCC going into an AIS or RDI state; however, the PVCC OAM status will record OAM faults as described above.
Default
enabled for PVCCs delimiting VPLS SAPs
subscriber-vlan
Syntax
subscriber-vlan [vlan-id]
no subscriber-vlan
Context
config>service>vpls>sap>atm
Description
This command enables the push operation of a configured VLAN at ingress and a pop operation at egress on a per-ATM SAP basis. After AAL5 termination at ATM access ingress as per the configured encapsulation type, the configured VLAN tag is pushed to the received subscriber frame. The type of Ethernet frame is set to 0x8100 in order to designate the existence of the VLAN header, and the original Ethertype is shifted by 4 bytes (dot1q) or 8 bytes (qinq), enlarging the resulting subscriber frame by 4 or 8 bytes.
Using the subscriber-vlan command necessitates the use of the tagged (dot1q or qinq) uplink. In the uplink ingress direction (from the network to the 7705 SAR), the 7705 SAR is programmed to pop the VLAN tags. The first pop operation is mandatory, but if the frame is a single-tagged frame and there are no other VLAN tags, then the resulting untagged frame is forwarded to the subscriber interface without any errors.
Default
no subscriber-vlan
Parameters
- vlan-id
specifies the VLAN ID for the subscriber VLAN
VPLS IGMP and MLD snooping commands
igmp-snooping
Syntax
igmp-snooping
Context
config>service>vpls
config>service>vpls>sap
config>service>vpls>mesh-sdp
config>service>vpls>spoke-sdp
Description
This command enables the Internet Group Management Protocol (IGMP) snooping context.
mld-snooping
Syntax
mld-snooping
Context
config>service>vpls
config>service>vpls>sap
config>service>vpls>mesh-sdp
config>service>vpls>spoke-sdp
Description
This command enables the Multicast Listener Discovery (MLD) snooping context.
disable-router-alert-check
Syntax
[no] disable-router-alert-check
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>sap>mld-snooping
config>service>vpls>mesh-sdp>igmp-snooping
config>service>vpls>mesh-sdp>mld-snooping
config>service>vpls>spoke-sdp>igmp-snooping
config>service>vpls>spoke-sdp>mld-snooping
Description
This command enables or disables router alert checking for IGMP or MLD messages received on this interface. The router alert field in the IP header is used to inform the router to extract the packet. By default, router alert checks are enabled for IGMP and MLD packets (that is, no disable).
The no form of the command enables the router alert check.
Default
no disable-router-alert-check
fast-leave
Syntax
no fast-leave
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>sap>mld-snooping
config>service>vpls>mesh-sdp>igmp-snooping
config>service>vpls>mesh-sdp>mld-snooping
config>service>vpls>spoke-sdp>igmp-snooping
config>service>vpls>spoke-sdp>mld-snooping
Description
This command enables fast leave. When IGMP or MLD fast-leave processing is enabled, the 7705 SAR immediately removes a SAP or SDP from the multicast group when it detects an IGMP or MLD leave message on that SAP or SDP. Fast-leave processing allows the 7705 SAR to remove from the forwarding table a SAP or SDP that has sent a leave message without first sending group-specific queries to the SAP or SDP. This speeds up the process of changing channels (called zapping).
Fast leave should only be enabled when there is a single receiver present on the SAP or SDP. When fast leave is enabled, the configured last-member-query-interval value is ignored.
Default
no fast-leave
import
Syntax
import policy-name
no import
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>sap>mld-snooping
config>service>vpls>mesh-sdp>igmp-snooping
config>service>vpls>mesh-sdp>mld-snooping
config>service>vpls>spoke-sdp>igmp-snooping
config>service>vpls>spoke-sdp>mld-snooping
Description
This command specifies the import routing policy used to filter IGMP or MLD packets on this SAP or SDP. Only a single policy can be imported on a single SAP or SDP at any time.
The no form of the command removes the policy association from the SAP or SDP.
Default
no import
Parameters
- policy-name
the import policy name. Values can be a string up to 32 characters long of printable, 7- bit ASCII characters. If the string contains special characters (such as #, $, or spaces), the entire string must be enclosed within double quotes. These policies are configured in the config>router>policy-options context. The router policy must be defined before it can be imported.
last-member-query-interval
Syntax
last-member-query-interval interval
no last-member-query-interval
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>sap>mld-snooping
config>service>vpls>mesh-sdp>igmp-snooping
config>service>vpls>mesh-sdp>mld-snooping
config>service>vpls>spoke-sdp>igmp-snooping
config>service>vpls>spoke-sdp>mld-snooping
Description
This command configures the maximum response time used in group-specific queries that are sent by the router acting as the querier in response to leave messages, and is also the amount of time between two consecutive group-specific queries. This value may be tuned to modify the leave latency of the network. A reduced value results in reduced time to detect the loss of the last member of a group. The configured last-member-query-interval is ignored when fast-leave is enabled on the SAP or SDP.
Default
10
Parameters
- interval
the frequency, in tenths of seconds, at which query messages are sent
max-num-groups
Syntax
max-num-groups max-num-groups
no max-num-groups
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>sap>mld-snooping
config>service>vpls>sap>pim-snooping
config>service>vpls>mesh-sdp>igmp-snooping
config>service>vpls>mesh-sdp>mld-snooping
config>service>vpls>spoke-sdp>igmp-snooping
config>service>vpls>spoke-sdp>mld-snooping
config>service>vpls>spoke-sdp>pim-snooping
Description
This command defines the maximum number of multicast groups that can be joined on this SAP or SDP. If the node receives an IGMP, MLD, or PIM join message that would exceed the configured number of groups, the request is ignored. The max-num-groups command does not apply to mesh SDPs.
The no form of this command disables the check.
Default
no max-num-groups
Parameters
- max-num-groups
the maximum number of groups that can be joined on this SAP or SDP
max-num-grp-sources
Syntax
max-num-grp-sources max-num-grp-sources
no max-num-grp-sources
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>mesh-sdp>igmp-snooping
config>service>vpls>spoke-sdp>igmp-snooping
Description
This command defines the maximum number of multicast (S,G)s that can be joined on this SAP or SDP. If the node receives an IGMP join message that would exceed the configured number of (S,G)s, the request is ignored.
The no form of this command disables the check.
Default
no max-num-grp-sources
Parameters
- max-num-grp-sources
the maximum number of multicast sources allowed to be tracked per group
max-num-sources
Syntax
max-num-sources max-num-sources
no max-num-sources
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>mesh-sdp>igmp-snooping
config>service>vpls>spoke-sdp>igmp-snooping
Description
This command defines the maximum number of multicast sources that can be joined on this SAP or SDP. If the node receives an IGMP join message that would exceed the configured number of sources, the request is ignored.
The no form of this command disables the check.
Default
no max-num-sources
Parameters
- max-num-sources
the maximum number of multicast sources allowed per group
mrouter-port
Syntax
[no] mrouter-port
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>sap>mld-snooping
config>service>vpls>mesh-sdp>igmp-snooping
config>service>vpls>mesh-sdp>mld-snooping
config>service>vpls>spoke-sdp>igmp-snooping
config>service>vpls>spoke-sdp>mld-snooping
Description
This command specifies whether a multicast router is attached behind this SAP or SDP.
Configuring a SAP as an mrouter-port has two effects. First, all multicast traffic received on another SAP or SDP is copied to this SAP or SDP. Second, IGMP or MLD reports generated by the system as a result of a host joining or leaving a multicast group are sent to this SAP or SDP.
If two multicast routers exist in the network, one of them becomes the active querier and the other one (the non-querier) stops sending IGMP queries. The non-querier router continues to receive reports in order to keep its multicast trees up to date. To support this, enable mrouter-port on all SAPs or SDPs connected to a multicast router.
The version used for the reports (IGMPv1, v2, or v3, or MLDv1 or v2) can only be determined after an initial query has been received. Until the version is determined, no reports are sent on the SAP or spoke SDP, even if mrouter-port is enabled.
If the send-queries command is enabled on this SAP or spoke SDP, the mrouter-port command cannot be enabled. The mrouter-port and send-queries commands are mutually exclusive.
Default
no mrouter-port
query-interval
Syntax
query-interval seconds
no query-interval
Context
config>service>vpls>igmp-snooping
config>service>vpls>mld-snooping
config>service>vpls>sap>igmp-snooping
config>service>vpls>sap>mld-snooping
config>service>vpls>mesh-sdp>igmp-snooping
config>service>vpls>mesh-sdp>mld-snooping
config>service>vpls>spoke-sdp>igmp-snooping
config>service>vpls>spoke-sdp>mld-snooping
Description
This command configures the IGMP or MLD query interval. If the send-queries command is enabled, this command specifies the interval between two consecutive general queries sent by the router acting as the querier on this SAP or SDP. The configured query-interval must be greater than the configured query-response-interval.
If send-queries is not enabled on this SAP or SDP, the configured query-interval value is ignored.
Default
125
Parameters
- seconds
the time interval, in seconds, at which the router transmits general host-query messages
query-response-interval
Syntax
query-response-interval seconds
no query-response-interval
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>sap>mld-snooping
config>service>vpls>mesh-sdp>igmp-snooping
config>service>vpls>mesh-sdp>mld-snooping
config>service>vpls>spoke-sdp>igmp-snooping
config>service>vpls>spoke-sdp>mld-snooping
Description
This command configures the IGMP or MLD query response interval. If the send-queries command is enabled, this command specifies how long the router acting as the querier waits to receive a response from the host. The configured query-response-interval must be smaller than the configured query-interval. If send-queries is not enabled on this SAP or SDP, the configured query-response-interval value is ignored.
Default
10
Parameters
- seconds
the length of time to wait to receive a response to the host-query message from the host
query-src-ip
Syntax
query-src-ip ip-address
query-src-ip ipv6-address
no query-src-ip
Context
config>service>vpls>igmp-snooping
config>service>vpls>mld-snooping
Description
This command configures the IP source address used in IGMP or MLD queries.
Parameters
- ip-address
the IPv4 address used for the IGMP query
- ipv6-address
the IPv6 address used for the MLD query
report-src-ip
Syntax
report-src-ip ip-address
report-src-ip ipv6-address
no report-src-ip
Context
config>service>vpls>igmp-snooping
config>service>vpls>mld-snooping
Description
This command specifies the source IP address used when generating IGMP or MLD reports. According to the IGMPv3 standard, a zero source address is allowed when sending IGMP reports. However, for interoperability with some multicast routers, the source IP address of IGMP group reports can be configured using this command.
Default
0.0.0.0
Parameters
- ip-address
the source IPv4 source address in transmitted IGMP reports
- ipv6-address
the source IPv6 source address in transmitted MLD reports
robust-count
Syntax
robust-count robust-count
no robust-count
Context
config>service>vpls>igmp-snooping
config>service>vpls>mld-snooping
config>service>vpls>sap>igmp-snooping
config>service>vpls>sap>mld-snooping
config>service>vpls>mesh-sdp>igmp-snooping
config>service>vpls>mesh-sdp>mld-snooping
config>service>vpls>spoke-sdp>igmp-snooping
config>service>vpls>spoke-sdp>mld-snooping
Description
This command allows tuning for the expected packet loss on a SAP or an SDP, and is comparable to a retry count. For a SAP or SDP, this command is functional when the send-queries command is enabled. If the send-queries command is not enabled, robust-count is ignored. If the SAP or SDP is expected to experience packet loss, the robust-count parameter may be increased. IGMP or MLD snooping on this SAP or SDP is robust up to the robust-count minus 1 packet.
Default
2
Parameters
- robust-count
specifies the robust count for the service, SAP, or SDP
send-queries
Syntax
[no] send-queries
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>sap>mld-snooping
config>service>vpls>mesh-sdp>igmp-snooping
config>service>vpls>mesh-sdp>mld-snooping
config>service>vpls>spoke-sdp>igmp-snooping
config>service>vpls>spoke-sdp>mld-snooping
Description
This command specifies whether to send IGMP or MLD general query messages on the SAP or SDP.
When send-queries is configured, all query reports generated locally are of the type belonging to the configured version. If a report from a version higher than the configured version is received, the report is dropped and a ‟wrong version” counter is incremented. If send-queries is not configured, the version command has no effect and the version used is the version of the querier. This implies that, for example, when there is a version 2 querier, a specific version 3 group or group-source query is never sent when a host wants to leave a group.
Default
no send-queries
static
Syntax
static
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>sap>mld-snooping
config>service>vpls>mesh-sdp>igmp-snooping
config>service>vpls>mesh-sdp>mld-snooping
config>service>vpls>spoke-sdp>igmp-snooping
config>service>vpls>spoke-sdp>mld-snooping
Description
This command enables access to the context to configure static group addresses. Static group addresses can be configured on a SAP or SDP. When present as either a (*,G) or a (S,G) entry, multicast packets matching the configuration are forwarded even if no join message was registered for the specific group.
Default
n/a
group
Syntax
[no] group grp-ip-address
[no] group grp-ipv6-address
Context
config>service>vpls>sap>igmp-snooping>static
config>service>vpls>sap>mld-snooping>static
config>service>vpls>mesh-sdp>igmp-snooping>static
config>service>vpls>mesh-sdp>mld-snooping>static
config>service>vpls>spoke-sdp>igmp-snooping>static
config>service>vpls>spoke-sdp>mld-snooping>static
Description
This command adds a static multicast group either as a (*,G) or as one or more (S,G) records. When a static IGMP or MLD group is added, multicast data for that (*,G) or (S,G) is forwarded to the specific SAP or SDP without receiving any membership report from a host.
The group is not created until the source or starg is specified.
Default
n/a
Parameters
- grp-ip-address
specifies an IGMP multicast group address that receives data on an interface. The IP address must be unique for each static group.
- grp-ipv6-address
specifies an MLD multicast group address that receives data on an interface. The IPv6 address must be unique for each static group.
source
Syntax
[no] source src-ip-address
[no] source src-ipv6-address
Context
config>service>vpls>sap>igmp-snooping>static>group
config>service>vpls>sap>mld-snooping>static>group
config>service>vpls>mesh-sdp>igmp-snooping>static>group
config>service>vpls>mesh-sdp>mld-snooping>static>group
config>service>vpls>spoke-sdp>igmp-snooping>static>group
config>service>vpls>spoke-sdp>mld-snooping>static>group
Description
This command adds a static (S,G) entry, to allow multicast traffic for a multicast group from a specified source. For a multicast group, more than one source address can be specified. Static (S,G) entries cannot be added if a starg has been created previously.
The no form of the command removes the source from the configuration.
Default
n/a
Parameters
- src-ip-address
specifies the IPv4 unicast address
- src-ipv6-address
specifies the IPv6 unicast address
starg
Syntax
[no] starg
Context
config>service>vpls>sap>igmp-snooping>static>group
config>service>vpls>sap>mld-snooping>static>group
config>service>vpls>mesh-sdp>igmp-snooping>static>group
config>service>vpls>mesh-sdp>mld-snooping>static>group
config>service>vpls>spoke-sdp>igmp-snooping>static>group
config>service>vpls>spoke-sdp>mld-snooping>static>group
Description
This command adds a static (*,G) entry to allow multicast traffic for the corresponding multicast group from any source. This command can only be enabled if there are no existing source addresses for this group.
The no form of the command removes the starg entry from the configuration.
Default
no starg
version
Syntax
version version
no version
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>sap>mld-snooping
config>service>vpls>mesh-sdp>igmp-snooping
config>service>vpls>mesh-sdp>mld-snooping
config>service>vpls>spoke-sdp>igmp-snooping
config>service>vpls>spoke-sdp>mld-snooping
Description
This command specifies the version of IGMP or MLD that is running on this SAP or SDP. This command can be used to configure a router capable of running IGMP version 1, 2, or 3, or MLD version 1 or 2. For IGMP or MLD to function correctly, all routers on a LAN must be configured to run the same version of IGMP or MLD on that LAN.
When the send-queries command is configured, all query reports generated locally are of the type belonging to the configured version. If a report from a version higher than the configured version is received, the report gets dropped and a ‟wrong version” counter is incremented.
If the send-queries command is not configured, the version command has no effect. The version used on that SAP or SDP is the version of the querier. This implies that, for example, when there is an IGMP version 2 querier, a specific version 3 group or group-source query is never sent when a host wants to leave a group.
The no form of the command returns the version to the default value.
Default
3 (IGMP) 2 (MLD)
Parameters
- version
specifies the IGMP or MLD version
VPLS STP commands
stp
Syntax
stp
Context
config>service>vpls
config>service>vpls>sap
config>service>vpls>spoke-sdp
Description
This command enables the context to configure the Spanning Tree Protocol (STP) parameters. The 7705 SAR runs the RSTP version of STP. The Nokia implementation of STP is simply the Spanning Tree Protocol (STP) with a few modifications to better suit the operational characteristics of VPLS services. The most evident change is to the root bridge election. Since the core network operating between Nokia service routers should not be blocked, the root path is calculated from the core perspective.
hello-time
Syntax
hello-time hello-time
no hello-time
Context
config>service>vpls>stp
Description
This command configures the Spanning Tree Protocol (STP) hello time for the virtual private LAN service (VPLS) STP instance.
The hello-time command defines the default timer value that controls the sending interval between BPDU configuration messages by this bridge, on ports where this bridge assumes the designated role.
Since VPLS on the 7705 SAR runs in RSTP mode, the hello time is always taken from the locally configured parameter, unless RSTP fails and the SAP falls back to legacy STP operation, in which case the hello time for the spanning tree is determined by the root bridge.
The no form of this command returns the hello time to the default value.
Default
2 s
Parameters
- hello-time
the hello time for the STP instance, in seconds
hold-count
Syntax
hold-count BDPU tx hold count
no hold-count
Context
config>service>vpls>stp
Description
This command configures the peak number of BPDUs that can be transmitted in a period of 1 s.
The no form of this command returns the hold count to the default value.
Default
6
Parameters
- BDPU tx hold count
the hold count for the STP instance, in seconds
mode
Syntax
mode rstp
no mode
Context
config>service>vpls>stp
Description
This command specifies the version of Spanning Tree Protocol the bridge is currently running. VPLS on the 7705 SAR runs only in RSTP mode.
The no form of this command returns the STP variant to the default mode.
Default
rstp
Parameters
- rstp
corresponds to the rapid spanning tree protocol, specified in IEEE 802.1D/D4-2003
priority
Syntax
priority bridge-priority
no priority
Context
config>service>vpls>stp
Description
The priority command is used to populate the priority portion of the bridge ID field within outbound BPDUs (the most significant 4 bits of the bridge ID). It is also used as part of the decision process when determining the best BPDU between messages received and sent. All values will be truncated to multiples of 4096, conforming with IEEE 802.1t and 802.1D-2004.
The no form of this command returns the bridge priority to the default value.
Default
By default, the bridge priority is configured to 4096, which is the highest priority
Parameters
- bridge-priority
the bridge priority for the STP instance
managed-vlan-list
Syntax
managed-vlan-list
Context
config>service>vpls>sap
Description
This command enables the context to configure VLAN ranges to be managed by a management VPLS. The list indicates, for each SAP, the ranges of associated VLANs that will be affected when the SAP changes state.
This command is only valid when the VPLS in which it is entered was created as a management VPLS.
range
Syntax
[no] range vlan-range
Context
config>service>vpls>sap>managed-vlan-list
Description
This command configures a range of VLANs on an access port that are to be managed by an existing management VPLS.
This command is only valid when the VPLS in which it is entered was created as a management VPLS, and when the SAP in which it was entered was created on an Ethernet port with encapsulation type of dot1q or qinq.
To modify the range of VLANs, first the new range should be entered and then the old range removed. See Modifying VPLS service parameters.
Default
n/a
Parameters
- vlan-range
specifies the VLAN start value and VLAN end value. The end-vlan value must be greater than start-vlan value. The format is start-vlan-end-vlan.
auto-edge
Syntax
[no] auto-edge
Context
config>service>vpls>sap>stp
config>service>vpls>spoke-sdp>stp
Description
This command configures automatic detection of the edge port characteristics of the SAP or spoke SDP.
If auto-edge is enabled and STP concludes there is no bridge behind the SAP or spoke SDP, the OPER_EDGE variable will dynamically be set to true. If auto-edge is enabled and a BPDU is received, the OPER_EDGE variable will dynamically be set to false (see edge-port).
The no form of this command removes automatic edge detection.
Default
auto-edge
edge-port
Syntax
[no] edge-port
Context
config>service>vpls>sap>stp
config>service>vpls>spoke-sdp>stp
Description
This command configures the SAP or spoke SDP as an edge or non-edge port. If auto-edge is enabled for the SAP or spoke SDP, this value of the edge/non-edge setting will be used only as the initial value.
The function of the edge-port command is to tell STP that it is on the edge of the network (for example, there are no other bridges connected to that port), and, as a consequence, it can immediately transition to a forwarding state if the port becomes available.
STP, however, can detect that the actual situation is different from what edge-port may indicate.
Initially, the value of the SAP or spoke SDP parameter is set to edge-port. This value will change if:
a BPDU is received on that port, meaning that there is another bridge connected to this port. In this case, edge-port becomes disabled.
auto-edge is configured and no BPDU is received within a certain period of time, in which case, RSTP concludes that it is on an edge. In this case, edge-port becomes enabled.
The no form of this command returns the edge port setting to the default value.
Default
no edge-port
link-type
Syntax
link-type {pt-pt | shared}
no link-type
Context
config>service>vpls>sap>stp
config>service>vpls>spoke-sdp>stp
Description
This command instructs STP on the maximum number of bridges behind the SAP or spoke SDP. If there is only a single bridge, transitioning to the forwarding state will be based on handshaking (fast transitions). If two or more bridges are connected via a shared media, their SAPs or spoke SDPs should be configured as shared, and timer-based transitions are used.
The no form of this command returns the link type to the default value.
Default
pt-pt
Parameters
- pt-pt
indicates a maximum of one bridge can exist behind this SAP or spoke SDP
- shared
indicates that two or more bridges can exist behind this SAP or spoke SDP
path-cost
Syntax
path-cost path-cost
no path-cost
Context
config>service>vpls>sap>stp
config>service>vpls>spoke-sdp>stp
Description
This command configures the STP path cost for the SAP or spoke SDP.
The path cost is used by STP to calculate the path cost to the root bridge. The path cost in BPDUs received on the root port is incremented with the configured path cost for that SAP or spoke SDP. When BPDUs are sent out other egress SAP or spoke SDP, the newly calculated root path cost is used.
STP suggests that the path cost is defined as a function of the link bandwidth. Since SAPs and spoke SDPs are controlled by complex queuing dynamics, in the 7705 SAR the STP path cost is a purely static configuration.
The no form of this command returns the path cost to the default value.
Default
10
Parameters
- path-cost
the path cost for the SAP or spoke SDP
port-num
Syntax
[no] port-num virtual-port-number
Context
config>service>vpls>sap>stp
config>service>vpls>spoke-sdp>stp
Description
This command configures the virtual port number that uniquely identifies a SAP or spoke SDP within configuration BPDUs. The internal representation of a SAP or spoke SDP is unique to a system and has a reference space much larger than the 12 bits definable in a configuration BPDU. STP takes the internal representation value of a SAP or spoke SDP and identifies it with its own virtual port number, which is unique to any other SAP or spoke SDP defined on the VPLS. The virtual port number is assigned at the time that the SAP or spoke SDP is added to the VPLS. Since the order in which SAPs or spoke SDPs are added to the VPLS is not preserved between reboots of the system, the virtual port number may change between restarts of the STP instance.
Parameters
- virtual-port-number
the virtual port number for the SAP or spoke SDP
priority
Syntax
priority stp-priority
no priority
Context
config>service>vpls>sap>stp
config>service>vpls>spoke-sdp>stp
Description
This command configures the STP priority for the SAP or spoke SDP.
When configuration BPDUs are received, the STP priority is used in some circumstances as a tiebreaking mechanism to determine whether the SAP or spoke SDP will be designated or blocked. In traditional STP implementations (802.1D-1998), this field is called the port priority and has a value of 0 to 255. This field is coupled with the port number (0 to 255) to create a 16-bit value. In the latest STP standard (802.1D-2004), only the upper 4 bits of the port priority field are used to encode the SAP or spoke SDP priority. The remaining 4 bits are used to extend the port ID field into a 12-bit virtual port number field. The virtual port number uniquely references a SAP or spoke SDP within the STP instance.
STP computes the actual priority by taking the input value and masking out the lower 4 bits. The result is the value that is stored in the SAP or spoke SDP priority parameter. For instance, if a value of 0 is entered, masking out the lower 4 bits results in a parameter value of 0. If a value of 255 is entered, the result is 240.
The no form of this command returns the STP priority to the default value.
Default
128
Parameters
- stp-priority
the STP priority value for the SAP or spoke SDP.
root-guard
Syntax
[no] root-guard
Context
config>service>vpls>sap>stp
config>service>vpls>spoke-sdp>stp
Description
This command specifies whether this port is allowed to become an STP root port. It corresponds to the restrictedRole parameter in 802.1Q. If set, it can cause lack of spanning tree connectivity.
Default
no root-guard
VPLS filter and QoS policy commands
egress
Syntax
egress
Context
config>service>vpls>sap
Description
This command enables the context to configure egress SAP QoS policies and filter policies.
If no sap-egress QoS policy is defined, the system default sap-egress QoS policy is used for egress processing. If no egress filter is defined, no filtering is performed.
ingress
Syntax
ingress
Context
config>service>vpls>sap
Description
This command enables the context to configure ingress SAP QoS policies and filter policies.
If no sap-ingress QoS policy is defined, the system default sap-ingress QoS policy is used for ingress processing. If no ingress filter is defined, no filtering is performed.
agg-rate-limit
Syntax
agg-rate-limit agg-rate [cir cir-rate]
no agg-rate-limit
Context
config>service>vpls>sap>egress
config>service>vpls>sap>ingress
Description
This command sets the aggregate rate limits (PIR and CIR) for the SAP. The agg-rate sets the PIR value. The cir-rate sets the CIR value. When aggregate rate limits are configured on a second-generation (Gen-2) Ethernet adapter card, the scheduler mode must be set to 16-priority. On a third-generation (Gen-3) Ethernet adapter card, the scheduler mode is always 4-priority. For information on adapter card generations, see the ‟Evolution of Ethernet Adapter Cards, Modules, and Platforms” section in the 7705 SAR Interface Configuration Guide.
Configuring the cir-rate is optional. If a cir-rate is not entered, then the cir-rate is set to its default value (0 kb/s). If a cir-rate has been set and the agg-rate is changed without re-entering the cir-rate, the cir-rate automatically resets to 0 kb/s. For example, to change the agg-rate from 2000 to 1500 while maintaining a cir-rate of 500, use the command agg-rate-limit 1500 cir 500.
If the specified SAP is a LAG SAP, agg-rate and cir-rate can be configured regardless of the scheduler mode setting on Gen-2 or Gen-3 hardware. If the active port is on a Gen-3 card or platform, agg-rate and cir-rate are applicable. If the active port is on a Gen-2 card or platform, agg-rate and cir-rate apply when the scheduler mode is set to 16-priority. For details on the behavior of a mix-and-match LAG SAP, see the ‟LAG Support on Third-Generation Ethernet Adapter Cards, Ports, and Platforms” and ‟Network LAG Traffic Management” sections in the 7705 SAR Interface Configuration Guide.
The no form of the command sets the agg-rate to the maximum and the cir-rate to 0 kb/s.
Default
no agg-rate-limit
Parameters
- agg-rate
sets the PIR for the aggregate of all the queues on the SAP. The max keyword applies the maximum physical port rate possible.
- cir-rate
sets the CIR for the aggregate of all the queues on the SAP. The max keyword applies the maximum physical port rate possible.
filter
Syntax
filter ip ip-filter-id
filter ipv6 ipv6-filter-id
filter mac mac-filter-id
no filter [ip ip-filter-id] [ipv6 ipv6-filter-id] [mac mac-filter-id]
Context
config>service>vpls>sap>egress
config>service>vpls>sap>ingress
config>service>vpls>mesh-sdp>ingress
config>service>vpls>spoke-sdp>ingress
Description
This command associates a filter policy with a SAP or SDP (mesh or spoke). Filters can be applied to VPLS and routed VPLS SAPs and SDPs.
Filter policies control the forwarding and dropping of packets based on IP or MAC matching criteria. There are two types of filter policies: IP and MAC. Only one type may be applied at a time. The filter ID must be defined before the filter command is executed. If the filter policy does not exist, the operation will fail and an error message will be returned.
