Virtual Private LAN Service
This chapter provides information about Virtual Private LAN Service (VPLS), process overview, and implementation notes.
VPLS service overview
Virtual Private LAN Service (VPLS) is a class of virtual private network service that allows the connection of multiple sites in a single bridged domain over a provider-managed IP/MPLS network. The customer sites in a VPLS instance appear to be on the same LAN, regardless of their location. VPLS uses an Ethernet interface on the customer-facing (access) side which simplifies the LAN/WAN boundary and allows for rapid and flexible service provisioning.
VPLS provides a balance between point-to-point Frame Relay service and outsourced routed services. VPLS enables each customer to maintain control of their own routing strategies. All customer routers in the VPLS service are part of the same subnet (LAN) which simplifies the IP addressing plan, especially when compared to a mesh constructed from many separate point-to-point connections. The VPLS service management is simplified since the service is not aware of nor participates in the IP addressing and routing.
A VPLS service provides connectivity between two or more SAPs on one (considered a local service) or more (which is considered a distributed service) service routers. The connection appears to be a bridged domain to the customer sites so protocols, including routing protocols, can traverse the VPLS service.
Other VPLS advantages include:
VPLS is a transparent, protocol-independent service.
There is no Layer 2 protocol conversion between LAN and WAN technologies.
There is no need to design, manage, configure, and maintain separate WAN access equipment, therefore, eliminating the need to train personnel on WAN technologies such as Frame Relay.
The 7210 SAS-D, 7210 SAS-Dxp, and 7210 SAS-K 2F1C2T do not support IP/MPLS uplinks and support only local VPLS service. These devices support provisioning of access SAPs or access-uplink SAPs to connect to the provider edge IP/MPLS routers, allowing users to provision an end-to-end VPLS VPN service using the concept of hierarchical VPLS.
The 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C support IP/MPLS uplinks and support both local VPLS service and distributed VPLS service. This provides an option to use VPLS service configured on the node with spoke-SDPs to connect to the provider edge IP/MPLS routers or use access SAPs or access-uplink SAPs to connect to the provider edge IP/MPLS routers, allowing users to provision an end-to-end VPLS VPN service using the concept of hierarchical VPLS. The 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C also support mesh SDPs for use in smaller network configurations.
VPLS packet walk-through for a local service
This section provides an example of VPLS processing for a local VPLS service using QinQ access uplink SAPs to connect to the PE router. It is applicable to the 7210 SAS-D, 7210 SAS-Dxp, 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, and 7210 SAS-K 3SFP+ 8C (7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C when using access uplink SAPs). It describes VPLS processing of a customer packet sent across the network from site-A connected to PE-Router-A through a 7210 SAS to site-C connected through 7210 SAS to PE-Router-C (VPLS service architecture). This section does not describe the processing on the PE routers, but only on 7210 SAS routers.
7210-A (Access port ingress packet format and lookup)
Service packets arriving at 7210-A are associated with a VPLS service instance based on the combination of the physical port and the IEEE 802.1Q tag (VLAN-ID) in the packet.
7210-A learns the source MAC address in the packet and creates an entry in the FIB table that associates the MAC address to the service access point (SAP) on which it was received.
The destination MAC address in the packet is looked up in the FIB table for the VPLS instance. There are two possibilities: either the destination MAC address has already been learned (known MAC address) or the destination MAC address is not yet learned (unknown MAC address).
For a Known MAC Address (Network port egress packet format and flooding ):
If the destination MAC address has already been learned by 7210 an existing entry in the FIB table identifies destination uplink QinQ SAP used for sending the packet toward the PE-Router-A.
The customer packet is sent on this uplink SAP when the IEEE 802.1Q tag is stripped and the uplink SAP tag is added to the packet.
For an Unknown MAC Address (Network port egress packet format and flooding ):
If the destination MAC address has not been learned, 7210 will flood the packet to all the uplink SAPs participating in the service.
Core Router Switching
The PE router will encapsulate this packet in the appropriate MPLS header and transport it across the core network to the remote 7210-C.
7210-C (Access port ingress packet format and lookup)
7210-C associates the packet with the VPLS instance based on the VLAN tags in the received packet.
7210-C learns the source MAC address in the packet and creates an entry in the FIB table that associates the MAC address to the access uplink port on which the packet was received.
The destination MAC address in the packet is looked up in the FIB table for the VPLS instance. Again, there are two possibilities: either the destination MAC address has already been learned (known MAC address) or the destination MAC address has not been learned on the access side of 7210-C (unknown MAC address).
If the destination MAC address has been learned by 7210-C, an existing entry in the FIB table identifies the local access port and the IEEE 802.1Q tag (if any) to be added before sending the packet to customer Location-C. The egress Q tag may be different from the ingress Q tag.
If the destination MAC address has not been learned, 7210 will flood the packet to all the access SAPs participating in the service.
VPLS packet walk-through for a distributed service
This section provides an example of VPLS processing for a local VPLS service using spoke-SDP/mesh-SDP as uplinks to connect to the PE routers. It is applicable to the 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C when using spoke-SDP/mesh-SDP as uplinks to connect to the PE routers. It describes VPLS processing of a customer packet sent across the network from site-A connected to PE-Router-A through a 7210 SAS to site-C connected through 7210 SAS to PE-Router-C (VPLS service architecture). This section does not describe the processing on the PE routers, but only on 7210 SAS routers.
7210-A (Access port ingress packet format and lookup)
Service packets arriving at 7210-A are associated with a VPLS service instance based on the combination of the physical port and the IEEE 802.1Q tag (VLAN-ID) in the packet.
7210-A learns the source MAC address in the packet and creates an entry in the FIB table that associates the MAC address to the service access point (SAP) on which it was received.
The destination MAC address in the packet is looked up in the FIB table for the VPLS in-stance. There are two possibilities: either the destination MAC address has already been learned (known MAC address) or the destination MAC address is not yet learned (unknown MAC address).
For a Known MAC Address (Access port ingress packet format and lookup):
If the destination MAC address has already been learned by 7210, an existing entry in the FIB table identifies the far-end PE-Router and the service VC-label (inner label) used before sending the packet to PE-Router-A.
The customer packet is sent on this LSP when the IEEE 802.1Q tag is stripped and the service VC-label (inner label) and the transport label (outer label) are added to the packet.
For a Unknown MAC Address (Access port ingress packet format and lookup):
If the destination MAC address has not been learned, 7210 will flood the packet to all the spoke-SDPs participating in the service, as shown in the following figure.
Core Router Switching
The PE router will encapsulate this packet in the appropriate MPLS header and transport it across the core network to the remote 7210-C.
7210-C (Access port ingress packet format and lookup)
7210-C associates the packet with the VPLS instance based on the VLAN tags in the received packet.
7210-C learns the source MAC address in the packet and creates an entry in the FIB table that associates the MAC address to the spoke-SDP on which the packet was received.
The destination MAC address in the packet is looked up in the FIB table for the VPLS in-stance. Again, there are two possibilities: either the destination MAC address has already been learned (known MAC address) or the destination MAC address has not been learned on the access side of 7210-C (unknown MAC address).
If the destination MAC address has been learned by 7210-C, an existing entry in the FIB table identifies the local access port and the IEEE 802.1Q tag (if any) to be added before sending the packet to customer Location-C. The egress Q tag may be different from the ingress Q tag.
If the destination MAC address has not been learned, 7210 will flood the packet to all the access SAPs and possible other spoke-SDPs participating in the service.
VPLS features
VPLS enhancements on 7210 SAS-D, 7210 SAS-Dxp, and 7210 SAS-K 2F1C2T
The Nokia VPLS implementation includes several enhancements beyond basic VPN connectivity. The following VPLS features can be configured individually for each VPLS service instance:
Extensive MAC and IP filter support (up to Layer 4). Filters can be applied on a per SAP basis.
Forwarding Information Base (FIB) management features including:
configurable FIB size limit
FIB size alarms
MAC learning disable
discard unknown
aging timers for learned MAC addresses
Implementation of Spanning Tree Protocol (STP) parameters on a per VPLS and per SAP basis.
IGMP snooping on a per-SAP basis.
VPLS enhancements on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
The Nokia VPLS implementation includes several enhancements beyond basic VPN connectivity. The following VPLS features can be configured individually for each VPLS service instance:
Extensive MAC and IP filter support (up to Layer 4). Filters can be applied on a per SAP basis.
Forwarding Information Base (FIB) management features including:
configurable FIB size limit
FIB size alarms
MAC learning disable
discard unknown
aging timers for learned MAC addresses
Implementation of Spanning Tree Protocol (STP) parameters on a per VPLS and per SAP basis.
IGMP snooping on a per-SAP and SDP basis.
VPLS over MPLS - supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
The VPLS architecture proposed in draft-ietf-ppvpn-vpls-ldp-0x.txt specifies the use of provider equipment (PE) capable of learning, bridging, and replication on a per-VPLS basis. The PE routers that participate in the service are connected using MPLS Label Switched Path (LSP) tunnels in a full-mesh composed of mesh SDPs or based on an LSP hierarchy (Hierarchical VPLS (H-VPLS)) composed of mesh SDPs and spoke-SDPs. The 7210 SAS supports only H-VPLS. Multiple VPLS services can be offered over the same set of LSP tunnels. Signaling specified in RFC 4905 is used to negotiate a set of ingress and egress VC labels on a per-service basis. The VC labels are used by the PE routers for de-multiplexing traffic arriving from different VPLS services over the same set of LSP tunnels.
VPLS/H-VPLS is provided over MPLS by:
Connecting 7210 SAS to bridging-capable provider edge (PE) routers through a mesh/spoke-SDP. The PE routers are connected using a full mesh of LSPs.
Negotiating per-service VC labels using draft-Martini encapsulation.
Replicating unknown and broadcast traffic in a service domain.
Enabling MAC learning over tunnel and access ports (see VPLS MAC learning and packet forwarding).
Using a separate forwarding information base (FIB) per VPLS service.
VPLS over SAPs
7210 SAS-D and 7210 SAS-Dxp devices support QinQ SAPs or Dot1q SAPs that allows them to connect to upstream PE nodes providing IP/MPLS transport.
VPLS is provided over QinQ/Dot1q SAPs by:
Connecting bridging-capable 7210 SAS devices.
Replicating unknown and broadcast traffic in a service domain.
Enabling MAC learning over QinQ/Dot1q SAPs and access ports (see VPLS MAC learning and packet forwarding).
Using a separate forwarding information base (FIB) per VPLS service.
VPLS MAC learning and packet forwarding
The 7210 SAS edge devices perform the packet replication required for broadcast and multicast traffic across the bridged domain. MAC address learning is performed by the 7210 SAS device to reduce the amount of unknown destination MAC address flooding.
On the 7210 SAS-D, 7210 SAS-Dxp, 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, the user can configure Layer 2 uplinks (i.e. Dot1q SAPs or QinQ SAPs) for uplink connectivity and access SAPs for customer connectivity as logical bridge ports in a VPLS service.
On the 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, the user can configure access SAPs for customer connectivity and mesh-sdp/spoke-sdp for uplink connectivity as logical bridge ports in a VPLS service.
Each 7210 SAS maintains a Forwarding Information Base (FIB) for each VPLS service instance and learned MAC addresses are populated in the FIB table of the service. All traffic is switched based on MAC addresses using QinQ SAPs created on access uplink ports Unknown destination packets (for example, the destination MAC address has not been learned) are forwarded on all SAPs for that service until the target station responds and the MAC address is learned by the 7210 SAS associated with that service.
IGMP snooping on 7210 SAS-D, 7210 SAS-Dxp, and 7210 SAS-K 2F1C2T
In Layer 2 switches, multicast traffic is treated like an unknown MAC address or broadcast frame, which causes the incoming frame to be flooded out (broadcast) on every port within a VLAN. Although this is acceptable behavior for unknowns and broadcast frames, this flooded multicast traffic may result in wasted bandwidth on network segments and end stations, as IP multicast hosts can join and be interested in only specific multicast groups.
IGMP snooping entails using information in Layer 3 protocol headers of multicast control messages to determine the processing at Layer 2. By doing so, an IGMP snooping switch provides the benefit of conserving bandwidth on those segments of the network in which no node has expressed interest in receiving packets addressed to the group address.
IGMP snooping can be enabled in the context of VPLS services. The IGMP snooping feature allows for optimization of the multicast data flow to only the SAPs members of the group. The system builds a database of group members per service by listening to IGMP queries and reports from each SAP:
When the switch receives an IGMP report from a host for a multicast group, the switch adds the host port number to the forwarding table entry.
When it receives an IGMP leave message from a host, it removes the host port from the table entry, if no other group members are present. It also deletes entries if it does not receive periodic IGMP membership reports from the multicast clients.
The following are IGMP snooping features:
IGMP v1, v2, and v3 are supported (RFC 1112, Host Extensions for IP Multicasting, and RFC 2236, Internet Group Management Protocol, Version 2).
IGMP snooping can be enabled and disabled on individual VPLS service instances.
IGMP snooping can be configured on individual SAPs that are part of a VPLS service. When IGMP snooping is enabled on a VPLS service, all its contained SAPs automatically have snooping enabled.
Fast leave terminates the multicast session immediately, rather than using the standard group-specific query to check if other group members are present on the network.
SAPs can be statically configured as multicast router ports. This allows the operator to control the set of ports to which IGMP membership reports are forwarded.
Static multicast group membership on a per SAP basis can be configured.
The maximum number of multicast groups (static and dynamic) that a SAP can join can be configured. An event is generated when the limit is reached.
The maximum number of multicast groups (static and dynamic) that a VPLS instance simultaneously supports can be configured.
Proxy summarization of IGMP messages reduces the number of IGMP messages processed by upstream devices in the network.
IGMP filtering allows a subscriber to a service or the provider to block, receive, or transmit permission (or both) to individual hosts or a range of hosts.
The following types of filters can be defined:
Filter group membership that report from a host or range of hosts. This filtering is performed by importing an appropriately-defined routing policy into the SAP.
Filters that prevent a host from transmitting multicast streams into the network. The operator can define a data-plane filter (ACL) that drops all multicast traffic, and apply this filter to a SAP.
IGMP snooping on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
In Layer 2 switches, multicast traffic is treated like an unknown MAC address or broadcast frame, which causes the incoming frame to be flooded out (broadcast) on every port within a VLAN. Although this is acceptable behavior for unknowns and broadcast frames, this flooded multicast traffic may result in wasted bandwidth on network segments and end stations, as IP multicast hosts can join and be interested in only specific multicast groups.
IGMP snooping entails using information in Layer 3 protocol headers of multicast control messages to determine the processing at Layer 2. By doing so, an IGMP snooping switch provides the benefit of conserving bandwidth on those segments of the network in which no node has expressed interest in receiving packets addressed to the group address.
IGMP snooping can be enabled in the context of VPLS services. The IGMP snooping feature allows for optimization of the multicast data flow to only those SAPs and SDPs that are members of the group. The system builds a database of group members per service by listening to IGMP queries and reports from each SAP and SDP:
When the switch receives an IGMP report from a host for a multicast group, the switch adds the host port number to the forwarding table entry.
When it receives an IGMP leave message from a host, it removes the host port from the table entry, if no other group members are present. It also deletes entries if it does not receive periodic IGMP membership reports from the multicast clients.
The following are IGMP snooping features:
IGMP v1, v2, and v3 are supported (RFC 1112, Host Extensions for IP Multicasting, and RFC 2236, Internet Group Management Protocol, Version 2). On 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, IGMP v1, v2, v3 is supported with both with L2 uplinks and MPLS uplinks.
IGMP snooping can be enabled and disabled on individual VPLS service instances.
IGMP snooping can be configured on individual SAPs and SDPs that are part of a VPLS service. When IGMP snooping is enabled on a VPLS service, all its contained SAPs and SDPs automatically have snooping enabled.
Fast leave terminates the multicast session immediately, rather than using the standard group-specific query to check if other group members are present on the network.
SDPs and SAPs can be statically configured as multicast router ports. This allows the operator to control the set of ports to which IGMP membership reports are forwarded.
Static multicast group membership on a per SAP and SDP basis can be configured.
The maximum number of multicast groups (static and dynamic) that a SAP and SDP can join can be configured. An event is generated when the limit is reached.
The maximum number of multicast groups (static and dynamic) that a VPLS instance simultaneously supports can be configured.
Proxy summarization of IGMP messages reduces the number of IGMP messages processed by upstream devices in the network.
IGMP filtering allows a subscriber to a service or the provider to block, receive, or transmit permission (or both) to individual hosts or a range of hosts. The following types of filters can be defined:
Filter group membership that report from a particular host or range of hosts. This filtering is performed by importing an appropriately-defined routing policy into the SAP and SDP.
Filters that prevent a host from transmitting multicast streams into the network. The operator can define a data-plane filter (ACL) that drops all multicast traffic, and apply this filter to a SAP and SDP.
Multicast VLAN Registration (MVR) support
Multicast VPLS Registration (MVR) is a bandwidth optimization method for multicast in a broadband services network. MVR allows a subscriber on a port to subscribe and unsubscribe to a multicast stream on one or more network-wide multicast VPLS instances.
MVR assumes that subscribers join and leave multicast streams by sending IGMP join and leave messages. The IGMP leave and join message are sent inside the VPLS to which the subscriber port is assigned. The multicast VPLS is shared in the network while the subscribers remain in separate VPLS services. Using MVR, users on different VPLS cannot exchange any information between them, but still multicast services are provided.
On the MVR VPLS, IGMP snooping must be enabled. On the user VPLS, IGMP snooping and MVR work independently. If IGMP snooping and MVR are both enabled, MVR reacts only to join and leave messages from multicast groups configured under MVR. Join and leave messages from all other multicast groups are managed by IGMP snooping in the local VPLS. This way, potentially several MVR VPLS instances could be configured, each with its own set of multicast channels:
MVR by proxy
In some situations, the multicast traffic should not be copied from the MVR VPLS to the SAP on which the IGMP message was received (standard MVR behavior) but to another SAP. This is called MVR by proxy.
In the following figure, the reference to SDP is only applicable to the 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C.
Configuration guidelines for MVR
In a MVR configuration, the svc-sap-type of the VPLS service that is the source, known as 'mvr vpls service' and the svc-sap-type of the VPLS service that is the sink, known as 'user vpls service' should match.
DHCPv4 snooping
To support a DHCP-based address assignment in a Layer 2 aggregation network, the 7210 SAS supports DHCPv4 snooping. The 7210 SAS can copy packets designated to the standard UDP port for DHCP (port 67) to its control plane for inspection, this process is called DHCPv4 snooping.
DHCPv4 snooping can be performed in two directions:
-
From the client to the DHCP server (Discover or Request messages) to insert Option 82 information. For these applications, DHCPv4 snooping must be enabled on the SAP toward the subscriber.
-
From the DHCP server (ACK messages), to remove the Option 82 field toward the client. For these applications, DHCPv4 snooping must be enabled on both the SAP toward the network and the SAP toward the subscriber.
L2 forwarding table management
The following sections describe VPLS features related to management of the Forwarding Information Base (FIB).
FIB size on 7210 SAS-D, 7210 SAS-Dxp, and 7210 SAS-K 2F1C2T
The following MAC table management features are required for each instance of a SAP within a particular VPLS service instance:
MAC FIB size limits
Allows users to specify the maximum number of MAC FIB entries learned locally for a SAP. If the configured limit is reached, then no new addresses will be learned from the SAP until at least one FIB entry is aged out or cleared:
When the limit is reached on a SAP, packets with unknown source MAC addresses are still forwarded (this default behavior can be changed by configuration). By default, if the destination MAC address is known, it is forwarded based on the FIB, and if the destination MAC address is unknown, it will be flooded. Alternatively, if discard unknown is enabled at the VPLS service level, unknown destination MAC addresses are discarded.
The log event SAP MAC limit reached is generated when the limit is reached. When the condition is cleared, the log event SAP MAC Limit Reached Condition Cleared is generated.
Disable learning at the VPLS service level allows users to disable the dynamic learning function on the service. Disable learning is not supported at the SAP level.
Disable aging allows users to turn off aging for learned MAC addresses on a SAP of a VPLS service instance.
FIB size on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
The following MAC table management features are required for each instance of a SAP or spoke-SDP within a VPLS service instance:
MAC FIB size limits - Allows users to specify the maximum number of MAC FIB entries learned locally for a SAP or remotely for a spoke-SDP. If the configured limit is reached, then no new addresses will be learned from the SAP and spoke-SDP until at least one FIB entry is aged out or cleared:
When the limit is reached on a SAP and spoke-SDP, packets with unknown source MAC addresses are still forwarded (this default behavior can be changed by configuration). By default, if the destination MAC address is known, it is forwarded based on the FIB, and if the destination MAC address is unknown, it will be flooded. Alternatively, if discard unknown is enabled at the VPLS service level, unknown destination MAC addresses are discarded.
The log event SAP/SDP MAC limit reached is generated when the limit is reached. When the condition is cleared, the log event SAP/SDP MAC Limit Reached Condition Cleared is generated.
Disable learning at the VPLS service level allows users to disable the dynamic learning function on the service. Disable learning is not supported at the SAP level and spoke-SDP level.
Disable aging allows users to turn off aging for learned MAC addresses on a SAP and spoke-SDP of a VPLS service instance.
FIB size alarms
The size of the VPLS FIB can be configured with a low watermark and a high watermark, expressed as a percentage of the total FIB size limit. If the actual FIB size grows above the configured high watermark percentage, an alarm is generated. If the FIB size falls below the configured low watermark percentage, the alarm is cleared by the system.
Local aging timers on 7210 SAS-D, 7210 SAS-Dxp, and 7210 SAS-K 2F1C2T
Like a Layer 2 switch, learned MACs within a VPLS instance can be aged out if no packets are sourced from the MAC address for a specified period of time (the aging time). The age timer for the VPLS instance specifies the aging time for locally learned MAC addresses.
The aging mechanism is considered a low priority process. In most situations, the aging out of MAC addresses can happen in within tens of seconds beyond the age time. To minimize overhead, local MAC addresses on a LAG port, in some circumstances, can take up to two times their respective age timer to be aged out.
Local and remote aging timers on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Like a Layer 2 switch, learned MACs within a VPLS instance can be aged out if no packets are sourced from the MAC address for a specified time-period (the aging time). In each VPLS service instance, there are independent aging timers for locally learned MAC and remotely learned MAC entries in the forwarding database (FIB). A local MAC address is a MAC address associated with a SAP because it ingressed on a SAP. A remote MAC address is a MAC address received by an SDP from another router for the VPLS instance. The local-age timer for the VPLS instance specifies the aging time for locally learned MAC addresses, and the remote-age timer specifies the aging time for remotely learned MAC addresses.
In general, the remote-age timer is set to a longer period than the local-age timer to reduce the amount of flooding required for destination unknown MAC addresses. The aging mechanism is considered a low priority process. In most situations, the aging out of MAC addresses can happen in within tens of seconds beyond the age time. To minimize overhead, local MAC addresses on a LAG port and remote MAC addresses, in some circumstances, can take up to two times their respective age timer to be aged out.
Disable MAC aging
The MAC aging timers can be disabled which will prevent any learned MAC entries from being aged out of the FIB. When aging is disabled, it is still possible to manually delete or flush learned MAC entries. Aging can be disabled for learned MAC addresses on a SAP of a VPLS service instance.
Disable MAC learning
When MAC learning is disabled for a service, new source MAC addresses are not entered in the VPLS FIB. MAC learning can be disabled for services.
Unknown MAC discard
Unknown MAC discard is a feature which discards all packets ingressing the service where the destination MAC address is not in the FIB. The normal behavior is to flood these packets to all end points in the service.
Unknown MAC discard can be used with the disable MAC learning and disable MAC aging options to create a fixed set of MAC addresses allowed to ingress and traverse the service.
VPLS and rate limiting
Traffic that is usually flooded throughout the VPLS can be rate limited on SAP ingress using service ingress QoS policies. In a service ingress QoS policy, individual meters can be defined per forwarding class to provide rate-limiting/policing of broadcast traffic, MAC multicast traffic and unknown destination MAC traffic.
On the 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, and 7210 SAS-K 3SFP+ 8C, the option is available to use either service ingress queues with rate shapers or meters to limit different traffic types.
MAC move
The MAC move feature is useful to protect against undetected loops in a VPLS topology, as well as the presence of duplicate MACs in a VPLS service.
If two clients in the VPLS have the same MAC address, the VPLS will experience a high relearn rate for the MAC.
When MAC move is enabled, the 7210 SAS-D, 7210 SAS-Dxp, or 7210 SAS-K 2F1C2T shut down the SAP and create an alarm event when the threshold is exceeded.
When MAC move is enabled, the 7210 SAS-K 2F6C4T or 7210 SAS-K 3SFP+ 8C shut down the SAP or spoke-SDP and create an alarm event when the threshold is exceeded.
Split horizon SAP groups
Split Horizon group per service is only supported on the 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, and 7210 SAS-K 3SFP+ 8C.
Port-based split horizon groups are only supported on the 7210 SAS-D and 7210 SAS-Dxp.
In many applications, the split-horizon group concept involving a group of SAPs is useful to prevent direct customer-to-customer traffic exchange (without the traffic being sent to the head-end service nodes). This extension is referred to as a split horizon SAP group. Traffic arriving on a SAP or a spoke-SDP within a split horizon group will not be forwarded to other SAPs configured in the same split horizon group, but will be forwarded to other SAPs, which are not part of the split horizon group.