Only one filter ID can be assigned to an interface unless the interface is dual-stack (supports both IPv4 and IPv6). A dual-stack interface can have one IPv4 and one IPv6 filter ID assigned to it.
In general, filters applied to SAPs or SDPs apply to all packets on the SAP or SDP. One exception is that non-IP packets are not applied to IP match criteria, so the default action in the filter policy applies to these packets.
If an IP interface is attached to a VPLS service context (routed VPLS), the VPLS SAP or SDP configured IP or MAC filter for ingress routed packets can be optionally overridden in order to provide special ingress filtering for routed packets. This allows different filtering for routed packets and non-routed packets. The filter override is defined on the IP interface bound to the VPLS service name. A separate override filter can be specified for IPv4 and IPv6 packet types, using the v4-routed-override-filter or v6-routed-override-filter command in the IES or VPRN service contexts.
If filter override is configured, the IP or MAC filter configured on the SAP or SDP applies to non-routed packets. If filter override is not configured, the IP or MAC filter configured on the SAP or SDP applies to both routed and non-routed packets.
The no form of this command removes any configured filter ID association with the SAP or SDP. The filter ID itself is not removed from the system unless the scope of the created filter is set to exclusive. To avoid deletion of the filter ID and only break the association with the service object, use the scope command within the filter definition to set the scope to template. The default scope of a filter is exclusive.
Parameters
- ip-filter-id
specifies the IP filter policy. The filter ID or filter name must already exist within the created IP filters.
- ipv6-filter-id
specifies the IPv6 filter policy. The filter ID or filter name must already exist within the created IPv6 filters.
- mac-filter-id
specifies the MAC filter policy. The filter ID or filter name must already exist within the created MAC filters.
match-qinq-dot1p
Syntax
match-qinq-dot1p {top | bottom}
no match-qinq-dot1p
Context
config>service>vpls>sap>ingress
Description
This command specifies which dot1q tag position (top or bottom) in a qinq-encapsulated packet should be used when QoS evaluates dot1p classification.
The no form of the command restores the default dot1p evaluation behavior for the SAP, which means that the inner (bottom) tag (second tag) dot1p bits are used for classification.
By default, the dot1p bits from the inner tag service-delineating dot1q tag are used.
The following table shows which set of dot1p bits are used for QoS purposes when match-qinq-dot1p is configured. To use the table, find the row that represents the settings for Port/SAP type and Match-qinq-dot1q setting. Use the Existing packet tags column to identify which dot1q tags are available in the packet. Then use the P-bits used for match column to identify which dot1q tag contains the dot1p bits that are used for QoS dot1p classification.
|
Port/SAP type |
Match-qinq-dot1p setting 1 |
Existing packet tags |
P-bits used for match |
|---|---|---|---|
|
Null |
n/a |
None |
None |
|
Null |
n/a |
Dot1p (VLAN ID 0) |
None 2 |
|
Null |
n/a |
Dot1q |
None 2 |
|
Null |
n/a |
TopQ BottomQ |
None 2 |
|
Dot1q |
n/a |
None |
None |
|
Dot1q |
n/a |
Dot1p (default SAP VLAN ID 0) |
Dot1p P-bits |
|
Dot1q |
n/a |
Dot1q |
Dot1q P-bits |
|
QinQ/ X.Y |
Top |
TopQ BottomQ |
TopQ P-bits |
|
QinQ/ X.Y |
Default or Bottom |
TopQ BottomQ |
BottomQ P-bits |
|
QinQ/ X.0 |
Top |
TopQ |
TopQ P-bits |
|
QinQ/ X.0 |
Default or Bottom |
TopQ |
TopQ P-bits |
|
QinQ/ X.0 |
Top |
TopQ BottomQ |
TopQ P-bits |
|
QinQ/ X.0 |
Default or Bottom |
TopQ BottomQ |
BottomQ P-bits |
|
QinQ/ X.* |
Top |
TopQ |
TopQ P-bits |
|
QinQ/ X.* |
Default or Bottom |
TopQ |
TopQ P-bits |
|
QinQ/ X.* |
Top |
TopQ BottomQ |
TopQ P-bits |
|
QinQ/ X.* |
Default or Bottom |
TopQ BottomQ |
BottomQ P-bits |
|
QinQ/ 0.* |
Top |
None |
None |
|
QinQ/ 0.* |
Default or Bottom |
None |
None |
|
QinQ/ 0.* |
Top |
TopQ |
TopQ P-bits |
|
QinQ/ 0.* |
Default or Bottom |
TopQ |
TopQ P-bits |
|
QinQ/ 0.* |
Top |
TopQ BottomQ |
TopQ P-bits |
|
QinQ/ 0.* |
Default or Bottom |
TopQ BottomQ |
BottomQ P-bits |
|
QinQ/ *.* |
Top |
None |
None |
|
QinQ/ *.* |
Default or Bottom |
None |
None |
|
QinQ/ *.* |
Top |
TopQ |
TopQ P-bits |
|
QinQ/ *.* |
Default or Bottom |
TopQ |
TopQ P-bits |
|
QinQ/ *.* |
Top |
TopQ BottomQ |
TopQ P-bits |
|
QinQ/ *.* |
Default or Bottom |
TopQ BottomQ |
BottomQ P-bits |
Notes:
-
‟Default” in this column refers to the no form of the match-qinq-dot1p command.
-
For null encapsulation, the 7705 SAR does not process dot1p bits.
Default
no match-qinq-dot1p
Parameters
- top
the top parameter and bottom parameter are mutually exclusive. When the top parameter is specified, the outer tag's dot1p bits (topmost P-bits) are used (if existing) to match any dot1p dot1p-value entries.
- bottom
the bottom parameter and top parameter are mutually exclusive. When the bottom parameter is specified, the bottommost P-bits (second tag’s P-bits) are used (if existing) to match any dot1p dot1p-value entries.
qinq-mark-top-only
Syntax
[no] qinq-mark-top-only
Context
config>service>vpls>sap>egress
Description
When enabled, the qinq-mark-top-only command specifies which P-bits to mark during packet egress. When disabled, both sets of P-bits are marked. When enabled, only the P-bits in the top Q-tag are marked. The no form of the command is the default state (disabled).
The following table shows the dot1p remarking behavior for different egress port type/SAP type combinations and qinq-mark-top-only state, where ‟False” represents the default (disabled) state.
If a new tag is pushed, the dot1p bits of the new tag will be zero (unless the new tag is re-marked by the egress policy. The dot1p bits are configured using the dot1p parameter under the config>qos context.
Egress port type/SAP type |
qinq-mark-top-only state |
Egress P-bits marked or re-marked |
|---|---|---|
Null 1 |
n/a |
None |
Dot1q/ X 1 |
n/a |
Outer tag |
Dot1q/ * 2 |
n/a |
None |
Dot1q/ 0 2 |
n/a |
Outer tag |
QinQ/ X.Y 1 |
False |
Two outer tags 3 |
True |
Outer tag 3 |
|
QinQ/ X.* 1 |
True or False |
Outer tag |
QinQ/ X.0 1 |
True or False |
Outer tag |
QinQ/ 0.* 1 |
True or False |
None |
QinQ/ *.* 2 |
True or False |
None |
Notes:
This port type/SAP type is supported by the following services: Epipe, Ipipe, VPLS, IES, and VPRN.
This port type/SAP type is supported by the following services: Epipe and VPLS.
Normally, when a new tag is pushed, the dot1p bits of the new tag will be zero, unless the P-bits are remarked by the egress policy. However, an exception to this occurs when the egress SAP type is X.Y and only one new outer tag must be pushed. In this case, the new outer tag will have its dot1p bits set to the inner tag's dot1p bits.
Default
no qinq-mark-top-only (disabled)
qos
Syntax
qos policy-id
no qos
Context
config>service>vpls>sap>egress
config>service>vpls>sap>ingress
Description
This command associates a QoS policy with an ingress or egress SAP.
QoS ingress and egress policies are important for the enforcement of SLA agreements. The policy ID must be defined prior to associating the policy with a SAP. If the policy-id does not exist, an error will be returned.
The qos command is used to associate both ingress and egress QoS policies. The qos command only allows ingress policies to be associated with ingress SAP, and egress policies with egress SAP. Attempts to associate a QoS policy of the wrong type returns an error.
Only one ingress and one egress QoS policy can be associated with a SAP at one time.
By default, if no specific QoS policy is associated with the SAP for ingress or egress, then the default QoS policy is used.
The no form of this command removes the QoS policy association from the SAP, and the QoS policy for the SAP reverts to the default.
Parameters
- policy-id
specifies the ingress or egress policy ID to associate with a SAP on ingress or egress. The policy ID or name must already exist.
scheduler-mode
Syntax
scheduler-mode {4-priority | 16-priority}
Context
config>service>vpls>sap>egress
config>service>vpls>sap>ingress
Description
This command sets the scheduler mode for the SAP and is part of the hierarchical QoS (H-QoS) feature on the 7705 SAR.
If the mode is 4-priority, then the SAP is considered an unshaped 4-priority SAP and the agg-rate-limit cannot be changed from its default values.
If the mode is 16-priority and the agg-rate limit parameters are configured to be non-default values, then the SAP is considered a shaped SAP. If the agg-rate limit parameters are left in their default settings, the SAP is considered an unshaped, 16-priority SAP.
This command is blocked on third-generation (Gen-3) Ethernet adapter cards and platforms, such as the 6-port Ethernet 10Gbps Adapter card and the 7705 SAR-X, which only support 4-priority scheduling mode.
If the specified SAP is a LAG SAP, scheduler-mode can be configured but is not applied to Gen-3 adapter cards and platforms.
Default
4-priority
Parameters
- 4-priority
sets the scheduler mode for the SAP to be 4-priority mode
- 16-priority
sets the scheduler mode for the SAP to be 16-priority mode
shaper-group
Syntax
[no] shaper-group shaper-group-name
Context
config>service>vpls>sap>egress
config>service>vpls>sap>ingress
Description
This command applies a shaper group to a SAP. The shaper group must already be created and must be within the shaper policy assigned to the Ethernet MDA (for ingress) or port (for egress). A shaper group is a dual-rate aggregate shaper used to shape aggregate access ingress or egress SAPs at a shaper group rate. Multiple aggregate shaper groups ensure fair sharing of available bandwidth among different aggregate shapers.
The default shaper group cannot be deleted.
The no form of this command removes the configured shaper-group.
Default
shaper-group ‟default”
Parameters
- shaper-group-name
the name of the shaper group. To access the default shaper group, enter ‟default”.
- create
keyword used to create a shaper group
force-c-vlan-forwarding
Syntax
[no] force-c-vlan-forwarding
Context
config>service>vpls>sap
Description
This command preserves the VLAN tag at the ingress SAP. The default (disabled) behavior is to strip off the VLAN tag at the ingress SAP and push a new VLAN tag at the egress SAP.
The force-c-vlan-forwarding command is only available on VPLS dot1q and qinq SAPs.
When the ingress and egress port encap-type are both dot1q, force-c-vlan-forwarding has the following behavior:
if force-c-vlan-forwarding is enabled only at the ingress SAP
The VLAN tag is preserved at the ingress SAP and a new VLAN tag is pushed at the egress SAP. The net effect at the egress SAP is that the packet contains two VLAN tags, where the inner tag is the preserved ingress tag.
if force-c-vlan-forwarding is enabled only at the egress SAP
A VLAN tag is not pushed at the egress SAP. The effect at the egress SAP is that the VLAN tag received at the ingress SAP is stripped off.
if force-c-vlan-forwarding is enabled at both the ingress and egress SAPs
The VLAN tag is preserved at the ingress SAP and there is no tag pushed at the egress SAP. The net effect is that the packet transmitted at the egress SAP contains the same VLAN tag that was received at the ingress SAP. Dot1p re-marking may occur at the egress SAP.
When the ingress and egress port encap-type are both qinq, force-c-vlan-forwarding has the following behavior:
if force-c-vlan-forwarding is enabled only at the ingress SAP
The inner VLAN tag is preserved at the ingress SAP and two new VLAN tags are pushed at the egress SAP. The net effect at the egress SAP is that the packet contains three VLAN tags, where the innermost tag is the preserved ingress tag.
if force-c-vlan-forwarding is enabled only at the egress SAP
Only the outer VLAN tag of the egress SAP is pushed at the egress SAP. The effect at the egress SAP is that the VLAN tag received at the ingress SAP is swapped with a new tag.
if force-c-vlan-forwarding is enabled at both the ingress and egress SAPs
The VLAN tag is preserved at the ingress SAP and the outer VLAN tag of the egress SAP is pushed. The net effect is that the packet transmitted at the egress SAP contains the same inner VLAN tag that was received at the ingress SAP. Dot1p re-marking may occur at the egress SAP.
The no version of this command sets the default behavior.
Default
disabled
Service billing commands
accounting-policy
Syntax
accounting-policy acct-policy-id
no accounting-policy
Context
config>service>vpls>sap
Description
This command creates the accounting policy context that can be applied to a SAP.
An accounting policy must be defined before it can be associated with a SAP. If the acct-policy-id does not exist, an error message is generated.
A maximum of one accounting policy can be associated with a SAP at one time. Accounting policies are configured in the config>log context.
The no form of this command removes the accounting policy association from the SAP, and the accounting policy reverts to the default.
Default
accounting-policy
Parameters
- acct-policy-id
the accounting policy ID as configured in the config>log>accounting-policy context
collect-stats
Syntax
[no] collect-stats
Context
config>service>vpls>sap
Description
This command enables accounting and statistical data collection for a SAP, a network port, or an IP interface. When applying accounting policies, the data (by default) is collected in the appropriate records and written to the designated billing file.
When the no collect-stats command is issued, the statistics are still accumulated by the CSM. However, the CPU will not obtain the results and write them to the billing file. If a subsequent collect-stats command is issued, then the counters written to the billing file include all the traffic while the no collect-stats command was in effect.
Default
collect-stats
VPLS SAP DHCP commands
dhcp
Syntax
dhcp
Context
config>service>vpls>sap
Description
This command enables the context to configure DHCP parameters.
option
Syntax
[no] option
Context
config>service>vpls>sap>dhcp
Description
This command enables DHCP Option 82 (Relay Agent Information Option) parameters processing and enters the context for configuring Option 82 suboptions.
The no form of this command returns the system to the default.
Default
no option
action
Syntax
action [dhcp-action]
no action
Context
config>service>vpls>sap>dhcp>option
Description
This command configures the Relay Agent Information Option (Option 82) processing.
The no form of this command returns the system to the default value.
Default
keep
Parameters
- dhcp-action
specifies the DHCP option action (replace, drop, or keep), as follows:
- replace
in the upstream direction (from the client), the Option 82 field from the router is inserted in the packet (overwriting any existing Option 82 field). In the downstream direction (toward the client), the Option 82 field is stripped (in accordance with RFC 3046).
- drop
the DHCP packet is dropped if an Option 82 field is present, and the ‟Client Packets Dropped” counter is incremented
- keep
the existing information is kept in the packet and the router does not add any additional information. In the downstream direction, the Option 82 field is not stripped and is sent on toward the client.
The behavior is slightly different in the case of Vendor Specific Options (VSOs). When the keep parameter is specified, the router will insert its own VSO into the Option 82 field (as per RFC 4243). This will only be done when the incoming message already has an Option 82 field. However, if adding the VSO causes the Option 82 field to exceed the maximum allowable length (255 octets), the packet is dropped.
If no Option 82 field is present, the router will not create the Option 82 field. In this in that case, no VSO will be added to the message.
circuit-id
Syntax
circuit-id [ascii-tuple | vlan-ascii-tuple]| no circuit-id
Context
config>service>vpls>sap>dhcp>option
Description
This command causes the router to send an ASCII-encoded ‟tuple” in the circuit-id suboption of the DHCP packet. This ASCII-tuple consists of the access-node-identifier, service-id, and interface-name, separated by ‟|”. If no keyword is configured, the circuit-id suboption will not be part of the information option (Option 82).
If disabled, the circuit-id suboption of the DHCP packet will be left empty.
Default
no circuit-id
Parameters
- ascii-tuple
specifies that the included ASCII-encoded concatenated ‟tuple” consists of the access-node-identifier, service-id, and interface-name
- vlan-ascii-tuple
specifies that the format will include the vlan-id and dot1p bits in addition to the ascii-tuple information. The format is supported on dot1q and qinq encapsulated ports only. When the Option 82 bits are stripped, dot1p bits will be copied to the Ethernet header of an outgoing packet.
remote-id
Syntax
[no] remote-id [mac | string string]
Context
config>service>vpls>sap>dhcp>option
Description
This command specifies what information goes into the remote-id suboption in the DHCP relay packet.
If disabled, the remote-id suboption of the DHCP packet will be left empty.
The no form of this command returns the system to the default.
Default
no remote-id
Parameters
- mac
specifies that the MAC address of the remote end is encoded in the suboption
- string
specifies that string is encoded in the suboption
vendor-specific-option
Syntax
[no] vendor-specific-option
Context
config>service>vpls>sap>dhcp>option
Description
This command configures the vendor-specific suboption within the Option 82 field of the DHCP relay packet.
client-mac-address
Syntax
[no] client-mac-address
Context
config>service>vpls>sap>dhcp>option>vendor
Description
This command enables the sending of the MAC address in the vendor-specific suboption of the DHCP relay packet.
The no form of the command disables the sending of the MAC address in the vendor-specific suboption of the DHCP relay packet.
sap-id
Syntax
[no] sap-id
Context
config>service>vpls>sap>dhcp>option>vendor
Description
This command enables the sending of the SAP ID in the vendor-specific suboption of the DHCP relay packet.
The no form of the command disables the sending of the SAP ID in the vendor-specific suboption of the DHCP relay packet.
service-id
Syntax
[no] service-id
Context
config>service>vpls>sap>dhcp>option>vendor
Description
This command enables the sending of the service ID in the vendor specific suboption of the DHCP relay packet.
The no form of the command disables the sending of the service ID in the vendor specific suboption of the DHCP relay packet.
string
Syntax
string text
no string
Context
config>service>vpls>sap>dhcp>option>vendor
Description
This command specifies the string in the vendor specific suboption of the DHCP relay packet.
The no form of the command returns the default value.
Default
no string
Parameters
- text
the string can be any combination of ASCII characters up to 32 characters in length. If spaces are used in the string, enclose the entire string in quotation marks (‟ ”).
system-id
Syntax
[no] system-id
Context
config>service>vpls>sap>dhcp>option>vendor
Description
This command specifies whether the system ID is encoded in the vendor specific suboption of Option 82.
snoop
Syntax
[no] snoop
Context
config>service>vpls>sap>dhcp
Description
This command enables DHCP snooping of DHCP messages on the SAP. Enabling DHCP snooping on VPLS interfaces (SAPs) is required where vendor-specific information (as per RFC 4243) is to be inserted into the Option 82 field of the DHCP messages.
Use the no form of the command to disable DHCP snooping on the specified VPLS SAP binding.
Default
no snoop
VPLS SDP commands
mesh-sdp
Syntax
mesh-sdp sdp-id[:vc-id] [vc-type {ether | vlan}]
no mesh-sdp sdp-id[:vc-id]
Context
config>service>vpls
Description
This command binds a VPLS service to an existing service destination point (SDP). Mesh SDPs bound to a service are logically treated like a single bridge ‟port” for flooded traffic, where flooded traffic received on any mesh SDP on the service is replicated to other ‟ports” (spoke SDPs and SAPs) and not transmitted on any mesh SDPs.
This command creates a binding between a service and an SDP. The SDP has an operational state that determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service will be down.
The SDP must already be defined in the config>service>sdp context in order to associate the SDP with a valid service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id does exist, a binding between that sdp-id and the service is created.
SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end 7705 SAR devices can participate in the service.
The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service. Once removed, no packets are forwarded to the far-end router.
Default
No sdp-id is bound to a service
Special cases
- VPLS
several SDPs can be bound to a VPLS. Each SDP must be destined for a different router. If two sdp-id bindings terminate on the same 7705 SAR, an error occurs and the second SDP binding is rejected.
Parameters
- sdp-id
the SDP identifier
- vc-id
the virtual circuit identifier. This value is used to validate the VC ID portion of each mesh SDP binding defined in the service. The default value of this object is equal to the service ID.
- vc-type
this option overrides the default VC type signaled for the spoke or mesh binding to the far end of the SDP. The VC type is a 15-bit quantity containing a value that represents the type of VC. The actual signaling of the VC type depends on the signaling parameter defined for the SDP. If signaling is disabled, the vc-type option can still be used to define the dot1q value expected by the far-end provider equipment. A change of the VC type causes the binding to signal the new VC type to the far end when signaling is enabled. VC types are derived according to IETF draft-martini-l2circuit-trans-mpls, as follows:
the VC type value for Ethernet is 0x0005
the VC type value for an Ethernet VLAN is 0x0004
- ether
defines the VC type as Ethernet. The ether and vlan keywords are mutually exclusive. When the VC type is not defined, the default is Ethernet for spoke SDP bindings. Defining Ethernet is the same as executing no vc-type and restores the default VC type for the spoke SDP binding (hex 5).
- vlan
defines the VC type as VLAN. The ether and vlan keywords are mutually exclusive. When the VC type is not defined, the default is Ethernet for spoke SDP bindings.
spoke-sdp
Syntax
spoke-sdp sdp-id:vc-id [vc-type {ether | vlan}] [split-horizon-group group-name] [create] [no-endpoint]
spoke-sdp sdp-id:vc-id [vc-type {ether | vlan}] [split-horizon-group group-name] [create] endpoint endpoint-name
no spoke-sdp sdp-id:vc-id
Context
config>service>vpls
Description
This command binds a service to an existing SDP. A spoke SDP is treated like the equivalent of a traditional bridge ‟port”, where flooded traffic received on the spoke SDP is replicated on all other ‟ports” (other spoke and mesh SDPs or SAPs) and not transmitted on the port it was received.
The SDP has an operational state that determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service will be down.
The SDP must already be defined in the config>service>sdp context in order to associate an SDP with a VPLS service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id does exist, a binding between that sdp-id and the service is created. SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end devices can participate in the service.
The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service. Once removed, no packets are forwarded to the far-end router.
Default
No sdp-id is bound to a service
Special cases
- VPLS
several SDPs can be bound to a VPLS service. Each SDP must use unique vc-ids. An error message is generated if two SDP bindings with identical vc-ids terminate on the same router.
Split horizon groups can only be created in the scope of a VPLS service.
Parameters
- sdp-id
the SDP identifier
- vc-id
the virtual circuit identifier
- vc-type
this option overrides the default VC type signaled for the spoke or mesh binding to the far end of the SDP. The VC type is a 15-bit quantity containing a value that represents the type of VC. The actual signaling of the VC type depends on the signaling parameter defined for the SDP. If signaling is disabled, the vc-type option can still be used to define the dot1q value expected by the far-end provider equipment. A change of the VC type causes the binding to signal the new VC type to the far end when signaling is enabled. VC types are derived according to IETF draft-martini-l2circuit-trans-mpls, as follows:
the VC type value for Ethernet is 0x0005
the VC type value for an Ethernet VLAN is 0x0004
- ether
defines the VC type as Ethernet. The ether and vlan keywords are mutually exclusive. When the VC type is not defined, the default is Ethernet for spoke SDP bindings. Defining Ethernet is the same as executing no vc-type and restores the default VC type for the spoke SDP binding (hex 5).
- vlan
defines the VC type as VLAN. The ether and vlan keywords are mutually exclusive. When the VC type is not defined, the default is Ethernet for spoke SDP bindings. The VLAN VC-type requires at least one dot1q tag within each encapsulated Ethernet packet transmitted to the far end.
- group-name
specifies the name of the split horizon group to which the SDP belongs
- endpoint-name
specifies the service endpoint to which this SDP binding is attached. The service ID of the SDP binding must match the service ID of the service endpoint.
- no-endpoint
removes the association of a spoke SDP with an explicit endpoint name
control-word
Syntax
[no] control-word
Context
config>service>vpls>mesh-sdp
config>service>vpls>spoke-sdp
Description
This command enables the use of the control word on pseudowire packets in VPLS and enables the use of the control word individually on each mesh SDP or spoke SDP. By default, the control word is disabled.
When the control word is enabled, all VPLS packets are encapsulated with the control word when sent over the pseudowire. The T-LDP control plane behavior is the same as in the implementation of control word for VLL services. The configuration for the two directions of the Ethernet pseudowire should match.
The no form of the command resets the mesh SDP or spoke SDP to the default behavior of not using the control word.
Default
no control-word
egress
Syntax
egress
Context
config>service>vpls>mesh-sdp
config>service>vpls>spoke-sdp
Description
This command configures the egress SDP context.
ingress
Syntax
ingress
Context
config>service>vpls>mesh-sdp
config>service>vpls>spoke-sdp
Description
This command configures the ingress SDP context.
vc-label
Syntax
vc-label egress-vc-label
no vc-label [egress-vc-label]
Context
config>service>vpls>mesh-sdp>egress
config>service>vpls>spoke-sdp>egress
Description
This command configures the egress VC label.
Parameters
- egress-vc-label
specifies an egress VC value that indicates a specific connection
vc-label
Syntax
vc-label ingress-vc-label
no vc-label [ingress-vc-label]
Context
config>service>vpls>mesh-sdp>ingress
config>service>vpls>spoke-sdp>ingress
Description
This command configures the ingress VC label.
Parameters
- ingress-vc-label
specifies an ingress VC value that indicates a specific connection
entropy-label
Syntax
[no] entropy-label
Context
config>service>vpls>mesh-sdp
config>service>vpls>spoke-sdp
Description
This command enables or disables the use of entropy labels for mesh or spoke SDPs.
If entropy-label is enabled, the entropy label and entropy label indicator (ELI) are inserted in packets for which at least one LSP in the stack for the far end of the tunnel used by the service has advertised entropy label capability.
If the tunnel is an RSVP-TE type, entropy-label can also be controlled by disabling entropy-label-capability under the config>router>rsvp context at the far-end LER.
When the entropy-label and entropy-label-capability commands are both enabled, the entropy label value inserted at the iLER is always based on the service ID.
Default
no entropy-label
precedence
Syntax
precedence [precedence-value | primary]
no precedence
Context
config>service>vpls>spoke-sdp
Description
This command configures the precedence of this SDP binding when there are multiple SDP bindings attached to one service endpoint. When an SDP binding goes down, the next highest precedence SDP binding begins forwarding traffic.
Default
no precedence
Parameters
- precedence-value
specifies the precedence of this SDP binding
- primary
assigns this SDP as the primary spoke SDP
pw-status-signaling
Syntax
[no] pw-status-signaling
Context
config>service>vpls>spoke-sdp
Description
This command enables pseudowire status signaling for spoke SDPs. The no form of this command disables pseudowire status signaling. When pseudowire status signaling is disabled, a 7705 SAR does not include the PW status TLV in the initial label mapping message of the pseudowire that is used for a spoke SDP. This forces both 7705 SAR PEs to use the pseudowire label withdrawal method for signaling pseudowire status. If the remote endpoint has standby-signaling-master enabled and it determines that a particular PW should be standby, based on the precedence of the PWs, it will withdraw the PW label. If the label is withdrawn for all PWs on a VPLS, the VPLS will go operationally down.
If pseudowire status signaling is enabled, the 7705 SAR includes the pseudowire status TLV in the initial label mapping message for the pseudowire.
Default
pw-status-signaling
static-mac
Syntax
[no] static-mac ieee-address
Context
config>service>vpls>mesh-sdp
config>service>vpls>spoke-sdp
Description
This command creates a remote static MAC entry in the VPLS FDB associated with the SDP.
In a VPLS service, MAC addresses are associated with a SAP or an SDP. MACs associated with a SAP are classified as local MACs, and MACs associated with an SDP are remote MACs.
Remote static MAC entries create a permanent MAC address to SDP association in the FDB for the VPLS instance so that the MAC address will not be learned on the edge device.
Static MAC definitions on one edge device are not propagated to other edge devices participating in the VPLS instance; that is, each edge device has an independent FDB for the VPLS.
Only one static MAC entry (local or remote) can be defined per MAC address per VPLS instance.
The no form of this command deletes the static MAC entry with the specified MAC address associated with the SDP from the VPLS FDB.
Default
n/a
Parameters
- ieee-address
specifies the 48-bit MAC address for the static ARP in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers. Allowed values are any non-broadcast, non-multicast MAC, and non-IEEE reserved MAC addresses.
vlan-vc-tag
Syntax
vlan-vc-tag 0..4094
no vlan-vc-tag [0..4094]
Context
config>service>vpls>mesh-sdp
config>service>vpls>spoke-sdp
Description
This command specifies an explicit dot1q value that is used when encapsulating to the SDP far end. When signaling is enabled between the near and far end, the configured dot1q tag can be overridden by a received TLV specifying the dot1q value expected by the far end. This signaled value must be stored as the remote signaled dot1q value for the binding. The provisioned local dot1q tag must be stored as the administrative dot1q value for the binding.