Split horizon SAP groups and split horizon spoke-SDP groups on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Within the context of VPLS services, a loop-free topology inside a fully meshed VPLS core is achieved by applying a split-horizon forwarding concept. The packets received from a mesh SDP are never forwarded to other mesh SDPs within the same service. The advantage of this approach is that no protocol is required to detect loops within the VPLS core network.
In applications, such as residential aggregation, it is useful to extend this split-horizon concept also to groups of SAPs and/or spoke-SDPs. This extension is referred to as a split horizon SAP group/spoke-SDP group. Traffic arriving on a SAP or a spoke-SDP within a split horizon group will not be forwarded to other SAPs and spoke-SDPs configured in the same split horizon group, but will be forwarded to other SAPs/spoke-SDPs, which are not part of the split horizon group.
VPLS and Spanning Tree Protocol
The 7210 SAS VPLS service provides a bridged or switched Ethernet Layer 2 network. Equipment connected to SAPs forward Ethernet packets into the VPLS service. The 7210 SAS participating in the service learns where the customer MAC addresses reside, on ingress SAPs.
Unknown destinations, broadcasts, and multicasts are flooded to all other SAPs in the service. If SAPs are connected, either through misconfiguration or for redundancy purposes, loops can form and flooded packets can keep flowing through the network. The Nokia implementation of the Spanning Tree Protocol (STP) is designed to remove these loops from the VPLS topology. This is done by putting one or several SAPs in the discarding state.
The Nokia implementation of the Spanning Tree Protocol (STP) incorporates some modifications to make the operational characteristics of VPLS more effective.
The STP instance parameters allow the balancing between resiliency and speed of convergence extremes. Modifying parameters can affect the behavior. For information about command usage, descriptions, and CLI syntax, see Configuring a VPLS service with CLI.
Spanning tree operating modes
Per VPLS instance, a preferred STP variant can be configured. The STP variants supported are:
rstp - rapid Spanning Tree Protocol (RSTP) compliant with IEEE 802.1D-2004 - default mode
dot1w - compliant with IEEE 802.1w
comp-dot1w - operation as in RSTP but backwards compatible with IEEE 802.1w (this mode allows interoperability with some MTU types)
mstp - compliant with the Multiple Spanning Tree Protocol specified in IEEE 802.1Q-REV/D5.0-09/2005. This mode of operation is only supported in an mVPLS
While the 7210 SAS initially uses the mode configured for the VPLS, it will dynamically fall back (on a per-SAP basis) to STP (IEEE 802.1D-1998) based on the detection of a BPDU of a different format. A trap or log entry is generated for every change in spanning tree variant.
Some older 802.1W compliant RSTP implementations may have problems with some of the features added in the 802.1D-2004 standard. Inter-working with these older systems is improved with the comp-dot1w mode. The differences between the RSTP mode and the comp-dot1w mode are:
The RSTP mode implements the improved convergence over shared media feature, for example, RSTP will transition from discarding to forwarding in 4 seconds when operating over shared media. The comp-dot1w mode does not implement this 802.1D-2004 improvement and transitions conform to 802.1w in 30 seconds (both modes implement fast convergence over point-to-point links).
In the RSTP mode, the transmitted BPDUs contain the port's designated priority vector (DPV) (conforms to 802.1D-2004). Older implementations may be confused by the DPV in a BPDU and may fail to recognize an agreement BPDU correctly. This would result in a slow transition to a forwarding state (30 seconds). For this reason, in the comp-dot1w mode, these BPDUs contain the port's port priority vector (conforms to 802.1w).
The 7210 SAS supports one BDPU encapsulation formats, and can dynamically switch between the following supported formats (on a per-SAP basis):
IEEE 802.1D STP
Cisco PVST
Multiple Spanning Tree Protocol
The Multiple Spanning Tree Protocol (MSTP) extends the concept of the IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) by allowing grouping and associating VLANs to Multiple Spanning Tree Instances (MSTI). Each MSTI can have its own topology, which provides architecture enabling load balancing by providing multiple forwarding paths. At the same time, the number of STP instances running in the network is significantly reduced as compared to Per VLAN STP (PVST) mode of operation. Network fault tolerance is also improved because a failure in one instance (forwarding path) does not affect other instances.
The 7210 SAS implementation of Management VPLS (mVPLS) is used to group different VPLS instances under single RSTP instance. Introducing MSTP into the mVPLS allows the following:
Inter-operation with traditional Layer 2 switches in access network.
Provides an effective solution for dual homing of many business Layer 2 VPNs into a provider network.
Redundancy access to VPLS
The GigE MAN portion of the network is implemented with traditional switches. Using MSTP running on individual switches facilitates redundancy in this part of the network. To provide dual homing of all VPLS services accessing from this part of the network, the VPLS PEs must participate in MSTP.
This can be achieved by the following:
Configuring mVPLS on VPLS-PEs (only PEs directly connected to GigE MAN network).
Assign different managed-vlan ranges to different MSTP instances.
Typically, the mVPLS would have SAPs with null encapsulations (to receive, send, and transmit MSTP BPDUs) and a mesh SDP to interconnect a pair of VPLS PEs.
Different access scenarios are displayed in Access resiliency as example network diagrams dually connected to the PBB PEs:
Access Type A - source devices connected by null or Dot1q SAPs
Access Type B - one QinQ switch connected by QinQ/801ad SAPs
Access Type C - two or more ES devices connected by QinQ/802.1ad SAPs
The following mechanisms are supported for the VPLS:
STP/RSTP can be used for all access types
M-VPLS with MSTP can be used as is just for access Type A. MSTP is required for access type B and C.
LAG and MC-LAG can be used for access Type A and B.
MSTP for QinQ SAPs
MSTP runs in a MVPLS context and can control SAPs from source VPLS instances. QinQ SAPs are supported. The outer tag is considered by MSTP as part of VLAN range control.
MSTP general principles
MSTP represents modification of RSTP that allows the grouping of different VLANs into multiple MSTIs. To enable different devices to participate in MSTIs, they must be consistently configured. A collection of interconnected devices that have the same MST configuration (region-name, revision and VLAN-to-instance assignment) comprises an MST region.
There is no limit to the number of regions in the network, but every region can support a maximum of 16 MSTIs. Instance 0 is a special instance for a region, known as the Internal Spanning Tree (IST) instance. All other instances are numbered from 1 to 4094. IST is the only spanning-tree instance that sends and receives BPDUs (typically BPDUs are untagged). All other spanning-tree instance information is included in MSTP records (M-records), which are encapsulated within MSTP BPDUs. This means that single BPDU carries information for multiple MSTI which reduces overhead of the protocol.
Any given MSTI is local to an MSTP region and completely independent from an MSTI in other MST regions. Two redundantly connected MST regions will use only a single path for all traffic flows (no load balancing between MST regions or between MST and SST region).
Traditional Layer 2 switches running MSTP protocol assign all VLANs to the IST instance per default. The operator may then ‟re-assign” individual VLANs to a specific MSTI by configuring per VLAN assignment. This means that a SR-Series PE can be considered as the part of the same MST region only if the VLAN assignment to IST and MSTIs is identical to the one of Layer 2 switches in access network.
MSTP in the 7210 SAS platform
The 7210 SAS platform uses a concept of mVPLS to group different SAPs under a single STP instance. The VLAN range covering SAPs to be managed by a specific mVPLS is declared under a specific mVPLS SAP definition. MSTP mode-of-operation is only supported in an mVPLS.
When running MSTP, by default, all VLANs are mapped to the CIST. On the VPLS level VLANs can be assigned to specific MSTIs. When running RSTP, the operator must explicitly indicate, per SAP, which VLANs are managed by that SAP.
Enhancements to the Spanning Tree Protocol in MPLS-based VPLS service (7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C Only)
To interconnect 7210 SAS devices (PE devices) across the backbone, service tunnels (SDPs) are used. These service tunnels are shared among multiple VPLS instances. The Nokia implementation of the Spanning Tree Protocol (STP) incorporates some enhancements to make the operational characteristics of VPLS more effective. The implementation of STP on the router is modified to guarantee that service tunnels will not be blocked in any circumstance without imposing artificial restrictions on the placement of the root bridge within the network. The modifications introduced are fully compliant with the 802.1D-2004 STP specification.
When running MSTP, spoke-SDPs cannot be configured. Also, ensure that all bridges connected by mesh SDPs are in the same region. If not, the mesh will be prevented from becoming active (trap is generated).
To achieve this, all mesh SDPs are dynamically configured as either root ports or designated ports. The PE devices participating in each VPLS mesh determine (using the root path cost learned as part of the normal protocol exchange) which of the 7210 SAS devices is closest to the root of the network. This PE device is internally designated as the primary bridge for the VPLS mesh. Because of this, all network ports on the primary bridges are assigned the designated port role and therefore remain in the forwarding state.
The second part of the solution ensures that the remaining PE devices participating in the STP instance see the SDP ports as a lower cost path to the root rather than a path that is external to the mesh. Internal to the PE nodes participating in the mesh, the SDPs are treated as zero cost paths toward the primary bridge. As a consequence, the path through the mesh are seen as lower cost than any alternative and the PE node will designate the network port as the root port. This ensures that network ports always remain in forwarding state.
A combination of the preceding features ensure that network ports are never blocked and maintain interoperability with bridges external to the mesh running STP instances.
L2PT termination
L2PT is used to transparently transport protocol data units (PDUs) of Layer 2 protocols such as STP, CDP, DTP, VTP, PAGP, and UDLD. This allows running these protocols between customer CPEs without involving backbone infrastructure.
The 7210 SAS routers allow transparent tunneling of PDUs across the VPLS core. However, in some network designs, the VPLS PE is connected to CPEs through a legacy Layer 2 network, rather than having direct connections. In such environments termination of tunnels through such infrastructure is required.
L2PT tunnels protocol PDUs by overwriting MAC destination addresses at the ingress of the tunnel to a proprietary MAC address such as 01-00-0c-cd-cd-d0. At the egress of the tunnel, this MAC address is then overwritten back to MAC address of the respective Layer 2 protocol.
The 7210 SAS nodes support L2PT termination for STP BPDUs. More specifically:
At ingress of every SAP which is configured as L2PT termination, all PDUs with a MAC destination address, 01-00-0c-cd-cd-d0 will be intercepted and their MAC destination address will be overwritten to MAC destination address used for the corresponding protocol. The type of protocol can be derived from LLC and SNAP encapsulation.
In egress direction, PDUs of the corresponding protocol received on all VPLS ports will be intercepted and L2PT encapsulation will be performed for SAPs configured as L2PT termination points. Because of the implementation reasons, PDU interception and redirection to CPM can be performed only at ingress. Therefore, to comply with the preceding requirement, as soon as at least 1 port of a specific VPLS service is configured as L2PT termination port, redirection of PDUs to CPM will be set on all other ports (SAPs) of the VPLS service.
L2PT termination can be enabled only if STP is disabled in a context of the specific VPLS service.
BPDU translation
VPLS networks are typically used to interconnect different customer sites using different access technologies such as Ethernet and bridged-encapsulated ATM PVCs. Typically, different Layer 2 devices can support different types of STP and even if they are from the same vendor. In some cases, it is necessary to provide BPDU translation to provide an inter-operable e2e solution.
To address these network designs, BPDU format translation is supported on 7210 SAS devices. If enabled on a specific SAP, the system will intercept all BPDUs destined to that interface and perform required format translation such as STP-to-PVST or vice versa.
Similarly, BPDU interception and redirection to the CPM is performed only at ingress meaning that as soon as at least 1 port within a specific VPLS service has BPDU translation enabled, all BPDUs received on any of the VPLS ports will be redirected to the CPM.
BPDU translation involves all encapsulation actions that the datapath would perform for a specific outgoing port (such as adding VLAN tags depending on the outer SAP and adding or removing all the required VLAN information in a BPDU payload.
This feature can be enabled on a SAP only if STP is disabled in the context of the specific VPLS service.
L2PT and BPDU translation
Cisco Discovery Protocol (CDP), Digital Trunking Protocol (DTP), Port Aggregation Protocol (PAgP), Uni-directional Link Detection (UDLD), Virtual Trunk Protocol (VTP), STP (Spanning Tree Protocol) and PVST (per-VLAN Spanning Tree protocol) are supported on the 7210 SAS-D, 7210 SAS-Dxp, 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, and 7210 SAS-K 3SFP+ 8C.
The existing L2PT limitations apply:
The protocols apply only to VPLS.
The protocols are mutually exclusive with running STP on the same VPLS as soon as one SAP has L2PT/BPDU translation enabled.
Forwarding occurs on the CPM and uses CPU processing cycles.
VPLS access redundancy
On the 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, the mechanisms discussed in this section are applicable when access ports or access-uplink ports are used as uplinks.
One application of hierarchical VPLS is to use 7210 SAS nodes with access ports or access-uplink ports as uplinks, which serve as Ethernet links to the closest PE node.
The following are several mechanisms to resolve a loop in an access network where 7210 SAS devices are used:
STP-based access, with or without mVPLS
Ethernet APS using G.8032
Non-STP-based access using mechanisms such as active/standby links and MC-LAG on the PE
STP-based redundant access to VPLS
In configuration shown in the preceding figure, STP is activated on the MTU and two PEs to resolve a potential loop.
In this configuration, the scope of STP domain is limited to MTU and PEs, while any topology change needs to be propagated in the whole VPLS domain. When TCN (topology change notification) is received with in the VPLS domain all MACs learned on SAPs are flushed except the SAP on which TCN was received.
VPLS redundancy on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C using MPLS uplinks
The VPLS standard (RFC 4762, Virtual Private LAN Services Using LDP Signaling) includes provisions for hierarchical VPLS, using point-to-point spoke-SDPs. Two applications have been identified for spoke-SDPs:
to connect to Multi-Tenant Units (MTUs) to PEs in a metro area network
to interconnect the VPLS nodes of two networks
In both applications, the spoke-SDPs serve to improve the scalability of VPLS. While node redundancy is implicit in non-hierarchical VPLS services (using a full mesh of SDPs between PEs), node redundancy for spoke-SDPs needs to be provided separately. In VPLS services, only two spoke-SDPs are allowed in an endpoint.
The 7210 SAS routers have implemented special features for improving the resilience of hierarchical VPLS instances, in both MTU and inter-metro applications.
Spoke-SDP redundancy on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
When two or more meshed VPLS instances are interconnected by redundant spoke-SDPs (as shown in H-VPLS with spoke redundancy), a loop in the topology results. To remove such a loop from the topology, Spanning Tree Protocol (STP) can be run over the SDPs (links) which form the loop, such that one of the SDPs is blocked. As running STP in each VPLS in this topology is not efficient, the node includes functionality which can associate several VPLSes to a single STP instance running over the redundant-SDPs. Node redundancy is therefore achieved by running STP in one VPLS, and applying the conclusions of this STP to the other VPLS services. The VPLS instance running STP is referred to as the ‟management VPLS” or mVPLS.
In the case of a failure of the active node, STP on the management VPLS in the standby node will change the link states from disabled to active. The standby node will then broadcast a MAC flush LDP control message in each of the protected VPLS instances, so that the address of the newly active node can be relearned by all PEs in the VPLS.
It is possible to configure two management VPLS services, where both VPLS services have different active spokes (this is achieved by changing the path-cost in STP). By associating different user VPLSes with the two management VPLS services, load balancing across the spokes can be achieved.
Spoke-SDP-based redundant access on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
This feature provides the ability to have a node deployed as MTUs (Multi-Tenant Unit Switches) multi-homed for VPLS to multiple routers deployed as PEs without requiring the use of mVPLS.
In the configuration example displayed in H-VPLS with spoke redundancy, the MTUs have spoke-SDPs to two PEs devices. One is designated as the primary and one as the secondary spoke-SDP. This is based on a precedence value associated with each spoke. If the primary and secondary spoke-SDPs have the same precedence value, the spoke-SDP with lower ID functions as the primary SDP.
The secondary spoke is in a blocking state (both on receive and transmit) if the primary spoke is available. When the primary spoke becomes unavailable (due to link failure, PEs failure, etc.), the MTU immediately switches traffic to the backup spoke and starts receiving/sending traffic to/from the standby spoke. Optional revertive operation (with configurable switch-back delay) is applicable only when one of the spokes is configured with precedence of primary. If not, this action does not take place. Forced manual switchover is also supported.
To speed up the convergence time during a switchover, MAC flush is configured. The MTUs generates a MAC flush message over the newly unblocked spoke when a spoke change occurs. As a result, the PEs receiving the MAC flush will flush all MACs associated with the impacted VPLS service instance and forward the MAC flush to the other PEs in the VPLS network if ‟propagate-mac-flush” is enabled.
Inter-domain VPLS resiliency using multi-chassis endpoints on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
MC-EP is not supported on the 7210 SAS. This section provides an example of how 7210 SAS devices can be used as MTU devices in an MC-EP solution. In this solution, the 7750 SR routers provide the MC-EP functionality.
Inter-domain VPLS refers to a VPLS deployment where sites may be in different domains. An example of inter-domain deployment can be where different Metro domains are interconnected over a Wide Area Network (Metro1-WAN-Metro2) or where sites are in different autonomous systems (AS1-ASBRs-AS2).
Multi-chassis endpoint (MC-EP) provides an alternate solution that does not require RSTP at the gateway VPLS PEs while still using pseudo wires to interconnect the VPLS instances located in the two domains.
MC-EP expands the single chassis endpoint based on active-standby pseudo wires for VPLS shown in the following figure. In the solution depicted by the following figure, 7210 devices are used as MTUs.
The active-standby Pseudowires solution is appropriate for the scenario when only one VPLS PE (MTU-s) needs to be dual-homed to two core PEs (PE1 and PE2).
VPLS access redundancy when using MPLS uplinks on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
A second application of hierarchical VPLS is using MTUs that are MPLS-enabled which must have spoke-SDPs to the closest PE node. To protect against failure of the PE node, an MTU can be dual-homed.
The following are several mechanisms to resolve a loop in an access network where 7210s are used:
STP-based access, with or without mVPLS
Ethernet APS using G.8032
STP-based redundant access to VPLS using PWs on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
In configuration shown in the preceding figure, STP is activated on the MTU and two PEs to resolve a potential loop. To remove such a loop from the topology, Spanning Tree Protocol (STP) can be run over the SDPs (links) which form the loop such that one of the SDPs is blocked. Running STP in every VPLS in this topology is not efficient as the node includes functionality which can associate a number of VPLSes to a single STP instance running over the redundant SDPs.
Node redundancy is therefore achieved by running STP in one VPLS. Therefore, this applies the conclusions of this STP to the other VPLS services.
The VPLS instance running STP is referred to as the ‟management VPLS” or mVPLS. In the case of a failure of the active node, STP on the management VPLS in the standby node will change the link states from disabled to active. The standby node will then broadcast a MAC flush LDP control message in each of the protected VPLS instances, so that the address of the newly active node can be relearned by all PEs in the VPLS. It is possible to configure two management VPLS services, where both VPLS services have different active spokes (this is achieved by changing the path-cost in STP). By associating different user VPLSes with the two management VPLS services, load balancing across the spokes can be achieved.
In this configuration, the scope of STP domain is limited to MTU and PEs, while any topology change needs to be propagated in the whole VPLS domain.
This is done by using ‟MAC-flush” messages defined by RFC 4762, Virtual Private LAN Services Using LDP Signaling. In the case where STP acts as a loop resolution mechanism, every Topology Change Notification (TCN) received in a context of STP instance is translated into an LDP-MAC address withdrawal message (also referred to as a MAC-flush message) requesting to clear all FDB entries except the ones learned from the originating PE. Such messages are sent to all PE peers connected through SDPs (mesh and spoke) in the context of VPLS services managed by the specific STP instance.
Redundant access to VPLS without STP and using MPLS uplinks on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
The Nokia implementation also alternative methods for providing a redundant access to Layer 2 services, such as MC-LAG. Also in this case, the topology change event needs to be propagated into VPLS topology to provide fast convergence.
H-VPLS with spoke redundancy shows a dual-homed connection to VPLS service (PE-A, PE-B, PE-C, PE-D) and operation in case of link failure (between PE-C and L2-B). Upon detection of a link failure PE-C will send MAC-Address-Withdraw messages, which will indicate to all LDP peers that they should flush all MAC addresses learned from PE-C. This will lead that to a broadcasting of packets addressing affected hosts and relearning process in case an alternative route exists.
Note that the message described here is different from the message described in previous section and in RFC 4762, Virtual Private LAN Services Using LDP Signaling. The difference is in the interpretation and action performed in the receiving PE. Per the standard definition, upon receipt of a MAC withdraw message, all MAC addresses, except the ones learned from the source PE, are flushed.
This section specifies that all MAC addresses learned from the source are flushed. This message has been implemented as an LDP address message with vendor-specific type, length, value (TLV), and is called the flush-mine message.
The advantage of this approach (as compared to RSTP based methods) is that only MAC-affected addresses are flushed and not the full forwarding database. While this method does not provide a mechanism to secure alternative loop-free topology, the convergence time is dependent on the speed of the specific CE device will open alternative link (L2-B switch) as well as on the speed PE routers will flush their FDB.
In addition, this mechanism is effective only if PE and CE are directly connected (no hub or bridge) as it reacts to physical failure of the link.
MAC flush message processing in VPLS services with MPLS uplinks on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
The previous sections described operation principle of several redundancy mechanisms available in context of VPLS service. All of them rely on MAC flush message as a tool to propagate topology change in a context of the specific VPLS. This section aims to summarize basic rules for generation and processing of these messages.
As described on respective sections, the 7210 SAS supports two types of MAC flush message, flush-all-but-mine and flush-mine. The main difference between these messages is the type of action they signal. Flush-all-but-mine requests clearing of all FDB entries learned from all other LDP peers except the originating PE. This type is also defined by RFC 4762 as an LDP MAC address withdrawal with an empty MAC address list.
Flush-all-mine message requests clearing all FDB entries learned from originating PE. This means that this message has exactly other effect then flush-all-but-mine message. This type is not included in RFC 4762 definition and it is implemented using vendor specific TLV.
The advantages and disadvantages of the individual types should be apparent from examples in the previous section. The description here focuses on summarizing actions taken on reception and conditions individual messages are generated.
Upon reception of MAC flush messages (regardless the type) SR-Series PE will take following actions:
clears FDB entries of all indicated VPLS services conforming the definition
propagates the message (preserving the type) to all LDP peers, if ‟propagate-mac-flush” flag is enabled at corresponding VPLS level
The flush-mine message is generated under following conditions:
The flush-mine message is received from LDP peer and ‟propagate-mac-flush” flag is enabled. The message is sent to all LDP peers in the context of VPLS service it was received.
The flush-mine message is generated when on a SAP or SDP transition from operationally up to an operationally down state and send-flush-on-failure flag is enabled in the context of the specific VPLS service. The message is sent to all LDP peers connected in the context of the specific VPLS service. Note, that enabling ‟send-flush-on-failure” the flag is blocked in VPLS service managed by mVPLS. This is to prevent both messages being sent at the same time.
Dual homing to a VPLS service on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
The preceding figure shows a dual-homed connection to VPLS service (PE-A, PE-B, PE-C, PE-D) and operation in case of link failure (between PE-C and L2-B). Upon detection of a link failure PE-C will send MAC-Address-Withdraw messages, which will indicate to all LDP peers that they should flush all MAC addresses learned from PE-C. This will lead that to a broadcasting of packets addressing affected hosts and relearning process in case an alternative route exists.
Note that the message described here is different from the message described in draft-ietf-l2vpnvpls-ldp-xx.txt, Virtual Private LAN Services over MPLS. The difference is in the interpretation and action performed in the receiving PE. According the draft definition, upon receipt of a MAC withdraw message, all MAC addresses, except the ones learned from the source PE, are flushed. This section specifies that all MAC addresses learned from the source are flushed. This message has been implemented as an LDP address message with vendor-specific type, length, value (TLV), and is called the flush-all-from-ME message.
The draft definition message is currently used in management VPLS which is using RSTP for recovering from failures in Layer 2 topologies. The mechanism described in this document represent an alternative solution.
The advantage of this approach (as compared to RSTP based methods) is that only MAC-affected addresses are flushed and not the full forwarding database. While this method does not provide a mechanism to secure alternative loop-free topology, the convergence time is dependent on the speed of the specific CE device will open alternative link (L2-B switch in Dual homed CE connection to VPLS) as well as on the speed PE routers will flush their FDB.
In addition, this mechanism is effective only if PE and CE are directly connected (no hub or bridge) as it reacts to physical failure of the link.
VPLS service considerations
This section describes various 7210 SAS service features and any special capabilities or considerations as they relate to VPLS services.
SAP encapsulations
VPLS services are designed to carry Ethernet frame payloads, so it can provide connectivity between any SAPs that pass Ethernet frames. The following SAP encapsulations are supported on the VPLS service on an access port:
Ethernet null (Supported on all platforms)
Ethernet Dot1q (Supported on all platforms)
Ethernet QinQ (Supported on 7210 SAS-D, 7210 SAS-Dxp, 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
The following encapsulations are supported on an access-uplink port:
Ethernet QinQ (Supported on all platforms)
VLAN processing
The SAP encapsulation definition on Ethernet ingress ports defines which VLAN tags are used to determine the service that the packet belongs:
Null encapsulation defined on ingress
Any VLAN tags are ignored and the packet goes to a default service for the SAP.