When the dot1q tag is not defined, the default value of 0 is stored as the administrative dot1q value. Setting the value to 0 is equivalent to not specifying the value.
The no form of this command disables the command.
Default
no vlan-vc-tag
Parameters
- 0..4094
specifies a valid VLAN identifier to bind an 802.1Q VLAN tag ID
Routed VPLS configuration commands
allow-ip-int-binding
Syntax
allow-ip-int-binding
no allow-ip-int-binding
Context
config>service>vpls
Description
This command sets a flag on the VPLS service that allows an IES or VPRN IP interface to be attached to the VPLS service in order to make the VPLS service routable. If the allow-ip-int-binding command is not enabled, the VPLS service cannot be attached to an IP interface.
When attempting to set the allow-ip-int-binding VPLS flag, the system first checks to see if the correct configuration constraints exist for the VPLS service and the network ports. The following features are disabled when the allow-ip-int-binding flag is set under VPLS:
residential SHG
DHCP
mVPLS
mac-subnet-length
GRE SDP (cannot be bound to the VPLS)
If a service name is applied to a VPLS service and that service name is also bound to an IP interface but the allow-ip-int-binding flag has not been set on the VPLS service context, the system attempt to resolve the service name between the VPLS service and the IP interface fails. As soon as the allow-ip-int-binding flag is enabled on the VPLS, the corresponding IP interface will be attached and become operationally up. There is no need to toggle the shutdown/no shutdown command.
The no form of the command resets the allow-ip-int-binding flag on the VPLS service. If the VPLS service currently has an IP interface from an IES or VPRN service attached, the no allow-ip-int-binding command fails. Once the allow-ip-int-binding flag is reset on the VPLS service, the configuration restrictions associated with setting the flag are removed.
service-name
Syntax
service-name service-name
no service-name
Context
config>service>vpls
Description
This command configures a service name, up to 64 characters in length, which adds a name identifier to a given service to use as display in show commands throughout the system.
All services are required to assign a service ID to initially create a service. However, either the service ID or the service name can be used to identify and reference a given service once it is initially created.
Parameters
- service-name
specifies a unique service name to identify the service. Service names may not begin with an integer (0-9).
VPLS security configuration commands
fw-bypass-policy
Syntax
fw-bypass-policy {bypass-id | name}
no fw-bypass-policy
Context
config>service>vpls
Description
This command associates a bypass policy with this VPLS instance. The bypass policy must already be configured in the config>security>bypass context. All protocols, or protocols associated with specific source or destination ports, defined by the bypass policy bypass the firewall lookup table and are permitted across the zone associated with this VPLS instance without being firewalled.
Default
no fw-bypass-policy
Parameters
- bypass-id
the firewall bypass ID number
- name
the name of the firewall bypass policy
zone
Syntax
zone {zone-id | name} [create]
no zone {zone-id | name}
Context
config>service>vpls
Description
This command creates a security zone within a VPLS context. Each zone must have a unique ID. When a zone is created with a name, the system automatically assigns it the first available zone ID value. A zone cannot be configured on a VPLS service with EVPN.
The no form of this command deletes the zone. When a zone is deleted, all configuration parameters for the zone are also deleted.
Default
no zone
Parameters
- zone-id
the zone ID number.
- name
the name of the zone.
- create
keyword required when first creating the security zone. When the zone is created, you can enter the context without the create keyword.
abort
Syntax
abort
Context
config>service>vpls>zone
Description
This command discards changes made to a security feature.
Default
n/a
begin
Syntax
begin
Context
config>service>vpls>zone
Description
This command enters the mode to create or edit security features.
Default
n/a
commit
Syntax
commit
Context
config>service>vpls>zone
Description
This command saves changes made to security features.
Default
n/a
inbound
Syntax
inbound
Context
config>service>vpls>zone
Description
This command enables the context to configure limit parameters for inbound firewall sessions.
Default
n/a
outbound
Syntax
outbound
Context
config>service>vpls>zone
Description
This command enables the context to configure limit parameters for outbound firewall sessions.
Default
n/a
limit
Syntax
limit
Context
config>service>vpls>zone>inbound
config>service>vpls>zone>outbound
Description
This command enables the context to configure limits on concurrent sessions for inbound or outbound firewall sessions.
Default
n/a
concurrent-sessions
Syntax
concurrent-sessions {tcp | udp | icmp | other} sessions
no concurrent-sessions {tcp | udp | icmp | other}
Context
config>service>vpls>zone>inbound>limit
config>service>vpls>zone>outbound>limit
Description
This command configures the maximum number of concurrent firewall sessions that can be established per zone, for the specified protocol, in either the inbound or outbound direction.
Default
n/a
Parameters
- tcp
specifies that TCP connection traffic is to be firewalled
- udp
specifies that UDP connection traffic is to be firewalled
- icmp
specifies that ICMP connection traffic is to be firewalled
- other
specifies that the traffic to be firewalled is other than TCP, UDP, or ICMP
- sessions
the maximum number of concurrent firewall sessions that can be created in a zone for the specified direction and protocol
log
Syntax
log {log-id | name}
no log
Context
config>service>vpls>zone
Description
This command applies a security log to the specified zone. The security log must already be configured in the config>security>logging context.
The no form of this command removes logging for the zone.
Default
n/a
Parameters
- log-id
the identifier for the log
- name
the name of the log
mesh-sdp
Syntax
[no] mesh-sdp sdp-id:vc-id
Context
config>service>vpls>zone
Description
This command assigns a mesh SDP to the security zone.
The no form of the command removes the mesh SDP from the zone.
Default
n/a
Parameters
- sdp-id
the SDP identifier
- vc-id
identifies the virtual circuit
name
Syntax
name name
no name
Context
config>service>vpls>zone
Description
This command configures a zone name. The zone name is unique within the system. It can be used to refer to the zone under configure, show, and clear commands. If the zone name was already configured with the zone command, this command renames the zone.
Default
n/a
Parameters
- name
the name of the zone
policy
Syntax
policy {policy-id | name}
no policy
Context
config>service>vpls>zone
Description
This command specifies the policy to be used by the security zone to build its matching criteria for incoming packets. The policy must already be configured in the config>security context.
The no form of this command deletes the specified policy.
Default
n/a
Parameters
- policy-id
the number of the referenced policy
- name
the name of the referenced policy
sap
Syntax
[no] sap sap-id
Context
config>service>vpls>zone
Description
This command assigns a SAP to the security zone.
The no form of this command removes the SAP from the zone.
Default
n/a
Parameters
- sap-id
specifies the physical port identifier portion of the SAP definition. See SAP ID configurations for a full list of SAP IDs.
spoke-sdp
Syntax
[no] spoke-sdp sdp-id:vc-id
Context
config>service>vpls>zone
Description
This command assigns a spoke SDP to the security zone.
The no form of this command removes the spoke SDP from the zone.
Default
n/a
Parameters
- sdp-id
uniquely identifies the SDP
- vc-id
identifies the virtual circuit
VPLS show commands
egress-label
Syntax
egress-label start-label [end-label]
Context
show>service
Description
This command displays service information using the range of egress labels. If only the mandatory start-label parameter is specified, only services using the specified label are displayed. If both start-label and end-label parameters are specified, the services using the range of labels are displayed.
Use the show router ldp bindings command to display dynamic labels.
Parameters
- start-label
the starting egress label value for which to display services using the label range. If only start-label is specified, services only using start-label are displayed.
- end-label
the ending egress label value for which to display services using the label range
Output
The following output is an example of service egress-label information, and Service egress labels field descriptions describes the fields.
Output example*A:ALU-48>show>service# egress-label 0 100000
===============================================================================
Martini Service Labels
===============================================================================
Svc Id Sdp Binding Type I.Lbl E.Lbl
-------------------------------------------------------------------------------
3 15:15 Spok 0 0
5 5:5 Spok 0 0
6 5:6 Spok 0 0
5000 15:5000 Mesh 0 0
5000 15:5001 Spok 0 0
5001 5001:100 Spok 0 0
-------------------------------------------------------------------------------
Number of Bindings Found : 6
-------------------------------------------------------------------------------
===============================================================================
Label |
Description |
|---|---|
Svc Id |
The ID that identifies a service |
Sdp Binding |
The binding that identifies an SDP |
Type |
Indicates whether the SDP binding is a spoke or a mesh |
I. Lbl |
The VC label used by the far-end device to send packets to this device in this service by the SDP |
E. Lbl |
The VC label used by this device to send packets to the far-end device in this service by the SDP |
Number of Bindings Found |
The total number of SDP bindings that exist within the specified egress label range |
fdb-info
Syntax
fdb-info
Context
show>service
Description
This command displays global forwarding database (FDB) usage information.
Output
The following output is an example of global FDB usage information, and Service FDB-info field descriptions describes the fields.
Output example*A:ALU-48>show>service# fdb-info
===============================================================================
Forwarding Database(FDB) Information
===============================================================================
Service Id : 5000 Mac Move : Disabled
Primary Factor : 3 Secondary Factor : 2
Mac Move Rate : 2 Mac Move Timeout : 10
Mac Move Retries : 3
Table Size : 250 Total Count : 0
Learned Count : 0 Static Count : 0
OAM-learned Count : 0 DHCP-learned Count: 0
Host-learned Count: 0
Remote Age : 900 Local Age : 300
High Watermark : 95% Low Watermark : 90%
Mac Learning : Enabled Discard Unknown : Disabled
Mac Aging : Enabled Relearn Only : False
Mac Subnet Len : 48
Incl PPP Circ-Id : no
Service Id : 5001 Mac Move : Disabled
Primary Factor : 3 Secondary Factor : 2
Mac Move Rate : 2 Mac Move Timeout : 10
Mac Move Retries : 3
Table Size : 250 Total Count : 0
Learned Count : 0 Static Count : 0
OAM-learned Count : 0 DHCP-learned Count: 0
Host-learned Count: 0
Remote Age : 900 Local Age : 300
High Watermark : 95% Low Watermark : 90%
Mac Learning : Enabled Discard Unknown : Disabled
Mac Aging : Enabled Relearn Only : False
Mac Subnet Len : 48
Incl PPP Circ-Id : no
-------------------------------------------------------------------------------
Total Service FDBs : 2
Total FDB Configured Size : 500
Total FDB Entries In Use : 0
PBB MAC Address Indices In Use : 0
-------------------------------------------------------------------------------
===============================================================================
*A:ALU-48>show>service#
Label |
Description |
|---|---|
Service Id |
The value that identifies a service |
Mac Move |
Indicates the administrative state of the MAC movement feature associated with the service |
Mac Move Rate |
The maximum rate at which MACs can be relearned in this TLS service, before the SAP where the moving MAC was last seen is automatically disabled to protect the system against undetected loops or duplicate MACs. The rate is computed as the maximum number of relearns allowed in a 5-s interval. The default rate of 10 relearns per second corresponds to 50 relearns in a 5-s period. |
Mac Move Timeout |
Indicates the time, in seconds, to wait before a SAP that has been disabled after exceeding the maximum relearn rate is re-enabled. A value of 0 indicates that the SAP will not be automatically re-enabled after being disabled. If after the SAP is re-enabled it is disabled again, the effective retry timeout is doubled to avoid thrashing. |
Table Size |
The maximum number of learned and static entries allowed in the FDB |
Total Count |
The current number of entries (both learned and static) in the FDB of this service |
Learned Count |
The current number of learned entries in the FDB of this service |
Static Count |
The current number of static entries in the FDB of this service |
OAM-learned Count |
The current number of OAM-learned entries in the FDB of this service |
DHCP-learned Count |
The current number of DHCP-learned entries in the FDB of this service |
Host-learned Count |
The current number of host-learned entries in the FDB of this service |
Remote Age |
The number of seconds used to age out FDB entries learned on an SDP; these entries correspond to MAC addresses learned on remote SAPs |
Local Age |
The seconds used to age out FDB entries learned on local SAPs |
High Watermark |
The usage of the FDB table of this service at which a ‟table full” alarm is raised by the agent |
Low Watermark |
The usage of the FDB table of this service at which a ‟table full” alarm is cleared by the agent |
Mac Learning |
Specifies whether the MAC learning process is enabled in this service |
Discard Unknown |
Specifies whether frames received with an unknown destination MAC are discarded in this service |
MAC Aging |
Specifies whether MAC aging is enabled |
MAC Pinning |
Specifies whether MAC pinning is enabled |
Relearn Only |
When enabled, indicates that either the FDB table of this service is full or that the maximum system-wide number of MACs supported by the agent has been reached, and thus MAC learning is temporarily disabled, and only MAC relearns can take place |
Total Service FDB |
The current number of service FDBs configured on this node |
Total FDB Configured Size |
The sum of configured FDBs |
Total FDB Entries In Use |
The total number of entries (both learned and static) in use |
PBB MAC Address Indices in Use |
Not applicable |
fdb-mac
Syntax
fdb-mac ieee-address [expiry]
Context
show>service
Description
This command displays the FDB entry for a given MAC address.
Parameters
- ieee-address
the 48-bit MAC address for which to display the FDB entry in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers
- expiry
shows the time until the MAC is aged out
Output
The following output is an example of FDB information for a specific MAC address, and Service FDB-MAC field descriptions describes the fields.
Output example*A:ALU-48>show>service# fdb-mac
===============================================================================
Service Forwarding Database
===============================================================================
ServId MAC Source-Identifier Type/Age Last Change
-------------------------------------------------------------------------------
1 00:99:00:00:00:00 sap:1/2/7:0 Static 02/17/2007 13:58:41
-------------------------------------------------------------------------------
No. of Entries: 1
-------------------------------------------------------------------------------
Legend: L=Learned; P=MAC is protected
===============================================================================
*A:ALU-48>show>service#
Label |
Description |
|---|---|
ServId |
The service ID number |
MAC |
The specified MAC address |
Source-Identifier |
The location where the MAC is defined |
Type/Age |
Static: FDB entries created by management |
Learned: dynamic entries created by the learning process |
|
OAM: entries created by the OAM process |
|
H: host, the entry added by the system for a static configured subscriber host |
|
D or DHCP: DHCP-installed MAC Learned addresses can be temporarily frozen by the DHCP snooping application for the duration of a DHCP lease |
|
P: indicates the MAC is protected by the MAC protection feature |
|
Last Change |
The date and time of the last change |
id
Syntax
id service-id
Context
show>service
Description
This command enables the context to display information for a specific service-id. The output display can be filtered by using one of the command filters in the Parameters list.
Parameters
- service-id
the unique service identification number or name that identifies the service in the service domain
- all
display detailed information about the service (all)
- arp
display ARP entries for the service (all)
- base
display basic service information (base)
- dhcp
display DHCP information (dhcp)
- endpoint
display service endpoint information (endpoint)
- fdb
display FDB entries (fdb)
- labels
display labels being used by this service (labels)
- mac-move
display MAC move related information about the service (mac-move)
- macsec
-
display MACsec related information about the service (macsec)
- sap
display SAPs associated with the service (sap)
- sdp
display SDPs associated with the service (pppoe-circuit-id)
- split-horizon-group
display split horizon group information (split-horizon-group)
- stp
display STP information (stp)
all
Syntax
all
Context
show>service>id
Description
This command displays detailed information for all aspects of a service.
Output
The following output is an example of detailed information about a service, and Service service-ID (all) field descriptions describes the fields.
Output example*A:ALU-48>show>service>id# all
===============================================================================
Service Detailed Information
===============================================================================
Service Id : 5001
Service Type : VPLS
Name : VPLS5001
Description : (Not Specified)
Customer Id : 1
Last Status Change: 10/26/2010 20:13:08
Last Mgmt Change : 10/26/2010 20:13:09
Admin State : Down Oper State : Down
MTU : 1514 Def. Mesh VC Id : 5001
SAP Count : 1 SDP Bind Count : 1
Snd Flush on Fail : Disabled Host Conn Verify : Disabled
Propagate MacFlush: Disabled
Def. Gateway IP : None
Def. Gateway MAC : None
-------------------------------------------------------------------------------
Split Horizon Group specifics
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Split Horizon Group : shg5001
-------------------------------------------------------------------------------
Description : (Not Specified)
Instance Id : 1 Last Change : 10/26/2010 20:13:09
-------------------------------------------------------------------------------
Service Destination Points(SDPs)
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Sdp Id 5001:100 -(10.10.10.10)
-------------------------------------------------------------------------------
Description : (Not Specified)
SDP Id : 5001:100 Type : Spoke
Split Horiz Grp : shg5001
VC Type : Ether VC Tag : n/a
Admin Path MTU : 0 Oper Path MTU : 0
Far End : 10.10.10.10 Delivery : MPLS
Admin State : Up Oper State : Down
Acct. Pol : None Collect Stats : Disabled
Ingress Label : 0 Egress Label : 0
Ing mac Fltr : n/a Egr mac Fltr : n/a
Ing ip Fltr : n/a Egr ip Fltr : n/a
Ing ipv6 Fltr : n/a Egr ipv6 Fltr : n/a
Admin ControlWord : Not Preferred Oper ControlWord : False
Last Status Change : 10/26/2010 20:13:08 Signaling : TLDP
Last Mgmt Change : 10/26/2010 20:13:09 Force Vlan-Vc : Disabled
Endpoint : endpoint5000 Precedence : 4
PW Status Sig : Enabled
Class Fwding State : Down
Flags : SvcAdminDown SdpOperDown
NoIngVCLabel NoEgrVCLabel
PathMTUTooSmall
Time to RetryReset : never Retries Left : 3
Mac Move : Blockable Blockable Level : Tertiary
Peer Pw Bits : None
Peer Fault Ip : None
Max Nbr of MAC Addr: No Limit Total MAC Addr : 0
Learned MAC Addr : 0 Static MAC Addr : 0
MAC Learning : Enabled Discard Unkwn Srce: Disabled
BPDU Translation : Disabled
L2PT Termination : Disabled
MAC Pinning : Disabled
Ignore Standby Sig : False Block On Mesh Fail: False
KeepAlive Information :
Admin State : Disabled Oper State : Disabled
Hello Time : 10 Hello Msg Len : 0
Max Drop Count : 3 Hold Down Time : 10
Statistics :
I. Fwd. Pkts. : 0 I. Dro. Pkts. : 0
I. Fwd. Octs. : 0 I. Dro. Octs. : 0
E. Fwd. Pkts. : 0 E. Fwd. Octets : 0
E. Dro. Pkts. : 0
Grp Enc Stats :
I. Fwd. Pkts. : 0 I. Fwd. Octs. : 0
I. Dro. Inv. Spi. : 0 I. Dro. OthEncPkt*: 0
E. Fwd. Pkts. : 0 E. Fwd. Octs. : 0
E. Dro. Enc. Pkts. : 0
MCAC Policy Name :
MCAC Max Unconst BW: no limit MCAC Max Mand BW : no limit
MCAC In use Mand BW: 0 MCAC Avail Mand BW: unlimited
MCAC In use Opnl BW: 0 MCAC Avail Opnl BW: unlimited
-------------------------------------------------------------------------------
RSVP/Static LSPs
-------------------------------------------------------------------------------
Associated LSP LIST :
No LSPs Associated
-------------------------------------------------------------------------------
Stp Service Destination Point specifics
-------------------------------------------------------------------------------
Stp Admin State : Down Stp Oper State : Down
Core Connectivity : Down
Port Role : N/A Port State : Discarding
Port Number : 0 Port Priority : 128
Port Path Cost : 10 Auto Edge : Enabled
Admin Edge : Disabled Oper Edge : N/A
Link Type : Pt-pt BPDU Encap : Dot1d
Root Guard : Disabled Active Protocol : N/A
Last BPDU from : N/A
Designated Bridge : N/A Designated Port Id: 0
Fwd Transitions : 0 Bad BPDUs rcvd : 0
Cfg BPDUs rcvd : 0 Cfg BPDUs tx : 0
TCN BPDUs rcvd : 0 TCN BPDUs tx : 0
RST BPDUs rcvd : 0 RST BPDUs tx : 0
-------------------------------------------------------------------------------
Number of SDPs : 1
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Service Access Points
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
SAP 1/2/4:1/100
-------------------------------------------------------------------------------
Service Id : 5001
SAP : 1/2/4:1/100 Encap : atm
Description : (Not Specified)
Admin State : Up Oper State : Down
Flags : ServiceAdminDown
PortOperDown L2OperDown
Multi Svc Site : None
Last Status Change : 10/26/2010 20:13:08
Last Mgmt Change : 10/26/2010 20:13:09
Sub Type : regular
Split Horizon Group: shg5001
Max Nbr of MAC Addr: No Limit Total MAC Addr : 0
Learned MAC Addr : 0 Static MAC Addr : 0
Admin MTU : 1524 Oper MTU : 1524
Ingr IP Fltr-Id : n/a Egr IP Fltr-Id : n/a
Ingr Mac Fltr-Id : n/a Egr Mac Fltr-Id : n/a
Ingr IPv6 Fltr-Id : n/a Egr IPv6 Fltr-Id : n/a
tod-suite : None qinq-pbit-marking : n/a
Ing Scheduler Mode : 4-priority Egr Scheduler Mode: 4-priority
Ing Agg Rate Limit : 999000 Egr Agg Rate Limit: max
Ing Agg cir : 333000 Egr Agg cir : 0
Ing Shaper Group : test_sg1 Egr Shaper Group : default
ARP Reply Agent : Disabled Host Conn Verify : Disabled
Mac Learning : Enabled Discard Unkwn Srce: Disabled
Mac Aging : Enabled Mac Pinning : Enabled
BPDU Translation : Disabled
L2PT Termination : Disabled
Vlan-translation : None
Acct. Pol : None Collect Stats : Disabled
Anti Spoofing : None Avl Static Hosts : 0
Tot Static Hosts : 0
Calling-Station-Id : n/a
Application Profile: None
MCAC Policy Name : MCAC Const Adm St : Enable
MCAC Max Unconst BW: no limit MCAC Max Mand BW : no limit
MCAC In use Mand BW: 0 MCAC Avail Mand BW: unlimited
MCAC In use Opnl BW: 0 MCAC Avail Opnl BW: unlimited
Restr MacProt Src : Disabled Restr MacUnpr Dst : Disabled
Time to RetryReset : never Retries Left : 3
Mac Move : Blockable Blockable Level : Tertiary
Egr MCast Grp :
Auth Policy : none
PPPoE Circuit-Id : none
-------------------------------------------------------------------------------
Stp Service Access Point specifics
-------------------------------------------------------------------------------
Stp Admin State : Down Stp Oper State : Down
Core Connectivity : Down
Port Role : N/A Port State : Unknown
Port Number : N/A Port Priority : 128
Port Path Cost : 10 Auto Edge : Enabled
Admin Edge : Disabled Oper Edge : N/A
Link Type : Pt-pt BPDU Encap : Dot1d
Root Guard : Disabled Active Protocol : N/A
Last BPDU from : N/A
CIST Desig Bridge : N/A Designated Port : N/A
Forward transitions: 0 Bad BPDUs rcvd : 0
Cfg BPDUs rcvd : 0 Cfg BPDUs tx : 0
TCN BPDUs rcvd : 0 TCN BPDUs tx : 0
RST BPDUs rcvd : 0 RST BPDUs tx : 0
MST BPDUs rcvd : 0 MST BPDUs tx : 0
-------------------------------------------------------------------------------
QOS
-------------------------------------------------------------------------------
Ingress qos-policy : 1 Egress qos-policy : 1
Shared Q plcy : n/a Multipoint shared : Disabled
I. Sched Pol : (Not Specified)
E. Sched Pol : (Not Specified)
-------------------------------------------------------------------------------
DHCP
-------------------------------------------------------------------------------
Description : (Not Specified)
Admin State : Down Lease Populate : 0
DHCP Snooping : Down Action : Keep
Proxy Admin State : Down
Proxy Lease Time : N/A
Emul. Server Addr : Not Configured
-------------------------------------------------------------------------------
Subscriber Management
-------------------------------------------------------------------------------
Admin State : Down MAC DA Hashing : False
Def Sub-Id : None
Def Sub-Profile : None
Def SLA-Profile : None
Sub-Ident-Policy : None
Subscriber Limit : 1
Single-Sub-Parameters
Prof Traffic Only : False
Non-Sub-Traffic : N/A
-------------------------------------------------------------------------------
Sap Statistics
-------------------------------------------------------------------------------
Last Cleared Time : N/A
Packets Octets
Forwarding Engine Stats (Ingress)
Dropped : 0 n/a
Off. HiPrio : 0 n/a
Off. LowPrio : n/a n/a
Queueing Stats(Ingress QoS Policy 1)
Dro. HiPrio : 0 n/a
Dro. LowPrio : n/a n/a
For. InProf : 0 0
For. OutProf : 0 0
Forwarding Engine Stats (Egress)
Dropped : 0 n/a
Queueing Stats(Egress QoS Policy 1)
Dro. InProf : 0 n/a
Dro. OutProf : n/a n/a
For. InProf : 0 0
For. OutProf : n/a n/a
-------------------------------------------------------------------------------
Sap per Queue stats
-------------------------------------------------------------------------------
Packets Octets
Ingress Queue 1 (Priority)
Off. HiPrio : 0 n/a
Off. LoPrio : n/a n/a
Dro. HiPrio : 0 n/a
Dro. LoPrio : n/a n/a
For. InProf : 0 0
For. OutProf : 0 0
Egress Queue 1
For. InProf : 0 0
For. OutProf : n/a n/a
Dro. InProf : 0 n/a
Dro. OutProf : n/a n/a
Ingress Queue 3 (Profile)
Off. ColorIn : 0 0
Off. ColorOut : 0 0
Off. Uncolor : 0 0
Dro. ColorOut : 0 0
Dro. ColorIn/Uncolor : 0 0
For. InProf : 0 0
For. OutProf : 0 0
-------------------------------------------------------------------------------
ATM SAP Configuration Information
-------------------------------------------------------------------------------
Ingress TD Profile : 1 Egress TD Profile : 1
Alarm Cell Handling: Enabled AAL-5 Encap : aal5snap-brid*
OAM Termination : Enabled Periodic Loopback : Disabled
-------------------------------------------------------------------------------
VPLS Spanning Tree Information
-------------------------------------------------------------------------------
VPLS oper state : Down Core Connectivity : Down
Stp Admin State : Down Stp Oper State : Down
Mode : Rstp Vcp Active Prot. : N/A
Bridge Id : 80:00.a4:58:ff:00:00:00 Bridge Instance Id: 0
Bridge Priority : 32768 Tx Hold Count : 6
Topology Change : Inactive Bridge Hello Time : 2
Last Top. Change : 0d 00:00:00 Bridge Max Age : 20
Top. Change Count : 0 Bridge Fwd Delay : 15
MST region revision: 0 Bridge max hops : 20
MST region name :
Root Bridge : N/A
Primary Bridge : N/A
Root Path Cost : 0 Root Forward Delay: 15
Rcvd Hello Time : 2 Root Max Age : 20
Root Priority : 32768 Root Port : N/A
-------------------------------------------------------------------------------
Forwarding Database specifics
-------------------------------------------------------------------------------
Service Id : 5001 Mac Move : Disabled
Primary Factor : 3 Secondary Factor : 2
Mac Move Rate : 2 Mac Move Timeout : 10
Mac Move Retries : 3
Table Size : 250 Total Count : 0
Learned Count : 0 Static Count : 0
OAM-learned Count : 0 DHCP-learned Count: 0
Host-learned Count: 0
Remote Age : 900 Local Age : 300
High Watermark : 95% Low Watermark : 90%
Mac Learning : Enabled Discard Unknown : Disabled
Mac Aging : Enabled Relearn Only : False
Mac Subnet Len : 48
Incl PPP Circ-Id : no
-------------------------------------------------------------------------------
IGMP Snooping Base info
-------------------------------------------------------------------------------
Admin State : Down
Querier : No querier found
-------------------------------------------------------------------------------
Sap/Sdp Oper MRtr Pim Send Max Max MVR Num
Id State Port Port Queries Grps Srcs From-VPLS Grps
-------------------------------------------------------------------------------
sap:1/2/4:1/100 Down No No No None None Local 0
sdp:5001:100 Down No No No None None N/A 0
-------------------------------------------------------------------------------
MLD Snooping Base info
-------------------------------------------------------------------------------
Admin State : Down
Querier : No querier found
-------------------------------------------------------------------------------
Sap/Sdp Oper MRtr Send Max Num MVR Num
Id State Port Queries Groups From-VPLS Groups
-------------------------------------------------------------------------------
sap:1/2/4:1/100 Down No Disabled No Limit Local 0
sdp:5001:100 Down No Disabled No Limit N/A 0
-------------------------------------------------------------------------------
DHCP Summary, service 5001
-------------------------------------------------------------------------------
Sap/Sdp Snoop Used/ Arp Reply Info Admin
Provided Agent Option State
-------------------------------------------------------------------------------
sap:1/2/4:1/100 No 0/0 No Keep Down
sdp:5001:100 No N/A N/A N/A N/A
-------------------------------------------------------------------------------
Number of Entries : 2
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
ARP host Summary, service 5001
-------------------------------------------------------------------------------
Sap Used Provided Admin State
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
No Entries found
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Service Endpoints
-------------------------------------------------------------------------------
Endpoint name : endpoint5000
Description : (Not Specified)
Revert time : 0
Act Hold Delay : 0
Ignore Standby Signaling : false
Suppress Standby Signaling : true
Block On Mesh Fail : false
Tx Active : none
Tx Active Up Time : 0d 00:00:00
Revert Time Count Down : N/A
Tx Active Change Count : 0
Last Tx Active Change : 10/26/2010 20:13:08
-------------------------------------------------------------------------------
Members
-------------------------------------------------------------------------------
Spoke-sdp: 5001:100 Prec:4 Oper Status: Down
===============================================================================
VPLS Sites
===============================================================================
Site Site-Id Dest Mesh-SDP Admin Oper Fwdr
-------------------------------------------------------------------------------
No Matching Entries
===============================================================================
===============================================================================
*A:ALU-48>show>service>id#
Label |
Description |
|---|---|
Service Id |
The service identifier |
Service Type |
The type of service |
Name |
The service name |
Description |
Generic information about the service |
Customer Id |
The customer identifier |
Last Status Change |
The date and time of the most recent status change to this customer |
Last Mgmt Change |
The date and time of the most recent management-initiated change to this customer |
Admin State |
The administrative state of the service |
Oper State |
The operational state of the service |
MTU |
The largest frame size (in octets) that the service can handle |
Def. Mesh VC Id |
This object is only valid in services that accept mesh SDP bindings. It is used to validate the VC ID portion of each mesh SDP binding defined in the service. |
SAP Count |
The number of SAPs defined on the service |
SDP Bind Count |
The number of SDPs bound to the service |
Snd Flush on Fail |
Specifies the state of sending a MAC flush on failure (enabled or disabled) |
Host Conn Verify |
Specifies the state of verifying host connectivity (enabled or disabled) |
Propagate MacFlush |
Specifies the state of propagating a MAC flush (enabled or disabled) |
Def. Gateway IP |
Specifies the defined gateway IP address for the service |
Def. Gateway MAC |
Specifies the defined gateway MAC address for the service |
Split Horizon Group |
|
Description |
Description of the split horizon group |
Last Changed |
The date and time of the most recent management-initiated change to this split horizon group |
Instance Id |
The identifier for this split horizon group instance |
Service Destination Points (SDPs) (see Service ID (SDP) field descriptions) |
|
Service Access Points (see Service ID (SAP) field descriptions) |
|
IGMP Snooping Base info (see Service service-ID IGMP and MLD snooping (base) field descriptions) |
|
MLD Snooping Base info (see Service service-ID IGMP and MLD snooping (base) field descriptions) |
|
VPLS Spanning Tree Information (see Service ID (STP) field descriptions ) |
|
DHCP Summary (see Service service-ID (DHCP summary) field descriptions) |
|
ARP host Summary |
|
Sap |
The SAP identifier |
Used |
The number of lease-states that are currently in use on a specific interface; that is, the number of clients on that interface who received an IP address via ARP. This value is always less than or equal to the ‟Provided” field. |
Provided |
The lease-populate value that is configured for a specific interface |
Admin State |
The administrative state of the service |
Service Endpoints (see Service service-ID (endpoint) field descriptions) |
|
base
Syntax
base
Context
show>service>id
Description
This command displays basic information about the service ID, including service type, description, SAPs, and SDPs.
Output
The following output is an example of basic information about a service, and Service service-ID (base) field descriptions describes the fields.
Output example*A:ALU-48>show>service>id# base
===============================================================================
Service Basic Information
===============================================================================
Service Id : 5001
Service Type : VPLS
Name : VPLS5001
Description : (Not Specified)
Customer Id : 1
Last Status Change: 10/26/2010 20:13:08
Last Mgmt Change : 10/26/2010 20:13:09
Admin State : Down Oper State : Down
MTU : 1514 Def. Mesh VC Id : 5001
SAP Count : 1 SDP Bind Count : 1
Snd Flush on Fail : Disabled Host Conn Verify : Disabled
Propagate MacFlush: Disabled
Def. Gateway IP : None
Def. Gateway MAC : None
-------------------------------------------------------------------------------
Service Access & Destination Points
-------------------------------------------------------------------------------
Identifier Type AdmMTU OprMTU Adm Opr
-------------------------------------------------------------------------------
sap:1/2/4:1/100 atm 1524 1524 Up Down
sdp:5001:100 S(10.10.10.10) n/a 0 0 Up Down
===============================================================================
*A:ALU-48>show>service>id#
Label |
Description |
|---|---|
Service Id |
The service identifier |
Service Type |
The type of service |
Name |
The service name |
Description |
Generic information about the service |
Customer Id |
The customer identifier |
Last Status Change |
The date and time of the most recent status change to this customer |
Last Mgmt Change |
The date and time of the most recent management-initiated change to this customer |
Admin State |
The administrative state of the service |
Oper State |
The operational state of the service |
MTU |
The largest frame size (in octets) that the service can handle |
Def. Mesh VC Id |
This object is only valid in services that accept mesh SDP bindings. It is used to validate the VC ID portion of each mesh SDP binding defined in the service. |
SAP Count |
The number of SAPs defined on the service |
SDP Bind Count |
The number of SDPs bound to the service |
Snd Flush on Fail |
Specifies the state of sending a MAC flush on failure (enabled or disabled) |
Host Conn Verify |
Specifies the state of verifying host connectivity (enabled or disabled) |
Propagate MacFlush |
Specifies the state of propagating a MAC flush (enabled or disabled) |
Def. Gateway IP |
Specifies the defined gateway IP address for the service |
Def. Gateway MAC |
Specifies the defined gateway MAC address for the service |
Service Access and Destination Points |
|
Identifier |
Specifies the service access (SAP) and destination (SDP) points |
Type |
Specifies the signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on the SDP |
AdmMTU |
Specifies the largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented |
OprMTU |
Specifies the actual largest service frame size (in octets) that can be transmitted through this service to the far-end router, without requiring the packet to be fragmented |
Adm |
The administrative state of the service |
Opr |
The operational state of the service |
dhcp
Syntax
dhcp
Context
show>service>id
Description
This command enables the context to display DHCP information for the specified service.
statistics
Syntax
statistics [sap sap-id]
statistics [sdp sdp-id:vc-id]
statistics [interface ip-int-name | ip-address]
Context
show>service>id>dhcp
Description
This command displays DHCP statistics information.
Parameters
- sap-id
specifies the physical port identifier portion of the SAP definition. See SAP ID configurations for a full list of SAP IDs.
- sdp-id
the SDP identifier
- vc-id
the virtual circuit ID on the SDP ID for which to display information
- ip-int-name
the IP interface name for which to display information
- ip-address
the IP address of the interface for which to display information
Output
The following output is an example of DHCP statistics information for a SAP, an SDP, and an interface, and Service service-ID (DHCP statistics) field descriptions describes the fields.
Output example*A:ALU-48>show>service>id>dhcp# statistics
=====================================================
DHCP Statistics, service 5001
=====================================================
Client Packets Snooped : 0
Client Packets Forwarded : 0
Client Packets Dropped : 0
Client Packets Proxied (RADIUS) : 0
Client Packets Proxied (Lease-Split) : 0
Server Packets Snooped : 0
Server Packets Forwarded : 0
Server Packets Dropped : 0
DHCP RELEASEs Spoofed : 0
DHCP FORCERENEWs Spoofed : 0
Label |
Description |
|---|---|
Client Packets Snooped |
The number of client packets snooped |
Client Packets Forwarded |
The number of client packets forwarded |
Client Packets Dropped |
The number of client packets dropped |
Client Packets Proxied (RADIUS) |
The number of client packets proxied (RADIUS) |
Client Packets Proxied (Lease-Split) |
The number of client packets proxied (lease-split) |
Server Packets Snooped |
The number of server packets snooped |
Server Packets Forwarded |
The number of server packets forwarded |
Server Packets Dropped |
The number of server packets dropped |
DHCP RELEASEs Spoofed |
The number of DHCP releases spoofed |
DHCP FORCERENEWs Spoofed |
The number of DHCP forced renewals spoofed |
summary
Syntax
summary
Context
show>service>id>dhcp
Description
This command displays DHCP configuration summary information.
Output
The following output is an example of DHCP summary information, and Service service-ID (DHCP summary) field descriptions describes the fields.
Output example*A:ALU-48>show>service>id>dhcp# summary
=======================================================================
DHCP Summary, service 5001
=======================================================================
Sap/Sdp Snoop Used/ Arp Reply Info Admin
Provided Agent Option State
-----------------------------------------------------------------------
sap:1/2/4:1/100 No 0/0 No Keep Down
sdp:5001:100 No N/A N/A N/A N/A
-----------------------------------------------------------------------
Number of Entries : 2
-----------------------------------------------------------------------
=======================================================================
*A:ALU-48>show>service>id>dhcp#
Label |
Description |
|---|---|
Sap/Sdp |
The SAP or SDP identifier of the router interface |
Snoop |
Specifies whether DHCP snooping is enabled |
Used/Provided |
Used: the number of lease-states that are currently in use on a specific interface; that is, the number of clients on that interface who received an IP address via DHCP. This value is always less than or equal to the ‟Provided” field. Provided: the lease-populate value that is configured for a specific interface |
Arp Reply Agent |
Specifies whether the ARP reply agent is enabled |
Info Option |
Indicates whether Option 82 processing is enabled on the interface |
Admin State |
Indicates the administrative state |
endpoint
Syntax
endpoint [endpoint-name]
Context
show>service>id
Description
This command displays service endpoint information.
Parameters
- endpoint-name
specifies a name for the endpoint
Output
The following output is an example of endpoint information, and Service service-ID (endpoint) field descriptions describes the fields.
Output example*A:ALU>show>service>id# endpoint
===============================================================================
Service 5001 endpoints
===============================================================================
Endpoint name : endpoint5000
Description : (Not Specified)
Revert time : 0
Act Hold Delay : 0
Ignore Standby Signaling : false
Suppress Standby Signaling : true
Block On Mesh Fail : false
Tx Active : none
Tx Active Up Time : 0d 00:00:00
Revert Time Count Down : N/A
Tx Active Change Count : 0
Last Tx Active Change : 10/26/2010 20:13:57
-------------------------------------------------------------------------------
Members
-------------------------------------------------------------------------------
Spoke-sdp: 5001:100 Prec:4 Oper Status: Down
===============================================================================
*A:ALU>show>service>id#
Label |
Description |
|---|---|
Endpoint name |
The name of the endpoint |
Description |
A description of the endpoint |
Revert time |
The programmable time delay to switch back to the primary spoke SDP |
Act Hold Delay |
Not applicable |
Ignore Standby Signaling |
Specifies whether ignore standby signaling is configured True: standby signaling is ignored False: standby signaling is not ignored |
Suppress Standby Signaling |
Specifies whether suppress standby signaling is configured True: standby signaling is suppressed False: standby signaling is not suppressed |
Block On Mesh Fail |
Specifies whether to take down the spoke SDP when the mesh SDP is down True: the spoke SDP is not taken down False: the spoke SDP is taken down |
Tx Active |
The identifier of the active spoke SDP |
Tx Active Up Time |
The total amount of time that a spoke SDP remains the active spoke SDP |
Revert Time Count Down |
The amount of time remaining before active transmission reverts to the primary spoke SDP |
Tx Active Change Count |
The number of times that the active spoke SDP has changed |
Last Tx Active Change |
The timestamp of the last active spoke SDP change |
Members |
|
Spoke-sdp |
Identifies the spoke SDP |
Prec |
Specifies the precedence of this SDP binding when there are multiple SDP bindings attached to one service endpoint |
Oper Status |
Indicates the operational status of the endpoint |
fdb
Syntax
fdb [sap sap-id | sdp sdp-id | mac ieee-address | endpoint endpoint | detail] [expiry]
Context
show>service>id
Description
This command displays FDB entries for a specified entity associated with the service.
Parameters
- sap-id
specifies the physical port identifier portion of the SAP definition. See SAP ID configurations for a full list of SAP IDs.
- sdp-id
specifies the SDP ID for the display
- ieee-address
: xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx
- endpoint
specifies an endpoint name
- detail
displays detailed information
- expiry
displays the time until entity is aged out
Output
The following output is an example of FDB entries for a specific MAC address, and Service service-ID (FDB) field descriptions describes the fields.
Output example*A:ALU-48>show>service>id# fdb
===============================================================================
Forwarding Database, Service 5001
===============================================================================
Service Id : 5001 Mac Move : Disabled
Primary Factor : 3 Secondary Factor : 2
Mac Move Rate : 2 Mac Move Timeout : 10
Mac Move Retries : 3
Table Size : 250 Total Count : 0
Learned Count : 0 Static Count : 0
OAM-learned Count : 0 DHCP-learned Count: 0
Host-learned Count: 0
Remote Age : 900 Local Age : 300
High Watermark : 95% Low Watermark : 90%
Mac Learning : Enabled Discard Unknown : Disabled
Mac Aging : Enabled Relearn Only : False
Mac Subnet Len : 48
Incl PPP Circ-Id : no
===============================================================================
*A:ALU-48>show>service>id#
*A:ALU>show>service>id# fdb sap 1/2/4:1/100
===============================================================================
Forwarding Database, Service 5001
===============================================================================
ServId MAC Source-Identifier Type/Age Last Change
-------------------------------------------------------------------------------
No Matching Entries
===============================================================================
*A:ALU>show>service>id#
*A:ALU>show>service>id# fdb sdp 5001
===============================================================================
Forwarding Database, Service 5001
===============================================================================
ServId MAC Source-Identifier Type/Age Last Change
-------------------------------------------------------------------------------
No Matching Entries
===============================================================================
*A:ALU>show>service>id#
*A:ALU-48>show>service>id# fdb mac 34-34-34-34-34-34
===============================================================================
Forwarding Database, Service 5001
===============================================================================
ServId MAC Source-Identifier Type/Age Last Change
-------------------------------------------------------------------------------
No Matching Entries
===============================================================================
*A:ALU-48>show>service>id#
*A:ALU-48>show>service>id# fdb endpoint 10.10.10.10
===============================================================================
Forwarding Database, Service 5001
===============================================================================
ServId MAC Source-Identifier Type/Age Last Change
-------------------------------------------------------------------------------
No Matching Entries
===============================================================================
*A:ALU-48>show>service>id#
*A:ALU>show>service>id# fdb detail
===============================================================================
Forwarding Database, Service 5001
===============================================================================
ServId MAC Source-Identifier Type/Age Last Change
-------------------------------------------------------------------------------
No Matching Entries
===============================================================================
*A:ALU>show>service>id#
Label |
Description |
|---|---|
ServID |
The service ID |
Mac Move |
The administrative state of the MAC movement feature associated with this service |
Primary Factor |
A factor for the primary ports defining how many MAC relearn periods should be used to measure the MAC relearn rate |
Secondary Factor |
A factor for the secondary ports defining how many MAC relearn periods should be used to measure the MAC relearn rate |
Mac Move Rate |
The maximum rate at which MACs can be relearned in this service, before the SAP where the moving MAC was last seen is automatically disabled to protect the system against undetected loops or duplicate MACs The rate is computed as the maximum number of relearns allowed in a 5-s interval: for example, the default rate of 2 relearns per second corresponds to 10 relearns in a 5-s period |
Mac Move Timeout |
The time, in seconds, to wait before a SAP that has been disabled after exceeding the maximum relearn rate is re-enabled. A value of 0 indicates that the SAP will not be automatically re-enabled after being disabled. If after the SAP is re-enabled it is disabled again, the effective retry timeout is doubled to avoid thrashing. |
Mac Move Retries |
The number of times retries are performed for re-enabling the SAP/SDP |
Table Size |
The maximum number of learned and static entries allowed in the FDB of this service |
Total Count |
The total number of learned entries in the FDB of this service |
Learned Count |
The current number of learned entries in the FDB of this service |
Static Count |
The current number of static entries in the FDB of this service |
OAM-learned Count |
The current number of OAM entries in the FDB of this service |
DHCP-learned Count |
The current number of DHCP-learned entries in the FDB of this service |
Host-learned Count |
The current number of host-learned entries in the FDB of this service |
Remote Age |
The number of seconds used to age out FDB entries learned on an SDP. These entries correspond to MAC addresses learned on remote SAPs. |
Local Age |
The number of seconds used to age out FDB entries learned on local SAPs |
High Watermark |
The usage of the FDB table of this service at which a table full alarm will be raised by the agent |
Low Watermark |
The usage of the FDB table of this service at which a table full alarm will be cleared by the agent |
Mac Learning |
Specifies whether MAC learning is enabled |
Discard Unknown |
Specifies whether frames received with an unknown destination MAC are discarded |
Mac Aging |
Specifies whether MAC aging is enabled |
Relearn Only |
When enabled, displays that either the FDB table of this service is full or the maximum system-wide number of MACs supported by the agent has been reached, and thus MAC learning is temporarily disabled and only MAC relearns can take place |
Mac Subnet Len |
The number of bits to be considered when performing MAC-learning or MAC-switching |
Source-Identifier |
The location where the MAC is defined |
Type/Age |
Type: the number of seconds used to age out TLS FDB entries learned on local SAPs |
Age: the number of seconds used to age out TLS FDB entries learned on an SDP. These entries correspond to MAC addresses learned on remote SAPs. |
|
L: learned - dynamic entries created by the learning process OAM: entries created by the OAM process |
|
H: host, the entry added by the system for a static configured subscriber host |
|
D or DHCP: DHCP-installed MAC. Learned addresses can be temporarily frozen by the DHCP snooping application for the duration of a DHCP lease. |
|
P: indicates the MAC is protected by the MAC protection feature |
|
Static: statically configured |
|
Last Change |
Indicates the time of the most recent state changes |
igmp-snooping
Syntax
igmp-snooping
Context
show>service>id
Description
This command enables the context to display IGMP snooping information.
mld-snooping
Syntax
mld-snooping
Context
show>service>id
Description
This command enables the context to display MLD snooping information.
all
Syntax
all
Context
show>service>id>igmp-snooping
show>service>id>mld-snooping
Description
This command displays detailed information for all aspects of IGMP or MLD snooping on the VPLS service.
Output
The following outputs are examples of IGMP snooping and MLD snooping displays for the specified VPLS service, and Service service-ID (IGMP and MLD snooping) field descriptions describes the fields.
Output example (IGMP snooping)*A:7705:Dut-C# show service id 1 igmp-snooping all
===============================================================================
IGMP Snooping info for service 1
===============================================================================
-------------------------------------------------------------------------------
IGMP Snooping Base info
-------------------------------------------------------------------------------
Admin State : Up
Querier : 10.12.1.1 on SAP 1/9/7:34
-------------------------------------------------------------------------------
Sap/Sdp Oper MRtr Pim Send Max Max Max MVR Num
Id Stat Port Port Qrys Grps Srcs Grp From-VPLS Grps
Srcs
-------------------------------------------------------------------------------
sap:1/9/7:12 Up No No No None None None Local 1
sap:1/9/7:34 Up Yes No No None None None Local 0
sdp:21:1 Up No No No None None None N/A 1
sdp:23:1 Up No No No None None None N/A 1
-------------------------------------------------------------------------------
IGMP Snooping Querier info
-------------------------------------------------------------------------------
Sap Id : 1/9/7:34
IP Address : 10.12.1.1
Expires : 63487s
Up Time : 0d 00:00:38
Version : 3
General Query Interval : 31744s
Query Response Interval : 1.0s
Robust Count : 2
-------------------------------------------------------------------------------
IGMP Snooping Multicast Routers
-------------------------------------------------------------------------------
MRouter Sap/Sdp Id Up Time Expires Version
-------------------------------------------------------------------------------
10.12.1.1 1/9/7:34 0d 00:00:38 63487s 3
-------------------------------------------------------------------------------
Number of mrouters: 1
-------------------------------------------------------------------------------
IGMP Snooping Proxy-reporting DB
-------------------------------------------------------------------------------
Group Address Mode Up Time Num Sources
-------------------------------------------------------------------------------
10.0.0.1 include 0d 00:00:37 1
-------------------------------------------------------------------------------
Number of groups: 1
-------------------------------------------------------------------------------
IGMP Snooping SAP 1/9/7:12 Port-DB
-------------------------------------------------------------------------------
Group Address Mode Type From-VPLS Up Time Expires Num MC
Src Stdby
-------------------------------------------------------------------------------
10.0.0.1 include dynamic local 0d 00:00:34 0s 1
-------------------------------------------------------------------------------
Number of groups: 1
-------------------------------------------------------------------------------
IGMP Snooping SAP 1/9/7:34 Port-DB
-------------------------------------------------------------------------------
Group Address Mode Type From-VPLS Up Time Expires Num MC
Src Stdby
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Number of groups: 0
-------------------------------------------------------------------------------
IGMP Snooping SDP 21:1 Port-DB
-------------------------------------------------------------------------------
Group Address Mode Type From-VPLS Up Time Expires Num Src
-------------------------------------------------------------------------------
10.0.0.1 include dynamic N/A 0d 00:00:37 0s 1
-------------------------------------------------------------------------------
Number of groups: 1
-------------------------------------------------------------------------------
IGMP Snooping SDP 23:1 Port-DB
-------------------------------------------------------------------------------
Group Address Mode Type From-VPLS Up Time Expires Num Src
-------------------------------------------------------------------------------
10.0.0.1 include dynamic N/A 0d 00:00:34 0s 1
-------------------------------------------------------------------------------
Number of groups: 1
-------------------------------------------------------------------------------
IGMP Snooping Static Source Groups
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
IGMP Snooping Static Source Groups for SDP 5007:5007
-------------------------------------------------------------------------------
Source Group
-------------------------------------------------------------------------------
10.12.0.12 10.0.0.1
10.12.0.13 10.0.0.1
10.12.0.14 10.0.0.1
-------------------------------------------------------------------------------
Static (*,G)/(S,G) entries: 3
-------------------------------------------------------------------------------
IGMP Snooping Statistics
-------------------------------------------------------------------------------
Message Type Received Transmitted Forwarded
-------------------------------------------------------------------------------
General Queries 19 0 57
Group Queries 0 0 0
Group-Source Queries 0 0 0
V1 Reports 0 0 0
V2 Reports 0 0 0
V3 Reports 52 18 0
V2 Leaves 0 0 0
Unknown Type 0 N/A 0
-------------------------------------------------------------------------------
Drop Statistics
-------------------------------------------------------------------------------
Bad Length : 0
Bad IP Checksum : 0
Bad IGMP Checksum : 0
Bad Encoding : 0
No Router Alert : 0
Zero Source IP : 0
Wrong Version : 0
Lcl-Scope Packets : 0
Rsvd-Scope Packets : 0
Send Query Cfg Drops : 0
Import Policy Drops : 0
Exceeded Max Num Groups : 0
Exceeded Max Num Sources : 0
Exceeded Max Num Grp Srcs: 0
MCAC Policy Drops : 0
MCS Failures : 0
MVR From VPLS Cfg Drops : 0
MVR To SAP Cfg Drops : 0
-------------------------------------------------------------------------------
IGMP Snooping Multicast VPLS Registration info
-------------------------------------------------------------------------------
IGMP Snooping Admin State : Up
MVR Admin State : Down
MVR Policy : None
-------------------------------------------------------------------------------
Local SAPs/SDPs
-------------------------------------------------------------------------------
Svc Id Sap/Sdp Oper From Num Local
Id State VPLS Groups
-------------------------------------------------------------------------------
1 sap:1/9/7:12 Up Local 1
1 sap:1/9/7:34 Up Local 0
1 sdp:21:1 Up N/A 1
1 sdp:23:1 Up N/A 1
-------------------------------------------------------------------------------
MVR SAPs (from-vpls=1)
-------------------------------------------------------------------------------
Svc Id Sap/Sdp Oper From Num MVR
Id State VPLS Groups
-------------------------------------------------------------------------------
No MVR SAPs found.
===============================================================================
*A:7705:Dut-C#
*A:7705:Dut-C# show service id 1 mld-snooping all
===============================================================================
MLD Snooping info for service 1
===============================================================================
-------------------------------------------------------------------------------
MLD Snooping Base info
-------------------------------------------------------------------------------
Admin State : Up
Querier : fe80::12 on SAP 1/9/7:34
-------------------------------------------------------------------------------
Sap/Sdp Oper MRtr Send Max Num MVR Num
Id State Port Queries Groups From-VPLS Groups
-------------------------------------------------------------------------------
sap:1/9/7:12 Up No Disabled No Limit Local 1
sap:1/9/7:34 Up Yes Disabled No Limit Local 0
sdp:21:1 Up No Disabled No Limit N/A 1
sdp:23:1 Up No Disabled No Limit N/A 1
-------------------------------------------------------------------------------
MLD Snooping Querier info
-------------------------------------------------------------------------------
Sap Id : 1/9/7:34
IP Address : fe80::12
Expires : 125s
Up Time : 0d 00:00:38
Version : 2
General Query Interval : 63s
Query Response Interval : 1.0s
Robust Count : 2
-------------------------------------------------------------------------------
MLD Snooping Multicast Routers
-------------------------------------------------------------------------------
MRouter
Sap/Sdp Id Up Time Expires Version
-------------------------------------------------------------------------------
fe80::12
1/9/7:34 0d 00:00:38 125s 2
-------------------------------------------------------------------------------
Number of mrouters: 1
-------------------------------------------------------------------------------
MLD Snooping Proxy-reporting DB
-------------------------------------------------------------------------------
Group Address
Mode Up Time Num Sources
-------------------------------------------------------------------------------
ff05::1
include 0d 00:00:38 1
-------------------------------------------------------------------------------
Number of groups: 1
-------------------------------------------------------------------------------
MLD Snooping SAP 1/9/7:12 Port-DB
-------------------------------------------------------------------------------
Group Address
Mode Type From-VPLS Up Time Expires Num MC
Src Stdby
-------------------------------------------------------------------------------
ff05::1
include dynamic local 0d 00:00:35 0s 1
-------------------------------------------------------------------------------
Number of groups: 1
-------------------------------------------------------------------------------
MLD Snooping SAP 1/9/7:34 Port-DB
-------------------------------------------------------------------------------
Group Address
Mode Type From-VPLS Up Time Expires Num MC
Src Stdby
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Number of groups: 0
-------------------------------------------------------------------------------
MLD Snooping SDP 21:1 Port-DB
-------------------------------------------------------------------------------
Group Address
Mode Type From-VPLS Up Time Expires Num Src
-------------------------------------------------------------------------------
ff05::1
include dynamic N/A 0d 00:00:38 0s 1
-------------------------------------------------------------------------------
Number of groups: 1
-------------------------------------------------------------------------------
MLD Snooping SDP 23:1 Port-DB
-------------------------------------------------------------------------------
Group Address
Mode Type From-VPLS Up Time Expires Num Src
-------------------------------------------------------------------------------
ff05::1
include dynamic N/A 0d 00:00:35 0s 1
-------------------------------------------------------------------------------
Number of groups: 1
-------------------------------------------------------------------------------
MLD Snooping Static Source Groups
-------------------------------------------------------------------------------
MLD Snooping Static Source Groups for SAP 1/10/6
-------------------------------------------------------------------------------
Source Group
-------------------------------------------------------------------------------
2011::5 ff05::1
-------------------------------------------------------------------------------
Static (*,G)/(S,G) entries: 1
-------------------------------------------------------------------------------
MLD Snooping Statistics
-------------------------------------------------------------------------------
Message Type Received Transmitted Forwarded
-------------------------------------------------------------------------------
General Queries 19 0 57
Group Queries 0 0 0
Group-Source Queries 0 0 0
V1 Reports 0 0 0
V2 Reports 53 19 0
V1 Done 0 0 0
Unknown Type 0 N/A 0
-------------------------------------------------------------------------------
Drop Statistics
-------------------------------------------------------------------------------
Bad Length : 0
Bad MLD Checksum : 0
Bad Encoding : 0
No Router Alert : 0
Zero Source IP : 0
Wrong Version : 0
Lcl-Scope Packets : 0
Rsvd-Scope Packets : 0
Send Query Cfg Drops : 0
Import Policy Drops : 0
Exceeded Max Num Groups : 0
MCAC Policy Drops : 0
MCS Failures : 0
MVR From VPLS Cfg Drops : 0
MVR To SAP Cfg Drops : 0
-------------------------------------------------------------------------------
MLD Snooping Multicast VPLS Registration info
-------------------------------------------------------------------------------
MLD Snooping Admin State : Up
MVR Admin State : Down
MVR Policy : None
-------------------------------------------------------------------------------
Local SAPs/SDPs
-------------------------------------------------------------------------------
Svc Id Sap/Sdp Oper From Num Local
Id State VPLS Groups
-------------------------------------------------------------------------------
1 sap:1/9/7:12 Up Local 1
1 sap:1/9/7:34 Up Local 0
1 sdp:21:1 Up N/A 1
1 sdp:23:1 Up N/A 1
-------------------------------------------------------------------------------
MVR SAPs (from-vpls=1)
-------------------------------------------------------------------------------
Svc Id Sap/Sdp Oper From Num MVR
Id State VPLS Groups
-------------------------------------------------------------------------------
No MVR SAPs found.