Dot1q encapsulation defined on ingress
Only first VLAN tag is considered.
QinQ encapsulation defined on ingress
Both VLAN tags are considered.
Note that the SAP can be defined with a wild-card for the inner label (for example, ‟100.*”). In this situation all packets with an outer label of 100 will be treated as belonging to the SAP. If, on the same physical link, there is also a SAP defined with a QinQ encapsulation of 100.1, then traffic with 100.1 will go to that SAP and all other traffic with 100 as the first label will go to the SAP with the *100.* definition.
In situations 2 and 3, traffic encapsulated with tags for which there is no definition are discarded.
BGP-AD VPLS
The following section provides information about BGP-AD VPLS.
BGP-AD and Target LDP (T-LDP) interaction on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
This feature is only supported on the 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C.
BGP is responsible for discovering the location of VSIs that share the same VPLS membership. LDP protocol is responsible for setting up the pseudowire infrastructure between the related VSIs by exchanging service specific labels between them.
When the local VPLS information is provisioned in the local PE, the related PEs participating in the same VPLS are identified through BGP AD exchanges. A list of far-end PEs is generated and triggers the creation, if required, of the necessary T-LDP sessions to these PEs and the exchange of the service specific VPN labels. The steps for the BGP AD discovery process and LDP session establishment and label exchange are shown in the following figure.
Key:
Establish I-BGP connectivity RR.
Configure VPN (10) on edge node (PE3).
Announce VPN to RR using BGP-AD.
Send membership update to each client of the cluster.
LDP exchange or inbound FEC filtering (IFF) of non-match or VPLS down.
Configure VPN (10) on edge node (PE2).
Announce VPN to RR using BGP-AD.
Send membership update to each client of the cluster.
LDP exchange or inbound FEC filtering (IFF) of non-match or VPLS down.
Complete LDP bidirectional pseudowire establishment FEC 129.
BGP-AD VPLS - SDP usage
Service Access Points (SAP) are linked to transport tunnels using Service Distribution Points (SDP). The service architecture of the 7210 platform allows services to be abstracted from the transport network.
MPLS transport tunnels are signaled using the Resource Reservation Protocol (RSVP-TE) or by the Label Distribution Protocol (LDP). The capability to automatically create an SDP only exists for LDP based transport tunnels. Using a manually provisioned SDP is available for both RSVP-TE and LDP transport tunnels. See the 7210 SAS-K 2F6C4T, K 3SFP+ 8C MPLS Guidefor more information about MPLS, LDP, and RSVP.
BGP-AD VPLS - automatic creation of SDPs
When BGP AD is used for LDP VPLS and LDP is used as the transport tunnel there is no requirement to manually create an SDP. The LDP SDP can be automatically instantiated using the information advertised by BGP AD. This simplifies the configuration on the service node.
Enabling LDP on the IP interfaces connecting all nodes between the ingress and the egress, builds transport tunnels based on the best IGP path. LDP bindings are automatically built and stored in the hardware. These entries contain an MPLS label pointing to the best next hop along the best path toward the destination.
When two endpoints need to connect and no SDP exists, a new SDP will automatically be constructed. New services added between two endpoints that already have an automatically created SDP will be immediately used. No new SDP will be constructed.
The far-end information is gleaned from the BGP next hop information in the NLRI. When services are withdrawn with a BGP_Unreach_NLRI, the automatically established SDP will remain up as long as at least one service is connected between those endpoints. An automatically created SDP will be removed and the resources released when the only or last service is removed.
BGP-AD VPLS - manually provisioned SDP
The carrier is required to manually provision the SDP if they create transport tunnels using RSVP-TE. Operators have the option to choose a manually configured SDP, if they use LDP as the tunnel signaling protocol. The functionality is the same regardless of the signaling protocol.
Creating a BGP-AD enabled VPLS service on an ingress node with the manually provisioned SDP option causes the Tunnel Manager to search for an existing SDP that connects to the far-end PE. The far-end IP information is gleaned from the BGP next hop information in the NLRI. If a single SDP exists to that PE, it is used. If no SDP is established between the two endpoints, the service remains down until a manually configured SDP becomes active.
When multiple SDPs exist between two endpoints, the tunnel manager selects the appropriate SDP. The algorithm preferred SDPs with the best (lower) metric. Should there be multiple SDPs with equal metrics, the operational state of the SDPs with the best metric is considered. If the operational state is the same, the SDP with the higher sdp-id is used. If an SDP with a preferred metric is found with an operational state that is not active, the tunnel manager flags it as ineligible and restarts the algorithm.
BGP-AD VPLS - automatic instantiation of pseudowires (SDP bindings)
The choice of manual or auto provisioned SDPs has limited impact on the amount of required provisioning. Most of the savings are achieved through the automatic instantiation of the pseudowire infrastructure (SDP bindings). This is achieved for every auto-discovered VSIs through the use of the pseudowire template concept. Each VPLS service that uses BGP AD contains the ‟pw-template-binding” option defining specific Layer 2 VPN parameters. This command references a ‟pw-template” which defines the pseudowire parameters. The same ‟pwtemplate” may be referenced by multiple VPLS services. As a result, changes to these pseudowire templates have to be treated with great care as they may impact many customers at once.
The Nokia implementation provides for safe handling of pseudowire templates. Changes to the pseudowire templates are not automatically propagated. Tools are provided to evaluate and distribute the changes. The following command is used to distribute changes to a ‟pw-template” at the service level to one or all services that use that template.
PERs-4# tools perform service id 300 eval-pw-template 1 allow-service-impact
If the service ID is omitted, then all services are updated. The type of change made to the ‟pwtemplate” influences how the service is impacted:
Adding or removing a split-horizon-group will cause the router to destroy the original object and recreate using the new value.
Changing parameters in the vc-type {ether | vlan} command requires LDP to re-signal the labels.
BGP-AD VPLS - mixing statically configured and auto-discovered pseudowires in a VPLS service
The services implementation allows for manually provisioned and auto-discovered pseudowire (SDP bindings) to co-exist in the same VPLS instance (for example, both FEC128 and FEC 129 are supported). This allows for gradual introduction of auto discovery into an existing VPLS deployment.
As FEC 128 and 129 represent different addressing schemes, it is important to make sure that only one is used at any point in time between the same two VPLS instances. Otherwise, both pseudowires may become active causing a loop that might adversely impact the correct functioning of the service. It is recommended that FEC128 pseudowire be disabled as soon as the FEC129 addressing scheme is introduced in a portion of the network. Alternatively, RSTP may be used during the migration as a safety mechanism to provide additional protection against operational errors.
BGP-AD VPLS - resiliency schemes
The use of BGP-AD on the network side, or in the backbone, does not affect the different resiliency schemes Nokia has developed in the access network. This means that both Multi-Chassis Link Aggregation (MC-LAG) and Management-VPLS (M-VPLS) can still be used.
BGP-AD may co-exist with Hierarchical-VPLS (H-VPLS) resiliency schemes (for example, dual homed MTU-s devices to different PE-rs nodes) using existing methods (M-VPLS and statically configured Active or Standby pseudowire endpoint).
If provisioned SDPs are used by BGP AD, M-VPLS may be employed to provide loop avoidance. However, it is currently not possible to auto-discover active or standby pseudowires and to instantiate the related endpoint.
Routed VPLS
Routed VPLS (R-VPLS) allows a VPLS instance to be associated with an IP interface on the 7210 SAS-D, 7210 SAS-Dxp, or 7210 SAS-K 2F1C2T. IPv4 addressing and forwarding is supported on the 7210 SAS-D, 7210 SAS-Dxp, and 7210 SAS-K 2F1C2T platforms. IPv6 addressing and forwarding is supported on the 7210 SAS-Dxp platform.
R-VPLS allows a VPLS instance to be associated with an IP interface on the 7210 SAS-K 2F6C4T or 7210 SAS-K 3SFP+ 8C. Only IPv4 addressing and forwarding is supported on these platforms.
Within an R-VPLS service, traffic with a destination MAC matching that of the associated IP interface is routed based on the IP forwarding table; all other traffic is forwarded based on the VPLS forwarding table.
On the 7210 SAS-D and 7210 SAS-K 2F1C2T, an R-VPLS service can be associated with an IPv4 interface and supports only static routing. It is primarily designed for use of in-band management of the node. It allows for inband management of the 7210 SAS nodes in a ring deployment using a single IPv4 subnet, reducing the number of IP subnets needed.
On the 7210 SAS-Dxp, an R-VPLS service can be associated with an IPv4 or IPv6 interface and supports only static routing. It is primarily designed for use of in-band management of the node. It allows for inband management of the 7210 SAS nodes in a ring deployment using a single IPv4 or IPv6 subnet, reducing the number of IP subnets needed.
On the 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, R-VPLS service can be associated with an IPv4 interface and supports static routing and other routing protocols. It can be used to provide a service to the customer or for in-band management of the node.
IES IP interface binding
A standard IP interface within an existing IES service context may be bound to a service name. A VPLS service only supports binding for a single IP interface.
While an IP interface may only be bound to a single VPLS service, the routing context containing the IP interface (IES) may have other IP interfaces bound to other VPLS service contexts.
Assigning a service name to a VPLS service
When a service name is applied to any service context, the name and service ID association is registered with the system. A service name cannot be assigned to more than one service ID. Special consideration is given to a service name that is assigned to a VPLS service that has the ‟configure>service>vpls>allow-ip-int-binding” command is enabled. If a name is applied to the VPLS service while the flag is set, the system scans the existing IES or VPRN services for an IP interface bound to the specified service name. If an IP interface is found, the IP interface is attached to the VPLS service associated with the name. Only one interface can be bound to the specified name.
If the allow-ip-int-binding command is not enabled on the VPLS service, the system does not attempt to resolve the VPLS service name to an IP interface. As soon as the allow-ip-int-binding flag is configured on the VPLS, the corresponding IP interface is adhered and become operational up. There is no need to toggle the shutdown or no shutdown command.
If an IP interface is not currently bound to the service name used by the VPLS service, no action is taken at the time of the service name assignment.
Service binding requirements
If the defined service name is created on the system, the system checks to ensure that the service type is VPLS. If the created service type is VPLS, the IP interface is eligible to enter the operationally upstate.
On the 7210 SAS-K 2F6C4T, 7210 SAS-K 2F1C2T, and 7210 SAS-K 3SFP+ 8C, use the R-VPLS tag in the creation of the VPLS service, otherwise the service cannot be bound to an IP interface. This is not required on the 7210 SAS-D and 7210 SAS-Dxp.
Bound service name assignment
If a bound service name is assigned to a service within the system, the system first checks to ensure the service type is VPLS. Secondly the system ensures that the service is not already bound to another IP interface through the service name. If the service type is not VPLS or the service is already bound to another IP interface through the service ID, the service name assignment fails.
A single VPLS instance cannot be bound to two separate IP interfaces.
Binding a service name to an IP interface
An IP interface within an IES or VPRN service context may be bound to a service name at any time. Only one interface can be bound to a service. When an IP interface is bound to a service name and the IP interface is administratively up, the system scans for a VPLS service context using the name and takes the following actions:
If the name is not currently in use by a service, the IP interface is placed in an operationally down: Non-existent service name or inappropriate service type state.
If the name is currently in use by a non-VPLS service or the wrong type of VPLS service, the IP interface is placed in the operationally down: Non-existent service name or inappropriate service type state.
If the name is currently in use by a VPLS service without the allow-ip-int-binding flag set, the IP interface is placed in the operationally down: VPLS service allow-ip-int-binding flag not set state. There is no need to toggle the shutdown or no shutdown command.
If the name is currently in use by a valid VPLS service and the allow-ip-int-binding flag is set, the IP interface is eligible to be placed in the operationally up state depending on other operational criteria being met.
IP interface attached VPLS service constraints
When a VPLS service has been bound to an IP interface through its service name, the service name assigned to the service cannot be removed or changed unless the IP interface is first unbound from the VPLS service name.
A VPLS service that is currently attached to an IP interface cannot be deleted from the system unless the IP interface is unbound from the VPLS service name.
The allow-ip-int-binding flag within an IP interface attached VPLS service cannot be reset. The IP interface must first be unbound from the VPLS service name to reset the flag.
IP interface and VPLS operational state coordination
When the IP interface is successfully attached to a VPLS service, the operational state of the IP interface is dependent upon the operational state of the VPLS service.
The VPLS service remains down until at least one virtual port (that is, SAP) is operational.
IP interface MTU and fragmentation on 7210 SAS-D and 7210 SAS-Dxp
In 7210 SAS-D Access-Uplink mode and 7210 SAS-Dxp Access-Uplink mode, VPLS service MTU is not supported. The user must ensure that the port MTU is configured appropriately so that the largest packet traversing through any of the SAPs (virtual ports) of the VPLS service can be forwarded out of any of the SAPs. VPLS services do not support fragmentation and can discard packets larger than the configured port MTU.
When an IP interface is associated with a VPLS service, the IP-MTU is based on either the administrative value configured for the IP interface or an operational value derived from port MTU of all the SAPs configured in the service. The port MTU excluding the Layer 2 Header and tags for all the ports which have SAPs configured in this VPLS service are considered and the minimum value among those are computed (which is called computed MTU). The operational value of the IP interface is set as follows:
If the configured (administrative) value of IP MTU is greater than the computed MTU, then the operational IP MTU is set to the computed MTU.
If the configured (administrative) value of IP MTU is lesser than or equal to the computed MTU, then operational IP MTU is set to the configured (administrative) value of IP MTU.
IP interface MTU and fragmentation on 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, and 7210 SAS-K 3SFP+ 8CC
The VPLS service is affected by two MTU values, port MTUs and the VPLS service MTU. The MTU on each physical port defines the largest Layer 2 packet (including all DLC headers) that may be transmitted out a port. The VPLS has a service level MTU that defines the largest packet supported by the service. The service MTU does not include the local encapsulation overhead for each port (QinQ, Dot1Q, TopQ or SDP service delineation fields and headers) but does include the remainder of the packet. As SAPs are created in the system, the SAPs cannot become operational unless the configured port MTU minus the SAP service delineation overhead is greater than or equal to the configured VPLS service MTU. Therefore, an operational SAP is ensured to support the largest packet traversing the VPLS service. The service delineation overhead on each Layer 2 packet is removed before forwarding into a VPLS service.
VPLS services do not support fragmentation and must discard any Layer 2 packet larger than the service MTU after the service delineation overhead is removed.
When an IP interface is associated with a VPLS service, the IP-MTU is based on either the administrative value configured for the IP interface or an operational value derived from VPLS service MTU. The operational IP-MTU cannot be greater than the VPLS service MTU minus 14 bytes.
If the configured (administrative) IP-MTU is configured for a value greater than the normalized IP-MTU, based on the VPLS service-MTU, then the operational IP-MTU is reset to equal the normalized IP-MTU value (VPLS service MTU – 14 bytes).
If the configured (administrative) IP-MTU is configured for a value less than or equal to the normalized IP-MTU, based on the VPLS service-MTU, then the operational IP-MTU is set to equal the configured (administrative) IP-MTU value.
ARP and VPLS FIB interactions
Two address-oriented table entries are used when routing into a VPLS service. On the routing side, an ARP entry is used to determine the destination MAC address used by an IP next-hop. In the case where the destination IP address in the routed packet is a host on the local subnet represented by the VPLS instance, the destination IP address is used as the next-hop IP address in the ARP cache lookup. If the destination IP address is in a remote subnet that is reached by another router attached to the VPLS service, the routing lookup returns the local IP address on the VPLS service of the remote router is returned. If the next-hop is not currently in the ARP cache, the system generates an ARP request to determine the destination MAC address associated with the next-hop IP address. IP routing to all destination hosts associated with the next-hop IP address stops until the ARP cache is populated with an entry for the next-hop. The dynamically populated ARP entries age out according to the ARP aging timer.
Static ARP is only supported on the 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, and 7210 SAS-K 3SFP+ 8C.
The second address table entry that affects VPLS routed packets is the MAC destination lookup in the VPLS service context. The MAC associated with the ARP table entry for the IP next-hop may or may not currently be populated in the VPLS Layer 2 FIB table. While the destination MAC is unknown (not populated in the VPLS FIB), the system is flooded with all packets destined to that MAC (routed or bridged) to all SAPs within the VPLS service context. When the MAC is known (populated in the VPLS FIB), all packets destined to the MAC (routed or bridged) is targeted to the specific SAP where the MAC has been learned. As with ARP entries, static MAC entries may be created in the VPLS FIB. Dynamically learned MAC addresses can age out or be flushed from the VPLS FIB while static MAC entries always remain associated with a specific virtual port. Dynamic MACs may also be relearned on another VPLS SAP than the current SAP in the FIB. In this case, the system automatically moves the MAC FIB entry to the new VPLS SAP.
On the 7210 SAS-D and 7210 SAS-Dxp, whenever a MAC entry is removed from the VPLS FIB (either explicitly by the user or due to MAC aging or mac-move), ARP entries which match this MAC address is removed from the ARP cache. Though the VPLS FIB entries are not removed, an ARP entry ages out and is removed from the ARP cache. This restriction does not apply to the 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C.
On the 7210 SAS-D and 7210 SAS-Dxp, if the VPLS FIB limit is reached and we are no longer able to learn new MAC address, ARP will also not be learnt. This restriction does not apply to the 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C.
Specific ARP cache behavior
In typical routing behavior, the system uses the IP route table to select the egress interface, an ARP entry is used forward the packet to the appropriate Ethernet MAC. With routed VPLS, the egress IP interface may be represented by multiple egress (VPLS service SAPs).
The following table describes how the ARP cache and MAC FIB entry states interact.
ARP cache entry |
MAC FIB entry |
Routing or system behavior |
---|---|---|
ARP Cache Miss (No Entry) |
Known or Unknown |
Triggers a request to control plane ARP processing module, to send out an ARP request, out of all the SAPs. (also known as virtual ports) of the VPLS instance. |
ARP Cache Hit |
Known |
Forward to specific VPLS virtual port or SAP. |
Unknown |
This behavior cannot typically happen on the 7210 SAS-D and 7210 SAS-Dxp, as when an L2 entry is removed from the FDB, the matching MAC address is also removed from the ARP cache. On the 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, the packet is sent out of all the SAPs of the VPLS instance. |
The allow-ip-int-binding VPLS flag
The allow-ip-int-binding flag on a VPLS service context is used to inform the system that the VPLS service is enabled for routing support. The system uses the setting of the flag as a key to determine what type of ports the VPLS service may span.
The system also uses the flag state to define which VPLS features are configurable on the VPLS service to prevent enabling a feature that is not supported when routing support is enabled.
SAPs only supported on standard Ethernet ports
The allow-ip-int-binding flag is set (routing support enabled) on a VPLS service. SAPs within the service can be created on standard Ethernet ports.
LAG port membership constraints
If a LAG has a non-supported port type as a member, a SAP for the routing-enabled VPLS service cannot be created on the LAG. When one or more routing enabled VPLS SAPs are associated with a LAG, a non-supported Ethernet port type cannot be added to the LAG membership.
VPLS feature support and restrictions
When the allow-ip-int-binding flag is set on a VPLS service, the following features cannot be enabled (The flag also cannot be enabled while any of these features are applied to the VPLS service). The following restrictions apply to both network mode and access-uplink mode unless called out separately:
On the 7210 SAS-D, 7210 SAS-Dxp, 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, spoke or mesh SDP bindings cannot be configured.
On the 7210 SAS-D, 7210 SAS-Dxp, 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, the VPLS service type cannot be M-VPLS.
On the 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, the VPLS Service type must be 'r-vpls' and any other VPLS service is not allowed.
MVR from Routed VPLS and to another SAP is not supported.
Default QinQ SAPs is not supported in R-VPLS service.
The ‟allow-ip-int-binding” command cannot be used in a VPLS service acting as the G.8032 control instance.
IPv4 filters (ingress and egress) can be used with the R-VPLS SAPs. Additionally, IP ingress override filters are supported which affects the behavior of the IP filters attached to the R-VPLS SAPs. Please see the following for more information about use of ingress override filters.
MAC filters (ingress and egress) are not supported for use with R-VPLS SAPs.
VPLS IP interface is not allowed in a R-VPLS service. The converse also holds.
On the 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, during creation of the VPLS service the keyword 'rvpls' must be used. It lets the software know that this is a VPLS service to which an IP interface will be associated.
On the 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, the VPLS service can be configured either access SAP or Access-Uplink SAPs.
On the 7210 SAS-D and 7210 SAS-Dxp, VPLS service can use the following 'svc-sap-type' values: any, dot1q-preserve and null-star. Only specific SAP combinations are allowed for a specific svc-sap-type, except that default QinQ SAPs cannot be used in a R-VPLS service. The allowed SAP combinations are similar to that available in a plain VPLS service and is as specified in the preceding table in the services Chapter (with the exception noted before).
On 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, VPLS service can use the following 'svc-sap-type' values: any. Only specific SAP combinations are allowed for a specific svc-sap-type, except that default QinQ SAPs cannot be used in a R-VPLS service. The allowed SAP combinations are similar to that available in a plain VPLS service and is as specified in the preceding table in the services Chapter (with the exception noted before).
G.8032 or mVPLS/STP based protection mechanism can be used with R-VPLS service. A separate G.8032 control instance or a separate mVPLS/STP instance needs to be used and the R-VPLS SAPs needs to be associated with these control instances such that the R-VPLS SAP's forwarding state is driven by the control instance protocols.
IP multicast is not supported in the R-VPLS service.
On the 7210 SAS-D, 7210 SAS-Dxp, 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, DHCP snooping is not supported for the SAPs configured in the routed VPLS service. Instead, DHCP relay can be enabled on the IES service associated with the routed VPLS service.
In the saved configuration file, for the R-VPLS service, the R-VPLS service instance appears twice, once for service creation and once with all the other configuration parameters. This is required to resolve references to the R-VPLS service and to execute the configuration without any errors.
VPLS SAP ingress IP filter override on 7210 SAS-D, 7210 SAS-Dxp, 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, and 7210 SAS-K 3SFP+ 8C
When an IP Interface is attached to a VPLS service context, the VPLS SAP provisioned IP filter for ingress routed packets may be optionally overridden to provide special ingress filtering for routed packets. This allows different filtering for routed packets and non-routed packets. The filter override is defined on the IP interface bound to the VPLS service name. A separate override filter may be specified for IPv4 packet types.
If a filter for a specific packet type (IPv4) is not overridden, the SAP specified filter is applied to the packet (if defined).
The following tables list ACL Lookup behavior with and without Ingress Override filter attached to an IES interface in a R-VPLS service:
Type of traffic |
SAP Ingress IPv4 filter |
SAP Egress IPv4 filter |
Ingress override IPv4 filter |
---|---|---|---|
Destination MAC != IES IP interface MAC |
Yes |
Yes |
No |
Destination MAC = IES IP interface MAC and Destination IP on same subnet as IES interface |
No |
No |
Yes |
Destination Mac = IES IP interface mac and destination IP not on same subnet as IES IP interface and route to destination IP does not exist |
No |
No |
No for 7210 SAS-D and 7210 SAS-Dxp devices Yes for 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C devices |
Destination Mac = IES IP interface mac and destination IP not on same subnet as IES IP interface and route to destination IP exists |
No |
No |
Yes |
Destination MAC = IES IP interface MAC and IP TTL = 1 |
No |
No |
No for 7210 SAS-D and 7210 SAS-Dxp devices Yes for 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C devices |
Destination MAC = IES IP interface MAC and IPv4 packet with Options |
No |
No |
No for 7210 SAS-D and 7210 SAS-Dxp devices Yes for 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C devices |
Destination MAC = IES IP interface MAC and IPv4 Multicast packet |
No |
No |
No for 7210 SAS-D and 7210 SAS-Dxp devices Yes for 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C devices |
Type of traffic |
SAP ingress IPv4 filter |
SAP egress IPv4 filter |
---|---|---|
Destination MAC != IES IP interface MAC |
Yes |
Yes |
Destination MAC = IES IP interface MAC and Destination IP on same subnet as IES IP interface |
Yes |
No |
Destination Mac = IES IP interface mac and destination IP not on same subnet as IES IP interface and route to destination IP does not exist |
No for 7210 SAS-D and 7210 SAS-Dxp devices Yes for 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C devices |
No |
Destination Mac = IES IP interface MAC and destination IP not on same subnet as IES IP interface and route to destination IP exists |
Yes |
No |
Destination MAC = IES IP interface MAC and IP TTL = 1 |
No for 7210 SAS-D and 7210 SAS-Dxp devices Yes for 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C devices |
No |
Destination MAC = IES IP interface MAC and IPv4 packet with Options |
No for 7210 SAS-D and 7210 SAS-Dxp devices Yes for 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C devices |
No |
Destination MAC = IES IP interface MAC and IPv4 Multicast packet |
No for 7210 SAS-D and 7210 SAS-Dxp devices Yes for 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C devices |
No |
QoS support for VPLS SAPs and IP interface
SAP ingress classification (IPv4 and MAC criteria) is supported for SAPs configured in the service. SAP ingress policies cannot be associated with IES IP interface.
On the 7210 SAS-D and 7210 SAS-Dxp, egress port based queuing and shaping are available. It is shared among all the SAPs on the port.
On the 7210 SAS-D and 7210 SAS-Dxp, port-based egress marking is supported for both routed packets and bridged packets. The existing access egress QoS policy can be used for Dot1p marking and DSCP marking.
On the 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, per-SAP egress queuing, shaping and scheduling is available. Per SAP egress Dot1p marking is supported for both routed packet and bridged packets.
On the7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, IES IP interface bound to routed VPLS services, IES IP interface on access SAPs and IES IP interface on Access-Uplink SAPs are designed for use with inband management of the node. Consequently, they share a common set of queues for CPU bound management traffic. All CPU bound traffic is policed to predefined rates before being queued into CPU queues for application processing. The system uses meters per application or a set of applications. It does not allocate meters per IP interface. The possibility of CPU overloading has been reduced by use of these mechanisms. Users must use appropriate security policies either on the node or in the network to ensure that this does not happen.
Routing related protocols on 7210 SAS-D, 7210 SAS-Dxp, 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Routed VPLS is supported only in the base routing instance on the 7210 SAS-D, 7210 SAS-Dxp, and 7210 SAS-K 2F1C2T. It is supported in both the base routing instance and VPRN services on the 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C. The following table lists the support available for routing protocols on IP interfaces bound to a VPLS service for different platforms.
Protocol |
7210 SAS-D, 7210 SAS-Dxp, and 7210 SAS-K 2F1C2T |
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C |
---|---|---|
Static routing |
Supported |
Supported |
BGP |
Not Supported |
Supported |
OSPF |
Not Supported |
Supported |
IS-IS |
Not Supported |
Supported |
BFD |
Not Supported |
Not Supported |
VRRP |
Not Supported |
Supported |
ARP and Proxy-Arp |
ARP is supported |
Both are supported |
DHCP Relay 1 |
Supported |
Supported |
Spanning Tree and split horizon
The R-VPLS context supports all spanning tree capabilities that a non R-VPLS service supports. Service-based SHGs are not supported in an R-VPLS service.
R-VPLS support and caveats
Routed VPLS supported functionality and restrictions for both access-uplink and network mode is listed as follows. The following is applicable to both the modes, unless called out explicitly:
On the 7210 SAS-D, 7210 SAS-Dxp, and 7210 SAS-K 2F1C2T, Routed VPLS can be bound to only IES IP interface. It cannot be bound to VPRN IP interface.
On the 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, routed VPLS can be bound to IES or VPRN IP interface.
On the 7210 SAS-D, 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, only IPv4 addressing and forwarding is supported with Routed VPLS services. IPv6 addressing and forwarding is not supported.
The 7210 SAS-Dxp supports both IPv4 and IPv6 addressing and forwarding with R-VPLS services.
On the 7210 SAS-D and 7210 SAS-Dxp, static ARP cannot be configured with an IES IP interface associated with an R-VPLS, though static MAC can be configured in an R-VPLS service.
On the 7210 SAS-D, 7210 SAS-Dxp, and 7210 SAS-K 2F1C2T, only static routes are supported. No dynamic routing protocols are supported.
On the 7210 SAS-D and 7210 SAS-Dxp, whenever a VPLS FIB entry is removed either due to user action, aging or mac-move, the corresponding ARP entry whose MAC address matches that of the MAC in the FIB is removed from the ARP cache.
On the 7210 SAS-D and 7210 SAS-Dxp, multiple SAPs configured on the same port cannot be part of the same R-VPLS Service. A single service can only be configured with a single SAP on a specific port. This restriction does not apply to the 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C. On the 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, multiple SAPs configured on the same port can be part of the same service.
The 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C support service MTU configuration for R-VPLS.
On the 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, service-based SHGs are not supported in an R-VPLS service.
Epipe emulation using dot1q VLAN range SAP in VPLS with G.8032
This feature is only supported on the 7210 SAS-D, 7210 SAS-Dxp, 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, and 7210 SAS-K 3SFP+ 8C operating in access-uplink mode.
On the node where the service originates, in addition to the access dot1q range SAP, the service needs to be configured with access-uplink SAPs on the two G.8032 ring ports. G.8032 mechanism is used to for breaking the loop in the ring and VPLS service protection. The intermediate nodes on the ring needs to use VPLS service with access-uplink SAPs on the ring ports and use the same G.8032 instance for protection, as one is used for service protection on the originating node.
The following figure shows how two business offices, served by an operator are connected in a ring network deployment using dot1q range SAPs and a VPLS service with G.8032 for protection.
The following are the requirements to provide for an Epipe service connectivity between two business sites:
Transport all the VLANs used by the internal enterprise network of the businesses.
Support high availability for the service between the business sites by protecting against failure of the links or nodes in the ring.
To achieve connectivity between two business sites in access-uplink/L2 mode is to configure SAPs for each of the individual VLANs used in the enterprise network in a VPLS service and use G.8032 for protection. The number of VLANs that was supported is limited by the number of SAPs supported on the platform.
The 7210 SAS platforms, currently support the use of Dot1q range SAPs with only Epipe services in either network/MPLS mode or access-uplink/L2 mode. Dot1q range SAPs allows operators to transport a range of VLANs by providing similar service treatment (service treatment refers to forwarding decision along with encapsulation used, QoS and ACL processing, accounting, etc.) to all the VLANs configured in the range. It simplifies service configuration and allows operators to scale the number of VLANs that can be handled by the node. This took care of the need to support hundreds of VLANs using a single SAP or a small number of SAPs. When MPLS the mode is deployed in ring topology, operators have the option of using different redundancy mechanisms such as FRR, primary/secondary LSPs, Active/Standby PWs, to improve Epipe service availability. No such option is available to protect Epipe service in L2 mode when deployed in a ring topology. Additionally many operators prefer G.8032 based ring protection mechanism, since a single control instance on the ring can potentially protect all the VPLS services on the ring.
This feature allows operators to deploy Epipe services in a ring topology when using L2 mode, by emulating an Epipe service using a VPLS service with G.8032 protection and at the same time provides the benefits of using dot1q range SAPs. The user should ensure that the VPLS service is a point-to-point service. This is achieved by configuring a VPLS service with an access dot1q range SAP used at the customer hand-off on one node in the ring and an access dot1q range SAP in a customer hand-off of a VPLS service on another node (that is, at the other end of the Epipe), such that there are only two endpoints for the service in the network.
On the node where the service originates, in addition to the access dot1q range SAP, the service needs to be configured with access-uplink SAPs on the two G.8032 ring ports. G.8032 mechanism is used to for breaking the loop in the ring and VPLS service protection. The intermediate nodes on the ring needs to use VPLS service with access-uplink SAPs on the ring ports and use the same G.8032 instance for protection, as one is used for service protection on the originating node.
Epipe emulation using dot1q VLAN range SAP in VPLS with G.8032 — configuration guidelines and restrictions
The VPLS service with dot1-range SAPs use svc-sap-type of dot1q-range and supports limited functionality in comparison to a normal VPLS service, The following paragraph provide more details of the feature functionality, configuration guidelines and restrictions:
The user can define access dot1q range SAPs, which specifies a group of VLANs which receive similar service treatment, that is, forwarding behavior, SAP ingress QoS treatment and SAP (behavior like that available in Epipe service) and allows it to be configured in a VPLS service:
On the node, where the service originates, in addition to the access dot1q range SAP, the service should be configured with Q1.* SAPs on the two G.8032 ring ports. The access or access-uplink Q1.*SAPs can be used, but the access-uplink SAPs are recommended for use.The user cannot configure any other SAPs in the same VPLS service.
There is no special configuration required on intermediate nodes, that is, the ring nodes which do not terminate or originate the service. The nodes should be configured for providing transit VPLS service and the VPLS service must use the same G.8032 instance for protection as is used by the service on originating and terminating node.
The Epipe service on 7210, currently does not check if the inner tag received on a Q1.* SAP is within the range of the configured VLANs. VPLS service too has the same behavior.
Support for SAP Ingress QoS, Ingress and Egress ACLs, accounting, and other services, for dot1q range SAP configured in a VPLS service matches the support available in Epipe service.
G.8032 mechanism is used for loop detection in ring network and service protection. A separate VPLS service representing the G.8032 control instance must be configured and the state should be associated with this service:
Use of dot1q range SAPs to provide service on the interconnection node, in a G.8032 major-ring/sub-ring deployment, when using the virtual channel, is not supported. This restriction is not applicable when the interconnection node in a G.8032 major-ring/sub-ring is configured without a virtual channel.
mVPLS/xSTP support is available for use with Q1.* SAP on the ring ports to break the loop. This is a add-on to the G.8032 support.
Broadcast, Unknown Unicast and Multicast (BUM) traffic is flooded in the service.
Learning is enabled on the service by default, to avoid the need to flood the service traffic out of one of the ring ports, after network MAC addresses are learnt. The user has an option to disable learning per service. Learning enable/disable per SAP is not supported.
MAC limiting is available per service. MAC limiting per SAP is not supported.
CFM OAM is supported. The support for UP MEPs on the dot1q range SAP in the service to be used for fault management and performance management using the CFM/Y.1731 OAM tools is available:
On 7210 SAS-D and 7210 SAS-Dxp, only UP MEP is allowed to be configured only on the dot1q VLAN range SAPs. CFM/Y.1731 tools can be used for trouble shooting and performance measurements. User must pick a VLAN value from the range of VLANs configured for the dot1-range SAP using the config>eth-cfm>domain>association>bridge-identifier VLAN command and enable the use of using the CLI command primary-vlan-enable under the MEP CLI context. It is used as the VLAN tag in the packet header for all the CFM/Y.1731 messages sent out in the context of the UP MEP. This is not supported on 7210 SAS-K 2F1C2T and 7210 SAS-K 2F6C4T.
Down MEPs and MIPs are not allowed to be configured.
Fault propagation is not supported with UP MEPs for dot1q range SAP in access-uplink mode.
CFM support is not available for SAPs on the ring ports.
IGMP snooping and MVR is not supported.
Configuring a VPLS service with CLI
This section provides information to configure VPLS services using the command line interface.
Basic configuration
The following fields require specific input (there are no defaults) to configure a basic VPLS service:
Customer ID (refer to Configuring customer accounts)
For a local service, configure two SAPs, specifying local access ports and encapsulation values.
For a distributed service, configure a SAP and an SDP (only for 7210 SAS devices that support MPLS uplinks) for each far-end node.
The svc-sap-type option must be specified at service creation. The default option is any. The following is a sample configuration output of a local VPLS service with a null-star SAP type on ALA-1. This service comprises of a null access SAP and an Uplink LAG SAP.
*A:ALA-1>config>service# info
----------------------------------------------
...
vpls 7 customer 7 create
stp
shutdown
exit
sap 1/1/21 create
exit
sap lag-1:700 create
exit
no shutdown
exit
...
----------------------------------------------
*A:ALA-1>config>service#
The following is a sample configuration output of a distributed VPLS service between ALA-1, ALA-2, and ALA-3.
vpls 100 customer 1 svc-sap-type any create
shutdown
bgp
exit
stp
shutdown
exit
exit
epipe 101 customer 1 svc-sap-type any create
shutdown
exit
----------------------------------------------
*A:ALA-1>config>service#
*A:ALA-2>config>service# info
----------------------------------------------
...
vpls 9000 customer 6 create
description "This is a distributed VPLS."
stp
shutdown
exit
sap 1/1/5:16 create
description "VPLS SAP"
exit
spoke-sdp 2:22 create
exit
no shutdown
exit
...
----------------------------------------------
*A:ALA-2>config>service#
Common configuration tasks
This section provides a brief overview of the tasks that must be performed to configure local VPLS services and provides the CLI commands.
For VPLS services:
Associate VPLS service with a customer ID
Define SAPs:
Select nodes and ports
Optional - select QoS policies other than the default (configured in config>qos context)
Optional - select filter policies (configured in config>filter context)
Optional - select accounting policy (configured in config>log context)
Modify STP default parameters (optional) (see VPLS and Spanning Tree Protocol)
Enable service
Configuring VPLS components
Creating a VPLS service
Use the following syntax to create a VPLS service (for 7210 SAS-D).
— config>service# vpls service-id [customer customer-id] [create] [vpn <vpn-id>] [m-vpls] [svc-sap-type {null-star|dot1q-preserve|any }] [customer-vid <vlan-id>]
The following is a sample VPLS configuration (for 7210 SAS-D) output.
*A:ALA-1>config>service>vpls# info
----------------------------------------------
...
vpls 1000 customer 1 create
description "This is a VPLS with NULL SAP"
stp
shutdown
exit
no shutdown
exit
vpls 2000 customer 6 svc-sap-type any create
description "This is a Distributed VPLS with ANY SAP"
stp
shutdown
exit
no shutdown
exit
vpls 3000 customer 8 svc-sap-type dot1q-preserve customer-vid 300 create
description "This is a VPLS with QinQ Uplink SAP"
stp
shutdown
exit
no shutdown
exit
...
----------------------------------------------
*A:ALA-1>config>service>vpls#
Use the following syntax to create a VPLS service (for 7210 SAS-Dxp).
— config>service# vpls service-id [customer customer-id] [create] [vpn vpn-id] [m-vpls] [customer-vid vlan-id][svc-sap-type {null-star | dot1q-preserve | any}] [b-vpls | i-vpls | r-vpls]
The following is a sample VPLS configuration (for 7210 SAS-Dxp) output.
*A:ALA-1>config>service>vpls# info
----------------------------------------------
...
vpls 1000 customer 1 create
description "This is a VPLS with NULL SAP"
stp
shutdown
exit
no shutdown
exit
vpls 2000 customer 6 svc-sap-type any create
description "This is a Distributed VPLS with ANY SAP"
stp
shutdown
exit
no shutdown
exit
vpls 3000 customer 8 svc-sap-type dot1q-preserve customer-vid 300 create
description "This is a VPLS with QinQ Uplink SAP"
stp
shutdown
exit
no shutdown
exit
...
----------------------------------------------
*A:ALA-1>config>service>vpls#
Use the following syntax to create a VPLS service (for 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, and 7210 SAS-K 3SFP+ 8C).
— config>service# vpls service-id [customer customer-id] [create] [vpn <vpn-id>] [m-vpls] [svc-sap-type {dot1q-range |any}] [customer-vid <vlan-id>]
The following is a sample VPLS configuration (for 7210 SAS-2F1C2T) output.
*A:sask_duti>config>service>vpls$ info
----------------------------------------------
shutdown
stp
no shutdown
exit
----------------------------------------------
*A:sask_duti>config>service>vpls$ info detail
----------------------------------------------
shutdown
no description
service-mtu-check
service-mtu 1514
no def-mesh-vc-id
no disable-learning
no disable-aging
no discard-unknown
fdb-table-size 250
fdb-table-high-wmark 95
fdb-table-low-wmark 90
no host-connectivity-verify
no shcv-policy-ipv4
no send-flush-on-failure
local-age 300
no mfib-table-size
mfib-table-high-wmark 95
mfib-table-low-wmark 90
remote-age 900
no propagate-mac-flush
stp
priority 32768
hello-time 2
forward-delay 15
max-age 20
hold-count 6
mode rstp
mst-max-hops 20
no mst-name
mst-revision 0
no shutdown
exit
igmp-snooping
shutdown
query-interval 125
robust-count 2
report-src-ip 0.0.0.0
no query-src-ip
mvr
shutdown
no description
no group-policy
exit
exit
mac-move
move-frequency 2
retry-timeout 10
shutdown
exit
static-mac
exit
no vsd-domain
----------------------------------------------
*A:sask_duti>config>service>vpls$
Enabling MAC move
The mac-move feature is useful to protect against undetected loops in your VPLS topology as well as the presence of duplicate MACs in a VPLS service. For example, if two clients in the VPLS have the same MAC address, the VPLS will experience a high relearn rate for the MAC and will shut down the SAP when the threshold is exceeded.
Use the following syntax to configure mac-move parameters.
— config>service# vpls service-id [customer customer-id] [vpn vpn-id] [m-vpls]
— mac-move
— move-frequency frequency
— retry-timeout timeout
— no shutdown
The following is sample mac-move information.
*A:ALA-1# show service id 6 all
....
*A:ALA-1#
-------------------------------------------------------------------------------
Forwarding Database specifics
-------------------------------------------------------------------------------
Service Id : 1150 Mac Move : Disabled
Mac Move Rate : 2 Mac Move Timeout : 10
Table Size : 1000 Total Count : 1000
Learned Count : 1000 Static Count : 0
Remote Age : 900 Local Age : 300
High WaterMark : 95% Low Watermark : 90%
Mac Learning : Enabl Discard Unknown : Dsabl
Mac Aging : Enabl Relearn Only : True
===============================================================================
....
*A:ALA-1#
Configuring STP bridge parameters in a VPLS
Modifying some of the Spanning Tree Protocol parameters allows the operator to balance STP between resiliency and speed of convergence extremes. Modifying parameters must be done in the constraints of the following two formula:
2 x (Bridge_Forward_Delay - 1.0 seconds) >= Bridge_Max_Age
Bridge_Max_Age >= 2 x (Bridge_Hello0_Time + 1.0 seconds)
STP always uses the locally configured values for the first three parameters (Admin State, Mode and Priority).
For the parameters Max Age, Forward Delay, Hello Time and Hold Count, the locally configured values are only used when this bridge has been elected root bridge in the STP domain, otherwise the values received from the root bridge are used. The exception to this rule is: when STP is running in RSTP mode, the Hello Time is always taken from the locally configured parameter. The other parameters are only used when running mode MSTP.
Bridge STP admin state
The administrative state of STP at the VPLS level is controlled by the shutdown command.
When STP on the VPLS is administratively disabled, any BPDUs are forwarded transparently through the device. When STP on the VPLS is administratively enabled, but the administrative state of a SAP is down, BPDUs received on such a SAP are discarded.
— config>service>vpls
service-id# stp
— no shutdown
Mode
To be compatible with the different iterations of the IEEE 802.1D standard, the 7210 SAS devices support several variants of the Spanning Tree protocol:
rstp
Rapid Spanning Tree Protocol (RSTP) compliant with IEEE 802.1D-2004 - default mode.
dot1w
Compliant with IEEE 802.1w.
comp-dot1w
Operation as in RSTP but backwards compatible with IEEE 802.1w. This mode was introduced for interoperability with some MTU types.
mstp
Compliant with the Multiple Spanning Tree Protocol specified in IEEE 802.1Q REV/D5.0-09/2005. This mode of operation is only supported in an mVPLS.
See section Spanning tree operating modes for details on these modes.
— config>service>vpls service-id# stp
— mode {rstp | comp-dot1w | dot1w | mstp}
Default: rstp
Bridge priority
The bridge-priority command is used to populate the priority portion of the bridge ID field within outbound BPDUs (the most significant 4 bits of the bridge ID). It is also used as part of the decision process when determining the best BPDU between messages received and sent.
All values will be truncated to multiples of 4096, conforming with IEEE 802.1t and 802.1D-2004.
— config>service>vpls service-id# stp
— priority bridge-priority
Range: 1 to 65535
Default: 32768
Restore Default: no priority
Max age
The max-age command indicates how many hops a BPDU can traverse the network starting from the root bridge. The message age field in a BPDU transmitted by the root bridge is initialized to 0. Each other bridge will take the message_age value from BPDUs received on their root port and increment this value by 1. The message_age therefore reflects the distance from the root bridge. BPDUs with a message age exceeding max-age are ignored.
STP uses the max-age value configured in the root bridge. This value is propagated to the other bridges by the BPDUs. The default value of max-age is 20. This parameter can be modified within a range of 6 to 40, limited by the standard STP parameter interaction formulas.
— config>service>vpls service-id# stp
— max-age max-info-age
Range: 6 to 40 seconds
Default: 20 seconds
Restore Default: no max-age
Forward delay
RSTP, as defined in the IEEE 802.1D-2004 standards, will transition to the forwarding state by a handshaking mechanism (rapid transition), without any waiting times. If handshaking fails (e.g. on shared links, see the following), the system falls back to the timer-based mechanism defined in the original STP (802.1D-1998) standard.
A shared link is a link with more than two Ethernet bridges (for example, a shared 10/100BaseT segment). The port-type command is used to configure a link as point-to-point or shared (see section SAP link type).
For timer-based transitions, the 802.1D-2004 standard defines an internal variable forward-delay, which is used in calculating the default number of seconds that a SAP spends in the discarding and learning states when transitioning to the forwarding state. The value of the forward-delay variable depends on the STP operating mode of the VPLS instance:
In rstp mode, but only when the SAP has not fallen back to legacy STP operation, the value configured by the hello-time command is used.
In all other situations, the value configured by the forward-delay command is used.
— config>service>vpls service-id# stp
— forward-delay seconds
Range: 4 to 30 seconds
Default: 15 seconds
Restore Default: no forward-delay
Hello time
The hello-time command configures the Spanning Tree Protocol (STP) hello time for the Virtual Private LAN Service (VPLS) STP instance.
The seconds parameter defines the default timer value that controls the sending interval between BPDU configuration messages by this bridge, on ports where this bridge assumes the designated role.
The active hello time for the spanning tree is determined by the root bridge (except when the STP is running in RSTP mode, then the hello time is always taken from the locally configured parameter).
The configured hello-time value can also be used to calculate the bridge forward delay, see Forward delay.
— config>service>vpls service-id# stp
— hello-time hello-time
Range: 1 to 10 seconds
Default: 2 seconds
Restore Default: no hello-time
Hold count
The hold-count command configures the peak number of BPDUs that can be transmitted in a period of one second.
— config>service>vpls service-id# stp
— hold-count count-value
Range: 1 to 10
Default: 6
Restore Default: no hold-count
MST instances
You can create up to 15 MST-instances. They can range from 1 to 4094. By changing path-cost and priorities, you can make sure that each instance will form it's own tree within the region, therefore making sure different VLANs follow different paths.
You can assign non overlapping VLAN ranges to each instance. VLANs not assigned to an instance are implicitly assumed to be in instance 0, which is also called the CIST. This CIST cannot be deleted or created.
The parameter that can be defined per instance are mst-priority and vlan-range:
mst-priority
The bridge-priority for this specific mst-instance. It follows the same rules as bridge-priority. For the CIST, the bridge-priority is used.
vlan-range
The VLANs are mapped to this specific mst-instance. If no VLAN-ranges are defined in any mst-instances, then all VLANs are mapped to the CIST.
MST max hops
The mst-max-hops command defines the maximum number of hops the BPDU can traverse inside the region. Outside the region max-age is used.
MST name
The MST name defines the name that the operator gives to a region. Together with MST revision and the VLAN to MST-instance mapping, it forms the MST configuration identifier. Two bridges that have the same MST configuration identifier form a region if they exchange BPDUs.
MST revision
The MST revision together with MST-name and VLAN to MST-instance mapping define the MST configuration identifier. Two bridges that have the same MST configuration identifier form a region if they exchange BPDUs.
Configuring a VPLS SAP
A default QoS policy is applied to each ingress SAP. Additional QoS policies can be configured in the config>qos context. There are no default filter policies. Filter policies are configured in the config>filter context and must be explicitly applied to a SAP.
Local VPLS SAPs
To configure a local VPLS service, enter thesap sap-id command twice with different port IDs in the same service configuration.
*A:ALA-1>config>service# info
----------------------------------------------
vpls 1000 customer 1 create
description "This is a Local VPLS with NULL SAP"
stp
shutdown
exit
sap 1/1/1 create
exit
sap 1/1/2 create
exit
sap 1/1/3:500.* create
exit
no shutdown
exit
vpls 2000 customer 6 create
description "This is a Local VPLS with DOT1Q SAP"
stp
shutdown
exit
sap 1/1/4:100 create
exit
sap 1/1/5:200 create
exit
sap 1/1/3:900.* create
exit
no shutdown
exit
vpls 3000 customer 8 create
description "This is a Local VPLS"
stp
shutdown
exit
sap 1/1/4:300 create
exit
sap 1/1/5:300 create
exit
sap 1/1/3:1200 create
exit
no shutdown
exit
----------------------------------------------
*A:ALA-1>config>service#
Distributed VPLS service with SAPs (on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
To configure a distributed VPLS service, you must configure service entities on originating and far-end nodes. You must use the same service ID on all ends (for example, create a VPLS service ID 9000 on ALA-1, ALA-2, and ALA-3). A distributed VPLS consists of a SAP on each participating node and an SDP bound to each participating node.
The following is a sample configuration output of VPLS SAPs configured for ALA-1, ALA-2, and ALA-3.
*A:ALA-3>config>service# info
----------------------------------------------
vpls 100 customer 1 svc-sap-type any create
shutdown
no description
service-mtu-check
service-mtu 1514
no def-mesh-vc-id
no disable-learning
no disable-aging
no discard-unknown
fdb-table-size 250
fdb-table-high-wmark 95
fdb-table-low-wmark 90
no host-connectivity-verify
no shcv-policy-ipv4
no send-flush-on-failure
local-age 300
no mfib-table-size
mfib-table-high-wmark 95
mfib-table-low-wmark 90
remote-age 900
no propagate-mac-flush
bgp
no route-distinguisher
no vsi-export
no vsi-import
no route-target
exit
----------------------------------------------
*A:ALA-3>config>service#
Configuring default QinQ SAPs to pass all traffic from access to access-uplink port without any tag modifications
The following is a sample VPLS SAP configuration output of Default QinQ SAPs.