===============================================================================
*A:7705:Dut-C#
|
Label |
Description |
|---|---|
|
IGMP Snooping info for service id MLD Snooping info for service id |
Shows the service id for which snooping applies |
|
IGMP Snooping Base info MLD Snooping Base info |
|
|
Admin State |
The administrative state of the IGMP or MLD instance |
|
Querier |
The address of the IGMP or MLD querier on the IP subnet to which the interface is attached |
|
Sap/Sdp Id |
The SAP IDs and SDP IDs for the service ID |
|
Oper Stat |
The operational state of the SAP IDs and SDP IDs of the service ID |
|
MRtr Port |
Specifies whether the port is a multicast router port |
|
Pim Port |
(IGMP only) Specifies whether the port is a PIM port |
|
Send Qrys Send Queries |
Specifies whether the send-queries command is enabled or disabled |
|
Max Grps |
(IGMP only) The maximum number of multicast groups for the entry |
|
Max Srcs |
(IGMP only) The maximum number of multicast sources for the entry |
|
Max Grp Srcs |
(IGMP only) The maximum number of multicast group sources for the entry |
|
Max Num Groups |
(MLD only) The maximum number of multicast groups that can be joined on this SAP or SDP |
|
MVR From-VPLS |
Specifies multicast VPLS registration (MVR) from VPLS |
|
Num Grps Num Groups |
The actual number of multicast groups that can be joined on this SAP or SDP |
|
IGMP Snooping Querier info MLD Snooping Querier info |
|
|
Sap Id |
The SAP ID of the service |
|
IP Address |
The IP address of the querier |
|
Expires |
The length of time remaining before this query ages out, in seconds |
|
Up Time |
The length of time that the query has been enabled |
|
Version |
The configured version of IGMP or MLD |
|
General Query Interval |
The frequency at which host-query packets are transmitted |
|
Query Response Interval |
The time to wait to receive a response to the host-query message from the host |
|
Robust Count |
The number of IGMP or MLD message intervals that are used when there is expected packet loss on the SAP or SDP. Robust count is similar to a retry counter, where the number of retries is robust count minus 1. |
|
IGMP Snooping Multicast Routers MLD Snooping Multicast Routers |
|
|
MRouter |
The IP address of the multicast router |
|
Sap/Sdp Id |
The SAP ID or SDP ID connected to the multicast router |
|
Up Time |
The time since the multicast router was created |
|
Expires |
The length of time remaining before this entry ages out, in seconds |
|
Version |
The version of IGMP or MLD used by the multicast router |
|
Number of mrouters |
The number of multicast routers connected to this VPLS |
|
IGMP Snooping Proxy-reporting DB MLD Snooping Proxy-reporting DB |
|
|
Group Address |
The IP multicast group address for which this entry contains information |
|
Mode |
The type of membership reports received on the interface for the group: include or exclude Include – reception of packets sent to the specified multicast address is requested only from those IP source addresses listed in the source-list parameter of the IGMP or MLD membership report Exclude – reception of packets sent to the given multicast address is requested from all IP source addresses except those listed in the source-list parameter of the IGMP or MLD membership report |
|
Up Time |
The total operational time in seconds |
|
Num Sources |
The number of IGMP or MLD group-specific and source-specific queries received on this interface |
|
Number of groups |
The number of IGMP groups |
|
IGMP Snooping SAP Port-DB MLD Snooping SAP Port-DB |
|
|
Group Address |
The IP multicast group address for which this entry contains information |
|
Mode |
The type of membership reports received on the interface for the group: include or exclude Include – reception of packets sent to the specified multicast address is requested only from those IP source addresses listed in the source-list parameter of the IGMP or MLD membership report Exclude – reception of packets sent to the given multicast address is requested from all IP source addresses except those listed in the source-list parameter of the IGMP or MLD membership report |
|
Type |
Indicates how this group entry was learned: dynamic or static Dynamic – this group entry was learned by IGMP or MLD Static – this group entry was statically configured |
|
From-VPLS |
The VPLS from which the multicast streams corresponding to the groups learned via this SAP or SDP are copied. If ‟local”, stream comes from its own VPLS. |
|
Up Time |
The time since the source group entry was created |
|
Expires |
The length of time remaining before this entry ages out, in seconds |
|
Num Src |
The number of IGMP or MLD group-specific and source-specific queries received on this SAP |
|
MC Stdby |
The multicast standby state |
|
Number of groups |
The number of groups configured for this SAP |
|
IGMP Snooping SDP Port-DB MLD Snooping SDP Port-DB |
|
|
Group Address |
The IP multicast group address for which this entry contains information |
|
Mode |
The type of membership reports received on the interface for the group: include or exclude Include – reception of packets sent to the specified multicast address is requested only from those IP source addresses listed in the source-list parameter of the IGMP or MLD membership report Exclude – reception of packets sent to the given multicast address is requested from all IP source addresses except those listed in the source-list parameter of the IGMP or MLD membership report |
|
Type |
Indicates how this group entry was learned: dynamic or static Dynamic – this group entry was learned by IGMP or MLD Static – this group entry was statically configured |
|
From-VPLS |
The VPLS from which the multicast streams corresponding to the groups learned via this SAP or SDP are copied. If ‟local”, stream comes from its own VPLS. |
|
Up Time |
The time since the source group entry was created |
|
Expires |
The length of time remaining before this entry ages out, in seconds |
|
Num Src |
The number of IGMP or MLD group-specific and source-specific queries received on this SDP |
|
Number of groups |
The number of groups configured for this SDP |
|
IGMP Snooping Static Source Groups MLD Snooping Static Source Groups |
|
|
IGMP Snooping Static Source Groups for SAP IGMP Snooping Static Source Groups for SDP MLD Snooping Static Source Groups for SAP MLD Snooping Static Source Groups for SDP |
|
|
Source |
The source IP address of the static group |
|
Group |
The group IP address of the static (S,G) or (*,G) |
|
Static (*,G)/(S,G) entries |
The number of static (S,G) or (*, G) entries |
|
IGMP Snooping Statistics MLD Snooping Statistics |
|
|
Message Type |
The column heading for IGMP or MLD snooping messages |
|
General Queries |
The number of general query messages received, transmitted, and forwarded |
|
Group Queries |
The number of group query messages received, transmitted, and forwarded |
|
Group-Source Queries |
The number of group-source query messages received, transmitted, and forwarded |
|
V1 Reports |
The number of IGMPv1 or MLDv1 report messages received, transmitted, and forwarded |
|
V2 Reports |
The number of IGMPv2 or MLDv2 report messages received, transmitted, and forwarded |
|
V3 Reports |
(IGMP only) The number of IGMPv3 report messages received, transmitted, and forwarded |
|
V2 Leaves |
(IGMP only) The number of IGMPv2 leave messages received, transmitted, and forwarded |
|
V1 Done |
(MLD only) The number of MLDv1 done messages received, transmitted, and forwarded |
|
Unknown Type |
The number of unknown type messages received, transmitted, and forwarded |
|
Drop Statistics |
|
|
Bad Length |
The number of packets dropped due to bad length |
|
Bad IP Checksum |
(IGMP only) The number of packets dropped due to a bad IP checksum |
|
Bad IGMP Checksum Bad MLD Checksum |
The number of packets dropped due to a bad IGMP or MLD checksum |
|
Bad Encoding |
The number of packets dropped due to bad encoding |
|
No Router Alert |
The number of packets dropped because there was no router alert |
|
Zero Source IP |
The number of packets dropped due to a source IP address of 0.0.0.0 or 00:00:00:00:00:00:00:00 |
|
Wrong Version |
The number of packets dropped due to a wrong version of IGMP or MLD |
|
Lcl-Scope Packets |
The number of local scope packets dropped |
|
Rsvd-Scope Packets |
The number of reserved scope packets dropped |
|
Send Query Cfg Drops |
The number of messages dropped because of send query configuration errors |
|
Import Policy Drops |
The number of messages dropped because of import policy |
|
Exceeded Max Num Groups |
The number of packets dropped because the maximum number of groups has been exceeded |
|
Exceeded Max Num Sources |
(IGMP only) The number of packets dropped because the maximum number of sources has been exceeded |
|
Exceeded Max Num Grp Srcs |
(IGMP only) The number of packets dropped because the maximum number of group sources has been exceeded |
|
MCAC Policy Drops |
The number of packets dropped due to multicast CAC |
|
MCS Failures |
The number of packets dropped due to multicast server (MCS) failures |
|
MVR From VPLS Cfg Drops |
The number of packets dropped due to VPLS configuration multicast VPLS registration (MVR) |
|
MVR To SAP Cfg Drops |
The number of packets dropped due to SAP configuration |
|
IGMP Snooping Multicast VPLS Registration info MLD Snooping Multicast VPLS Registration info |
|
|
IGMP Snooping Admin State MLD Snooping Admin State |
The administrative state of IGMP or MLD snooping |
|
MVR Admin State |
The administrative state of received MVR |
|
MVR Policy |
The MVR policy |
|
Local SAPs/SDPs |
|
|
Svc Id |
The service identifier for this SAP or SDP entry |
|
Sap/Sdp Id |
The local SAP or SDP identifier |
|
Oper State |
The operational state of this SAP or SDP |
|
From VPLS |
The VPLS from which the multicast streams corresponding to the groups learned via this SAP or SDP are copied. If ‟local”, stream comes from its own VPLS. |
|
Num Local Groups |
The number of local groups associated with this SAP or SDP |
|
MVR SAPs |
|
|
Svc Id |
The service identifier for this SAP or SDP entry |
|
Sap/Sdp Id |
The MVR SAP or SDP identifier |
|
Oper State |
The operational state of this SAP or SDP |
|
From VPLS |
The VPLS from which the multicast streams corresponding to the groups learned via this SAP or SDP are copied. If ‟local”, stream comes from its own VPLS. |
|
Num MVR Groups |
The number of MVR groups associated with this SAP |
base
Syntax
base
Context
show>service>id>igmp-snooping
show>service>id>mld-snooping
Description
This command displays basic information about IGMP snooping or MLD snooping for the VPLS service.
Output
The following outputs are examples of basic IGMP snooping and MLD snooping displays for the specified VPLS service, and Service service-ID IGMP and MLD snooping (base) field descriptions describes the fields.
Output example*A:7705custDoc:Sar18>show>service>id# igmp-snooping base
===============================================================================
IGMP Snooping Base info for service 5007
===============================================================================
Admin State : Down
Querier : No querier found
-------------------------------------------------------------------------------
Sap/Sdp Oper MRtr Pim Send Max Max Max MVR Num
Id Stat Port Port Qrys Grps Srcs Grp From-VPLS Grps
Srcs
-------------------------------------------------------------------------------
sap:1/10/6 Down No No No None None None Local 0
sdp:5007:5007 Down Yes No No None None None N/A 0
===============================================================================
*A:7705custDoc:Sar18>show>service>id# igmp-snooping
*A:7705custDoc:Sar18>show>service>id# mld-snooping base
===============================================================================
MLD Snooping Base info for service 5001
===============================================================================
Admin State : Down
Querier : No querier found
-------------------------------------------------------------------------------
Sap/Sdp Oper MRtr Send Max Num MVR Num
Id State Port Queries Groups From-VPLS Groups
-------------------------------------------------------------------------------
sap:1/6/4 Down No Disabled No Limit Local 0
sdp:5001:5001 Down No Disabled No Limit N/A 0
===============================================================================
*A:7705custDoc:Sar18>show>service>id#
Label |
Description |
|---|---|
Admin State |
The administrative state of the IGMP or MLD instance |
Querier |
The address of the IGMP or MLD querier on the IP subnet to which the interface is attached |
Sap/Sdp Id |
The SAP IDs and SDP IDs for the service ID |
Oper Stat |
The operational state of the SAP IDs and SDP IDs of the service ID |
MRtr Port |
Specifies whether the port is a multicast router port |
Pim Port |
(IGMP only) Specifies whether the port is a PIM port |
Send Qrys Send Queries |
Specifies whether the send-queries command is enabled or disabled |
Max Grps |
(IGMP only) The maximum number of multicast groups for the entry |
Max Srcs |
(IGMP only) The maximum number of multicast sources for the entry |
Max Grp Srcs |
(IGMP only) The maximum number of multicast group sources for the entry |
Max Num Groups |
(MLD only) The maximum number of multicast groups that can be joined on this SAP or SDP |
MVR From-VPLS |
Specifies MVR from VPLS |
Num Grps Num Groups |
The actual number of multicast groups that can be joined on this SAP or SDP |
port-db
Syntax
port-db sap sap-id [detail]
port-db sap sap-id group grp-ip-address
port-db sap sap-id group grp-ipv6-address
port-db sdp sdp-id:vc-id [detail]
port-db sdp sdp-id:vc-id group grp-ip-address
port-db sdp sdp-id:vc-id group grp-ipv6-address
Context
show>service>id>igmp-snooping
show>service>id>mld-snooping
Description
This command displays information on the IGMP or MLD snooping port database for the VPLS service.
Parameters
- grp-ip-address
displays the IGMP snooping port database for the specified multicast group address
- grp-ipv6-address
displays the MLD snooping port database for the specified multicast group address
- sap-id
displays the IGMP or MLD snooping port database for the specified SAP. See SAP ID configurations for a full list of SAP IDs.
- sdp-id
displays the IGMP or MLD snooping port database for the specified SDP. For a spoke SDP, the VC ID must be specified; for a mesh SDP, the VC ID is optional.
- vc-id
the virtual circuit ID on the SDP ID for which to display information
Output
The following outputs are examples of port database information for IGMP snooping and MLD snooping displays for the specified VPLS service, and Service service-ID IGMP and MLD snooping (port-DB) field descriptions describes the fields.
Output example (IGMP snooping)*A:7705custDoc:Sar18>show>service>id>igmp-snooping# port-db sap 1/10/6
===============================================================================
IGMP Snooping SAP 1/10/6 Port-DB for service 5007
===============================================================================
Group Address Mode Type From-VPLS Up Time Expires Num MC
Src Stdby
-------------------------------------------------------------------------------
10.0.0.2 exclude static local 29d 01:28:14 never 0
10.0.0.3 include static local 29d 01:27:34 never 2
-------------------------------------------------------------------------------
Number of groups: 2
===============================================================================
*A:7705custDoc:Sar18>show>service>id>igmp-snooping# port-db sap 1/10/6 detail
===============================================================================
IGMP Snooping SAP 1/10/6 Port-DB for service 5007
===============================================================================
-------------------------------------------------------------------------------
IGMP Group 10.0.0.2
-------------------------------------------------------------------------------
Mode : exclude Type : static
Up Time : 29d 01:28:18 Expires : never
Compat Mode : IGMP Version 3
V1 Host Expires : 0s V2 Host Expires : 0s
MVR From-VPLS : local MVR To-SAP : local
MC Standby : no
-------------------------------------------------------
Source Address Up Time Expires Type Fwd/Blk
-------------------------------------------------------
No sources.
-------------------------------------------------------------------------------
IGMP Group 10.0.0.3
-------------------------------------------------------------------------------
Mode : include Type : static
Up Time : 29d 01:27:38 Expires : never
Compat Mode : IGMP Version 3
V1 Host Expires : 0s V2 Host Expires : 0s
MVR From-VPLS : local MVR To-SAP : local
MC Standby : no
-------------------------------------------------------
Source Address Up Time Expires Type Fwd/Blk
-------------------------------------------------------
10.12.12.12 29d 01:27:38 never static Fwd
10.12.13.13 29d 01:21:48 never static Fwd
-------------------------------------------------------------------------------
Number of groups: 2
===============================================================================
*A:7705:Dut-C# show service id 1 igmp-snooping port-db sdp 23:1
===============================================================================
IGMP Snooping SDP 23:1 Port-DB for service 1
===============================================================================
Group Address Mode Type From-VPLS Up Time Expires Num Src
-------------------------------------------------------------------------------
10.0.0.1 include dynamic N/A 0d 00:10:48 0s 2
-------------------------------------------------------------------------------
Number of groups: 1
===============================================================================
*A:7705:Dut-C#
*A:7705custDoc:Sar18>show>service>id>mld-snooping# port-db sap 1/10/6
===============================================================================
MLD Snooping SAP 1/10/6 Port-DB for service 5007
===============================================================================
Group Address
Mode Type From-VPLS Up Time Expires Num MC
Src Stdby
-------------------------------------------------------------------------------
ff05::1
include static local 39d 06:42:40 never 1
-------------------------------------------------------------------------------
Number of groups: 1
===============================================================================
*A:7705custDoc:Sar18>show>service>id>mld-snooping# port-db sap 1/10/6 detail
===============================================================================
MLD Snooping SAP 1/10/6 Port-DB for service 5007
===============================================================================
-------------------------------------------------------------------------------
MLD Group ff05::1
-------------------------------------------------------------------------------
Mode : include Type : static
Up Time : 38d 02:54:18 Expires : never
Compat Mode : MLD Version 2
V1 Host Expires : 0s :
MVR From-VPLS : local MVR To-SAP : local
MC Standby : no
-------------------------------------------------------
Source Address
Up Time Expires Type Fwd/Blk
-------------------------------------------------------
2011::5
38d 02:54:18 never static Fwd
-------------------------------------------------------------------------------
Number of groups: 1
===============================================================================
*A:7705custDoc:Sar18>show>service>id>mld-snooping#
*A:7705custDoc:Sar18>show>service>id>mld-snooping# port-db sdp 5007:5007
===============================================================================
MLD Snooping SDP 5007:5007 Port-DB for service 5007
===============================================================================
Group Address
Mode Type From-VPLS Up Time Expires Num Src
-------------------------------------------------------------------------------
ff05::1
exclude static N/A 39d 06:45:13 never 0
-------------------------------------------------------------------------------
Number of groups: 1
===============================================================================
*A:7705custDoc:Sar18>show>service>id>mld-snooping# port-db sdp 5007:5007 detail
===============================================================================
MLD Snooping SDP 5007:5007 Port-DB for service 5007
===============================================================================
-------------------------------------------------------------------------------
MLD Group ff05::1
-------------------------------------------------------------------------------
Mode : exclude Type : static
Up Time : 39d 06:45:17 Expires : never
Compat Mode : MLD Version 2
V1 Host Expires : 0s :
MVR From-VPLS : N/A MVR To-SAP : N/A
-------------------------------------------------------
Source Address
Up Time Expires Type Fwd/Blk
-------------------------------------------------------
No sources.
-------------------------------------------------------------------------------
Number of groups: 1
===============================================================================
|
Label |
Description |
|---|---|
|
Group Address |
The IP multicast group address for which this entry contains information |
|
Mode |
The type of membership reports received on the interface for the group: include or exclude Include – reception of packets sent to the specified multicast address is requested only from those IP source addresses listed in the source-list parameter of the IGMP or MLD membership report Exclude – reception of packets sent to the given multicast address is requested from all IP source addresses except those listed in the source-list parameter |
|
Type |
Indicates how this group entry was learned: dynamic or static Dynamic – this group entry was learned by IGMP or MLD Static – this group entry was statically configured |
|
From-VPLS |
The VPLS from which the multicast streams corresponding to the groups learned via this SAP or SDP are copied. If ‟local”, stream comes from its own VPLS. |
|
Up Time |
The time since the source group entry was created |
|
Expires |
The length of time remaining before this entry ages out, in seconds |
|
Num Src |
Indicates the number of IGMP or MLD group and source specific queries received on this SAP |
|
MC Stdby |
(SAP only) Indicates the multicast standby state |
|
Number of groups |
Indicates the number of groups configured for this SAP or SDP |
|
IGMP Group MLD Group |
The IPv4 or IPv6 multicast group address for which this entry contains information |
|
Compat Mode |
The IGMP or MLD compatibility mode. This is used in order for routers to be compatible with older version routers. IGMPv3 hosts must operate in version 1 and version 2 compatibility modes; MLD must operate in version 1 mode. IGMPv3 and MLDv2 hosts must track the compatibility mode of each attached network on a per-local-interface basis. A host's compatibility mode is determined from the host compatibility mode variable, which can be in one of three states for IGMP (IGMPv1, IGMPv2, or IGMPv3) or one of two states for MLD (MLDv1 or MLDv2). The compatibility mode variable is kept on a per-interface basis and is dependent on the version of general queries heard on that interface and the older version querier present timers for the interface. |
|
V1 Host Expires |
The time remaining until the local router assumes that there are no longer any IGMPv1 members on the IP subnet attached to this interface. Upon receiving an IGMPv1 membership report, this value is reset to the setting of the group membership timer. While the time remaining on the timer is non-zero, the local router ignores any IGMPv3 leave messages for this group that are received on this interface. |
|
V2 Host Expires |
The time remaining until the local router assumes that there are no longer any IGMPv2 members on the IP subnet attached to this interface. Upon receiving an IGMPv2 membership report, this value is reset to the setting of the group membership timer. While the time remaining on the timer is non-zero, the local router ignores any IGMPv3 leave messages for this group that are received on this interface. |
|
MVR From-VPLS |
The VPLS from which the multicast VPLS registration (MVR) streams corresponding to the groups learned via this SAP or SDP are copied. If ‟local”, it is from its own VPLS. |
|
MVR To-SAP |
The SAP to which the multicast VPLS registration (MVR) streams corresponding to the groups learned via this SAP or SDP are copied. If ‟local”, it is from its own VPLS. |
|
Source Address |
The source address for which this entry contains information |
|
Fwd/Blk |
Indicates whether the corresponding multicast stream will be blocked or forwarded |
proxy-db
Syntax
proxy-db [detail]
proxy-db group grp-ip-address
proxy-db group grp-ipv6-address
Context
show>service>id>igmp-snooping
show>service>id>mld-snooping
Description
This command displays information on the IGMP or MLD snooping proxy reporting database for the VPLS service.
Parameters
- grp-ip-address
displays the IGMP snooping proxy reporting database for the specified multicast group address
- grp-ipv6-address
displays the MLD snooping proxy reporting database for the specified multicast group address
Output
The following outputs are examples of proxy reporting database information for IGMP snooping and MLD snooping displays for the specified VPLS service, and Service service-ID IGMP and MLD snooping (proxy-DB) field descriptions describes the fields.
Output example*A:7705:Dut-C# show service id 1 igmp-snooping proxy-db detail
===============================================================================
IGMP Snooping Proxy-reporting DB for service 1
===============================================================================
-------------------------------------------------------------------------------
IGMP Group 10.0.0.1
-------------------------------------------------------------------------------
Up Time : 0d 00:03:21 Mode : exclude
------------------------------
Source Address Up Time
------------------------------
No sources.
-------------------------------------------------------------------------------
Number of groups: 1
===============================================================================
*A:7705:Dut-C#
*A:7705:Sar18>show>service>id>igmp-snooping# proxy-db detail
===============================================================================
IGMP Snooping Proxy-reporting DB for service 5007
===============================================================================
-------------------------------------------------------------------------------
IGMP Group 10.0.0.2
-------------------------------------------------------------------------------
Up Time : 28d 01:13:36 Mode : exclude
------------------------------
Source Address Up Time
------------------------------
No sources.
-------------------------------------------------------------------------------
IGMP Group 10.0.0.3
-------------------------------------------------------------------------------
Up Time : 28d 01:12:56 Mode : include
------------------------------
Source Address Up Time
------------------------------
10.12.12.12 28d 01:12:56
10.12.13.13 28d 01:07:06
-------------------------------------------------------------------------------
Number of groups: 2
===============================================================================
*A:7705:Sar18>show>service>id>igmp-snooping# proxy-db group 10.0.0.3
===============================================================================
IGMP Snooping Proxy-reporting DB for service 5007
===============================================================================
-------------------------------------------------------------------------------
IGMP Group 10.0.0.3
-------------------------------------------------------------------------------
Up Time : 28d 01:25:31 Mode : include
------------------------------
Source Address Up Time
------------------------------
10.12.12.12 28d 01:25:31
10.12.13.13 28d 01:19:41
===============================================================================
*A:7705:Dut-C# show service id 1 mld-snooping proxy-db
===============================================================================
MLD Snooping Proxy-reporting DB for service 1
===============================================================================
Group Address
Mode Up Time Num Sources
-------------------------------------------------------------------------------
ff05::1
exclude 0d 00:02:18 0
-------------------------------------------------------------------------------
Number of groups: 1
===============================================================================
*A:7705:Dut-C#
Label |
Description |
|---|---|
IGMP Group Address |
The IP multicast group address for which this entry contains information |
Up Time |
The time since the source group entry was created |
Mode |
The type of membership reports received on the interface for the group: include or exclude Include – reception of packets sent to the specified multicast address is requested only from those IP source addresses listed in the source-list parameter of the IGMP or MLD membership report Exclude – reception of packets sent to the given multicast address is requested from all IP source addresses except those listed in the source-list parameter |
Source Address |
The source address for which this entry contains information |
Num Sources |
Indicates the number of IGMP or MLD group and source specific queries received on this SAP |
Number of groups |
Indicates the number of groups configured for this SAP or SDP |
querier
Syntax
querier
Context
show>service>id>igmp-snooping
show>service>id>mld-snooping
Description
This command displays information on the current IGMP or MLD snooping querier for the VPLS service.
Output
The following outputs are examples of querier information for IGMP snooping and MLD snooping displays for the specified VPLS service, and Service service-ID IGMP and MLD snooping (querier) field descriptions describes the fields.
Output example*A:ALA-1>show>service>id>igmp-snooping# querier
===============================================================================
IGMP Snooping Querier info for service 10
===============================================================================
Sap Id : 1/1/1
IP Address : 10.10.10.1
Expires : 6s
Up Time : 0d 00:56:50
Version : 3
General Query Interval : 5s
Query Response Interval : 2.0s
Robust Count : 2
===============================================================================
*A:ALA-1>show>service>id>snooping#
Label |
Description |
|---|---|
SAP Id |
The SAP ID of the service |
IP Address |
The IP address of the querier |
Expires |
The length of time remaining before this query ages out, in seconds |
Up Time |
The length of time that the query has been enabled |
Version |
The configured version of IGMP or MLD |
General Query Interval |
The frequency at which host-query packets are transmitted |
Query Response Interval |
The time to wait to receive a response to the host-query message from the host |
Robust Count |
The number of IGMP or MLD message intervals that are used when there is expected packet loss on the SAP or SDP. Robust count is similar to a retry counter, where the number of retries is robust count minus one packet. |
static
Syntax
static [sap sap-id | sdp sdp-id:vc-id]
Context
show>service>id>igmp-snooping
show>service>id>mld-snooping
Description
This command displays information on static IGMP or MLD snooping source group membership for the VPLS service.
Parameters
- sap-id
displays static IGMP or MLD snooping source groups for the specified SAP. See SAP ID configurations for a full list of SAP IDs.
- sdp-id
displays the IGMP or MLD snooping source groups for the specified SDP
- vc-id
the virtual circuit ID on the SDP ID for which to display information
Output
The following outputs are examples of static SAP or SDP multicast source and group information for IGMP snooping and MLD snooping displays for the specified VPLS service, and Service service-ID IGMP and MLD snooping (static) field descriptions describes the fields.
Output example*A:7705custDoc:Sar18>show>service>id>igmp-snooping# static
===============================================================================
IGMP Snooping Static Source Groups for service 5007
===============================================================================
-------------------------------------------------------------------------------
IGMP Snooping Static Source Groups for SAP 1/10/6
-------------------------------------------------------------------------------
Source Group
-------------------------------------------------------------------------------
* 10.0.0.2
10.12.12.12 10.0.0.3
10.12.13.13 10.0.0.3
-------------------------------------------------------------------------------
Static (*,G)/(S,G) entries: 3
-------------------------------------------------------------------------------
IGMP Snooping Static Source Groups for SDP 5007:5007
-------------------------------------------------------------------------------
Source Group
-------------------------------------------------------------------------------
10.12.0.12 10.0.0.1
10.12.0.13 10.0.0.1
10.12.0.14 10.0.0.1
-------------------------------------------------------------------------------
Static (*,G)/(S,G) entries: 3
===============================================================================
*A:7705custDoc:Sar18>show>service>id>igmp-snooping#
*A:7705custDoc:Sar18>show>service>id>igmp-snooping# static sap 1/10/6
===============================================================================
IGMP Snooping Static Source Groups for SAP 1/10/6 (service 5007)
===============================================================================
Source Group
-------------------------------------------------------------------------------
* 10.0.0.2
10.12.12.12 10.0.0.3
10.12.13.13 10.0.0.3
-------------------------------------------------------------------------------
Static (*,G)/(S,G) entries: 3
===============================================================================
*A:7705custDoc:Sar18>show>service>id>igmp-snooping#
*A:7705custDoc:Sar18>show>service>id>igmp-snooping# static sdp 5007:5007
===============================================================================
IGMP Snooping Static Source Groups for SDP 5007:5007 (service 5007)
===============================================================================
Source Group
-------------------------------------------------------------------------------
10.10.0.12 10.0.0.1
10.10.0.13 10.0.0.1
10.12.0.14 10.0.0.1
-------------------------------------------------------------------------------
Static (*,G)/(S,G) entries: 3
===============================================================================
*A:7705custDoc:Sar18>show>service>id>mld-snooping# static sdp 5007:5007
===============================================================================
MLD Snooping Static Source Groups for SDP 5007:5007 (service 5007)
===============================================================================
Source
Group
-------------------------------------------------------------------------------
*
ff05::1
-------------------------------------------------------------------------------
Static (*,G)/(S,G) entries: 1
===============================================================================
Label |
Description |
|---|---|
Source |
The source IP address of the static group |
Group |
The group IP address of the static (S,G) or (*/G) |
Static (*,G)/(S,G) entries |
The number of static (S,G) or (*, G) entries |
statistics
Syntax
statistics [sap sap-id | sdp sdp-id:vc-id]
Context
show>service>id>igmp-snooping
show>service>id>mld-snooping
Description
This command displays IGMP or MLD snooping statistics information for the specified VPLS SAP or SDP.
Parameters
- sap-id
displays IGMP or MLD snooping statistics for the specified SAP. See SAP ID configurations for a full list of SAP IDs.
- sdp-id
displays the IGMP or MLD snooping statistics for the specified SDP
- vc-id
the virtual circuit ID on the SDP ID for which to display information
Output
The following outputs are examples of multicast statistics for SAPs and SDPs for IGMP snooping and MLD snooping displays for the specified VPLS service, and Service service-ID IGMP and MLD snooping (statistics) field descriptions describes the fields.
Output example*A:7705custDoc:Sar18>show>service>id>igmp-snooping# statistics sap 1/10/6
===============================================================================
IGMP Snooping Statistics for SAP 1/10/6 (service 5007)
===============================================================================
Message Type Received Transmitted Forwarded
-------------------------------------------------------------------------------
General Queries 0 0 0
Group Queries 0 0 0
Group-Source Queries 0 0 0
V1 Reports 0 0 0
V2 Reports 0 0 0
V3 Reports 0 0 0
V2 Leaves 0 0 0
Unknown Type 0 N/A 0
-------------------------------------------------------------------------------
Drop Statistics
-------------------------------------------------------------------------------
Bad Length : 0
Bad IP Checksum : 0
Bad IGMP Checksum : 0
Bad Encoding : 0
No Router Alert : 0
Zero Source IP : 0
Wrong Version : 0
Lcl-Scope Packets : 0
Rsvd-Scope Packets : 0
Send Query Cfg Drops : 0
Import Policy Drops : 0
Exceeded Max Num Groups : 0
Exceeded Max Num Sources : 0
Exceeded Max Num Grp Srcs: 0
MCAC Policy Drops : 0
MCS Failures : 0
MVR From VPLS Cfg Drops : 0
MVR To SAP Cfg Drops : 0
===============================================================================
*A:7705custDoc:Sar18>show>service>id>igmp-snooping#
*A:7705custDoc:Sar18>show>service>id>igmp-snooping# statistics sdp 5007:5007
===============================================================================
IGMP Snooping Statistics for SDP 5007:5007 (service 5007)
===============================================================================
Message Type Received Transmitted Forwarded
-------------------------------------------------------------------------------
General Queries 0 0 0
Group Queries 0 0 0
Group-Source Queries 0 0 0
V1 Reports 0 0 0
V2 Reports 0 0 0
V3 Reports 0 0 0
V2 Leaves 0 0 0
Unknown Type 0 N/A 0
-------------------------------------------------------------------------------
Drop Statistics
-------------------------------------------------------------------------------
Bad Length : 0
Bad IP Checksum : 0
Bad IGMP Checksum : 0
Bad Encoding : 0
No Router Alert : 0
Zero Source IP : 0
Wrong Version : 0
Lcl-Scope Packets : 0
Rsvd-Scope Packets : 0
Send Query Cfg Drops : 0
Import Policy Drops : 0
Exceeded Max Num Groups : 0
Exceeded Max Num Sources : 0
Exceeded Max Num Grp Srcs: 0
MCAC Policy Drops : 0
===============================================================================
*A:7705custDoc:Sar18>show>service>id>igmp-snooping#
*A:7705custDoc:Sar18>show>service>id>mld-snooping# statistics sap 1/10/6
===============================================================================
MLD Snooping Statistics for SAP 1/10/6 (service 5007)
===============================================================================
Message Type Received Transmitted Forwarded
-------------------------------------------------------------------------------
General Queries 0 0 0
Group Queries 0 0 0
Group-Source Queries 0 0 0
V1 Reports 0 0 0
V2 Reports 0 0 0
V1 Done 0 0 0
Unknown Type 0 N/A 0
-------------------------------------------------------------------------------
Drop Statistics
-------------------------------------------------------------------------------
Bad Length : 0
Bad MLD Checksum : 0
Bad Encoding : 0
No Router Alert : 0
Zero Source IP : 0
Wrong Version : 0
Lcl-Scope Packets : 0
Rsvd-Scope Packets : 0
Send Query Cfg Drops : 0
Import Policy Drops : 0
Exceeded Max Num Groups : 0
MCS Failures : 0
MVR From VPLS Cfg Drops : 0
MVR To SAP Cfg Drops : 0
===============================================================================
*A:7705custDoc:Sar18>show>service>id>mld-snooping# statistics sdp 5007:5007
===============================================================================
MLD Snooping Statistics for SDP 5007:5007 (service 5007)
===============================================================================
Message Type Received Transmitted Forwarded
-------------------------------------------------------------------------------
General Queries 0 0 0
Group Queries 0 0 0
Group-Source Queries 0 0 0
V1 Reports 0 0 0
V2 Reports 0 0 0
V2 Leaves 0 0 0
Unknown Type 0 N/A 0
-------------------------------------------------------------------------------
Drop Statistics
-------------------------------------------------------------------------------
Bad Length : 0
Bad MLD Checksum : 0
Bad Encoding : 0
No Router Alert : 0
Zero Source IP : 0
Wrong Version : 0
Lcl-Scope Packets : 0
Rsvd-Scope Packets : 0
Send Query Cfg Drops : 0
Import Policy Drops : 0
Exceeded Max Num Groups : 0
===============================================================================
Label |
Description |
|---|---|
Message Type |
The column heading for IGMP or MLD snooping messages |
General Queries |
The number of general query messages received, transmitted, and forwarded |
Group Queries |
The number of group query messages received, transmitted, and forwarded |
Group-Source Queries |
The number of group-source query messages received, transmitted, and forwarded |
V1 Reports |
The number of IGMPv1 or MLDv1 report messages received, transmitted, and forwarded |
V2 Reports |
The number of IGMPv2 or MLDv2 report messages received, transmitted, and forwarded |
V3 Reports |
(IGMP only) The number of IGMPv3 report messages received, transmitted, and forwarded |
V2 Leaves |
(IGMP only) The number of IGMP leave messages received, transmitted, and forwarded |
V1 Done |
(MLD only) The number of MLD done messages received, transmitted, and forwarded |
Unknown Type |
The number of unknown type messages received, transmitted, and forwarded |
Drop Statistics |
|
Bad Length |
The number of packets dropped due to bad length |
Bad IP Checksum |
(IGMP only) The number of packets dropped due to a bad IP checksum |
Bad IGMP Checksum Bad MLD Checksum |
The number of packets dropped due to a bad IGMP or MLD checksum |
Bad Encoding |
The number of packets dropped due to bad encoding |
No Router Alert |
The number of packets dropped because there was no router alert |
Zero Source IP |
The number of packets dropped due to a source IP address of 0.0.0.0 or 00:00:00:00:00:00:00:00 |
Wrong Version |
The number of packets dropped due to a wrong version of IGMP or MLD |
Lcl-Scope Packets |
The number of local scope packets dropped |
Rsvd-Scope Packets |
The number of reserved scope packets dropped |
Send Query Cfg Drops |
The number of messages dropped because of send query configuration errors |
Import Policy Drops |
The number of messages dropped because of import policy |
Exceeded Max Num Groups |
The number of packets dropped because the maximum number of groups has been exceeded |
Exceeded Max Num Sources |
The number of packets dropped because the maximum number of sources has been exceeded |
Exceeded Max Num Grp Srcs |
The number of packets dropped because the maximum number of group sources has been exceeded |
MCAC Policy Drops |
The number of packets dropped due to multicast CAC |
MCS Failures |
The number of packets dropped due to multicast server (MCS) failures |
MVR From VPLS Cfg Drops |
The number of packets dropped due to VPLS configuration multicast VPLS registration (MVR) |
MVR To SAP Cfg Drops |
The number of packets dropped due to SAP configuration |
labels
Syntax
labels
Context
show>service>id
Description
This command displays information about ingress and egress labels for the specified service.
Output
The following output is an example of service label information, and Service service-ID (labels) field descriptions describes the fields.
Output example*A:ALU-48>show>service>id# labels
===============================================================================
Martini Service Labels
===============================================================================
Svc Id Sdp Binding Type I.Lbl E.Lbl
-------------------------------------------------------------------------------
5001 5001:100 Spok 0 0
-------------------------------------------------------------------------------
Number of Bound SDPs : 1
-------------------------------------------------------------------------------
Label |
Description |
|---|---|
Svc Id |
The service identifier |
Sdp Binding |
The SDP binding identifier |
Type |
Indicates whether the SDP is spoke or mesh |
I.Lbl |
The ingress label used by the far-end device to send packets to this device in this service by the SDP |
E.Lbl |
The egress label used by this device to send packets to the far-end device in this service by the SDP |
Number of Bound SDPs |
The number of SDP bindings |
mac-move
Syntax
mac-move
Context
show>service>id
Description
This command displays information related to the mac-move feature for the specified service.
Output
The following output is an example of service MAC move information, and Service service-ID (MAC move) field descriptions describes the fields.
Output example*A:ALU-48>show>service>id# mac-move
===============================================================================
Service Mac Move Information
===============================================================================
Service Id : 5001 Mac Move : Disabled
Primary Factor : 3 Secondary Factor : 2
Mac Move Rate : 2 Mac Move Timeout : 10
Mac Move Retries : 3
-------------------------------------------------------------------------------
SAP Mac Move Information: 1/2/4:1/100
-------------------------------------------------------------------------------
Admin State : Up Oper State : Down
Flags : ServiceAdminDown
PortOperDown L2OperDown
Time to RetryReset: never Retries Left : 3
Mac Move : Blockable Blockable Level : Tertiary
-------------------------------------------------------------------------------
SDP Mac Move Information: 5001:100
-------------------------------------------------------------------------------
Admin State : Up Oper State : Down
Flags : SvcAdminDown SdpOperDown
NoIngVCLabel NoEgrVCLabel
PathMTUTooSmall
Time to RetryReset: never Retries Left : 3
Mac Move : Blockable Blockable Level : Tertiary
===============================================================================
*A:ALU-48>show>service>id#
Label |
Description |
|---|---|
Service Id |
The service identifier |
Mac Move |
The administrative state of the MAC movement feature associated with this service |
Primary Factor |
A factor for the primary ports defining how many MAC relearn periods should be used to measure the MAC relearn rate |
Secondary Factor |
A factor for the secondary ports defining how many MAC relearn periods should be used to measure the MAC relearn rate |
Mac Move Rate |
The maximum rate at which MACs can be relearned in this service, before the SAP where the moving MAC was last seen is automatically disabled to protect the system against undetected loops or duplicate MACs. The rate is computed as the maximum number of relearns allowed in a 5-s interval: for example, the default rate of 2 relearns per second corresponds to 10 relearns in a 5-s period. |
Mac Move Timeout |
The time, in seconds, to wait before a SAP that has been disabled after exceeding the maximum relearn rate is re-enabled. A value of 0 indicates that the SAP will not be automatically re-enabled after being disabled. If after the SAP is re-enabled it is disabled again, the effective retry timeout is doubled to avoid thrashing. |
Mac Move Retries |
The number of times retries are performed for re-enabling the SAP or SDP |
SAP Mac Move Information: |
|
Admin State |
The administrative state of the SAP |
Oper State |
The operational state of the SAP |
Flags |
Specifies the conditions that affect the operating status of this SAP. Display output includes: ServiceAdminDown, PortOperDown, L2OperDown. |
Time to RetryReset |
The time, in seconds, to wait before a SAP that has been disabled after exceeding the maximum relearn rate is re-enabled. A value of 0 indicates that the SAP will not be automatically re-enabled after being disabled. If after the SAP is re-enabled it is disabled again, the effective retry timeout is doubled to avoid thrashing. |
Retries Left |
The number of remaining attempts to re-enable the SAP |
Mac Move |
Specifies whether MAC move is configured as blockable or not blockable on the SAP |
Blockable Level |
Specifies the level at which MAC move is blockable on the SAP (primary, secondary, or tertiary) |
SDP Mac Move Information: |
|
Admin State |
The administrative state of the SDP |
Oper State |
The operational state of the SDP |
Flags |
Specifies the conditions that affect the operating status of this SDP. Display output includes: SvcAdminDown, SdpOperDown, NoIngVCLabel, NoEgrVCLabel, PathMTUTooSmall. |
Time to RetryReset |
The time, in seconds, to wait before a SDP that has been disabled after exceeding the maximum relearn rate is re-enabled. A value of 0 indicates that the SDP will not be automatically re-enabled after being disabled. If after the SDP is re-enabled it is disabled again, the effective retry timeout is doubled to avoid thrashing. |
Retries Left |
The number of remaining attempts to re-enable the SDP |
Mac Move |
Specifies whether MAC move is configured as blockable or not blockable on the SDP |
Blockable Level |
Specifies the level at which MAC move is blockable on the SDP (primary, secondary, or tertiary) |
macsec
Syntax
macsec
Context
show>service>id
Description
This command displays MACsec security information for the specified service.
Output
The following output is an example of MACsec information, and Service-ID MACsec field descriptions describes the fields.
Output example*A:ALU-12# show service id 1 macsec
==============================================================================
MACsec (Summary), Service 1
==============================================================================
SAP MACsec MACsec Encap CA tags CA-name
port sub-port match in-clear
-------------------------------------------------------------------------------
1/1/3 1/1/3 1 all 0 ca1
===============================================================================
*A:ALU-12#
|
Label |
Description |
|---|---|
|
SAP |
The service SAP |
|
MACsec port |
The port enabled for MACsec |
| MACsec sub-port |
The subport enabled for MACsec |
|
Encap match |
The traffic encapsulation type to match: all traffic, untagged-only traffic, single-tag or dot1q traffic, double-tag or QinQ traffic |
|
CA tags in-clear |
The number of tags in clear text for this CA |
|
CA-name |
The name of the MACsec connectivity association for this SAP |
sap
Syntax
sap
sap sap-id [atm | base | detail | qos | sap-stats | stats]
Context
show>service>id
Description
This command displays information about SAPs. When the sap command is used without specifying a sap-id, the display shows all the information for all SAPs in the service. Including the sap-id and a filtering keyword with the sap command displays information pertaining to the keyword.
Parameters
- sap-id
specifies the physical port identifier portion of the SAP definition. See SAP ID configurations for a full list of SAP IDs.
- atm
filters the command results to display ATM information for the specified SAP
- base
filters the command results to display base information for the specified SAP
- detail
displays detail information for the specified SAP
- qos
filters the command results to display QoS information for the specified SAP
- sap-stats
filters the command results to display SAP statistics information for the specified SAP
- stats
filters the command results to display statistics information for the specified SAP
Output
The following output is an example of service SAP information, and Service ID (SAP) field descriptions describes the fields.
Output example*A:ALU-48>show>service>id# sap
===============================================================================
SAP(Summary), Service 5001
===============================================================================
PortId SvcId Ing. Ing. Egr. Egr. Adm Opr
QoS Fltr QoS Fltr
-------------------------------------------------------------------------------
1/2/4:1/100 5001 1 none 1 none Up Down
-------------------------------------------------------------------------------
Number of SAPs : 1
-------------------------------------------------------------------------------
===============================================================================
*A:ALU-48>show>service>id#
*A:ALU-48>show>service>id# sap 1/2/4:1/100 detail
===============================================================================
Service Access Points(SAP)
===============================================================================
Service Id : 5001
SAP : 1/2/4:1/100 Encap : atm
Description : (Not Specified)
Admin State : Up Oper State : Down
Flags : ServiceAdminDown
PortOperDown L2OperDown
Multi Svc Site : None
Last Status Change : 10/26/2010 20:13:11
Last Mgmt Change : 10/26/2010 20:13:12
Sub Type : regular
Split Horizon Group: shg5001
Max Nbr of MAC Addr: No Limit Total MAC Addr : 0
Learned MAC Addr : 0 Static MAC Addr : 0
Admin MTU : 1524 Oper MTU : 1524
Ingr IP Fltr-Id : n/a Egr IP Fltr-Id : n/a
Ingr Mac Fltr-Id : n/a Egr Mac Fltr-Id : n/a
Ingr IPv6 Fltr-Id : n/a Egr IPv6 Fltr-Id : n/a
tod-suite : None qinq-pbit-marking : n/a
Ing Scheduler Mode : 16-priority Egr Scheduler Mode: 4-priority
Ing Agg Rate Limit : max Egr Agg Rate Limit: max
Ing Agg cir : 10
Ing Shaper Group : default Egr Shaper Group : default
Q Frame-Based Acct : Disabled
ARP Reply Agent : Disabled Host Conn Verify : Disabled
Mac Learning : Enabled Discard Unkwn Srce: Disabled
Mac Aging : Enabled Mac Pinning : Enabled
BPDU Translation : Disabled
L2PT Termination : Disabled
Vlan-translation : None
Acct. Pol : None Collect Stats : Disabled
Anti Spoofing : None Avl Static Hosts : 0
Tot Static Hosts : 0
Calling-Station-Id : n/a
Application Profile: None
MCAC Policy Name : MCAC Const Adm St : Enable
MCAC Max Unconst BW: no limit MCAC Max Mand BW : no limit
MCAC In use Mand BW: 0 MCAC Avail Mand BW: unlimited
MCAC In use Opnl BW: 0 MCAC Avail Opnl BW: unlimited
Restr MacProt Src : Disabled Restr MacUnpr Dst : Disabled
Time to RetryReset : never Retries Left : 3
Mac Move : Blockable Blockable Level : Tertiary
Egr MCast Grp :
Auth Policy : none
PPPoE Circuit-Id : none
-------------------------------------------------------------------------------
Stp Service Access Point specifics
-------------------------------------------------------------------------------
Stp Admin State : Down Stp Oper State : Down
Core Connectivity : Down
Port Role : N/A Port State : Unknown
Port Number : N/A Port Priority : 128
Port Path Cost : 10 Auto Edge : Enabled
Admin Edge : Disabled Oper Edge : N/A
Link Type : Pt-pt BPDU Encap : Dot1d
Root Guard : Disabled Active Protocol : N/A
Last BPDU from : N/A
CIST Desig Bridge : N/A Designated Port : N/A
Forward transitions: 0 Bad BPDUs rcvd : 0
Cfg BPDUs rcvd : 0 Cfg BPDUs tx : 0
TCN BPDUs rcvd : 0 TCN BPDUs tx : 0
RST BPDUs rcvd : 0 RST BPDUs tx : 0
MST BPDUs rcvd : 0 MST BPDUs tx : 0
-------------------------------------------------------------------------------
QOS
-------------------------------------------------------------------------------
Ingress qos-policy : 1 Egress qos-policy : 1
Shared Q plcy : n/a Multipoint shared : Disabled
I. Sched Pol : (Not Specified)
E. Sched Pol : (Not Specified)
-------------------------------------------------------------------------------
DHCP
-------------------------------------------------------------------------------
Description : (Not Specified)
Admin State : Down Lease Populate : 0
DHCP Snooping : Down Action : Keep
Proxy Admin State : Down
Proxy Lease Time : N/A
Emul. Server Addr : Not Configured
-------------------------------------------------------------------------------
Subscriber Management
-------------------------------------------------------------------------------
Admin State : Down MAC DA Hashing : False
Def Sub-Id : None
Def Sub-Profile : None
Def SLA-Profile : None
Sub-Ident-Policy : None
Subscriber Limit : 1
Single-Sub-Parameters
Prof Traffic Only : False
Non-Sub-Traffic : N/A
-------------------------------------------------------------------------------
Sap Statistics
-------------------------------------------------------------------------------
Last Cleared Time : N/A
Packets Octets
Forwarding Engine Stats (Ingress)
Dropped : 0 n/a
Off. HiPrio : 0 n/a
Off. LowPrio : n/a n/a
Queueing Stats(Ingress QoS Policy 1)
Dro. HiPrio : 0 n/a
Dro. LowPrio : n/a n/a
For. InProf : 0 0
For. OutProf : 0 0
Forwarding Engine Stats (Egress)
Dropped : 0 n/a
Queueing Stats(Egress QoS Policy 1)
Dro. InProf : 0 n/a
Dro. OutProf : n/a n/a
For. InProf : 0 0
For. OutProf : n/a n/a
-------------------------------------------------------------------------------
Sap per Queue stats
-------------------------------------------------------------------------------
Packets Octets
Ingress Queue 1 (Priority)
Off. HiPrio : 0 n/a
Off. LoPrio : n/a n/a
Dro. HiPrio : 0 n/a
Dro. LoPrio : n/a n/a
For. InProf : 0 0
For. OutProf : 0 0
Egress Queue 1
For. InProf : 0 0
For. OutProf : n/a n/a
Dro. InProf : 0 n/a
Dro. OutProf : n/a n/a
Ingress Queue 3 (Profile)
Off. ColorIn : 0 0
Off. ColorOut : 0 0
Off. Uncolor : 0 0
Dro. ColorOut : 0 0
Dro. ColorIn/Uncolor : 0 0
For. InProf : 0 0
For. OutProf : 0 0
-------------------------------------------------------------------------------
ATM SAP Configuration Information
-------------------------------------------------------------------------------
Ingress TD Profile : 1 Egress TD Profile : 1
Alarm Cell Handling: Enabled AAL-5 Encap : aal5snap-brid*
OAM Termination : Enabled Periodic Loopback : Disabled
===============================================================================
* indicates that the corresponding row element may have been truncated.