ALA-1>config>service# vpls 9 customer 1 svc-sap-type null-star create
shutdown
stp
shutdown
exit
sap 1/1/5:*.* create
statistics
ingress
received-count
exit
exit
exit
sap 1/1/6:*.* create
statistics
ingress
received-count
exit
exit
exit
exit
Configuring SAP-specific STP parameters
When a VPLS has STP enabled, each SAP within the VPLS has STP enabled by default. The operation of STP on each SAP is governed by the following.
SAP STP administrative state
The administrative state of STP within a SAP controls how BPDUs are transmitted and handled when received. The allowable states are:
SAP Admin Up
The default administrative state is up for STP on a SAP. BPDUs are handled in the normal STP manner on a SAP that is administratively up.
SAP Admin Down
An administratively down state allows a service provider to prevent a SAP from becoming operationally blocked. BPDUs will not originate out the SAP toward the customer.
If STP is enabled on VPLS level, but disabled on the SAP, received BPDUs are discarded. Discarding the incoming BPDUs allows STP to continue to operate within the VPLS service while ignoring the down SAP. The specified SAP will always be in an operationally forwarding state.
Note:The administratively down state allows a loop to form within the VPLS.
— config>service>vpls>sap>stp#
— [no] shutdown
Range: shutdown
or no shutdown
Default: no shutdown
(SAP admin up)
SAP virtual port number
The virtual port number uniquely identifies a SAP within configuration BPDUs. The internal representation of a SAP is unique to a system and has a reference space much bigger than the 12 bits definable in a configuration BPDU. STP takes the internal representation value of a SAP and identifies it with it’s own virtual port number that is unique to every other SAP defined on the VPLS. The virtual port number is assigned at the time that the SAP is added to the VPLS.
Since the order in which SAPs are added to the VPLS is not preserved between reboots of the system, the virtual port number may change between restarts of the STP instance. To achieve consistency after a reboot, the virtual port number can be specified explicitly.
— config>service>vpls>sap# stp
— port-num number
Range: 1 — 2047
Default: automatically generated
Restore Default: no port-num
SAP priority
SAP priority allows a configurable ‟tie breaking” parameter to be associated with a SAP. When configuration BPDUs are being received, the configured SAP priority will be used in some circumstances to determine whether a SAP will be designated or blocked.
In traditional STP implementations (802.1D-1998), this field is called the port priority and has a value of 0 to 255. This field is coupled with the port number (0 to 255 also) to create a 16 bit value. In the latest STP standard (802.1D-2004) only the upper 4 bits of the port priority field are used to encode the SAP priority. The remaining 4 bits are used to extend the port ID field into a 12 bit virtual port number field. The virtual port number uniquely references a SAP within the STP instance. See SAP virtual port number for details on the virtual port number.
STP computes the actual SAP priority by taking the configured priority value and masking out the lower four bits. The result is the value that is stored in the SAP priority parameter. For example, if a value of 0 was entered, masking out the lower 4 bits would result in a parameter value of 0. If a value of 255 was entered, the result would be 240.
The default value for SAP priority is 128. This parameter can be modified within a range of 0 to 255, 0 being the highest priority. Masking causes the values actually stored and displayed to be 0 to 240, in increments of 16.
— config>service>vpls>sap>stp#
— priority stp-priority
Range: 0 to 255 (240 largest value, in increments of 16)
Default: 128
Restore Default: no priority
SAP path cost
The SAP path cost is used by STP to calculate the path cost to the root bridge. The path cost in BPDUs received on the root port is incremental with the configured path cost for that SAP. When BPDUs are sent out other egress SAPs, the newly calculated root path cost is used.
STP suggests that the path cost is defined as a function of the link bandwidth. Since SAPs are controlled by complex queuing dynamics, the STP path cost is a static configuration on the 7210 SAS.
The default value for SAP path cost is 10. This parameter can be modified within a range of 1 to 65535, 1 being the lowest cost.
— config>service>vpls>sap>stp#
— path-cost sap-path-cost
Range: 1 to 200000000
Default: 10
Restore Default: no path-cost
SAP edge port
The SAP edge-port
command is used to reduce the time it takes a SAP to reach the forwarding state when the SAP is on the edge of the network, and therefore has no further STP bridge to handshake with.
The edge-port
command is used to initialize the internal OPER_EDGE variable. At any time, when OPER_EDGE is false on a SAP, the normal mechanisms are used to transition to the forwarding state (see Forward delay). When OPER_EDGE is true, STP assumes that the remote end agrees to transition to the forwarding state without actually receiving a BPDU with an agreement flag set.
The OPER_EDGE variable will dynamically be set to false if the SAP receives BPDUs (the configured edge-port value does not change). The OPER_EDGE variable will dynamically be set to true if auto-edge is enabled and STP concludes there is no bridge behind the SAP.
When STP on the SAP is administratively disabled and re-enabled, the OPER_EDGE is reinitialized to the value configured for edge-port.
Valid values for SAP edge-port are enabled and disabled with disabled being the default.
— config>service>vpls>sap>stp#
— [no] edge-port
Default: no edge-port
SAP auto edge
The SAP edge-port command is used to instruct STP to dynamically decide whether the SAP is connected to another bridge.
If auto-edge is enabled, and STP concludes there is no bridge behind the SAP, the OPER_EDGE variable will dynamically be set to true. If auto-edge is enabled, and a BPDU is received, the OPER_EDGE variable will dynamically be set to true (see SAP edge port).
Valid values for SAP auto-edge are enabled and disabled with enabled being the default.
— config>service>vpls>sap>stp#
— [no] auto-edge
Default: auto-edge
SAP link type
The SAP link-type parameter instructs STP on the maximum number of bridges behind this SAP. If there is only a single bridge, transitioning to forwarding state will be based on handshaking (fast transitions). If more than two bridges are connected by a shared media, their SAPs should all be configured as shared, and timer-based transitions are used.
Valid values for SAP link-type are shared and pt-pt with pt-pt being the default.
— config>service>vpls>sap>stp#
— link-type {pt-pt|shared}
Default: link-type pt-pt
Restore Default: no link-type
MST instances
The SAP mst-instance command is used to create MST instances at the SAP level. MST instance at a SAP level can be created only if MST instances are defined at the service level.
The parameters that can be defined per instance are mst-path-cost and mst-port-priority:
mst-path-cost
Specifies path-cost within a specific MST instance. The path-cost is proportional to link speed.
mst-port-priority
Specifies the port priority within a specific MST instance.
STP SAP operational states
The operational state of STP within a SAP controls how BPDUs are transmitted and handled when received.
Operationally disabled
Operationally disabled is the normal operational state for STP on a SAP in a VPLS that has any of the following conditions:
VPLS state administratively down
SAP state administratively down
SAP state operationally down
If the SAP enters the operationally up state with the STP administratively up and the SAP STP state is up, the SAP will transition to the STP SAP discarding state.
When, during normal operation, the router detects a downstream loop behind a SAP, BPDUs can be received at a very high rate. To recover from this situation, STP will transition the SAP to disabled state for the configured forward-delay duration.
Operationally discarding
A SAP in the discarding state only receives and sends BPDUs, building the local correct STP state for each SAP while not forwarding actual user traffic. The duration of the discarding state is described in section Forward delay.
Note: in previous versions of the STP standard, the discarding state was called a blocked state.
Operationally learning
The learning state allows population of the MAC forwarding table before entering the forwarding state. In this state, no user traffic is forwarded.
Operationally forwarding
Configuration BPDUs are sent out a SAP in the forwarding state. Layer 2 frames received on the SAP are source learned and destination forwarded according to the FIB. Layer 2 frames received on other forwarding interfaces and destined for the SAP are also forwarded.
SAP BPDU encapsulation state
STP is associated with a VPLS service like PVST is associated per VLAN. The main difference resides in the Ethernet and LLC framing and a type-length-value (TLV) field trailing the BPDU.
IEEE 802.1d (referred as dot1d) and Cisco per VLAN Spanning Tree (PVST) BPDU encapsulations are supported on a per SAP basis. The STP is associated with a VPLS service like PVST is per VLAN. The difference between the two encapsulations is in the Ethernet and LLC framing and a type-length-value (TLV) field trailing the BPDU.The encapsulation format cannot be configured by the user, the system automatically determines the encapsulation format based on the BPDUs received on the port.
SAP BPDU encapsulation states shows differences between Dot1d and PVST Ethernet BPDU encapsulations based on the interface encap-type field.
Field |
dot1d encap-type null |
dot1d encap-type dot1q |
PVST encap-type null |
PVST encap-type dot1q |
---|---|---|---|---|
Destination MAC |
01:80:c2:00:00:00 |
01:80:c2:00:00:00 |
N/A |
01:00:0c:cc:cc:cd |
Source MAC |
Sending Port MAC |
Sending Port MAC |
N/A |
Sending Port MAC |
EtherType |
N/A |
0x81 00 |
N/A |
0x81 00 |
Dot1p and CFI |
N/A |
0xe |
N/A |
0xe |
Dot1q |
N/A |
VPLS SAP ID |
N/A |
VPLS SAP encap value |
Length |
LLC Length |
LLC Length |
N/A |
LLC Length |
LLC DSAP SSAP |
0x4242 |
0x4242 |
N/A |
0xaaaa (SNAP) |
LLC CNTL |
0x03 |
0x03 |
N/A |
0x03 |
SNAP OUI |
N/A |
N/A |
N/A |
00 00 0c (Cisco OUI) |
SNAP PID |
N/A |
N/A |
N/A |
01 0b |
CONFIG |
Standard 802.1d |
Standard 802.1d |
N/A |
Standard 802.1d |
TLV: Type & Len |
N/A |
N/A |
N/A |
58 00 00 00 02 |
TLV: VLAN |
N/A |
N/A |
N/A |
VPLS SAP encap value |
Padding |
As Required |
As Required |
N/A |
As Required |
Each SAP has a Read-Only operational state that shows which BPDU encapsulation is currently active on the SAP. The states are:
Dot1d
This state specifies that the switch is currently sending IEEE 802.1d standard BPDUs. The BPDUs are tagged or non-tagged based on the encapsulation type of the egress interface and the encapsulation value defined in the SAP. A SAP defined on an interface with encapsulation type Dot1q continues in the dot1d BPDU encapsulation state until a PVST encapsulated BPDU is received. When a PVST-encapsulated BPDU is received, the SAP converts to the PVST encapsulation state. Each received BPDU must be correctly IEEE 802.1q tagged, if the interface encapsulation type is defined as dot1q. PVST BPDUs are silently discarded, if received, when the SAP is on an interface defined with encapsulation type null.
PVST
This state specifies that the switch is currently sending proprietary encapsulated BPDUs. PVST BPDUs are only supported on Ethernet interfaces with the encapsulation type set to dot1q. The SAP continues in the PVST BPDU encapsulation state until a dot1d encapsulated BPDU is received.When a dot1d-encapsulated BPDU is received, the SAP reverts to the dot1d encapsulation state. Each received BPDU must be correctly IEEE 802.1q tagged with the encapsulation value defined for the SAP. PVST BPDUs are silently discarded, if received, when the SAP is on an interface defined with a null encapsulation type.
Dot1d is the initial and only SAP BPDU encapsulation state for SAPs defined on Ethernet interface with encapsulation type set to null.
Configuring VPLS SAPs with per-service split horizon
Split Horizon group per service is only supported on the 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, and 7210 SAS-K 3SFP+ 8C.
To configure a VPLS service with a split horizon group, add the split-horizon-group parameter when creating the SAP. Traffic arriving on a SAP within a split horizon group will not be copied to other SAPs in the same split horizon group.
The following is a sample VPLS configuration output with split horizon enabled.
*A:ALA-1>config>service# info
----------------------------------------------
...
vpls 800 customer 6001 vpn 700 create
description "VPLS with split horizon for DSL"
stp
shutdown
exit
sap 1/1/3:100 split-horizon-group DSL-group1 create
description "SAP for residential bridging"
exit
sap 1/1/3:200 split-horizon-group DSL-group1 create
description "SAP for residential bridging"
exit
split-horizon-group DSL-group1
description "Split horizon group for DSL"
exit
no shutdown
exit
...
----------------------------------------------
*A:ALA-1>config>service#
Configuring SDP bindings
SDPs are only supported on the 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C.
VPLS provides scaling and operational advantages. A hierarchical configuration eliminates the need for a full mesh of VCs between participating devices. Hierarchy is achieved by enhancing the base VPLS core mesh of VCs with access VCs (spoke) to form two tiers. Spoke-SDPs are generally created between Layer 2 switches and placed at the Multi-Tenant Unit (MTU). The PE routers are placed at the service provider's Point of Presence (POP). Signaling and replication overhead on all devices is considerably reduced.
A spoke-SDP is treated like the equivalent of a traditional bridge port where flooded traffic received on the spoke-SDP is replicated on all other "ports" (other spoke-SDPs or SAPs) and not transmitted on the port it was received (unless a split horizon group was defined on the spoke-SDP, see section Configuring VPLS spoke-SDPs with split horizon).
A spoke-SDP connects a VPLS service between two sites and, in its simplest form, could be a single tunnel LSP. A set of ingress and egress VC labels are exchanged for each VPLS service instance to be transported over this LSP. The PE routers at each end treat this as a virtual spoke connection for the VPLS service in the same way as the PE-MTU connections. This architecture minimizes the signaling overhead and avoids a full mesh of VCs and LSPs between the two metro networks.
A VC-ID can be specified with the SDP-ID. The VC-ID is used instead of a label to identify a virtual circuit. The VC-ID is significant between peer SRs on the same hierarchical level. The value of a VC-ID is conceptually independent from the value of the label or any other data-link specific information of the VC.
Configuring VPLS spoke-SDPs with split horizon
Split Horizon group with spoke-SDPs is only supported on the 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C.
To configure spoke-SDPs with a split horizon group, add the split-horizon-group parameter when creating the spoke-SDP. Traffic arriving on a SAP or spoke-SDP within a split horizon group will not be copied to other SAPs or spoke-SDPs in the same split horizon group.
The following is a sample VPLS configuration output with split horizon enabled.
*A:ALA-1>config>service# info
----------------------------------------------
...
vpls 800 customer 6001 vpn 700 create
description "VPLS with split horizon for DSL"
stp
shutdown
exit
spoke-sdp 51:15 split-horizon-group DSL-group1 create
exit
split-horizon-group DSL-group1
description "Split horizon group for DSL"
exit
no shutdown
exit
...
----------------------------------------------
*A:ALA-1>config>service#
Configuring VPLS redundancy
This section describes the service management tasks.
Creating a management VPLS for SAP protection
This section provides a brief overview of the tasks that must be performed to configure a management VPLS for SAP protection and provides the CLI commands, see Example configuration for protected VPLS SAP. The following tasks should be performed on both nodes providing the protected VPLS service:
Create an access uplink SAPs to the peer node.
Create a management VPLS.
Define a SAP in the m-vpls on the port toward the 7210 SAS. Note that the port must be dot1q. The SAP corresponds to the (stacked) VLAN on the 7210 SAS in which STP is active.
Optionally modify STP parameters for load balancing.
Create access uplink SAPs in the m-vpls using the access uplink SAPs defined in Step 1.
Enable the management VPLS service and verify that it is operationally up.
Create a list of VLANs on the port managed by this management VPLS.
Create one or more user VPLS services with SAPs on VLANs in the range defined by Step 6.
— config>service# vpls service-id [customer customer-id] [create] [m-vpls]
— description description-string
— sap sap-id create
— managed-vlan-list
— range vlan-range
— stp
— no shutdown
The following is a sample VPLS configuration output.
*A:ALA-1>config>service# info
----------------------------------------------
vpls 2000 customer 6 m-vpls create
stp
no shutdown
exit
sap 1/1/1:100 create
exit
sap 1/1/2:200 create
exit
sap 1/1/3:300 create
managed-vlan-list
range 1-50
exit
no shutdown
exit
----------------------------------------------
*A:ALA-1>config>service#
Configuring load balancing with management VPLS
With the concept of management VPLS, it is possible to load balance the user VPLS services across the two protecting nodes. This is done by creating two management VPLS instances, where both instances have different active QinQ SAPs (by changing the STP path-cost). When different user VPLS services are associated with either the two management VPLS services, the traffic will be split across the two QinQ SAPs. Load balancing can be achieved in SAP protection scenarios.
The following figure is an example configuration for load balancing across management VPLS.
Note: the STP path costs in each peer node should be reversed.
— (for 7210 SAS-D)config>service# vpls service-id [customer customer-id] [create][m-vpls] [svc-sap-type {null-star | any | dot1q-preserve}] [customer-vid vlan-id]
— description description-string
— sap sap-id create
— managed-vlan-list
— range vlan-range
— stp
— no shutdown
The following is a sample VPLS configuration output.
*A:ALA-1>config>service# info
----------------------------------------------
vpls 100 customer 1 m-vpls svc-sap-type any create
stp
no shutdown
exit
sap 1/1/2:100.* create
managed-vlan-list
range 1-10
exit
stp
path-cost 1
exit
exit
sap 1/1/3:500.* create
shutdown
managed-vlan-list
range 1-10
exit
exit
no shutdown
exit
vpls 200 customer 6 m-vpls svc-sap-type any create
stp
no shutdown
exit
sap 1/1/2:1000.* create
managed-vlan-list
range 110-200
exit
exit
sap 1/1/3:2000.* create
managed-vlan-list
range 110-200
exit
stp
path-cost 1
exit
exit
no shutdown
exit
vpls 101 customer 1 svc-sap-type any create
stp
shutdown
exit
sap 1/1/1:100 create
exit
sap 1/1/2:1.* create
exit
sap 1/1/3:1.* create
exit
no shutdown
exit
vpls 201 customer 1 svc-sap-type any create
stp
shutdown
exit
sap 1/1/1:200 create
exit
sap 1/1/2:110.* create
exit
sap 1/1/3:110.* create
exit
no shutdown
exit
----------------------------------------------
Configuring a BGP Auto-Discovery on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
This section provides important information to describe the different configuration options used to populate the required BGP AD and generate the LDP generalized pseudowire-ID FEC fields. There are a large number of configuration options that are available with the this feature. Not all these configurations option are required to start using BGP AD. At the end of this section, it will be apparent that a very simple configuration will automatically generate the required values used by BGP and LDP. In most cases, deployments will provide full mesh connectivity between all nodes across a VPLS instance. However, capabilities are available to influence the topology and build hierarchies or hub and spoke models.
BGP AD automatically creates SDP-bindings using a template to configure SDP-binding configuration parameters. The l2-auto-bind command initiates a template that is used by BGP AD for PW instantiation under related VPLS instances.
The template may be referenced in the ‟service vpls bgp-ad” object and used subsequently to instantiate PWs to a remote PE and VSI instance advertised through BGP Auto-Discovery. Changes to these dynamically created objects cannot be performed directly through CLI or SNMP. There are two possible methods to initiate the change:
Configure a new ‟l2-auto-bind” association under service>vpls>bgp-ad. This method is used when the existing policy is used by multiple VPLS services and only one or a few require the change.
Change the parameters of the current template. This method is used when a change in parameter is required for the majority of VPLS services that use the template.
Changes are not automatically propagated to the instantiated objects and must be done through one of two tool commands:
— tools>perform>service# eval-pw-template policy-id [allow-service-impact]
— tools>perform>service>id# eval-pw-template policy-id [allow-service-impact]
This command forces evaluation of changes that were made in the l2-auto-bind template indicated in the command. This command can be applied to an individual VPLS service or all VPLS services that reference the template if no service is specified.
The parameters are divided into three classes.
class 1 - modified at create time only
class 2 - modified only when the object is administratively shutdown
class 3 - no restrictions
Parameters that fall into class 1 will destroy existing objects and recreate objects with the new values. Parameters in class 2 will momentarily shutdown the object, change the parameter, then re-enable the object. Class 3 can be changed without affecting the operational status of the objects of service.
For the l2-auto-bind template, the parameters are treated as follows:
class 1 - adding or removing a split-horizon-group, switching between a manual and auto SDP
class 2 - changing the vc-type {ether|vlan}
class 3 - all other changes
The keyword allow-service-impact enables service impacting changes. If this keyword is not configured, an error message is generated if the parameter changes are service impacting.
Configuration steps
Using the following figure, assume PE6 was previously configured with VPLS 100 as indicated by the configurations lines in the upper right. The BGP AD process will commence after PE134 is configured with the VPLS 100 instance as shown in the upper left. This shows a very basic and simple BGP AD configuration. The minimum requirement for enabling BGP AD on a VPLS instance is configuring the VPLS-ID and point to a pseudowire template.
In many cases, VPLS connectivity is based on a pseudowire mesh. To reduce the configuration requirement, the BGP values can be automatically generated using the VPLS-ID and the MPLS router-ID. By default, the lower six bytes of the VPLS-ID are used to generate the RD and the RT values. The VSI-ID value is generated from the MPLS router-ID. All of these parameters are configurable and can be coded to suit requirements and build different topologies.
The following CLI example shows the BGP AD CLI command tree.
— config>service>vpls>bgp-ad
— [no] pw-template-bind
— [no] route-target
— [no] shutdown
— vpls-id
— [no] vsi-export
— vsi-id
— [no] vsi-import
A helpful command displays the service information, the BGP parameters and the SDP bindings in use. When the discovery process is completed successfully each endpoint will have an entry for the service.
*A:H-SASK# show service l2-route-table
========================================================================
Services: L2 Route Information - Summary
========================================================================
Svc Id L2-Routes (RD-Prefix) Next Hop Origin
Sdp Bind Id PW Temp Id
------------------------------------------------------------------------
------------------------------------------------------------------------
No. of L2 Route Entries: 0
========================================================================
===============================================================================
Services: L2 Multi-Homing Route Information - Summary
===============================================================================
Svc Id L2-Routes (RD-Prefix) Next Hop SiteId State DF
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
No. of L2 Multi-Homing Route Entries: 0
===============================================================================
========================================================
Services: L2 Bgp-Vpls Route Information - Summary
========================================================
Svc Id L2-Routes (RD) Next Hop Ve-Id
Sdp Bind Id PW Temp Id
--------------------------------------------------------
--------------------------------------------------------
No. of L2 Bgp-Vpls Route Entries: 0
========================================================
========================================================
Services: L2 Bgp-Vpws Route Information - Summary
========================================================
Svc Id L2-Routes (RD) Next Hop Ve-Id
Sdp Bind Id PW Temp Id
---------------------------------
When only one of the endpoints has an entry for the service in the l2-routing-table, it is most likely a problem with the RT values used for import and export. This would most likely happen when different import and export RT values are configured using a router policy or the route-target command.
Service specific commands continue to be available to display service specific information, including status.
*A:H-SASK# show service sdp-using
===============================================================================
SDP Using
===============================================================================
SvcId SdpId Type Far End Opr I.Label E.Label
:GlobalId State
-------------------------------------------------------------------------------
1 1:1 Spok 4.4.4.4 Up 130769 130872
2 2:2 Spok 4.4.4.4 Up 130770 130873
3 3:3 Spok 4.4.4.4 Up 130771 130874
4 4:4 Spok 4.4.4.4 Up 130772 130875
5 5:5 Spok 4.4.4.4 Up 130773 130876
6 6:6 Spok 4.4.4.4 Up 130774 130877
7 7:7 Spok 4.4.4.4 Up 130775 130878
8 8:8 Spok 4.4.4.4 Up 130776 130879
9 9:9 Spok 4.4.4.4 Up 130777 130880
10 10:10 Spok 4.4.4.4 Up 130778 130881
11 11:11 Spok 4.4.4.4 Up 130779 130882
12 12:12 Spok 4.4.4.4 Up 130780 130883
BGP AD advertises the VPLS-ID in the extended community attribute, VSI-ID in the NLRI and the local PE ID in the BGP next hop. At the receiving PE, the VPLS-ID is compared against locally provisioned information to determine whether the two PEs share a common VPLS. If it is found that they do, the BGP information is used in the signaling phase.
BGP- AD- LDP signaling
T-LDP is triggered when the VPN endpoints have been discovered using BGP. The T-LDP session between the PEs is established when one does not exist. The far-end IP address required for the T-LDP identification is gleaned from the BGP AD next hop information. The pw-template and pw-template-binding configuration statements are used to establish the automatic SDP or to map to the appropriate SDP. The FEC129 content is built using the following values:
AGI from the locally configured VPLS-ID.
The SAII from the locally configured VSI-ID.
The TAII from the VSI-ID contained in the last 4 bytes of the received BGP NLRI.
The following figure shows the different detailed phases of the LDP signaling path, post BGP AD completion. It also indicates how some fields can be auto generated when they are not specified in the configuration.
The first command shows the LDP peering relationships that have been established (as shown in the following figure). The type of adjacency is displayed in the ‟Adj Type” column. In this case the type is ‟Both” meaning link and targeted sessions have been successfully established.
The second command shows the specific LDP service label information broken up per FEC element type, 128 or 129, basis (as shown in the following figure). The information for FEC element 129 includes the AGI, SAII and the TAII.
BGP AD- pseudowire template
The pseudowire template is defined under the top-level service command (config>service> pw-template) and specifies whether to use an automatically generated SDP or manually configured SDP. It also provides the set of parameters required for establishing the pseudowire (SDP binding) as follows.