*A:ALU-48>show>service>id#
*A:ALU-48>show>service>id# sap 1/2/4:1/100 qos
===============================================================================
Service Access Points(SAP)
===============================================================================
Service Id : 5001
SAP : 1/2/4:1/100 Encap : atm
Description : (Not Specified)
Admin State : Up Oper State : Down
Flags : ServiceAdminDown
PortOperDown L2OperDown
Multi Svc Site : None
Last Status Change : 10/26/2010 20:13:11
Last Mgmt Change : 10/26/2010 20:13:12
-------------------------------------------------------------------------------
QOS
-------------------------------------------------------------------------------
Ingress qos-policy : 1 Egress qos-policy : 1
Shared Q plcy : n/a Multipoint shared : Disabled
===============================================================================
Label |
Description |
|---|---|
Service Id |
The service identifier |
SAP |
The SAP identifier |
Encap |
The encapsulation type of the SAP |
Admin State |
The administrative state of the SAP |
Oper State |
The operating state of the SAP |
Flags |
Specifies the conditions that affect the operating status of this SAP. Display output includes: ServiceAdminDown, SapAdminDown, InterfaceAdminDown, PortOperDown, PortMTUTooSmall, L2OperDown, SapIngressQoSMismatch, SapEgressQoSMismatch, RelearnLimitExceeded, RxProtSrcMac, ParentIfAdminDown, NoSapIpipeCeIpAddr, TodResourceUnavail, TodMssResourceUnavail, SapParamMismatch, CemSapNoEcidOrMacAddr, StandByForMcRing, ServiceMTUTooSmall, SapIngressNamedPoolMismatch, SapEgressNamedPoolMismatch, NoSapEpipeRingNode. |
Last Status Change |
The time of the most recent operating status change to this SAP |
Last Mgmt Change |
The time of the most recent management-initiated change to this SAP |
Sub Type |
The supported sub type: regular |
Split Horizon Group |
Indicates the split horizon group that this SAP is a member of |
Admin MTU |
The desired largest service frame size (in octets) that can be transmitted through the SAP to the far-end router, without requiring the packet to be fragmented |
Oper MTU |
The actual largest service frame size (in octets) that can be transmitted through the SAP to the far-end router, without requiring the packet to be fragmented |
Ingr IP Fltr-Id |
The IPv4 ingress filter policy ID assigned to the SAP |
Egr IP Fltr-Id |
The IPv4 egress filter policy ID assigned to the SAP |
Ingr Mac Fltr-Id |
Not applicable |
Egr Mac Fltr-Id |
Not applicable |
Ingr IPv6 Fltr-Id |
The IPv6 ingress filter policy ID assigned to the SAP |
Egr IPv6 Fltr-Id |
The IPv6 egress filter policy ID assigned to the SAP |
tod-suite |
Indicates whether a time-based policy is applied to a multiservice site |
qinq-pbit-marking |
Indicates the qinq P-bit marking for the service: both or top |
Ing Scheduler Mode |
The scheduler mode for the SAP in the access ingress direction: 4-priority or 16-priority |
Egr Scheduler Mode |
The scheduler mode for the SAP in the access egress direction: 4-priority or 16-priority |
Ing Agg Rate Limit |
The PIR rate limit in the access ingress direction for the aggregate of the SAP queues |
Egr Agg Rate Limit |
The PIR rate limit in the access egress direction for the aggregate of the SAP queues |
Ing Agg cir |
The CIR rate limit in the access ingress direction for the aggregate of the SAP queues |
Egr Agg cir |
The CIR rate limit in the access egress direction for the aggregate of the SAP queues |
Ing Shaper Group |
The ingress shaper group for the SAP |
Egr Shaper Group |
The egress shaper group for the SAP |
ARP Reply Agent |
Specifies whether the ARP reply agent is enabled |
Host Conn Verify |
Specifies the state of verifying host connectivity (enabled or disabled) |
Mac Learning |
Specifies whether MAC learning is enabled |
Discard Unkwn Srce |
Specifies whether frames received with an unknown destination MAC are discarded |
Mac Aging |
Specifies whether MAC aging is enabled |
Mac Pinning |
Specifies whether MAC pinning is enabled |
Acct. Pol |
The accounting policy ID applied to the SAP |
Collect Stats |
Specifies whether accounting statistics are collected on the SAP |
Time to RetryReset |
The time, in seconds, to wait before a SAP that has been disabled after exceeding the maximum relearn rate is re-enabled A value of 0 indicates that the SAP will not be automatically re-enabled after being disabled. If after the SAP is re-enabled it is disabled again, the effective retry timeout is doubled to avoid thrashing. |
Retries Left |
The number of remaining attempts to re-enable the SAP |
Mac Move |
Indicates the administrative state of the MAC movement feature associated with the SAP |
Blockable Level |
Specifies the level at which MAC move is blockable on the SAP (primary, secondary, or tertiary) |
PPPoE Circuit-Id |
Specifies the agent-circuit-id, as specified in RFC 4679 (applies to ATM VPLS instances only) |
Stp Service Access Point specifics |
|
The fields under STP SAP specifics do not apply to VPLS services on the 7705 SAR. |
|
QOS |
|
Ingress qos-policy |
The ingress QoS policy ID assigned to the SAP |
Egress qos-policy |
The egress QoS policy ID assigned to the SAP |
Shared Q plcy |
Not applicable |
Multipoint shared |
Not applicable |
DHCP |
|
Admin State |
Specifies whether DHCP relay is enabled on this SAP |
DHCP Snooping |
The status of the DHCP snooping function (up or down) |
Action |
The DHCP action to be used for the Relay Agent Information Option (Option 82) processing (forward, drop, or keep) |
Subscriber Management |
|
The fields under subscriber management do not apply to VPLS services on the 7705 SAR. |
|
Sap Statistics |
|
Last Cleared Time |
The date and time that a clear command was issued on statistics |
Forwarding Engine Stats (Ingress) |
|
Dropped |
The number of packets or octets dropped by the forwarding engine |
Off. HiPrio |
The number of high-priority packets or octets offered to the forwarding engine |
Off. LowPrio |
The number of low-priority packets offered to the forwarding engine |
Queueing Stats (Ingress QoS Policy) |
|
Dro. HiPrio |
The number of high-priority packets or octets discarded, as determined by the SAP ingress QoS policy |
Dro. LowPrio |
The number of low-priority packets discarded, as determined by the SAP ingress QoS policy |
For. InProf |
The number of in-profile packets or octets (rate below CIR) forwarded, as determined by the SAP ingress QoS policy |
For. OutProf |
The number of out-of-profile packets or octets (rate above CIR) forwarded, as determined by the SAP ingress QoS policy |
Forwarding Engine Stats (Egress) |
|
Dropped |
The number of packets or octets dropped by the forwarding engine |
Queueing Stats (Egress QoS Policy) |
|
Dro. InProf |
The number of in-profile packets or octets discarded, as determined by the SAP egress QoS policy |
Dro. OutProf |
The number of out-of-profile packets or octets discarded, as determined by the SAP egress QoS policy |
For. InProf |
The number of in-profile packets or octets (rate below CIR) forwarded, as determined by the SAP egress QoS policy |
For. OutProf |
The number of out-of-profile packets or octets (rate above CIR) forwarded, as determined by the SAP egress QoS policy |
Sap per Queue stats |
|
Ingress Queue n |
The index of the ingress QoS queue of this SAP, where n is the index number |
Off. HiPrio |
The number of packets or octets of high-priority traffic for the SAP (offered) |
Off. LoPrio |
The number of packets or octets of low-priority traffic for the SAP (offered) |
Dro. HiPrio |
The number of high-priority traffic packets or octets dropped |
Dro. LoPrio |
The number of low-priority traffic packets or octets dropped |
For. InProf |
The number of in-profile packets or octets (rate below CIR) forwarded |
For. OutProf |
The number of out-of-profile packets or octets (rate above CIR) forwarded |
Off. ColorIn |
Indicates the number of packets or octets colored as in-profile for the SAP (offered) |
Off. ColorOut |
Indicates the number of packets or octets colored as out-of-profile for the SAP (offered) |
Off. Uncolor |
Indicates the number of packets or octets that are unprofiled for the SAP (offered) |
Dro. ColorOut |
Indicates the number of packets or octets colored as out-of-profile that were dropped for the SAP |
Dro. ColorIn/Uncolor |
Indicates the number of packets or octets that were colored as in-profile or unprofiled that were dropped for the SAP |
Egress Queue n |
The index of the egress QoS queue of the SAP, where n is the index number |
For. InProf |
The number of in-profile packets or octets (rate below CIR) forwarded |
For. OutProf |
The number of out-of-profile packets or octets (rate above CIR) forwarded |
Dro. InProf |
The number of in-profile packets or octets dropped for the SAP |
Dro. OutProf |
The number of out-of-profile packets or octets discarded |
ATM SAP Configuration Information |
|
Ingress TD Profile |
The profile ID of the traffic descriptor applied to the ingress SAP |
Egress TD Profile |
The profile ID of the traffic descriptor applied to the egress SAP |
Alarm Cell Handling |
Indicates that OAM cells are being processed |
OAM Termination |
Indicates whether this SAP is an OAM termination point |
AAL-5 Encap |
Indicates the type of AAL5 encapsulation for this ATM SAP |
OAM Termination |
Indicates the state of the OAM termination for this ATM SAP (enabled or disabled) |
Periodic Loopback |
Indicates the state of the periodic loopback for this ATM SAP (enabled or disabled) |
sdp
Syntax
sdp [sdp-id[:vc-id]] [detail]
sdp far-end {ip-address | ipv6-address} [detail]
Context
show>service>id
Description
This command displays information about SDPs. When the sdp command is used without specifying a sdp-id, the display shows all the information for all SDPs in the service. Including the sdp-id and a filtering keyword with the sdp command displays information pertaining to the keyword.]
Parameters
- sdp-id
the SDP identifier
- vc-id
the VC identifier
- ip-address
displays information for the SDP having this as far-end IPv4 or IPv6 address
- detail
adds details to SDP information
Output
The following output is an example of service SDP information, and Service ID (SDP) field descriptions describes the fields.
Output example*A:ALU-48>show>service>id# sdp 5001
===============================================================================
Service Destination Point (Sdp Id : 5001)
===============================================================================
SdpId Type IP address Adm Opr I.Lbl E.Lbl
-------------------------------------------------------------------------------
5001:100 Spok 10.10.10.10 Up Down 0 0
===============================================================================
*A:ALU-48>show>service>id#
*A:ALU-48>show>service>id# sdp 5001 detail
===============================================================================
Service Destination Point (Sdp Id : 5001) Details
===============================================================================
-------------------------------------------------------------------------------
Sdp Id 5001:100 -(10.10.10.10)
-------------------------------------------------------------------------------
Description : (Not Specified)
SDP Id : 5001:100 Type : Spoke
Split Horiz Grp : shg5001
VC Type : Ether VC Tag : n/a
Admin Path MTU : 0 Oper Path MTU : 0
Far End : 10.10.10.10 Delivery : MPLS
Admin State : Up Oper State : Down
Acct. Pol : None Collect Stats : Disabled
Ingress Label : 0 Egress Label : 0
Ing mac Fltr : n/a Egr mac Fltr : n/a
Ing ip Fltr : n/a Egr ip Fltr : n/a
Ing ipv6 Fltr : n/a Egr ipv6 Fltr : n/a
Admin ControlWord : Not Preferred Oper ControlWord : False
Last Status Change : 10/26/2010 20:14:00 Signaling : TLDP
Last Mgmt Change : 10/26/2010 20:14:01 Force Vlan-Vc : Disabled
Endpoint : endpoint5000 Precedence : 4
PW Status Sig : Enabled
Class Fwding State : Down
Flags : SvcAdminDown SdpOperDown
NoIngVCLabel NoEgrVCLabel
PathMTUTooSmall
Time to RetryReset : never Retries Left : 3
Mac Move : Blockable Blockable Level : Tertiary
Peer Pw Bits : None
Peer Fault Ip : None
Max Nbr of MAC Addr: No Limit Total MAC Addr : 0
Learned MAC Addr : 0 Static MAC Addr : 0
MAC Learning : Enabled Discard Unkwn Srce: Disabled
BPDU Translation : Disabled
L2PT Termination : Disabled
MAC Pinning : Disabled
Ignore Standby Sig : False Block On Mesh Fail: False
KeepAlive Information :
Admin State : Disabled Oper State : Disabled
Hello Time : 10 Hello Msg Len : 0
Max Drop Count : 3 Hold Down Time : 10
Statistics :
I. Fwd. Pkts. : 0 I. Dro. Pkts. : 0
I. Fwd. Octs. : 0 I. Dro. Octs. : 0
E. Fwd. Pkts. : 0 E. Fwd. Octets : 0
MCAC Policy Name :
MCAC Max Unconst BW: no limit MCAC Max Mand BW : no limit
MCAC In use Mand BW: 0 MCAC Avail Mand BW: unlimited
MCAC In use Opnl BW: 0 MCAC Avail Opnl BW: unlimited
Associated LSP LIST :
No LSPs Associated
-------------------------------------------------------------------------------
Stp Service Destination Point specifics
-------------------------------------------------------------------------------
Stp Admin State : Down Stp Oper State : Down
Core Connectivity : Down
Port Role : N/A Port State : Discarding
Port Number : 0 Port Priority : 128
Port Path Cost : 10 Auto Edge : Enabled
Admin Edge : Disabled Oper Edge : N/A
Link Type : Pt-pt BPDU Encap : Dot1d
Root Guard : Disabled Active Protocol : N/A
Last BPDU from : N/A
Designated Bridge : N/A Designated Port Id: 0
Fwd Transitions : 0 Bad BPDUs rcvd : 0
Cfg BPDUs rcvd : 0 Cfg BPDUs tx : 0
TCN BPDUs rcvd : 0 TCN BPDUs tx : 0
RST BPDUs rcvd : 0 RST BPDUs tx : 0
===============================================================================
===============================================================================
*A:ALU-48>show>service>id#
*A:ALU-48>show>service>id# sdp far-end 10.10.10.10
===============================================================================
Service Destination Point(Far-End : 10.10.10.10)
===============================================================================
SdpId Type IP address Adm Opr I.Lbl E.Lbl
-------------------------------------------------------------------------------
5001:100 Spok 10.10.10.10 Up Down 0 0
-------------------------------------------------------------------------------
Number of SDPs : 1
-------------------------------------------------------------------------------
===============================================================================
*A:ALU-48>show>service>id# sdp far-end 10.10.10.10 detail
===============================================================================
Service Destination Point(Far-End : 10.10.10.10) Details
===============================================================================
-------------------------------------------------------------------------------
Sdp Id 5001:100 -(10.10.10.10)
-------------------------------------------------------------------------------
Description : (Not Specified)
SDP Id : 5001:100 Type : Spoke
Split Horiz Grp : shg5001
VC Type : Ether VC Tag : n/a
Admin Path MTU : 0 Oper Path MTU : 0
Far End : 10.10.10.10 Delivery : MPLS
Admin State : Up Oper State : Down
Acct. Pol : None Collect Stats : Disabled
Ingress Label : 0 Egress Label : 0
Ing mac Fltr : n/a Egr mac Fltr : n/a
Ing ip Fltr : n/a Egr ip Fltr : n/a
Ing ipv6 Fltr : n/a Egr ipv6 Fltr : n/a
Admin ControlWord : Not Preferred Oper ControlWord : False
Last Status Change : 10/26/2010 20:14:00 Signaling : TLDP
Last Mgmt Change : 10/26/2010 20:14:01 Force Vlan-Vc : Disabled
Endpoint : endpoint5000 Precedence : 4
Class Fwding State : Down
Flags : SvcAdminDown SdpOperDown
NoIngVCLabel NoEgrVCLabel
PathMTUTooSmall
Time to RetryReset : never Retries Left : 3
Mac Move : Blockable Blockable Level : Tertiary
Peer Pw Bits : None
Peer Fault Ip : None
Max Nbr of MAC Addr: No Limit Total MAC Addr : 0
Learned MAC Addr : 0 Static MAC Addr : 0
MAC Learning : Enabled Discard Unkwn Srce: Disabled
BPDU Translation : Disabled
L2PT Termination : Disabled
MAC Pinning : Disabled
Ignore Standby Sig : False Block On Mesh Fail: False
KeepAlive Information :
Admin State : Disabled Oper State : Disabled
Hello Time : 10 Hello Msg Len : 0
Max Drop Count : 3 Hold Down Time : 10
Statistics :
I. Fwd. Pkts. : 0 I. Dro. Pkts. : 0
I. Fwd. Octs. : 0 I. Dro. Octs. : 0
E. Fwd. Pkts. : 0 E. Fwd. Octets : 0
E. Dro. Pkts. : 0
Grp Enc Stats :
I. Fwd. Pkts. : 0 I. Fwd. Octs. : 0
I. Dro. Inv. Spi. : 0 I. Dro. OthEncPkt*: 0
E. Fwd. Pkts. : 0 E. Fwd. Octs. : 0
E. Dro. Enc. Pkts. : 0
MCAC Policy Name :
MCAC Max Unconst BW: no limit MCAC Max Mand BW : no limit
MCAC In use Mand BW: 0 MCAC Avail Mand BW: unlimited
MCAC In use Opnl BW: 0 MCAC Avail Opnl BW: unlimited
Associated LSP LIST :
No LSPs Associated
-------------------------------------------------------------------------------
Stp Service Destination Point specifics
-------------------------------------------------------------------------------
Stp Admin State : Down Stp Oper State : Down
Core Connectivity : Down
Port Role : N/A Port State : Discarding
Port Number : 0 Port Priority : 128
Port Path Cost : 10 Auto Edge : Enabled
Admin Edge : Disabled Oper Edge : N/A
Link Type : Pt-pt BPDU Encap : Dot1d
Root Guard : Disabled Active Protocol : N/A
Last BPDU from : N/A
Designated Bridge : N/A Designated Port Id: 0
Fwd Transitions : 0 Bad BPDUs rcvd : 0
Cfg BPDUs rcvd : 0 Cfg BPDUs tx : 0
TCN BPDUs rcvd : 0 TCN BPDUs tx : 0
RST BPDUs rcvd : 0 RST BPDUs tx : 0
-------------------------------------------------------------------------------
Number of SDPs : 1
-------------------------------------------------------------------------------
===============================================================================
*A:ALU-48>show>service>id#
Label |
Description |
|---|---|
SDP Id |
The SDP identifier |
Type |
Indicates whether this service SDP binding is a spoke or a mesh |
Split Horizon Group |
The name of the split horizon group |
VC Type |
The VC type: ether or vlan |
VC Tag |
The explicit dot1q value used when encapsulating to the SDP far end |
Admin Path MTU |
The desired largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented |
Oper Path MTU |
The actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented |
Far End |
Specifies the IP address of the remote end of the GRE, MPLS, or IP tunnel defined by this SDP |
Delivery |
Specifies the type of delivery used by the SDP: GRE, MPLS, or IP |
Admin State |
The administrative state of this SDP |
Oper State |
The operational state of this SDP |
Acct. Pol |
The accounting policy applied to the SDP |
Collect Stats |
Specifies whether accounting statistics are collected on the SDP |
Ingress Label |
The label used by the far-end device to send packets to this device in this service by this SDP |
Egress Label |
The label used by this device to send packets to the far-end device in this service by this SDP |
Ing mac Fltr |
Not applicable |
Egr mac Fltr |
Not applicable |
Ing ip Fltr |
The SDP ingress filter policy ID for IPv4 |
Egr ip Fltr |
The SDP egress filter policy ID for IPv4 |
Ing ipv6 Fltr |
Not applicable |
Egr ipv6 Fltr |
Not applicable |
Admin ControlWord |
The administrative state of the control word: Preferred (control word enabled) or Not Preferred (control word disabled) |
Oper ControlWord |
The operational state of the control word: True (control word enabled) or False (control word disabled) |
Last Status Change |
The date and time of the most recent status change to this SDP |
Signaling |
The signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on this SDP |
Last Mgmt Change |
The date and time of the most recent management-initiated change to this SDP |
Endpoint |
The name of the service endpoint |
Precedence |
Specifies the precedence of this SDP binding when there are multiple SDP bindings attached to one service endpoint |
PW Status Sig |
Specifies whether pseudowire status signaling for spoke SDPs is enabled or disabled |
Flags |
Specifies the conditions that affect the operating status of this SAP. Display output includes: ServiceAdminDown, SvcAdminDown, SdpOperDown, NoIngVCLabel NoEgrVCLabel, PathMTUTooSmall. |
Retries Left |
The number of remaining attempts to re-enable the SDP |
Mac Move |
The administrative state of the MAC movement feature associated with the SDP |
Blockable Level |
Specifies the level at which MAC move is blockable on the SAP (primary, secondary, or tertiary) |
MAC Learning |
Specifies whether MAC learning is enabled |
MAC Pinning |
Specifies whether MAC pinning is enabled in this SDP |
Ignore Standby Sig |
Specifies whether ignore standby signaling is configured True: standby signaling is ignored False: standby signaling is not ignored |
Block On Mesh Fail |
Specifies whether to take down the spoke SDP when the mesh SDP is down True: the spoke SDP is not taken down False: the spoke SDP is taken down |
KeepAlive Information |
|
Admin State |
The operating status of the keepalive protocol |
Oper State |
The current status of the keepalive protocol |
Hello Time |
Specifies how often the SDP echo request messages are transmitted on this SDP |
Hello Msg Len |
The length of the SDP echo request messages transmitted on this SDP |
Max Drop Count |
The maximum number of consecutive SDP Echo Request messages that can be unacknowledged before the keepalive protocol reports a fault |
Hold Down Time |
The time to wait before the keepalive operating status is eligible to enter the alive state |
Statistics |
|
I. Fwd. Pkts. |
The number of forwarded ingress packets |
I. Dro. Pkts. |
The number of dropped ingress packets |
I. Fwd. Octs. |
The number of forwarded ingress octets |
I. Dro. Octs. |
The number of dropped ingress octets |
E. Fwd. Pkts. |
The number of forwarded egress packets |
E. Fwd. Octets |
The number of forwarded egress octets |
E. Dro. Pkts. |
The number of dropped egress octets |
Grp Enc Stats |
|
I. Fwd. Pkts. |
The number of forwarded ingress packets |
I. Fwd. Octs. |
The number of forwarded ingress octets |
I. Dro. Inv. Spi. |
The number of ingress packets dropped due to an invalid SPI |
I. Dro. OthEncPkt* |
The number of ingress packets dropped due to a packet encapsulation other than that configured |
E. Fwd. Pkts. |
The number of forwarded egress packets |
E. Fwd. Octs. |
The number of forwarded egress octets |
E. Dro. Enc. Pkts |
The number of dropped egress packets |
Associated LSP LIST |
If the SDP type is MPLS, a list of LSPs used to reach the far-end router displays. All the LSPs in the list must terminate at the IP address specified in the far-end field. If the SDP type is GRE, the following message displays: SDP delivery mechanism is not MPLS |
Number of SDPs |
The total number of SDPs applied to this service ID |
split-horizon-group
Syntax
split-horizon-group [group-name]
Context
show>service>id
Description
This command displays information related to all split horizon groups in the service or the specified service split horizon group.
Parameters
- group-name
specifies a split horizon group name
Output
The following output is an example of service split horizon group information, and Service ID (split horizon group) field descriptions describes the fields.
Output example*A:ALU-48>show>service>id# split-horizon-group
===============================================================================
Service: Split Horizon Group
===============================================================================
Name Description
-------------------------------------------------------------------------------
R shg5001
-------------------------------------------------------------------------------
R = Residential Split Horizon Group
A = Auto Created Split Horizon Group
No. of Split Horizon Groups: 1
*A:ALU-48>show>service>id# split-horizon-group shg5001
===============================================================================
Service: Split Horizon Group
===============================================================================
Name Description
-------------------------------------------------------------------------------
R shg5001
-------------------------------------------------------------------------------
Associations
-------------------------------------------------------------------------------
SAP 1/2/4:1/100
SDP 5001:100
-------------------------------------------------------------------------------
R = Residential Split Horizon Group
SAPs Associated : 1 SDPs Associated : 1
===============================================================================
*A:ALU-48>show>service>id#
Label |
Description |
|---|---|
Name |
The name of the split horizon group. When preceded by ‟R”, the group is a residential split horizon group. |
Description |
A description of the split horizon group as configured by the user |
Associations |
A list of SAPs and SDPs associated with the split horizon group |
stp
Syntax
stp [detail]
Context
show>service>id
Description
This command displays information for the spanning tree protocol instance for the service.
Parameters
- detail
displays detailed information
Output
The following output is an example of information about service-id STP, and Service ID (STP) field descriptions describes the fields.
Output exampleA:ALU-48#> show service id 5000 stp
===============================================================================
Stp info, Service 5000
===============================================================================
Bridge Id : 80:00.a4:58:ff:00:00:00 Top. Change Count : 0
Root Bridge : N/A Stp Oper State : Down
Primary Bridge : N/A Topology Change : Inactive
Mode : Rstp Last Top. Change : 0d 00:00:00
Vcp Active Prot. : N/A
Root Port : N/A External RPC : 0
===============================================================================
Stp port info
===============================================================================
Sap/Sdp/PIP Id Oper- Port- Port- Port- Oper- Link- Active
State Role State Num Edge Type Prot.
-------------------------------------------------------------------------------
1/5/5 Down N/A Disabled 2048 N/A Pt-pt N/A
15:5001 Down N/A Discard 0 N/A Pt-pt N/A
===============================================================================
A:ALU-48#
A:ALU-48#> show service id 5000 stp detail
===============================================================================
Spanning Tree Information
===============================================================================
-------------------------------------------------------------------------------
VPLS Spanning Tree Information
-------------------------------------------------------------------------------
VPLS oper state : Down Core Connectivity : Down
Stp Admin State : Down Stp Oper State : Down
Mode : Rstp Vcp Active Prot. : N/A
Bridge Id : 80:00.a4:58:ff:00:00:00 Bridge Instance Id: 0
Bridge Priority : 32768 Tx Hold Count : 6
Topology Change : Inactive Bridge Hello Time : 2
Last Top. Change : 0d 00:00:00 Bridge Max Age : 20
Top. Change Count : 0 Bridge Fwd Delay : 15
MST region revision: 0 Bridge max hops : 20
MST region name :
Root Bridge : N/A
Primary Bridge : N/A
Root Path Cost : 0 Root Forward Delay: 15
Rcvd Hello Time : 2 Root Max Age : 20
Root Priority : 32768 Root Port : N/A
-------------------------------------------------------------------------------
Spanning Tree Sap/Spoke SDP Specifics
-------------------------------------------------------------------------------
SAP Identifier : 1/5/5 Stp Admin State : Up
Port Role : N/A Port State : Unknown
Port Number : 2048 Port Priority : 128
Port Path Cost : 10 Auto Edge : Enabled
Admin Edge : Disabled Oper Edge : N/A
Link Type : Pt-pt BPDU Encap : Dot1d
Root Guard : Disabled Active Protocol : N/A
Last BPDU from : N/A
CIST Desig Bridge : N/A Designated Port : N/A
Forward transitions: 0 Bad BPDUs rcvd : 0
Cfg BPDUs rcvd : 0 Cfg BPDUs tx : 0
TCN BPDUs rcvd : 0 TCN BPDUs tx : 0
RST BPDUs rcvd : 0 RST BPDUs tx : 0
MST BPDUs rcvd : 0 MST BPDUs tx : 0
SDP Identifier : 15:5001 Stp Admin State : Down
Port Role : N/A Port State : Discarding
Port Number : 0 Port Priority : 128
Port Path Cost : 10 Auto Edge : Enabled
Admin Edge : Disabled Oper Edge : N/A
Link Type : Pt-pt BPDU Encap : Dot1d
Root Guard : Disabled Active Protocol : N/A
Last BPDU from : N/A
Designated Bridge : N/A Designated Port Id: 0
Fwd Transitions : 0 Bad BPDUs rcvd : 0
Cfg BPDUs rcvd : 0 Cfg BPDUs tx : 0
TCN BPDUs rcvd : 0 TCN BPDUs tx : 0
RST BPDUs rcvd : 0 RST BPDUs tx : 0
===============================================================================
Label |
Description |
|---|---|
Stp info, Service # |
|
Bridge Id |
The MAC address used to identify this bridge in the network |
Top Change Count |
The total number of topology changes detected by the Spanning Tree Protocol instance associated with this service since the management entity was last reset or initialized |
Root Bridge |
The bridge identifier of the root of the spanning tree as determined by the Spanning Tree Protocol instance associated with this service. This value is used as the Root Identifier parameter in all Configuration BPDUs originated by this node. |
Topology Change |
Specifies whether a topology change is currently in progress |
Mode |
Always RSTP |
Last Top. Change |
The time (in hundredths of a second) since the last time a topology change was detected by the Spanning Tree Protocol instance associated with this service |
Root Port |
The port number of the port that offers the lowest cost path from this bridge to the root bridge |
Stp port info |
|
Sap/Sdp/PIP Id |
The ID of the access port where the SAP or spoke SDP is defined |
Oper-State |
Indicates the operational state of the rapid spanning tree protocol instance associated with this service. This field is applicable only when STP is enabled on the router. |
Port-State |
The port identifier of the port on the designated bridge for this port's segment |
Port-Num |
The value of the port number field that is contained in the least significant 12 bits of the 16-bit port ID associated with the SAP or spoke SDP |
Oper-Edge |
The state of the oper-edge variable: true or false |
Link-Type |
The link type (number of bridges that can exist behind the SAP or spoke SDP): pt-pt or shared |
VPLS Spanning Tree Information |
|
VPLS oper state |
The operational state of the rapid spanning tree protocol instance associated with this service. This field is applicable only when STP is enabled on the router. |
Core Connectivity |
The connectivity status to the core |
Stp Admin State |
The administrative state of the rapid spanning tree protocol instance associated with this service |
Stp Oper State |
The operational state of the rapid spanning tree protocol instance associated with this service. This field is applicable only when STP is enabled on the router. |
Mode |
Always RSTP |
Bridge Id |
The MAC address used to identify this bridge in the network |
Bridge Priority |
The priority of the Spanning Tree Protocol instance associated with this service |
Tx Hold Count |
The interval length during which no more than two Configuration BPDUs shall be transmitted by this bridge |
Topology Change |
Specifies whether a topology change is currently in progress |
Bridge Hello Time |
The amount of time between the transmission of Configuration BPDUs |
Last Top. Change |
The time (in hundredths of a second) since the last time a topology change was detected by the Spanning Tree Protocol instance associated with this service |
Bridge Max Age |
The maximum age of Spanning Tree Protocol information learned from the network on any port before it is discarded. This is the actual value that this bridge is currently using. |
Top. Change Count |
The total number of topology changes detected by the Spanning Tree Protocol instance associated with this service since the management entity was last reset or initialized |
Bridge Fwd Delay |
Specifies how fast a bridge changes its state when moving toward the forwarding state |
MST region revision |
Not applicable |
MST region name |
Not applicable |
Root Bridge |
The bridge identifier of the root of the spanning tree as determined by the Spanning Tree Protocol instance associated with this service. This value is used as the Root Identifier parameter in all Configuration BPDUs originated by this node. |
Root Path Cost |
The cost of the path to the root bridge as seen from this bridge |
Root Forward Delay |
Specifies how fast the root changes its state when moving toward the forwarding state |
Rcvd Hello Time |
The amount of time between the transmission of configuration BPDUs |
Root Max Age |
The maximum age of Spanning Tree Protocol information learned from the network on any port before it is discarded |
Root Priority |
The priority of the bridge that is currently selected as root-bridge for the network |
Root Port |
The port number of the port that offers the lowest cost path from this bridge to the root bridge |
Spanning Tree Sap/Spoke SDP Specifics |
|
SAP Identifier |
The ID of the access port where this SAP is defined |
SDP Identifier |
The ID of the SDP and VC |
Stp Admin State |
The administrative state of the rapid spanning tree protocol instance associated with this service |
Port State |
The port identifier of the port on the designated bridge for this port's segment |
Port number |
The value of the port number field that is contained in the least significant 12 bits of the 16-bit port ID associated with the SAP or spoke SDP |
Port Priority |
The value of the port priority field that is contained in the most significant 4 bits of the 16-bit port ID associated with the SAP or spoke SDP |
Port Path Cost |
The contribution of this port to the path cost of paths toward the spanning tree root which include this port |
Auto Edge |
Specifies whether auto edge is enabled or disabled |
Oper Edge |
The state of the oper-edge variable: true or false |
Link Type |
The link type (number of bridges that can exist behind the SAP or spoke SDP): pt-pt or shared |
BPDU Encap |
The type of encapsulation used on BPDUs sent out and received on this SAP or spoke SDP |
Root Guard |
Specifies whether the port is allowed to become an STP root port |
CIST Desig Bridge |
The bridge identifier of the bridge which this port considers to be the designated bridge for this port's segment |
Designated Port |
The port identifier of the port on the designated bridge for this port's segment |
ingress-label
Syntax
ingress-label start-label [end-label]
Context
show>service
Description
This command displays services using a range of ingress labels.
If only the mandatory start-label parameter is specified, only services using the specified label are displayed.
If both start-label and end-label parameters are specified, the services using the range of labels are displayed.
Use the show router ldp bindings command to display dynamic labels.
Parameters
- start-label
the starting ingress label value for which to display services using the label range. If only start-label is specified, services only using start-label are displayed.
- end-label
the ending ingress label value for which to display services using the label range
Output
The following output is an example of information about services using the specified range of ingress labels, and Service ingress-label field descriptions describes the fields.
Output example*A:ALU-48>show>service# ingress-label 0
===============================================================================
Martini Service Labels
===============================================================================
Svc Id Sdp Binding Type I.Lbl E.Lbl
-------------------------------------------------------------------------------
3 15:15 Spok 0 0
5 5:5 Spok 0 0
6 5:6 Spok 0 0
5000 15:5000 Mesh 0 0
5000 15:5001 Spok 0 0
5001 5001:100 Spok 0 0
-------------------------------------------------------------------------------
Number of Bindings Found : 6
-------------------------------------------------------------------------------
===============================================================================
*A:ALU-48>show>service#
Label |
Description |
|---|---|
Svc ID |
The service identifier |
SDP Binding |
The SDP binding identifier |
Type |
Indicates whether the SDP is spoke or mesh |
I.Lbl |
The ingress label used by the far-end device to send packets to this device in this service by the SDP |
E.Lbl |
The egress label used by this device to send packets to the far-end device in this service by the SDP |
Number of Bindings Found |
The number of SDP bindings within the label range specified |
pim-snooping
Syntax
pim-snooping
Context
show>service>id
Description
This command enables the context to display PIM snooping information.
group
Syntax
group [grp-ip-address] [source ip-address] [type {starg | sg}] [detail] [family]
Context
show>service>id>pim-snooping
Description
This command displays the multicast group information.
Parameters
- grp-ip-address
displays information for the multicast group address (IPv4 or IPv6)
- ip-address
displays information for the source address or the RP address (IPv4 or IPv6)
- starg
displays information for (*,G) entries
- sg
displays information for (S,G) entries
- detail
displays detailed information
- family
displays either IPv4 or IPv6 information
Output
The following output is an example of PIM snooping multicast group information, and Service VPLS PIM snooping group field descriptions describes the fields.
Output example*A:ALU# show service id 1 pim-snooping group
===============================================================================
PIM Snooping Groups ipv4
===============================================================================
Group Address Source Address Type Incoming Num
Intf Oifs
-------------------------------------------------------------------------------
10.252.0.1 10.0.0.2 (S,G) SAP:1/1/2 2
-------------------------------------------------------------------------------
Groups : 1
===============================================================================
*A:PE#
Label |
Description |
|---|---|
PIM Snooping Groups |
|
Group Address |
The IP address of the multicast group |
Source Address |
The IP address of the multicast source |
Type |
The type of source-group pair: (S,G) or (*,G) |
Incoming Intf |
The interface identifier for the incoming multicast stream |
Num Oifs |
The number of outgoing interfaces |
Groups |
The number of groups displayed |
neighbor
Syntax
neighbor [{sap sap-id | sdp sdp-id:vc-id} [address ip-address]] [detail] [family]
Context
show>service>id>pim-snooping
Description
This command displays PIM neighbor information.
Parameters
- sap-id
displays information for the PIM neighbor associated with the specified SAP
- sdp-id:vc-id
displays information for the PIM neighbor associated with the specified SDP
- ip-address
displays information for the PIM neighbor with the specified IP address (IPv4 or IPv6)
- detail
displays detailed PIM neighbor information
- family
displays either IPv4 or IPv6 information for the specified neighbor
Output
The following output is an example of PIM snooping neighbor information, and Service VPLS PIM snooping neighbor field descriptions describes the fields.
Output example*A:ALU# show service id 1 pim-snooping neighbor
===============================================================================
PIM Snooping Neighbors ipv4
===============================================================================
Sap/Sdp Id Nbr DR Prty Up Time Expiry Time Hold Time
Nbr Address
-------------------------------------------------------------------------------
SAP:1/1/1 1 0d 00:06:15 0d 00:01:40 105
10.0.1.1
SAP:1/1/2 1 0d 00:06:15 0d 00:01:30 105
10.0.1.2
-------------------------------------------------------------------------------
Neighbors : 2
===============================================================================
*A:PE#
Label |
Description |
|---|---|
PIM Snooping Neighbors |
|
Sap/Sdp Id Nbr Address |
The SAP or SDP identifier and the IP address of the neighbor |
Nbr DR Prty |
The neighbor designated router parity |
Up Time |
The length of time that the multicast connection has been up |
Expiry Time |
The length of time remaining before the multicast connection goes down |
Hold Time |
The length of time that PIM snooping checks for the PIM state |
Neighbors |
The number of neighbors for the specified instance of PIM snooping |
port
Syntax
port [sap sap-id | sdp sdp-id:vc-id] [group [grp-ip-address]] [detail] [family]
Context
show>service>id>pim-snooping
Description
This command displays PIM port information.
Parameters
- sap-id
displays port information for the specified SAP
- sdp-id:vc-id
displays port information for the specified SDP
- group
displays port information for multicast groups
- grp-ip-address
displays port information for the specified multicast group address (IPv4 or IPv6)
- detail
displays detailed port information
- family
displays either IPv4 or IPv6 information for the specified port
Output
The following output is an example of PIM snooping port information, and Service VPLS PIM snooping port field descriptions describes the fields.
Output example*A:ALU# show service id 1 pim-snooping port
===============================================================================
PIM Snooping Ports ipv4
===============================================================================
Sap/Sdp Id Opr
-------------------------------------------------------------------------------
SAP:1/1/1 Up
SAP:1/1/2 Up
===============================================================================
*A:ALU#
Label |
Description |
|---|---|
PIM Snooping Ports |
|
Sap/Sdp Id |
The SAP or SDP identifier for the port |
Opr |
The operational state of the port: Up or Down |
statistics
Syntax
statistics [sap sap-id] [sdp sdp-id:vc-id] [family]
Context
show>service>id>pim-snooping
Description
This command displays PIM statistics information.
Parameters
- sap-id
displays the statistics associated with the specified SAP
- sdp-id:vc-id
displays the statistics associated with the specified SDP
- family
displays either IPv4 or IPv6 statistics
Output
The following output is an example of PIM snooping statistics information, and Service VPLS PIM snooping statistics field descriptions describes the fields.
Output example*A:ALU# show service id 1 pim-snooping statistics
=================================================================
PIM Snooping Statistics ipv4
=================================================================
Message Type Received Transmitted Rx Errors
-----------------------------------------------------------------
Hello 36 - 0
Join Prune 8 8 0
Total Packets 44 8
-------------------------------------------------------------------------------
General Statistics
-------------------------------------------------------------------------------
Rx Neighbor Unknown : 0
Rx Bad Checksum Discard : 0
Rx Bad Encoding : 0
Rx Bad Version Discard : 0
Join Policy Drops : 0
-------------------------------------------------------------------------------
Source Group Statistics
-------------------------------------------------------------------------------
(S,G) : 1
(*,G) : 0
=================================================================
Label |
Description |
|---|---|
Message Type |
|
Hello |
The number of hello messages received, transmitted, and received with errors |
Join Prune |
The number of join-prune messages transmitted, received, and received with errors |
Total Packets |
The total number of hello and join-prune messages transmitted, received, and received with errors |
General Statistics |
|
Rx Neighbor Unknown |
The number of packets received from an unknown neighbor |
Rx Bad Checksum Discard |
The number of packets received and discarded because of a bad checksum |
Rx Bad Encoding |
The number of packets received with bad encoding |
Rx Bad Version Discard |
The number of packets received and discarded because of a bad version |
Join Policy Drops |
The number of join messages dropped due to the join policy actions |
Source Group Statistics |
|
(S,G) |
The number of (S,G)s in the multicast |
(*,G) |
The number of (*,G)s in the multicast |
status
Syntax
status [family]
Context
show>service>id>pim-snooping
Description
This command displays PIM status information.
Parameters
- family
displays either IPv4 or IPv6 status information
Output
The following output is an example of PIM snooping status information, and Service VPLS PIM snooping status field descriptions describes the fields.
Output example*A:ALU# show service id 1 pim-snooping status
===============================================================================
PIM Snooping Status ipv4
===============================================================================
Admin State : Up
Oper State : Up
Mode Admin : Proxy
Mode Oper : Proxy
Hold Time : 90
Designated Router : 10.0.1.2
J/P Tracking : Inactive
Up Time : 0d 00:08:43
Group Policy : None
===============================================================================
*A:ALU#
Label |
Description |
|---|---|
Admin State |
The administrative state of PIM snooping for the specified service |
Oper State |
The operational state of PIM snooping for the specified service |
Mode Admin |
The administrative mode: snoop or proxy |
Mode Oper |
The operational mode: snoop or proxy |
Hold Time |
The length of time that PIM snooping checks for the PIM state |
Designated Router |
The IP address of the designated router |
J/P Tracking |
The join-prune status |
Up Time |
The length of time that the multicast connection has been up |
Group Policy |
The group policy name |
sap-using
Syntax
sap-using [sap sap-id]
sap-using interface [ip-address | ip-int-name]
sap-using description
sap-using authentication-policy auth-plcy-name
sap-using [ingress | egress] filter filter-id
sap-using [ingress | egress] atm-td-profile td-profile-id
sap-using [ingress | egress] qos-policy [qos-policy-id | qos-policy-name]
sap-using [ingress | egress] scheduler-mode {4-priority | 16-priority}
sap-using [ingress | egress] shaper-group shaper-group-name
Context
show>service
Description
This command displays SAP information.
If no optional parameters are specified, the command displays a summary of all defined SAPs.
The optional parameters restrict output to only SAPs matching the specified properties.
Parameters
- description
displays a SAP summary table with description information
- ingress
specifies matching an ingress policy
- egress
specifies matching an egress policy
- qos-policy-id
the ingress or egress QoS policy ID for which to display matching SAPs
- qos-policy-name
the ingress or egress QoS policy name for which to display matching SAPs
- td-profile-id
displays SAPs using this traffic descriptor
- filter-id
the filter policy for which to display matching SAPs specifies. The filter ID or filter name must already exist.
- auth-plcy-name
the session authentication policy for which to display matching SAPs
- sap-id
specifies the physical port identifier portion of the SAP definition. See SAP ID configurations for a full list of SAP IDs.
- interface
specifies matching SAPs with the specified IP interface
- ip-address
the IP address of the interface for which to display matching SAPs
- ip-int-name
the IP interface name for which to display matching SAPs
- scheduler-mode
specifies the scheduler mode for which to display the SAPs
- shaper-group
specifies the shaper group for which to display matching SAPs
Output
The following output is an example of information about SAPs matching the specified properties, and Service SAP-using field descriptions describes the fields.
Output example*A:ALU-48>show>service# sap-using
===============================================================================
Service Access Points
===============================================================================
PortId SvcId Ing. Ing. Egr. Egr. Adm Opr
QoS Fltr QoS Fltr
-------------------------------------------------------------------------------
1/5/1 2 1 none 1 none Up Down
1/5/2 2 1 none 1 none Up Down
1/5/5 5000 1 mac 1 ip4 Up Down
1/2/4:1/100 5001 1 none 1 none Up Down
-------------------------------------------------------------------------------
Number of SAPs : 4
-------------------------------------------------------------------------------
===============================================================================
===============================================================================
Sap Aggregation Groups
===============================================================================
GroupName SvcId Ing. Ing. Egr. Egr. Adm Opr
QoS Fltr QoS Fltr
-------------------------------------------------------------------------------
No Matching Entries
===============================================================================
*A:ALU-48>show>service#
*A:ALU-48# show service sap-using description
==============================================================================
Service Access Points
==============================================================================
PortId SvcId Adm Opr Description
------------------------------------------------------------------------------
1/1/2 1 Down Down (Not Specified)
1/2/1.1 4 Up Down (Not Specified)
1/10/4 5 Up Down (Not Specified)
------------------------------------------------------------------------------
Number of SAPs : 3
-------------------------------------------------------------------------------
===============================================================================
*A:ALU-48#
*A:7705custDoc:Sar18>show>service# sap-using ingress scheduler-mode 4-priority
======================================================================
Service Access Points Using Ingress 4-priority Scheduler Mode
======================================================================
PortId SvcId Scheduler Mode Adm Opr
----------------------------------------------------------------------
1/12/6 6000 4-priority Up Down
----------------------------------------------------------------------
Number of SAPs : 1
----------------------------------------------------------------------
======================================================================
*A:7705custDoc:Sar18>show>service#
Label |
Description |
|---|---|
Port ID |
The ID of the access port where the SAP is defined |
SvcID |
The service identifier |
Ing.QoS |
The SAP ingress QoS policy number specified on the ingress SAP |
Ing. Fltr |
The filter policy ID applied to the ingress SAP |
Egr.QoS |
The SAP egress QoS policy number specified on the egress SAP |
Egr. Fltr |
The filter policy ID applied to the egress SAP |
Scheduler Mode |
The scheduler mode of the SAP: 4-priority or 16-priority |
Shaper Policy |
Identifies the shaper policy that the shaper group belongs to |
Adm |
The administrative state of the SAP |
Opr |
The actual state of the SAP |
Description |
The description of the SAP |
Number of SAPs |
The total number of SAPs listed in the output |
GroupName |
The group name of any aggregation groups |
VPLS clear commands
id
Syntax
id service-id
Context
clear>service
clear>service>statistics
Description
This command clears commands for a specific service.
Parameters
- service-id
the ID that uniquely identifies a service
statistics
Syntax
statistics [sap sap-id | sdp sdp-id[:vc-id] | [ip-address | ip-int-name]]
Context
clear>service>id>dhcp
Description
This command clears DHCP statistics for this service.
Parameters
- sap-id
clears the specified SAP statistics. See SAP ID configurations for a full list of SAP IDs.
- sdp-id
the SDP ID to be cleared
- vc-id
the virtual circuit ID on the SDP ID to be cleared
- ip-int-name
clears the statistics for the IP interface with the specified name
- ip-addr
clears the statistics for the IP interface with the specified IP address
fdb
Syntax
fdb {all | mac ieee-address | sap sap-id | mesh-sdp sdp-id[:vc-id] | spoke-sdp sdp-id:vcid}
Context
clear>service>id
Description
This command clears FDB entries for the service.
Parameters
- all
clears all FDB entries
- ieee-address
clears only FDB entries in the FDB table with the specified 48-bit MAC address. The MAC address can be expressed in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers.
- sap-id
specifies the physical port identifier portion of the SAP definition. See SAP ID configurations for a full list of SAP IDs.
- mesh-sdp
clears only service FDB entries associated with the specified mesh SDP ID. For a mesh SDP, the VC ID is optional.
- spoke-sdp
clears only service FDB entries associated with the specified spoke SDP ID. For a spoke SDP, the VC ID must be specified.
- sdp-id
the SDP ID for which to clear associated FDB entries
- vc-id
the virtual circuit ID on the SDP ID for which to clear associated FDB entries
igmp-snooping
Syntax
igmp-snooping
Context
clear>service>id
Description
This command enables the context to clear IGMP snooping-related data.
mld-snooping
Syntax
mld-snooping
Context
clear>service>id
Description
This command enables the context to clear MLD snooping-related data.
port-db
Syntax
port-db sap sap-id [group grp-address [source src-ip-address]]
port-db sap sap-id [group grp-ipv6-address]
port-db sap sap-id group grp-ipv6-address source src-ipv6-address
port-db sdp sdp-id:vc-id [group grp-address [source src-ip-address]]
port-db sdp sdp-id:vc-id [group grp-ipv6-address]
port-db sdp sdp-id:vc-id group grp-ipv6-address source src-ipv6-address
Context
clear>service>id>igmp-snooping
clear>service>id>mld-snooping
Description
This command clears the information on the IGMP or MLD snooping port database for the VPLS service.
Parameters
- sap-id
clears IGMP or MLD snooping statistics matching the specified SAP ID. See SAP ID configurations for a full list of SAP IDs.
- sdp-id
clears only IGMP or MLD snooping entries associated with the specified SDP. For a spoke SDP, the VC ID must be specified; for a mesh SDP, the VC ID is optional.
- vc-id
the virtual circuit ID on the SDP ID for which to clear information
- grp-address
clears IGMP snooping statistics matching the specified group address
- grp-ipv6-address
clears MLD snooping statistics matching the specified group address
- src-ip-address
clears IGMP snooping statistics matching the specified source address
- src-ipv6-address
clears MLD snooping statistics matching the specified source address
querier
Syntax
querier
Context
clear>service>id>igmp-snooping
clear>service>id>mld-snooping
Description
This command clears the information on the IGMP or MLD snooping queriers for the VPLS service.
statistics
Syntax
statistics {all | sap sap-id | sdp sdp-id:vc-id}
Context
clear>service>id>igmp-snooping
clear>service>id>mld-snooping
Description
This command clears IGMP or MLD snooping statistics.
Parameters
- all
clears all statistics for the service ID
- sap-id
clears statistics for the specified SAP. See SAP ID configurations for a full list of SAP IDs.
- sdp-id:vc-id
clears statistics for the specified SDP
mesh-sdp
Syntax
mesh-sdp sdp-id[:vc-id] ingress-vc-label
Context
clear>service>id
Description
This command clears and resets the mesh SDP bindings for the service.
Parameters
- sdp-id
the mesh SDP ID to be reset
- vc-id
the virtual circuit ID on the SDP ID to be reset
pim-snooping
Syntax
pim-snooping
Context
clear>service>id
Description
This command enables the context to clear PIM snooping information.
database
Syntax
database [[sap sap-id | sdp sdp-id:vc-id] [group grp-ip-address] [source src-ip-address]] [family]
Context
clear>service>id>pim-snooping
Description
This command clears PIM snooping source group database information.
Parameters
- sap-id
clears PIM snooping entries associated with the specified SAP
- sdp-id:vc-id
clears PIM snooping entries associated with the specified SDP
- grp-ip-address
clears PIM snooping information matching the specified group address
- src-ip-address
clears PIM snooping information matching one particular source within the multicast group
- family
clears either IPv4 or IPv6 information
neighbor
Syntax
neighbor [ip-address | sap sap-id | sdp sdp-id:vc-id] [family]
Context
clear>service>id>pim-snooping
Description
This command clears PIM snooping neighbor information.
Parameters
- ip-address
clears PIM snooping information for the neighbor with the specified IP address
- sap-id
clears PIM snooping entries associated with the specified SAP
- sdp-id:vc-id
clears PIM snooping entries associated with the specified SDP
- family
clears either IPv4 or IPv6 information
statistics
Syntax
statistics [sap sap-id | sdp sdp-id:vc-id] [family]
Context
clear>service>id>pim-snooping
Description
This command clears PIM snooping statistics for the specified SAP or SDP.
Parameters
- sap-id
clears PIM snooping statistics for the specified SAP
- sdp-id:vc-id
clears PIM snooping statistics for the specified SDP
- family
clears either IPv4 or IPv6 information
pppoe-circuit-id
Syntax
pppoe-circuit-id statistics
Context
clear>service>id>sap
Description
This command clears and resets the SAP statistics for the service.
spoke-sdp
Syntax
spoke-sdp sdp-id:vc-id ingress-vc-label
Context
clear>service>id
Description
This command clears and resets the spoke SDP bindings for the service.
Parameters
- sdp-id
the spoke SDP ID to be reset
- vc-id
the virtual circuit ID on the SDP ID to be reset
cem
Syntax
cem
Context
clear>service>statistics>id
Description
This command clears CEM statistics for this service.
counters
Syntax
counters
Context
clear>service>statistics>id
Description
This command clears all traffic queue counters associated with the service ID.
spoke-sdp
Syntax
spoke-sdp sdp-id:vc-id {all | counters | l2pt | mrp}
Context
clear>service>statistics>id
Description
This command clears statistics for the spoke SDP bound to the service.
Parameters
- sdp-id
the spoke SDP ID for which to clear statistics
- vc-id
the virtual circuit ID on the SDP ID to be reset
- all
clears all queue statistics associated with the SDP
- counters
clears all queue counters associated with the SDP
- l2pt
clears all L2PT statistics associated with the SDP
- mrp
clears all MRP statistics associated with the SDP
stp
Syntax
stp
Context
clear>service>statistics>id
Description
This command clears all spanning tree statistics for the service ID.
sap
Syntax
sap sap-id{all | cem | counters | l2pt | stp | mrp}
Context
clear>service>statistics
Description
This command clears statistics for the SAP bound to the service.
Parameters
- sap-id
specifies the physical port identifier portion of the SAP definition. See SAP ID configurations for a full list of SAP IDs.
- all
clears all queue statistics associated with the SAP
- cem
clears all CEM statistics associated with the SAP
- counters
clears all queue counters associated with the SAP
- l2pt
clears all L2PT statistics associated with the SAP
- stp
clears all STP statistics associated with the SAP
- mrp
clears all MRP statistics associated with the SAP
sdp
Syntax
sdp sdp-id keep-alive
Context
clear>service>statistics
Description
This command clears keepalive statistics associated with the SDP ID.
Parameters
- sdp-id
the SDP ID for which to clear statistics
- keep-alive
clears the keep alive history associated with this SDP ID
dhcp
Syntax
dhcp
Context
clear>router
Description
This command enables the context to clear and reset DHCP entities.
statistics
Syntax
statistics [interface ip-int-name | ip-address]
Context
clear>router>dhcp
Description
This command clears DHCP statistics.
Parameters
- ip-int-name
clears the statistics for the IP interface with the specified name
- ip-addr
clears the statistics for the IP interface with the specified IP address
VPLS debug commands
id
Syntax
id service-id
Context
debug>service
Description
This command debugs commands for a specific service.
Parameters
- service-id
the ID that uniquely identifies a service
igmp-snooping
Syntax
[no] igmp-snooping
Context
debug>service>id
Description
This command enables IGMP snooping debugging.
The no form of the command disables IGMP snooping debugging.
mld-snooping
Syntax
[no] mld-snooping
Context
debug>service>id
Description
This command enables MLD snooping debugging.
The no form of the command disables MLD snooping debugging.
detail-level
Syntax
detail-level {low | medium | high}
no detail-level
Context
debug>service>id>igmp-snooping
debug>service>id>mld-snooping
Description
This command enables debugging for the IGMP or MLD tracing detail level.
The no form of the command disables debugging for the IGMP or MLD tracing detail level.
mac
Syntax
[no] mac ieee-address
Context
debug>service>id>igmp-snooping
debug>service>id>mld-snooping
Description
This command debugs IGMP or MLD packets for the specified MAC address.
The no form of the command disables the MAC debugging.
Parameters
- ieee-address
the 48-bit MAC address in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee, and ff are hexadecimal numbers
mode
Syntax
mode {dropped-only | ingr-and-dropped | egr-ingr-and-dropped}
no mode
Context
debug>service>id>igmp-snooping
debug>service>id>mld-snooping
Description
This command enables debugging for the IGMP or MLD tracing mode.
The no form of the command disables debugging for the IGMP or MLD tracing mode.
sap
Syntax
[no] sap sap-id
Context
debug>service>id>igmp-snooping
debug>service>id>mld-snooping
Description
This command enables debugging for IGMP or MLD packets for a specific SAP.
The no form of the command disables debugging for the SAP.
Parameters
- sap-id
specifies the physical port identifier portion of the SAP definition. See SAP ID configurations for a full list of SAP IDs.
sdp
Syntax
[no] sdp sdp-id:vc-id
Context
debug>service>id>igmp-snooping
debug>service>id>mld-snooping
Description
This command enables debugging for a specific SDP.
The no form of the command disables debugging for the SDP.
Parameters
- sdp-id
specifies the mesh SDP or spoke SDP. For an IGMP spoke SDP, the VC ID must be specified, for a mesh SDP, the VC ID is optional.
- vc-id
the virtual circuit ID on the SDP ID for which to display information
event-type
Syntax
[no] event-type {config-change | svc-oper-status-change | sap-oper-status-change | sdpbind-oper-status-change}
Context
debug>service>id
Description
This command enables a particular debugging event type.
The no form of the command disables the event type debugging.
Parameters
- config-change
debugs configuration change events
- svc-oper-status-change
debugs service operational status changes
- sap-oper-status-change
debugs SAP operational status changes
- sdpbind-oper-status-change
debugs SDP operational status changes
pim-snooping
Syntax
[no] pim-snooping
Context
debug>service>id
Description
This command enables PIM-snooping debugging.
adjacency
Syntax
[no] adjacency
Context
debug>service>id>pim-snooping
Description
This command enables or disables debugging for PIM snooping adjacencies.
all
Syntax
all [group grp-ip-address] [source src-ip-address] [detail]
no all
Context
debug>service>id>pim-snooping
Description
This command enables or disables debugging for all the PIM snooping modules for the specified multicast address.
Parameters
- grp-ip-address
debugs information associated with all PIM modules for the specified multicast group address
- src-ip-address
debugs information associated with all PIM modules for the specified multicast source address
- detail
provides detailed debugging information on all PIM snooping modules
database
Syntax
database [group grp-ip-address] [source src-ip-address] [detail]
no database
Context
debug>service>id>pim-snooping
Description
This command enables or disables debugging for the PIM snooping database for the specified multicast address.
Parameters
- grp-ip-address
debugs information associated with all PIM modules for the specified multicast group address
- src-ip-address
debugs information associated with the specified database for the specified multicast source address
- detail
provides detailed debugging information on the PIM snooping database
jp
Syntax
jp [group grp-ip-address] [source src-ip-address] [detail]
no jp
Context
debug>service>id>pim-snooping
Description
This command enables or disables debugging for the PIM snooping join-prune mechanism for the specified multicast address.
Parameters
- grp-ip-address
debugs information associated with the specified join-prune mechanism for the specified multicast group address
- src-ip-address
debugs information associated with the specified join-prune mechanism for the specified multicast source address
- detail
provides detailed debugging information on the join-prune mechanism
packet
Syntax
packet [hello | jp] [sap sap-id | sdp sdp-id:vc-id]
no packet
Context
debug>service>id>pim-snooping
Description
This command enables or disables debugging for PIM snooping packets.
Parameters
- hello | jp
specifies the PIM snooping packet types
- sap-id
debugs packets associated with the specified SAP
- sdp-id:vc-id
debugs packets associated with the specified SDP
port
Syntax
port [sap sap-id | sdp sdp-id:vc-id] [detail]
no port
Context
debug>service>id>pim-snooping
Description
This command enables or disables debugging for PIM snooping ports.
Parameters
- sap-id
only debugs ports associated with the specified SAP
- sdp-id:vc-id
only debugs ports associated with the specified SDP
- detail
provides detailed debugging information on the SAP or SDP
red
Syntax
red [detail]
no red
Context
debug>service>id>pim-snooping
Description
This command enables or disables debugging for PIM snooping messages sent to the standby (redundant) CSM.
Parameters
- detail
provides detailed debugging information
sap
Syntax
[no] sap sap-id
Context
debug>service>id
Description
This command enables debugging for a particular SAP.
Parameters
- sap-id
specifies the physical port identifier portion of the SAP definition. See SAP ID configurations for a full list of SAP IDs.
stp
Syntax
stp
Context
debug>service>id
Description
This command enables the context for debugging STP.
all-events
Syntax
all-events
Context
debug>service>id>stp
Description
This command enables STP debugging for all events.
bpdu
Syntax
[no] bpdu
Context
debug>service>id>stp
Description
This command enables STP debugging for received and transmitted BPDUs.
core-connectivity
Syntax
[no] core-connectivity
Context
debug>service>id>stp
Description
This command enables STP debugging for core connectivity.
exception
Syntax
[no] exception
Context
debug>service>id>stp
Description
This command enables STP debugging for exceptions.
fsm-state-changes
Syntax
[no] fsm-state-changes
Context
debug>service>id>stp
Description
This command enables STP debugging for FSM state changes.
fsm-timers
Syntax
[no] fsm-timers
Context
debug>service>id>stp
Description
This command enables STP debugging for FSM timer changes.
port-role
Syntax
[no] port-role
Context
debug>service>id>stp
Description
This command enables STP debugging for changes in port roles.
port-state
Syntax
[no] port-state
Context
debug>service>id>stp
Description
This command enables STP debugging for port states.
sap
Syntax
[no] sap sap-id
Context
debug>service>id>stp
Description
This command enables STP debugging for a specific SAP.
Parameters
- sap-id
specifies the physical port identifier portion of the SAP definition. See SAP ID configurations for a full list of SAP IDs.