PERs6>config>service# pw-template 1 create
-[no] pw-template <policy-id> [use-provisioned-sdp | prefer-provisioned-sdp]
<policy-id> : [1..2147483647]
<use-provisioned-s*> : keyword
<prefer-provisioned*> : keyword
[no] accounting-pol* - Configure accounting-policy to be used
[no] auto-learn-mac* - Enable/Disable automatic update of MAC protect list
[no] block-on-peer-* - Enable/Disable block traffic on peer fault
[no] collect-stats - Enable/disable statistics collection
[no] control word - Enable/Disable the use of Control Word
[no] disable-aging - Enable/disable aging of MAC addresses
[no] disable-learni* - Enable/disable learning of new MAC addresses
[no] discard-unknow* - Enable/disable discarding of frames with unknown source
MAC address
egress + Spoke SDP binding egress configuration
[no] force-qinq-vc-* - Forces qinq-vc-type forwarding in the data-path
[no] force-vlan-vc-* - Forces vlan-vc-type forwarding in the data-path
[no] hash-label - Enable/disable use of hash-label
igmp-snooping + Configure IGMP snooping parameters
in gr ess + Spoke SDP binding ingress configuration
[no] l2pt-terminati* - Configure L2PT termination on this spoke SDP
[no] limit-mac-move - Configure mac move
[no] mac-pinning - Enable/disable MAC address pinning on this spoke SDP
[no] max-nbr-mac-ad* - Configure the maximum number of MAC entries in the FDB
from this SDP
[no] restrict-prote* - Enable/disable protected src MAC restriction
[no] sdp-exclude - Configure excluded SDP group
[no] sdp-include - Configure included SDP group
[no] split-horizon-* + Configure a split horizon group
stp + Configure STP parameters
vc-type - Configure VC type
[no] vlan-vc-tag - Configure VLAN VC tag
A pw-template-binding command configured within the VPLS service under the bgp-ad subcommand is a pointer to the pw-template that should be used. If a VPLS service does not specify an import-rt list, then that binding applies to all route targets accepted by that VPLS. The pw-template-bind command can select a different template on a per import-rt basis. It is also possible to specify specific pw-templates for some route targets with a VPLS service and use the single pw-template-binding command to address all unspecified but accepted imported targets.
The following figure shows the PW-template-binding CLI syntax.
It is important understand the significance of the split-horizon-group used by the pw-template. Traditionally, when a VPLS instance was manually created using mesh-sdp bindings, these were automatically placed in a common split-horizon-group to prevent forwarding between the pseudowire in the VPLS instances. This prevents loops that would have otherwise occurred in the Layer 2 service. When automatically discovering VPLS service using BGP AD the service provider has the option of associating the auto-discovered pseudowire with a split-horizon group to control the forwarding between pseudowires.
Configuring a VPLS management interface
Use the following syntax to create a VPLS management interface.
— config>service>vpls# interface ip-int-name
— address ip-address[/mask] [netmask]
— arp-timeout seconds
— description description-string
— mac ieee-address
— no shutdown
— static-arp ip-address ieee-address
The following is a sample configuration output.
A:ALA-49>config>service>vpls>interface# info detail
---------------------------------------------
no description
mac 14:31:ff:00:00:00
address 10.231.10.10/24
no arp-timeout
no shutdown
---------------------------------------------
A:ALA-49>config>service>vpls>interface#
Creating a management VPLS for SAP protection using MPLS uplinks
This section provides a brief overview of the tasks that must be performed to configure a management VPLS for SAP protection and provides the CLI commands. The following tasks should be performed on both nodes providing the protected VPLS service.
Before configuring a management VPLS, first read Configuring VPLS redundancy for an introduction to the concept of management VPLS and SAP redundancy:
Create an SDP to the peer node.
Create a management VPLS.
Define a SAP in the m-vpls on the port toward the 7210 SAS. Note that the port must be dot1q. The SAP corresponds to the (stacked) VLAN on the 7210 SAS in which STP is active.
Optionally modify STP parameters for load balancing (see Configuring Load Balancing with Management VPLS on page 414).
Create an SDP in the m-vpls using the SDP defined in Step 1. Ensure that this SDP runs over a protected LSP.
Enable the management VPLS service and verify that it is operationally up.
Create a list of VLANs on the port managed by this management VPLS.
Create one or more user VPLS services with SAPs on VLANs in the range defined by Step 6.
— config>service# vpls service-id [customer customer-id] [create] [m-vpls]
— description description-string
— sap sap-id create
— managed-vlan-list
— range vlan-range
— stp
— no shutdown
The following is a sample VPLS configuration output.
*A:ALA-1>config>service# info
----------------------------------------------
vpls 2000 customer 6 m-vpls create
stp
no shutdown
exit
sap 1/1/1:100 create
exit
sap 1/1/2:200 create
exit
sap 1/1/3:300 create
managed-vlan-list
range 1-50
exit
no shutdown
exit
----------------------------------------------
*A:ALA-1>config>service#
Creating a management VPLS for spoke-SDP protection, using MPLS uplinks (7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
This section provides a brief overview of the tasks that must be performed to configure a management VPLS for spoke-SDP protection and provides the CLI commands. The following tasks should be performed on all four nodes providing the protected VPLS service.
Before configuring a management VPLS, please first read Configuring VPLS redundancy Configuring VPLS redundancy for an introduction to the concept of management VPLS and spoke-SDP redundancy:
Create an SDP to the local peer node (node ALA-A2 in the following sample).
Create an SDP to the remote peer node (node ALA-B1 in the following sample).
Create a management VPLS.
Create a spoke-SDP in the m-vpls using the SDP defined in Step 1. Ensure that this mesh-spoke-SDP runs over a protected LSP (see following note).
Enable the management VPLS service and verify that it is operationally up.
Create a spoke-SDP in the m-vpls using the SDP defined in Step 2. Optionally, modify STP parameters for load balancing.
Create one or more user VPLS services with spoke-SDPs on the tunnel SDP defined by Step 2.
As long as the user spoke-SDPs created in step 7 are in this same tunnel SDP with the management spoke-SDP created in step 6, the management VPLS will protect them.
Use the following syntax to create a management VPLS for spoke-SDP protection.
— config>service# sdp sdp-id mpls create
— far-end ip-address
— lsp lsp-name
— no shutdown
— vpls service-id customer customer-id [m-vpls] create
— description description-string
— spoke-sdp sdp-id:vc-id create
— stp
— no shutdown
The following is a sample VPLS configuration output.
*A:ALA-A1>config>service# info
----------------------------------------------
...
sdp 1 mpls create
shutdown
no description
signaling tldp
no ldp
no sr-isis
no sr-ospf
no bgp-tunnel
no path-mtu
no adv-mtu-override
keep-alive
shutdown
hello-time 10
hold-down-time 10
max-drop-count 3
timeout 5
no message-length
exit
...
----------------------------------------------
*A:ALA-A1>config>service#
Configuring load balancing with management VPLS using MPLS uplinks (7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
This is done by creating two management VPLS instances, where both instances have different active spokes (by changing the STP path-cost). When different user VPLS services are associated with either the two management VPLS services, the traffic will be split across the two spokes.
Load balancing can be achieved in both the SAP protection and spoke-SDP protection scenarios.
Use the following syntax to create a load balancing across two management VPLS instances.
— config>service# sdp sdp-id mpls create
— far-end ip-address
— lsp lsp-name
— no shutdown
— vpls service-id customer customer-id [m-vpls] create
— description description-string
— spoke-sdp sdp-id:vc-id create
— stp
— path-cost
— stp
— no shutdown
This following outputs are sample configurations for load balancing across two protected VPLS spoke-SDPs.
The following is a sample configuration output on ALA-A (7210 SAS).
# MVPLS 100 configs
*A:ALA-A# configure service vpls 100
*A:ALA-A>config>service>vpls# info
----------------------------------------------
description "Default tls description for service id 100"
stp
no shutdown
exit
sap lag-3:100 create
description "Default sap description for service id 100"
managed-vlan-list
range 101-110
exit
exit
spoke-sdp 1201:100 create
stp
path-cost 100
exit
exit
spoke-sdp 1401:100 create
exit
no shutdown
----------------------------------------------
*A:ALA-A>config>service>vpls#
# UVPLS 101 configs
*A:ALA-A>config>service# vpls 101
*A:ALA-A>config>service>vpls# info
----------------------------------------------
description "Default tls description for service id 101"
sap lag-3:101 create
description "Default sap description for service id 101"
exit
spoke-sdp 1201:101 create
exit
spoke-sdp 1401:101 create
exit
no shutdown
----------------------------------------------
*A:ALA-A>config>service>vpls#
# MVPLS 200 configs
*A:ALA-A# configure service vpls 200
*A:ALA-A>config>service>vpls# info
----------------------------------------------
description "Default tls description for service id 200"
stp
no shutdown
exit
sap lag-3:200 create
description "Default sap description for service id 200"
managed-vlan-list
range 201-210
exit
exit
spoke-sdp 1202:200 create
exit
spoke-sdp 1402:200 create
stp
path-cost 100
exit
exit
no shutdown
----------------------------------------------
*A:ALA-A>config>service>vpls#
# UVPLS 201 configs
*A:ALA-A>config>service# vpls 201
*A:ALA-A>config>service>vpls# info
----------------------------------------------
description "Default tls description for service id 201"
sap lag-3:201 create
description "Default sap description for service id 201"
exit
spoke-sdp 1202:201 create
exit
spoke-sdp 1402:201 create
exit
no shutdown
----------------------------------------------
*A:ALA-A>config>service>vpls# exit all
The following is a sample configuration output on ALA-B (7210), the top left node. It is configured such that it becomes the root bridge for MVPLS 100 and MVPLS 200.
# MVPLS 100 configs
*A:ALA-B# configure service vpls 100
*A:ALA-B>config>service>vpls# info
----------------------------------------------
description "Default tls description for service id 100"
stp
priority 0
no shutdown
exit
spoke-sdp 1201:100 create
exit
spoke-sdp 2301:100 create
exit
no shutdown
----------------------------------------------
*A:ALA-B>config>service>vpls#
# UVPLS 101 configs
*A:ALA-B>config>service# vpls 101
*A:ALA-B>config>service>vpls# info
----------------------------------------------
description "Default tls description for service id 101"
spoke-sdp 1201:101 create
exit
spoke-sdp 2301:101 create
exit
no shutdown
----------------------------------------------
*A:ALA-B>config>service>vpls#
# MVPLS 200 configs
*A:ALA-B# configure service vpls 200
*A:ALA-B>config>service>vpls# info
----------------------------------------------
description "Default tls description for service id 200"
stp
priority 0
no shutdown
exit
spoke-sdp 1202:200 create
exit
spoke-sdp 2302:200 create
exit
no shutdown
----------------------------------------------
*A:ALA-B>config>service>vpls#
# UVPLS 201 configs
*A:ALA-B>config>service# vpls 201
*A:ALA-B>config>service>vpls# info
----------------------------------------------
description "Default tls description for service id 201"
spoke-sdp 1202:201 create
exit
spoke-sdp 2302:201 create
exit
no shutdown
----------------------------------------------
*A:ALA-B>config>service>vpls#
The following is a sample configuration output on ALA-C (7210), the top right node.
# MVPLS 100 configs
*A:ALA-C# configure service vpls 100
*A:ALA-C>config>service>vpls# info
----------------------------------------------
description "Default tls description for service id 100"
stp
priority 4096
no shutdown
exit
spoke-sdp 1401:100 create
exit
spoke-sdp 2301:100 create
exit
no shutdown
----------------------------------------------
*A:ALA-C>config>service>vpls#
# UVPLS 101 configs
*A:ALA-C>config>service# vpls 101
*A:ALA-C>config>service>vpls# info
----------------------------------------------
description "Default tls description for service id 101"
spoke-sdp 1401:101 create
exit
spoke-sdp 2301:101 create
exit
no shutdown
----------------------------------------------
*A:ALA-C>config>service>vpls#
# MVPLS 200 configs
*A:ALA-C# configure service vpls 200
*A:ALA-C>config>service>vpls# info
----------------------------------------------
description "Default tls description for service id 200"
stp
priority 4096
no shutdown
exit
spoke-sdp 1402:200 create
exit
spoke-sdp 2302:200 create
exit
no shutdown
----------------------------------------------
*A:ALA-C>config>service>vpls#
# UVPLS 201 configs
*A:ALA-C>config>service# vpls 201
*A:ALA-C>config>service>vpls# info
----------------------------------------------
description "Default tls description for service id 201"
spoke-sdp 1402:201 create
exit
spoke-sdp 2302:201 create
exit
no shutdown
----------------------------------------------
*A:ALA-C>config>service>vpls#
Configuring selective MAC Flush, when using MPLS uplinks (7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Use the following syntax to enable selective MAC Flush in a VPLS.
— config>service# vpls service-id
— send-flush-on-failure
Use the following syntax to disable selective MAC Flush in a VPLS.
— config>service# vpls service-id
— no send-flush-on-failure
Configuring AS pseudowire in VPLS when using MPLS uplinks (7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
In the following figure, pseudowire is configured on MTU. The following is a sample configuration output on the MTU.
*A:MTU>config>service>vpls>endpoint# back
*A:MTU>config>service>vpls# info
----------------------------------------------
send-flush-on-failure
stp
shutdown
exit
endpoint "vpls1" create
description "vpls1_endpoint"
revert-time 60
ignore-standby-signaling
no suppress-standby-signaling
block-on-mesh-failure
exit
sap 1/1/3 create
exit
spoke-sdp 301:1 endpoint "vpls1" create
stp
shutdown
exit
block-on-mesh-failure
exit
spoke-sdp 302:1 endpoint "vpls1" create
stp
shutdown
exit
block-on-mesh-failure
exit
no shutdown
----------------------------------------------
*A:MTU>config>service>vpls#
Service management tasks
This section describes the service management tasks.
Modifying VPLS service parameters
You can change existing service parameters. The changes are applied immediately. To display a list of services, use the show service service-using vplscommand. Enter the parameter such as description SAP and then enter the new information.
The following is a sample modified VPLS configuration output.
*A:ALA-1>config>service>vpls# info
----------------------------------------------
description "This is a different description."
disable-learning
disable-aging
discard-unknown
local-age 500
stp
shutdown
exit
sap 1/1/5:22 create
description "VPLS SAP"
exit
exit
no shutdown
----------------------------------------------
*A:ALA-1>config>service>vpls#
Modifying management VPLS parameters
To modify the range of VLANs on an access port managed by an existing management VPLS, first the new range should be entered and afterwards the old range removed. If the old range is removed before a new range is defined, all customer VPLS services in the old range will become unprotected and may be disabled.
— config>service# vpls service-id
— sap sap-id
— managed-vlan-list
— [no] range vlan-range
Deleting a management VPLS
As with normal VPLS service, a management VPLS cannot be deleted until SAPs are unbound (deleted), interfaces are shutdown, and the service is shutdown on the service level.
Use the following syntax to delete a management VPLS service.
— config>service
— [no] vpls service-id
— shutdown
— [no] sap sap-id
— shutdown
Disabling a management VPLS
You can shut down a management VPLS without deleting the service parameters.
When a management VPLS is disabled, all associated user VPLS services are also disabled (to prevent loops). If this is not desired, first unmanage the user VPLS service by removing them from the managed-vlan-list.
— config>service
— vpls service-id
— shutdown
- Example:
— config>service# vpls 1
— config>service>vpls# shutdown
— config>service>vpls# exit
Deleting a VPLS service
A VPLS service cannot be deleted until SAPs are unbound (deleted), interfaces are shutdown, and the service is shutdown on the service level.
Use the following syntax to delete a VPLS service.
— config>service
— [no] vpls
service-id
— shutdown
—
—
— sap sap-id
— no sap sap-id
— shutdown
Disabling a VPLS service
Use the following syntax to shut down a VPLS service without deleting the service parameters.
— config>service> vpls
service-id
— [no] shutdown
- Example:
— config>service# vpls 1
— config>service>vpls# shutdown
— config>service>vpls# exit
Re-enabling a VPLS service
Use the following syntax to re-enable a VPLS service that was shutdown.
— config>service> vpls service-id [no] shutdown
- Example:
— config>service# vpls 1
— config>service>vpls# no shutdown
— config>service>vpls# exit
VPLS services command reference
Command hierarchies
Global commands for 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
VPLS SAP QoS and filter commands for 7210 SAS-D and 7210 SAS-Dxp
VPLS SAP QoS and filter commands for 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, and 7210 SAS-K 3SFP+ 8C
VPLS mesh SDP commands for 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
VPLS spoke-SDP commands for 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
VPLS service configuration commands
Global commands for 7210 SAS-D and 7210 SAS-K 2F1C2T
config
- service
- vpls service-id [customer customer-id] [create] [m-vpls] [svc-sap-type {null-star | dot1q-preserve | dot1q-range | any}] [customer-vid vlan-id] (7210 SAS-D)
- vpls service-id [customer customer-id] [create] [vpn vpn-id] [m-vpls] [customer-vid vlan-id] [svc-sap-type {null-star | dot1q-preserve | any}] [b-vpls | i-vpls | r-vpls] (7210 SAS-Dxp)
- vpls service-id [customer customer-id] [create] [m-vpls] [svc-sap-type {any | dot1q-range}] [r-vpls] (7210 SAS-K 2F1C2T)
- no vpls service-id
- description description-string
- no description
- [no] disable-aging
- [no] disable-learning
- [no] discard-unknown
- [no] fdb-table-high-wmark high-water-mark
- [no] fdb-table-low-wmark low-water-mark
- fdb-table-size table-size
- no fdb-table-size [table-size]
- local-age aging-timer
- no local-age
- [no] mac-move
- move-frequency frequency
- no move-frequency
- retry-timeout timeout
- no retry-timeout
- [no] shutdown
- remote-age aging-timer
- no remote-age
- service-mtu octets
- no service-mtu
Global commands for 7210 SAS-Dxp
config
- service
- vpls service-id [customer customer-id] [create] [vpn vpn-id] [m-vpls] [customer-vid vlan-id] [svc-sap-type {null-star | dot1q-preserve | any}] [b-vpls | i-vpls | r-vpls]
- no vpls service-id
- allow-ip-int-bind
- no allow-ip-int-bind
- description description-string
- no description
- [no] disable-aging
- [no] disable-learning
- [no] discard-unknown
- fdb-table-high-wmark high-water-mark
- no fdb-table-high-wmark [high-water-mark]
- fdb-table-low-wmark low-water-mark
- no fdb-table-low-wmark [low-water-mark]
- fdb-table-size table-size
- no fdb-table-size [table-size]
- igmp-snooping
- local-age aging-timer
- no local-age
- [no] mac-move
- move-frequency frequency
- no move-frequency
- retry-timeout timeout
- no retry-timeout
- [no] shutdown
- mfib-table-high-wmark high-water-mark
- no mfib-table-high-wmark
- mfib-table-low-wmark low-water-mark
- no mfib-table-low-wmark
- mfib-table-size table-size
- no mfib-table-size
- remote-age aging-timer
- no remote-age
- sap sap-id [create] [capture-sap] [eth-ring ring-index] [g8032-shg-enable]
- no sap sap-id
- service-name service-name
- no service-name
- [no] shutdown
- stp
Global commands for 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
config
- service
- vpls service-id [customer customer-id] [create] [m-vpls] [svc-sap-type {any | dot1q-range}] [r-vpls]
- no vpls service-id
- bgp
- pw-template-binding policy-id [split-horizon-group group-name] [import-rt {ext-community...(up to 5 max)}]
- no pw-template-binding policy-id
- route-target {ext-community | {[export ext-community] [import ext-community]}}
- no route-target
- vsi-export policy-name [policy-name...(up to 5 max)]
- no vsi-export
- vsi-import policy-name [policy-name...(up to 5 max)]
- no vsi-import
- [no] bgp-ad
- [no] shutdown
- vpls-id vpls-id
- vsi-id
- prefix low-order-vsi-id
- no prefix
- description description-string
- no description
- [no] disable-aging
- [no] disable-learning
- [no] discard-unknown
- endpoint endpoint-name [create]
- no endpoint
- block-on-mesh-failure
- [no] block-on-mesh-failure
- description description-string
- no description
- [no] ignore-standby-signaling
- [no] mac-pinning
- max-nbr-mac-addr table-size
- no max-nbr-mac-addr
- revert-time revert-time | infinite
- no revert-time
- [no] fdb-table-high-wmark high-water-mark
- [no] fdb-table-low-wmark low-water-mark
- fdb-table-size table-size
- no fdb-table-size [table-size]
- local-age aging-timer
- no local-age
- [no] mac-move
- move-frequency frequency
- no move-frequency
- retry-timeout timeout
- no retry-timeout
- [no] shutdown
- [no] propagate-mac-flush
- remote-age aging-timer
- no remote-age
- [no] send-flush-on-failure
- service-mtu octets
- no service-mtu
- no service-name
- [no] shutdown
- split-horizon-group group-name [create]
- description description-string
- no description
VPLS service xSTP commands
config
- service
- vpls service-id [customer customer-id] [create] [vpn vpn-id] [m-vpls] [svc-sap-type {null-star | dot1q | dot1q-preserve}] [customer-vid vlan-id]
- vpls service-id [customer customer-id] [create] [m-vpls] [svc-sap-type {null-star | dot1q-preserve | dot1q-range | any}] [customer-vid vlan-id]
- vpls service-id [customer customer-id] [create] [m-vpls] [svc-sap-type {any | dot1q-range}] [r-vpls]
- no vpls service-id
- stp
- forward-delay forward-delay
- no forward-delay
- hello-time hello-time
- no hello-time
- hold-count BDPU tx hold count
- no hold-count
- max-age max-age
- no max-age
- mode {rstp | comp-dot1w | dot1w | mstp}
- no mode
- [no] mst-instance mst-inst-number
- mst-port-priority bridge-priority
- no mst-port-priority
- [no] vlan-range vlan-range
- mst-max-hops hops-count
- no mst-max-hops
- mst-name region-name
- no mst-name
- mst-revision revision-number
- no mst-revision
- priority bridge-priority
- no priority
- [no] shutdown
VPLS service SAP xSTP commands
config
- service
- vpls service-id [customer customer-id] [create] [vpn vpn-id] [m-vpls] [svc-sap-type {null-star | dot1q | dot1q-preserve}] [customer-vid vlan-id]
- vpls service-id [customer customer-id] [create] [m-vpls] [svc-sap-type {null-star | dot1q-preserve | dot1q-range | any}] [customer-vid vlan-id]
- vpls service-id [customer customer-id] [create] [svc-sap-type {any | dot1q-range}] [r-vpls]
- no vpls service-id
- sap sap-id [split-horizon-group group-name] [eth-ring ring-index]
- no sap sap-id
- stp
- [no] auto-edge
- [no] edge-port
- link-type {pt-pt | shared}
- no link-type [pt-pt | shared]
- mst-instance mst-inst-number
- mst-path-cost inst-path-cost
- no mst-path-cost
- mst-port-priority stp-priority
- no mst-port-priority
- path-cost sap-path-cost
- no path-cost
- [no] port-num virtual-port-number
- priority stp-priority
- no priority
- no root-guard
- root-guard
- [no] shutdown
- managed-vlan-list
- [no] default-sap
- [no] range vlan-range
VPLS service SAP DHCP snooping commands
config
- service
- vpls service-id [customer customer-id] [create] [vpn vpn-id] [m-vpls] [svc-sap-type {null-star | dot1q | dot1q-preserve}] [customer-vid vlan-id]
- vpls service-id [customer customer-id] [create] [m-vpls] [svc-sap-type {null-star | dot1q-preserve | dot1q-range | any}] [customer-vid vlan-id]
- vpls service-id [customer customer-id] [create] [m-vpls] [svc-sap-type {any | dot1q-range}] [r-vpls]
- no vpls service-id
- sap sap-id [split-horizon-group group-name] [eth-ring ring-index]
- no sap sap-id
- dhcp
- description description-string
- no description
- [no] option
- action [dhcp-action]
- no action
- [no] circuit-id [ascii-tuple | vlan-ascii-tuple]
- [no] remote-id [mac | string string]
- [no] vendor-specific-option
- [no] client-mac-address
- [no] sap-id
- [no] service-id
- string text
- no string
- [no] system-id
- [no] shutdown
- [no] snoop
SAP commands
config
- service
- vpls service-id [customer customer-id] [create] [vpn vpn-id] [m-vpls] [svc-sap-type {null-star | dot1q | dot1q-preserve}] [customer-vid vlan-id]
- vpls service-id [customer customer-id] [create] [m-vpls] [svc-sap-type {null-star | dot1q-preserve | dot1q-range | any}] [customer-vid vlan-id]
- vpls service-id [customer customer-id] [create] [m-vpls] [svc-sap-type {any | dot1q-range}] [r-vpls]
- no vpls service-id
- sap sap-id [split-horizon-group group-name] [eth-ring ring-index]
- no sap sap-id
- accounting-policy acct-policy-id
- no accounting-policy
- bpdu-translation {auto | pvst | stp}
- no bpdu-translation
- [no] collect-stats
- description description-string
- no description
- [no] disable-aging
- [no] disable-learning
- [no] discard-unknown-source
- eth-cfm
- mep mep-id domain md-index association ma-index [direction {up | down}]
- no mep mep-id domain md-index association ma-index
- [no] ais-enable
- client-meg-level [level [level...]]
- no client-meg-level
- [no] description
- interval {1| 60}
- no interval
- priority priority-value
- no priority
- no send-ais-on-port-down
- send-ais-on-port-down
- [no] ccm-enable
- ccm-ltm-priority priority
- no ccm-ltm-priority
- description description-string
- no description
- [no] eth-test-enable
- bit-error-threshold bit-errors
- test-pattern {all-zeros | all-ones} [crc-enable]
- no test-pattern
- mac-address {allDef | macRemErrXcon | remErrXcon | errXcon | xcon | noXcon}
- mac-address mac-address
- no mac-address
- one-way-delay-threshold seconds
- [no] shutdown
- l2pt-termination [cdp] [dtp] [pagp] [stp] [udld] [vtp]
- no l2pt-termination
- limit-mac-move [blockable | non-blockable]
- no limit-mac-move
- [no] mac-pinning
- mac-swap-enable
- no mac-swap-enable
- max-nbr-mac-addr table-size
- no max-nbr-mac-addr
- tod-suite tod-suite-name
- no tod-suite
VPLS SAP QoS and filter commands for 7210 SAS-D and 7210 SAS-Dxp
config
- service
- vpls
- no vpls
- sap sap-id [create] [eth-ring ring-index]
- no sap sap-id
- egress
- aggregate-meter-rate rate-in-kbps [burst burst-in-kbits] [enable-stats]
- no aggregate-meter-rate
- filter ip ip-filter-id
- filter ipv6 ipv6 -filter-id
- filter mac mac-filter-id
- no filter [ip ip-filter-id] [ipv6 ipv6 -filter-id] [mac mac-filter-id]
- ingress
- aggregate-meter-rate rate-in-kbps [burst burst-in-kbits]
- no aggregate-meter-rate
- filter ip ip-filter-id
- filter [ipv6 ipv6-filter-id]
- filter mac mac-filter-id
- no filter [ip ip-filter-id] [ ipv6 ipv6-filter-id] [mac mac-filter-id]
- qos policy-id
- no qos
VPLS SAP QoS and filter commands for 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, and 7210 SAS-K 3SFP+ 8C
config
- service
- vpls
- no vpls
- sap sap-id [create] [split-horizon-group group-name]
- no sap sap-id
- egress
- agg-shaper-rate agg-rate
- no agg-shaper-rate
- dot1p-inner dot1p-inner
- no dot1p-inner
- no dot1p-outer
- dot1p-outer dot1p-outer
- filter [ip ip-filter-id]
- filter [ipv6 ipv6 -filter-id]
- filter [mac mac-filter-id]
- no filter [ip ip-filter-id] [ipv6 ipv6 -filter-id] [mac mac-filter-id]
- qos policy-id
- no qos
- ingress
- agg-shaper-rate agg-rate
- no agg-shaper-rate
- aggregate-meter-rate rate-in-kbps [burst burst-in-kbits]
- no aggregate-meter-rate
- filter [ip ip-filter-id]
- filter [ ipv6 ipv6-filter-id]
- filter [mac mac-filter-id]
- no filter [ip ip-filter-id] [ ipv6 ipv6-filter-id] [mac mac-filter-id]
- qos policy-id
- no qos
VPLS service SAP IGMP snooping and MVR commands
config
- service
- [no] vpls
- igmp-snooping
- mvr
- description description-string
- no description
- group-policy policy-name
- no group-policy
- no shutdown
- shutdown
- query-interval seconds
- no query-interval
- no query-src-ip
- query-src-ip ip-address
- no report-src-ip
- report-src-ip ip-address
- robust-count count
- no robust-count
- no shutdown
- shutdown
- sap sap-id [split-horizon-group group-name] [eth-ring ring-index]
- no sap sap-id
- igmp-snooping
- disable-router-alert-check
- no disable-router-alert-check
- [no] fast-leave
- import policy-name
- no import
- last-member-query-interval interval
- no last-member-query-interval
- max-num-groups max-num-groups
- no max-num-groups
- max-num-sources max-num-sources
- no max-num-sources
- [no] mrouter-port
- mvr
- from-vpls service-id
- no from-vpls
- to-sap sap-id
- no to-sap
- query-interval seconds
- no query-interval
- query-response-interval seconds
- no query-response-interval
- robust-count count
- no robust-count
- [no] send-queries
- static
- [no] group group-address
- [no] source (ip-address applicable only in access-uplink mode)
- [no] starg
- version version
- no version
- mfib-table-high-wmark high-water-mark
- no mfib-table-high-wmark
- mfib-table-low-wmark low-water-mark
- no mfib-table-low-wmark
- mfib-table-size table-size
- no mfib-table-size
VPLS SAP meter override commands
config
- service
- vpls
- no vpls
- sap sap-id [split-horizon-group group-name] [eth-ring ring-index ]
- no sap sap-id
- ingress
- meter-override
- meter meter-id [create]
- no meter meter-id
- adaptation-rule [pir adaptation-rule] [cir adaptation-rule]
- cbs size [kbits | bytes | kbytes]
- no cbs
- mbs size [kbits | bytes | kbytes]
- no mbs
- mode
- no mode
- rate cir cir-rate [pir pir-rate]
VPLS SAP statistics commands for 7210 SAS-D
config
- service
- vpls
- no vpls
- sap sap-id [split-horizon-group group-name] [eth-ring ring-index] [create]
- no sap sap-id
- statistics
- egress
- [no] forwarded-count
- ingress
- counter-mode {in-out-profile-count | forward-drop-count}
- [no] received-count
VPLS mesh SDP commands for 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
config
- service
- [no] vpls
- mesh-sdp sdp-id[:vc-id] [vc-type {ether | vlan}]
- no mesh-sdp sdp-id[:vc-id]
- accounting-policy acct-policy-id
- no accounting-policy
- [no] collect-stats
- [no] control-word
- description description-string
- no description
- egress
- no vc-label [egress-vc-label]
- eth-cfm
- mep mep-id domain md-index association ma-index [direction {up} {down}]
- no mep mep-id domain md-index association ma-index
- [no] ais-enable
- client-meg-level [[level [level...]]
- no client-meg-level
- interval {1 | 60}
- no interval
- priority priority-value
- no priority
- [no] ccm-enable
- ccm-ltm-priority priority
- no ccm-ltm-priority
- [no] description description-string
- [no] eth-test-enable
- bit-error-threshold bit-errors
- test-pattern {all-zeros | all-ones} [crc-enable]
- no test-pattern
- mac-address {allDef | macRemErrXcon | remErrXcon | errXcon | xcon | noXcon}
- mac-address mac-address
- no mac-address
- one-way-delay-threshold seconds
- [no] shutdown
- [no] force-vlan-vc-forwarding
- hash-label [signal-capability]
- no hash-label
- igmp-snooping
- [no] disable-router-alert-check
- import policy-name
- no import
- last-member-query-interval interval
- no last-member-query-interval
- max-num-groups max-num-groups
- no max-num-groups
- [no] mrouter-port
- query-interval interval
- no query-interval
- query-response-interval interval
- no query-response-interval
- robust-count count
- no robust-count
- [no] send-queries
- static
- [no] group grp-ip-address
- [no] starg
- version version
- no version
- ingress
- vc-label egress-vc-label
- [no] mac-pinning
- [no] static-mac ieee-address
- [no] shutdown
- vlan-vc-tag 0..4094
- no vlan-vc-tag [0..4094]
- dhcp
- description description-string
- no description
- no snoop
- snoop
VPLS spoke-SDP commands for 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
config
- service
- vpls
- no vpls
- spoke-sdp sdp-id[:vc-id] [vc-type {ether | vlan}] [create] [split-horizon-group group-name] endpoint endpoint-name
- no spoke-sdp sdp-id[:vc-id]
- accounting-policy acct-policy-id
- no accounting-policy
- [no] block-on-mesh-failure
- bpdu-translation {auto | pvst | stp}
- no bpdu-translation
- [no] collect-stats
- [no] control-word
- description description-string
- no description
- [no] disable-aging
- [no] disable-learning
- [no] discard-unknown-source
- dhcp
- description description-string
- no description
- no snoop
- snoop
- eth-cfm
- mep mep-id domain md-index association ma-index [direction {up}{down}]
- no mep mep-id domain md-index association ma-index
- [no] ais-enable
- client-meg-level [[level [level...]]
- no client-meg-level
- interval {1 | 60}
- no interval
- priority priority-value
- no priority
- [no] ccm-enable
- ccm-ltm-priority priority
- no ccm-ltm-priority
- [no] description description string
- no] eth-test-enable
- bit-error-threshold bit-errors
- test-pattern {all-zeros | all-ones} [crc-enable]
- no test-patternmac-address {allDef | macRemErrXcon | remErrXcon | errXcon | xcon | noXcon}
- mac-address mac-address
- no mac-addressone-way-delay-threshold seconds
- [no] shutdown
- mip [mac mac address]
- mip default-mac
- no mip
- egress
- vc-label egress-vc-label
- no vc-label [egress-vc-label]
- [no] force-vlan-vc-forwarding
- hash-label [signal-capability]
- no hash-label
- igmp-snooping
- [no] disable-router-alert-check
- import policy-name
- no import
- last-member-query-interval interval
- no last-member-query-interval
- max-num-groups max-num-groups
- no max-num-groups
- [no] mrouter-port
- query-interval interval
- no query-interval
- query-response-interval interval
- no query-response-interval
- robust-count count
- no robust-count
- [no] send-queries
- static
- [no] group group-address
- [no] starg
- version version
- no version
- [no] ignore-standby-signaling
- ingress
- vc-label egress-vc-label
- no vc-label [egress-vc-label]
- [no] l2pt-termination [cdp] [dtp] [pagp] [stp] [udld] [vtp]
- limit-mac-move [blockable | non-blockable]
- no limit-mac-move
- [no] mac-pinning
- max-nbr-mac-addr table-size
- no max-nbr-mac-addr
- precedence precedence-value | primary
- no precedence
- [no] shutdown
- [no] static-mac ieee-address
- statistics
- ingress
- [no] drop-count-extra-vlan-tag-pkts
- stp
- [no] auto-edge
- [no] edge-port
- link-type {pt-pt | shared}
- no link-type [pt-pt | shared]
- path-cost sap-path-cost
- no path-cost
- [no] port-num virtual-port-number
- priority stp-priority
- no priority
- no root-guard
- root-guard
- [no] shutdown
- vlan-vc-tag vlan-id
- no vlan-vc-tag [vlan-id]
Routed VPLS commands for 7210 SAS-D, 7210 SAS-Dxp, 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
config
- service
- vpls service-id [customer customer-id] [vpn vpn-id] [r-vpls] [create]
- [no] allow-ip-int-bind
Show commands
show
- service
- fdb-info
- fdb-mac ieee-address [expiry]
- id service-id
- all
- arp [ip-address] | [mac ieee-address] | [sap sap-id] | [interface ip-int-name] | [summary]
- base
- bgp-ad
- dhcp
- statistics [sap sap-id] [interface interface-name]
- summary [interface interface-name | saps]
- fdb [sap sap-id]| [mac ieee-address | endpoint endpoint | detail] [expiry]
- igmp-snooping
- all
- base
- mrouters [detail]
- mvr
- port-db sap sap-id [detail]
- port-db sap sap-id group grp-address
- proxy-db [detail]
- proxy-db [group grp-ip-address]
- querier
- static [sap sap-id]
- statistics[sap sap-id | sdp sdp-ic:vc-id]
- l2pt disabled
- l2pt [detail]
- mac-move
- mfib [brief]
- mfib [group grp-address | mstp-configuration
- sap [sap-id [detail | stp]]
- stp [detail]
- sap-using [sap sap-id]
- sap-using [ingress | egress] filter filter-id
- sap-using [ingress] qos-policy qos-policy-id
- service-using [vpls]
Clear commands
clear
- service
- id service-id
- fdb {all | mac ieee-address | sap sap-id |}
- igmp-snooping
- port-db sap sap-id [group grp-address]
- querier
- statistics [all | sap sap-id | sdp sdp-id:vc-id]
- stp
- detected-protocols [all | sap sap-id]
- statistics
- id service-id
- counters
- stp
- sap sap-id {all | counters | stp}
Debug commands
debug
- service
- id service-id
- [no] event-type {config-change | svc-oper-status-change | sap-oper-status-change | sdpbind-oper-status-change}
- [no] sap sap-id
Command descriptions
VPLS service configuration commands
References in this section to spoke-SDPs, mesh SDPs, or VPRN only apply to the 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C.
Generic commands
shutdown
Syntax
[no] shutdown
Context
config>service>vpls
config>service>vpls>igmp-snooping
config>service>vpls>sap
config>service>vpls>sap>stp
config>service>vpls>mesh-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.
The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.
Services are created in the administratively down (shutdown) state. When a no shutdown command is entered, the service becomes administratively up and then tries to enter the operationally up state. Default administrative states for services and service entities is described as follows in Special Cases.
The no form of this command places the entity into an administratively enabled state.
description
Syntax
description description-string
no description
Context
config>service>vpls
config>service>vpls>split-horizon-group
config>service>vpls>igmp-snooping>mvr
config>service>vpls>sap
config>service>vpls>mesh-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>pw-template>split-horizon-group (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command creates a text description stored in the configuration file for a configuration context.
The description command associates a text string with a configuration context to help identify the content in the configuration file.
The no form of this command removes the string from the configuration.
Parameters
- description-string
Specifies the description character string. Allowed values are any string up to 80 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes.
DHCP commands
dhcp
Syntax
dhcp
Context
config>service>vpls>sap
config>service>vpls>mesh-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context configure DHCP parameters.
option
Syntax
[no] option
Context
config>service>vpls>sap>dhcp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables DHCP Option 82 (Relay Agent Information Option) parameter processing and enters the context for configuring Option 82 suboptions.
The no form of this command reverts to the default value.
Default
no option
action
Syntax
action [dhcp-action] {replace | drop | keep}
no action
Context
config>service>vpls>sap>dhcp>option
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the Relay Agent Information Option (Option 82) processing.
By default, existing information is kept intact.
The no form of this command reverts to the default value.
Parameters
- dhcp-action
Specifies the DHCP option action.
- replace
Specifies that, in the upstream direction (from the user), the Option 82 field from the router is inserted in the packet (overwriting any existing Option 82 field). In the downstream direction (toward the user) the Option 82 field is stripped (in accordance with RFC 3046).
- drop
Specifies that the DHCP packet is dropped if an Option 82 field is present and a counter is incremented.
- keep
Specifies that the existing information is kept in the packet and the router does not add any additional information. In the downstream direction, the Option 82 field is not stripped and is sent on toward the client.
The behavior is slightly different in case of Vendor Specific Options (VSOs). When the keep parameter is specified, the router inserts its own VSO into the Option 82 field. This is done only when the incoming message already has an Option 82 field.
If no Option 82 field is present, the router does not create the Option 82 field. In this case, no VSO is added to the message.
circuit-id
Syntax
circuit-id [ascii-tuple | ifindex | sap-id | vlan-ascii-tuple]
no circuit-id
Context
config>service>vpls>sap>dhcp>option
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
When enabled, the router sends an ASCII-encoded tuple in the circuit-id suboption of the DHCP packet. This ASCII-tuple consists of the access-node-identifier, service-id, and SAP-ID, separated by ‟|”.
To send a tuple in the circuit ID, the action replace command must be configured in the same context.
If disabled, the circuit-id suboption of the DHCP packet is left empty.
The no form of this command reverts to the default value.
Default
circuit-id
Parameters
- ascii-tuple
Specifies that the ASCII-encoded concatenated tuple will be used, which consists of the access-node-identifier, service-id, and interface-name, separated by ‟|”.
- ifindex
Specifies that the interface index will be used. (The If Index of a router interface can be displayed using the show router interface detail command.) This parameter is not supported on 7210 SAS-Dxp.
- sap-id
Specifies that the SAP identifier will be used. This parameter is not supported on 7210 SAS-Dxp.
- vlan-ascii-tuple
Specifies that the format will include VLAN ID and dot1p bits in addition to what is already included in ascii-tuple. The format is supported on dot1q-encapsulated ports only. Therefore, when the option 82 bits are stripped, dot1p bits will be copied to the Ethernet header of an outgoing packet.
remote-id
Syntax
[no] remote-id [mac | string string]
Context
config>service>vpls>sap>dhcp>option
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies that information that goes into the remote ID suboption in the DHCP relay packet.
If disabled, the remote-id suboption of the DHCP packet is left empty.
The no form of this command reverts to the default value.
Default
no remote-id
Parameters
- mac
Keyword to specify that the MAC address of the remote end is encoded in the suboption.
- string string
Specifies the remote ID.
vendor-specific-option
Syntax
[no] vendor-specific-option
Context
config>service>vpls>sap>dhcp>option
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the vendor-specific suboption of the DHCP relay packet.
client-mac-address
Syntax
[no] client-mac-address
Context
config>service>vpls>sap>dhcp>option>vendor
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables the sending of the MAC address in the vendor-specific suboption of the DHCP relay packet.
The no form of this command disables the sending of the MAC address in the vendor-specific suboption of the DHCP relay packet.
sap-id
Syntax
[no] sap-id
Context
config>service>vpls>sap>dhcp>option>vendor
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables the sending of the SAP ID in the vendor-specific suboption of the DHCP relay packet.
The no form of this command disables the sending of the SAP ID in the vendor-specific suboption of the DHCP relay packet.
service-id
Syntax
[no] service-id
Context
config>service>vpls>sap>dhcp>option>vendor
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables the sending of the service ID in the vendor-specific suboption of the DHCP relay packet.
The no form of this command disables the sending of the service ID in the vendor-specific suboption of the DHCP relay packet.
string
Syntax
[no] string text
Context
config>service>vpls>sap>dhcp>option>vendor
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the string in the vendor-specific suboption of the DHCP relay packet.
The no form of this command reverts to the default value.
Parameters
- text
Specifies a string that can be any combination of ASCII characters, up to 32 characters. If spaces are used in the string, enclose the entire string in quotation marks (‟ ”).
system-id
Syntax
[no] system-id
Context
config>service>vpls>sap>dhcp>option>vendor
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies whether the system ID is encoded in the vendor-specific suboption of Option 82.
snoop
Syntax
[no] snoop
Context
config>service>vpls>sap>dhcp
config>service>vpls>mesh-sdp>dhcp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>spoke-sdp>dhcp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables DHCP snooping for DHCP messages on the SAP. Enabling DHCP snooping on VPLS interfaces (SAPs) is required for DHCP messages where Option 82 information is to be inserted. This includes interfaces in the path to receive messages from either DHCP servers or from subscribers.
The no form of this command disables DHCP snooping on the specified VPLS SAP.
Default
no snoop
VPLS service commands
vpls
Syntax
vpls service-id [customer customer-id] [create] [m-vpls] [svc-sap-type {null-star | dot1q-preserve | dot1q-range | any}] [customer-vid vlan-id]
vpls service-id [customer customer-id] [create] [m-vpls] [customer-vid vlan-id] [svc-sap-type {null-star | dot1q-preserve}]
vpls service-id [customer customer-id] [create] [m-vpls] [svc-sap-type {any | dot1q-range}] [r-vpls]
vpls service-id [customer customer-id] [create] [vpn vpn-id] [m-vpls] [customer-vid vlan-id] [svc-sap-type {null-star | dot1q-preserve | any}] [b-vpls | i-vpls | r-vpls]
no vpls service-id
Context
config>service
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command creates or edits a Virtual Private LAN Services (VPLS) instance. The vpls command is used to create or maintain a VPLS service. If the service-id does not exist, a context for the service is created. If the service-id exists, the context for editing the service is entered.
A VPLS service connects multiple customer sites together acting like a zero-hop, Layer 2 switched domain. A VPLS is always a logical full mesh.
When a service is created, the create keyword must be specified if the create command is enabled in the environment context. When a service is created, the customer keyword and customer-id must be specified and must associate the service with a customer. The customer-id must already exist having been created using the customer command in the service context. When a service has been created with a customer association, it is not possible to edit the customer association. The service must be deleted and recreated with a new customer association.
When a service is created, the use of the customer customer-id is optional for navigating into the service configuration context. Attempting to edit a service with the incorrect customer-id specified results in an error.
More than one VPLS service may be created for a single customer ID.
By default, no VPLS instances exist until they are explicitly created.
7210 SAS-D, 7210 SAS-Dxp, and 7210 SAS-K 2F1C2T support local service.
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C support both local and distributed service.
The no form of this command deletes the VPLS service instance with the specified service-id. The service cannot be deleted until all SAPs defined within the service ID have been shutdown and deleted, and the service has been shut down.
Parameters
- service-id
Specifies the unique service number identifying the service in the service domain. This ID must be unique to this service and may not be used for any other service of any type. The service-id must be the same number used for every 7210 SAS on which this service is defined.
- customer customer-id
Specifies the customer ID number to be associated with the service. This parameter is required on service creation and optional for service editing or deleting.
- m-vpls
Specifies a management VPLS.
- create
This keyword is mandatory while creating a VPLS service. Keyword used to create the service instance. The create keyword requirement can be enabled or disabled in the environment>create context.
- customer-vid vlan-id
Specifies the dot1q VLAN ID for creating the local dot1q SAP for svc-sap-type dot1q-preserve.
- svc-sap-type
Keyword to specify the type of access SAPs and access-uplink SAPs allowed in the service.
- r-vpls
Allows this VPLS instance to be associated with an IP interface to provide R-VPLS functionality. This parameter is supported only on the 7210 SAS-D, 7210 SAS-Dxp, 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, and 7210 SAS-K 3SFP+ 8C.
bgp
Syntax
bgp
Context
config>service>vpls
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
Commands in this context configure the BGP related parameters to BGP AD.
block-on-mesh-failure
Syntax
[no] block-on-mesh-failure
Context
config>service>vpls>spoke-sdp
config>service>vpls>endpoint
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command enables blocking after all configured SDPs or endpoints are in operationally down state.
Blocking brings the entity to an operationally down state. This event is signaled to corresponding T-LDP peer by withdrawing the service label (status-bit-signaling non-capable peer) or by setting ‟PW not forwarding” status bit in T-LDP message (status-bit-signaling capable peer).
Default
disabled
bpdu-translation
Syntax
bpdu-translation {auto | pvst | stp}
no bpdu-translation
Context
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C) config>service>vpls>sap
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables the translation of bridge protocol data units (BPDUs) to a specific format, meaning that all BPDUs transmitted on a specific SAP or spoke-SDP will have a specified format.
The no form of this command reverts to the default value.
Default
no bpdu-translation
Parameters
- auto
Keyword to specify that the appropriate format will be detected automatically, based on type of BPDUs received on such port.
- pvst
Keyword to specify the BPDU format as PVST. The correct VLAN tag is included in the payload (depending on encapsulation value of outgoing SAP).
- stp
Keyword to specify the BPDU format as STP.
l2pt-termination
Syntax
l2pt-termination [cdp] [dtp] [pagp] [stp] [udld] [vtp]
no l2pt-termination
Context
config>service>vpls>sap
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
7210 SAS-D, 7210 SAS-Dxp, 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, 7210 SAS-K 3SFP+ 8C
Description
This command enables Layer 2 Protocol Tunneling (L2PT) termination on a specific SAP. L2PT termination is supported for STP, CDP, DTP, PAGP, UDLD, and VTP PDUs.
This command can be enabled only if STP is disabled in the context of the specific VPLS service.
Default
no l2pt-termination
Parameters
- cdp
Keyword that specifies the Cisco discovery protocol.
- dtp
Keyword that specifies the dynamic trunking protocol.
- pagp
Keyword that specifies the port aggregation protocol.
- stp
Keyword that specifies all spanning tree protocols: stp, rstp, mstp, pvst (default).
- udld
Keyword that specifies unidirectional link detection.
- vtp
Keyword that specifies the VLAN trunking protocol.
disable-aging
Syntax
[no] disable-aging
Context
config>service>vpls
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>sap
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command disables MAC address aging across a VPLS service or on a VPLS service SAP.
Similar to a Layer 2 switch, learned MACs can be aged out if no packets are sourced from the MAC address for a period of time (the aging time). In a VPLS service instance, the local age timer is applicable to both the local learned and remote learned MAC entries in the VPLS forwarding database (FDB). The disable-aging command at the service level turns off aging for local and remote learned MAC addresses.
When no disable-aging is specified for a VPLS, it is possible to disable aging for specific SAPs by entering the disable-aging command at the appropriate level.
When the disable-aging command is entered at the VPLS level, the disable-aging state of individual SAPs is ignored.
The no form of this command enables aging on the VPLS service.
Default
no disable-aging
disable-learning
Syntax
[no] disable-learning
Context
config>service>vpls
config>service>vpls>sap
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command disables learning of new MAC addresses in the VPLS FDB for the service instance.
When disable-learning is enabled, new source MAC addresses are be entered in the VPLS service forwarding database.
When disable-learning is disabled, new source MAC addresses are learned and entered into the VPLS forwarding database.
This command is mainly used in conjunction with the discard-unknown command.
The no form of this command enables learning of MAC addresses.
Default
no disable-learning
discard-unknown
Syntax
[no] discard-unknown
Context
config>service>vpls
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables, at the VPLS level, packets with unknown destination MAC address to be dropped instead of flooded (even when configured FIB size limits for VPLS or SAP are not yet reached). By default, packets with unknown destination MAC addresses are flooded.
The no form of this command allows flooding of packets with unknown destination MAC addresses in the VPLS.
Default
no discard-unknown
endpoint
Syntax
endpoint endpoint-name [create]
no endpoint
Context
config>service>vpls
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command configures a service endpoint.
Parameters
- endpoint-name
Specifies an endpoint name, up to 32 characters.
- create
Keyword that is mandatory while creating a service endpoint.
description
Syntax
description description-string
no description
Context
config>service>vpls>endpoint
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command creates a text description stored in the configuration file for a configuration context.
This command associates a text string with a configuration context to help identify the content in the configuration file.
The no form of this command removes the string from the configuration.
Parameters
- description-string
Specifies the description character string. Allowed values are any string up to 80 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes.
ignore-standby-signaling
Syntax
[no] ignore-standby-signaling
Context
config>service>vpls>endpoint
config>service>vpls>spoke-sdp
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
When this command is enabled, the node ignores the standby-bit received from TLDP peers for the specific spoke-SDP and performs internal tasks without taking it into account.
This command is available at the endpoint level and the spoke-SDP level. If the spoke-SDP is part of the explicit endpoint, it is not possible to change this setting at the spoke-SDP level. The existing spoke-SDP will become part of the explicit endpoint only if the setting is not conflicting. The newly created spoke-SDP, which is part of the specific explicit endpoint, inherits this setting from the endpoint configuration.
Default
disabled
split-horizon-group
Syntax
split-horizon-group group-name [create]
Context
config>service>vpls
config>service>pw-template (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, 7210 SAS-K 3SFP+ 8C
Description
This command creates a split-horizon group (SHG) for the VPLS instance. Traffic arriving on a SAP or spoke-SDP within this SHG is not copied to other SAPs or spoke-SDPs in the same SHG.
An SHG must be created before SAPs and spoke-SDPs can be assigned to the group. The SHG is defined within the context of a single VPLS instance. The same group name can be reused in different VPLS instances.
Service-based SHGs are not supported in an R-VPLS service.
The no form of this command removes the group name from the configuration.
Parameters
- group-name
Specifies the name of the SHG to which the SAP or spoke-SDP belongs.
- create
Mandatory keyword to create an SHG.
fdb-table-high-wmark
Syntax
[no] fdb-table-high-wmark high-water-mark
Context
config>service>vpls
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the value to send logs and traps when the threshold is reached.
Parameters
- high-water-mark
Specifies the value to send logs and traps when the threshold is reached.
fdb-table-low-wmark
Syntax
[no] fdb-table-low-wmark low-water-mark
Context
config>service>vpls
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the value to send logs and traps when the threshold is reached.
Parameters
- low-water-mark
Specifies the value to send logs and traps when the threshold is reached.
fdb-table-size
Syntax
fdb-table-size table-size
no fdb-table-size [table-size]
Context
config>service>vpls
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the maximum number of MAC entries in the FDB for the VPLS instance on this node.
This command specifies the maximum number of forwarding database entries for both learned and static MAC addresses for the VPLS instance.
The no form of this command reverts the table size to the default value.
Default
250
Parameters
- table-size
Specifies the maximum number of MAC entries in the FDB.
bgp-ad
Syntax
[no] bgp-ad
Context
config>service>vpls
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command configures BGP auto-discovery.
vpls-id
Syntax
vpls-id vpls-id
Context
config>service>vpls>bgp-ad
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command configures the VPLS ID component that will be signaled in one of the extended community attributes (ext-comm). Values and format (6 bytes, other 2 bytes of type-subtype will be automatically generated).
Parameters
- vpls-id
Specifies a globally unique VPLS ID for BGP auto-discovery in this VPLS service.
vsi-export
Syntax
vsi-export policy-name [policy-name...(up to 5 max)]
no vsi-export
Context
config>service>vpls>bgp
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command specifies the name of the VSI export policies to be used for BGP auto-discovery, when this command is configured in the VPLS service. If multiple policy names are configured, the policies are evaluated in the order they are specified. The first policy that matches is applied.
The policy name list is handled by the SNMP agent as a single entity.
vsi-import
Syntax
vsi-import policy-name [policy-name...(up to 5 max)]
no vsi-import
Context
config>service>vpls>bgp
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command specifies the name of the VSI import policies used for BGP auto-discovery, when this command is configured in the VPLS service. If multiple policy names are configured, the policies are evaluated in the order they are specified. The first policy that matches is applied.The policy name list is handled by the SNMP agent as a single entity.
route-target
Syntax
route-target {ext-community|{[export ext-community][import ext-community]}}
no route-target
Context
config>service>vpls>bgp
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command configures the route target (RT) component that is signaled in the related MPBGP attribute to be used for BGP auto-discovery, when this command is configured in the VPLS service.
If this command is not used, the RT is built automatically using the VPLS ID. The ext-comm can have the same two formats as the VPLS ID, a two-octet AS-specific extended community, IPv4 specific extended community.
The following rules apply.
If the BGP AD VPLS ID is configured and no RT is configured under BGP node, RT = VPLS-ID.
If the BGP AD VPLS ID is not configured, an RT value must be configured under the BGP node. (This is the case when only BGP VPLS is configured.)
If the BGP AD VPLS ID is configured and an RT value is also configured under BGP node, the configured RT value prevails.
Parameters
- export ext-community
Specifies the communities allowed to be sent to remote PE neighbors.
- import ext-community
Specifies the communities allowed to be accepted from remote PE neighbors.
pw-template-binding
Syntax
pw-template-binding policy-id [split-horizon-group group-name] [import-rt {ext-community,...(up to 5 max)}]
no pw-template-bind policy-id
Context
config>service>vpls>bgp
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command binds the advertisements received with the RT that matches the configured list (either the generic or the specified import) to a specific pw-template. If the RT list is not present, the pw-template is used for all of them.
This command applies to BGP-AD, if this feature is configured in the VPLS service.
The tools perform commands can be used to control the application of changes in pw-template for BGP-AD.
The no form of this command removes the values from the configuration.
Parameters
- policy-id
Specifies an existing policy ID.
- split-horizon-group group-name
Specifies a group name that overrides the split horizon group template settings.
- import-rt ext-community
Specifies communities allowed to be accepted from remote PE neighbors. An extended BGP community is expressed in the type:x:y format. The value x can be an integer or IP address.
The type can be the target or origin, and x and y are 16-bit integers.
local-age
Syntax
local-age [aging-timer]
no local-age
Context
config>service>vpls
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the aging time for locally learned MAC addresses in the FDB for the VPLS instance.
In a VPLS service, MAC addresses are associated with a SAP. MACs associated with a SAP are classified as local MACs, and MACs associated with are remote MACs QinQ / access uplink SAPs.
Similar to a Layer 2 switch, learned MACs can be aged out if no packets are sourced from the MAC address for a period of time (the aging time). The local-age timer specifies the aging time for local learned MAC addresses.
The no form of this command reverts the local aging timer to the default value.
Default
local age 300
Parameters
- aging-timer
Specifies the aging time for local MACs, in seconds.
mac-move
Syntax
[no] mac-move
Context
config>service>vpls
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context configure MAC move attributes. A sustained high relearn rate can be a sign of a loop somewhere in the VPLS topology. Typically, STP detects loops in the topology, but for those networks that do not run STP, the mac-move command is an alternative way to protect your network against loops.
When enabled in a VPLS, mac-move monitors the relearn rate of each MAC. If the rate exceeds the configured maximum allowed limit, it disables the SAP where the source MAC was last seen. The SAP can be disabled permanently (until a shutdown/no shutdown command is executed) or for a length of time that grows linearly with the number of times the specific SAP was disabled. You have the option of marking a SAP as non-blockable using the config>service>vpls>sap> context. This means that when the relearn rate has exceeded the limit, another (blockable) SAP will be disabled instead.
The mac-move command enables the feature at the service level for SAPs, because only those objects can be blocked by this feature.
The operation of this feature is the same on the SAP; for example, if a MAC address moves from SAP to SAP, one will be blocked to prevent thrashing.
The mac-move command disables a VPLS port when the number of relearns detected has reached the number of relearns needed to reach the move-frequency in the 5-second interval; for example, when the move-frequency is configured to 1 (relearn per second) mac-move disables one of the VPLS ports when 5 relearns were detected during the 5-second interval because the average move-frequency of 1 relearn per second has been reached. This can already occur in the first second if the real relearn rate is 5 relearns per second or higher.
The no form of this command disables MAC move.
move-frequency
Syntax
move-frequency frequency
no move-frequency
Context
config>service>vpls>mac-move
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the maximum rate at which MACs can be relearned in the VPLS service, before the SAP where the moving MAC was last seen is automatically disabled to protect the system against undetected loops or duplicate MACs.
The no form of this command reverts to the default value.
Default
2 (when mac-move is enabled)
Parameters
- frequency
Specifies the rate, in 5-second intervals, for the maximum number of relearns.
retry-timeout
Syntax
retry-timeout timeout
no retry-timeout
Context
config>service>vpls>mac-move
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the time in seconds to wait before a SAP that has been disabled after exceeding the maximum relearn rate is reenabled.
It is recommended that the retry-timeout value be larger than or equal to 5s * cumulative factor of the highest priority port, so that the sequential order of port blocking is not disturbed by reinitializing lower priority ports.
A value of zero indicates that the SAP will not be automatically reenabled after being disabled. If, after the SAP is reenabled it is disabled again, the effective retry timeout is doubled to avoid thrashing.
The no form of this command reverts to the default value.
Default
10 (when mac-move is enabled)
Parameters
- timeout
Specifies the time, in seconds, to wait before a SAP that has been disabled after exceeding the maximum relearn rate is reenabled.
mfib-table-high-wmark
Syntax
[no] mfib-table-high-wmark high-water-mark
Context
config>service>vpls
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the multicast FIB (MFIB) high watermark. When the percentage filling level of the MFIB exceeds the configured value, a trap is generated and a log entry is added.
Parameters
- high-water-mark
Specifies the MFIB high watermark as a percentage.
mfib-table-low-wmark
Syntax
[no] mfib-table-low-wmark low-water-mark
Context
config>service>vpls
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the MFIB low watermark. When the percentage filling level of the MFIB drops below the configured value, the corresponding trap is cleared and a log entry is added.
Parameters
- low-water-mark
Specifies the MFIB low watermark as a percentage.
mfib-table-size
Syntax
mfib-table-size size
no mfib-table-size
Context
config>service>vpls
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the maximum number of (s,g) entries in the MFIB for this VPLS instance.
The table-size parameter specifies the maximum number of multicast database entries for both learned and static multicast addresses for the VPLS instance. When a table-size limit is set on the MFIB of a service that is lower than the current number of dynamic entries present in the MFIB, the number of entries remains above the limit.
The no form of this command removes the configured maximum MFIB table size.
Parameters
- table-size
Specifies the maximum number of (s,g) entries allowed in the MFIB.
remote-age
Syntax
remote-age seconds
no remote-age
Context
config>service>vpls
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the aging time for remotely learned MAC addresses in the FDB for the VPLS instance. In a VPLS service, MAC addresses are associated with a SAP. MACs associated with a SAP are classified as local MACs.
Similar to a Layer 2 switch, learned MACs can be aged out if no packets are sourced from the MAC address for a period of time (the aging time). In each VPLS service instance, there are independent aging timers for local learned MAC and remote learned MAC entries in the FDB. The remote-age timer specifies the aging time for remote learned MAC addresses. To reduce the amount of signaling required between switches, configure this timer value larger than the local-age timer.
The no form of this command reverts the remote aging timer to the default value.
Default
remote age 900
Parameters
- seconds
Specifies the aging time for remote MACs, in seconds.
send-flush-on-failure
Syntax
[no] send-flush-on-failure
Context
config>service>vpls
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command enables sending out ‟flush-all-from-ME” messages to all LDP peers included in the affected VPLS, in the event of physical port failures or ‟oper-down” events of individual SAPs.
This feature provides an LDP-based mechanism for recovering a physical link failure in a dual-homed connection to a VPLS service. This method provides an alternative to RSTP solutions where dual homing redundancy and recovery, in the case of link failure, is resolved by RSTP running between a PE router and CE devices. If the endpoint is configured within the VPLS and the send-flush-on-failure command is enabled, ‟flush-all-from-ME” messages are sent out only when all spoke-SDPs associated with the endpoint go down.
This feature cannot be enabled on management VPLS.
Default
no send-flush-on-failure
service-mtu
Syntax
service-mtu octets
no service-mtu
Context
config>service>vpls
Platforms
7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, 7210 SAS-K 3SFP+ 8C
Description
This command configures the service payload Maximum Transmission Unit (MTU), in bytes, for the service. This MTU value overrides the service-type default MTU. The service-mtu command defines the payload capabilities of the service. It is used by the system to validate the SAP and SDP binding operational state within the service.
The service MTU and a SAP service delineation encapsulation overhead (that is, 4 bytes for a dot1q tag) is used to derive the required MTU of the physical port or channel on which the SAP was created. If the required payload is larger than the port or channel MTU, the SAP is placed in an inoperative state. If the required MTU is equal to or less than the port or channel MTU, the SAP is able to transition to the operative state.
In the event that a service MTU, port or channel MTU, or path MTU is dynamically or administratively modified, all associated SAP and SDP binding operational states are automatically reevaluated.
The no form of this command reverts the default service-mtu for the indicated service type to the default value.
To disable the service MTU check, execute the no service-mtu-check command. Disabling service MTU check allows the packets to pass to the egress if the packet length is less than or equal to the MTU configured on the port.
Default
VPLS: 1514
The following table displays MTU values for specific VC types.
VC-type |
Example service MTU |
Advertised MTU |
---|---|---|
Ethernet |
1514 |
1500 |
Ethernet (with preserved dot1q) |
1518 |
1504 |
VPLS |
1514 |
1500 |
VPLS (with preserved dot1q) |
1518 |
1504 |
VLAN (dot1p transparent to MTU value) |
1514 |
1500 |
VLAN (QinQ with preserved bottom Qtag) |
1518 |
1504 |
Parameters
- octets
Specifies the size of the MTU in octets, expressed as a decimal integer.
root-guard
Syntax
[no] root-guard
Context
config>service>vpls>sap>stp
config>service>vpls>spoke-sdp>stp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies whether this port is allowed to become an STP root port. It corresponds to the restrictedRole parameter in 802.1Q. If set, it can cause lack of spanning tree connectivity.
Default
no root-guard
tod-suite
Syntax
tod-suite tod-suite-name
no tod-suite
Context
config>service>vpls>sap
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command applies a time-based policy (filter or QoS policy) to the service SAP. The suite name must already exist in the config>cron context.
Default
no tod-suite
Parameters
- tod-suite-name
Specifies a collection of policies (ACLs, QoS), including time-ranges, that define the full or partial behavior of a SAP. The suite can be applied to more than one SAP.
vsi-id
Syntax
vsi-id
Context
config>service>vpls>bgp-ad
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
Commands in this context configure the Virtual Switch Instance Identifier (VSI-ID).
prefix
Syntax
prefix low-order-vsi-id
no prefix
Context
config>service>vpls>bgp-ad>vsi-id
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command specifies the low-order 4 bytes used to compose the VSI-ID to use for NLRI in BGP auto-discovery in this VPLS service.
If no value is set, the system IP address IS used.
Default
no prefix
Parameters
- low-order-vsi-id
Specifies a unique VSI-ID.
service-name
Syntax
service-name service-name
no service-name
Context
config>service>vpls
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures an optional service name, up to 64 characters, that adds a name identifier to a specific service to then use that service name in configuration references and in show commands throughout the system. This helps service providers and administrators identify and manage services.
All services are required to assign a service ID to initially create a service. However, either the service ID or the service name can be used to identify and reference a specific service when it is initially created.
Parameters
- service-name
Specifies a unique service name to identify the service. Service names may not begin with an integer (0-9).
allow-ip-int-bind
Syntax
[no] allow-ip-int-bind
Context
config>service>vpls
Platforms
7210 SAS-D, 7210 SAS-Dxp, 7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, 7210 SAS-K 3SFP+ 8C
Description
This command sets a flag on the VPLS service that enables the ability to attach an IP interface to the VPLS service to make the VPLS service routable. When the allow-ip-int-bind command is not enabled, the VPLS service cannot be attached to an IP interface.
On the 7210 SAS-D, 7210 SAS-Dxp, and 7210 SAS-K 2F1C2T, the VPLS can be bound to only an IES IP interface. On the 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C, the VPLS can be bound to an IES or VPRN IP interface. Only IPv4 addressing and forwarding is supported in the R-VPLS context.
When attempting to set the allow-ip-int-bind VPLS flag, the system first checks to see if the correct configuration constraints exist for the VPLS service and the network ports. In Release 5.0 the following VPLS features must be disabled or not configured to set the allow-ip-int-bind flag:
SAP ingress QoS policies applied to the VPLS SAPs cannot have MAC match criteria defined
VPLS service type cannot be M-VPLS
MVR from routed VPLS and to another SAP is not supported
When the VPLS allow-ip-int-bind flag is set on a VPLS service, the preceding features cannot be enabled on the VPLS service.
When a service name is applied to a VPLS service and that service name is also bound to an IP interface but the allow-ip-int-bind flag has not been set on the VPLS service context, the system attempt to resolve the service name between the VPLS service and the IP interface fails.
After the allow-ip-int-bind flag is successfully set on the VPLS service, either the service name on the VPLS service must be removed and reapplied, or the IP interface must be reinitialized using the shutdown or no shutdown commands. This causes the system to reattempt the name resolution process between the IP interface and the VPLS service.
The no form of this command resets the allow-ip-int-bind flag on the VPLS service. If the VPLS service currently has an IP interface attached, the no allow-ip-int-bind command fails. When the allow-ip-int-bind flag is reset on the VPLS service, the configuration restrictions associated with setting the flag are removed.
VPLS STP commands
stp
Syntax
stp
Context
config>service>vpls
config>service>vpls>sap
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context configure the Spanning Tree Protocol (STP) parameters. The Nokia implementation of the STP has a few modifications to better suit the operational characteristics of VPLS services. The most evident change is to the root bridge election. Because the core network operating between the service routers should not be blocked, the root path is calculated from the core perspective.
auto-edge
Syntax
auto-edge
no auto-edge
Context
config>service>vpls>sap>stp
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>pw-template (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures automatic detection of the edge port characteristics of the SAP.
The no form of this command reverts to the default value.
Default
auto-edge
edge-port
Syntax
[no] edge-port
Context
config>service>vpls>sap>stp
config>service>vpls>spoke-sdp>stp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the SAP as an edge or non-edge port. If auto-edge is enabled for the SAP, this value is used only as the initial value.
RSTP, however, can detect that the actual situation is different from what edge-port may indicate.
Initially, the value of the SAP parameter is set to edge-port. This value changes if the following is true.
A BPDU is received on that port. This means that there is another bridge connected to this port. The edge-port becomes disabled.
If auto-edge is configured and no BPDU is received within a certain period of time, RSTP concludes that it is on an edge and enables the edge-port.
The no form of this command reverts the edge port setting to the default value.
Default
no edge-port
forward-delay
Syntax
forward-delay seconds
no forward-delay
Context
config>service>vpls>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
RSTP, as defined in the IEEE 802.1D-2004 standards, usually transitions to the forwarding state via a handshaking mechanism (rapid transition), without any waiting times. If handshaking fails (for example, on shared links), the system falls back to the timer-based mechanism defined in the original STP (802.1D-1998) standard.
A shared link is a link with more than two nodes (for example, a shared 10/100BaseT segment). The port-type command is used to configure a link as point-to-point or shared.
For timer-based transitions, the 802.1D-2004 standard defines an internal variable forward-delay, which is used in calculating the default number of seconds that a SAP spends in the discarding and learning states when transitioning to the forwarding state.
The value of the forward-delay command depends on the STP operating mode of the VPLS instance:
in rstp or mstp mode, but only when the SAP has not fallen back to legacy STP operation, the value configured by the hello-time command is used
in all other situations, the value configured by the forward-delay command is used.
Default
15 seconds
Parameters
- seconds
Specifies the forward delay timer for the STP instance, in seconds.
hello-time
Syntax
hello-time hello-time
no hello-time
Context
config>service>vpls>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the STP hello time for the VPLS STP instance.
This command defines the default timer value that controls the sending interval between BPDU configuration messages by this bridge, on ports where this bridge assumes the designated role.
The active hello time for the spanning tree is determined by the root bridge (except when the STP is running in RSTP mode; then the hello time is always taken from the locally configured parameter).
The configured hello-time can also be used to calculate the forward delay. See auto-edge.
The no form of this command reverts to the default value.
Default
2 seconds
Parameters
- hello-time
Specifies the hello time for the STP instance in seconds.
hold-count
Syntax
hold-count BDPU tx hold count
no hold-count
Context
config>service>vpls>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the peak number of BPDUs that can be transmitted in a period of one second.
The no form of this command reverts to the default value.
Default
6
Parameters
- BDPU tx hold count
Specifies the hold count for the STP instance, in seconds.
link-type
Syntax
link-type {pt-pt | shared}
no link-type
Context
config>service>vpls>sap>stp
config>service>vpls>spoke-sdp>stp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the maximum number of bridges for STP behind this SAP. If there is only a single bridge, transitioning to forwarding state will be based on handshaking (fast transitions).
If more than two bridges are connected via shared media, their SAP should all be configured as shared, and timer-based transitions are used.
The no form of this command reverts to the default value.
Default
pt-pt
Parameters
- pt-pt
Specifies that a maximum of one bridge can exist behind this SAP or spoke-SDP.
- shared
Specifies that two or more bridges can exist behind this SAP or spoke-SDP.
mst-instance
Syntax
mst-instance mst-inst-number
Context
config>service>vpls>sap>stp
config>service>vpls>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies an MSTI for which to configure related parameters at the SAP level. This context can be open only for existing MSTIs defined at the service level.
Parameters
- mst-inst-number
Specifies an existing MSTI number.
mst-path-cost
Syntax
mst-path-cost inst-path-cost
no mst-path-cost
Context
config>service>vpls>sap>stp>mst-instance config>service>vpls>stp>mst-instance
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This commands configures path cost within a specific instance. If a loop occurs, this parameter indicates the probability of a specific port being assigned a forwarding state. (The highest value expresses lowest priority).
The no form of this command reverts to the default value.
Default
the path-cost is proportional to link speed
Parameters
- inst-path-cost
Specifies the contribution of this port to the MSTI path cost.
mst-port-priority
Syntax
mst-port-priority stp-priority
no mst-port-priority
Context
config>service>vpls>sap>stp>mst-instance
config>service>vpls>stp>mst-instance
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This commands specifies the port priority within a specific instance. If a loop occurs, this parameter indicates the probability of a specific port being assigned a forwarding state.
The no form of this command reverts to the default value.
Default
128
Parameters
- stp-priority
Specifies the value of the port priority field.
max-age
Syntax
max-age seconds
no max-age
Context
config>service>vpls>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures how many hops a BPDU can traverse the network starting from the root bridge. The message age field in a BPDU transmitted by the root bridge is initialized to 0. Every other bridge takes the message age value from BPDUs received on their root port and increment this value by 1. The message age therefore reflects the distance from the root bridge. BPDUs with a message age exceeding max-age are ignored.
STP uses the max-age value configured in the root bridge. This value is propagated to the other bridges via the BPDUs.
The no form of this command reverts to the default value.
Default
20 seconds
Parameters
- seconds
Specifies the max info age for the STP instance in seconds. Allowed values are integers.
mode
Syntax
mode {rstp | comp-dot1w | dot1w | mstp}
no mode
Context
config>service>vpls>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the version of STP the bridge is currently running. See Spanning tree operating modes for information about these modes.
The no form of this command reverts to the default value.
Default
rstp
Parameters
- rstp
Corresponds to the Rapid STP specified in IEEE 802.1D/D4-2003.
- dot1w
Corresponds to the mode where the Rapid Spanning Tree is backward compatible with IEEE 802.1w.
- compdot1w
Corresponds to the Rapid STP fully conformant to IEEE 802.1w.
- mstp
Sets MSTP as the STP mode of operation. Corresponds to the Multiple STP specified in 802.1Q REV/D5.0-09/2005.
mst-instance
Syntax
[no] mst-instance mst-inst-number
Context
config>service>vpls>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies an MSTI for which to configure related parameters. MSTP supports ‟16” instances. The instance ‟0” is mandatory (by protocol) and cannot be created by the CLI. The software automatically maintains this instance.
Parameters
- mst-inst-number
Specifies the Multiple Spanning Tree instance.
mst-priority
Syntax
mst-priority bridge-priority
no mst-priority
Context
config>service>vpls>stp>mst-instance
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the bridge priority for the specific MSTI for this service. The bridge-priority value reflects likelihood that the switch will be chosen as the regional root switch (65535 represents the least likely). It is used as the highest 4 bits of the bridge ID included in the MSTP BPDUs generated by this bridge.
The values of the priority are only multiples of 4096 (4k). If a value is specified that is not a multiple of 4K, the value is replaced by the closest multiple of 4K (lower than the value entered).
The no form of this command reverts to the default value.
Default
32768
All instances created by the vlan-range command do not have explicit definition of bridge-priority and will inherit the default value.
Parameters
- bridge-priority
Specifies the priority of this specific MSTI for this service.
vlan-range
Syntax
[no] vlan-range [vlan-range]
Context
config>service>vpls>stp>mst-instance
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies a range of VLANs associated with a certain MST instance. This range applies to all SAPs of the mVPLS.
Every VLAN range that is not assigned within any of the instances created by the mst-instance command is automatically assigned to mst-instance 0. This instance is automatically maintained by the software and cannot be modified. Changing the VLAN range value can be performed only when the specific MST-instance is shut down.
The no form of this command removes the vlan-range from the specific MST instance.
Parameters
- vlan-range
The first VLAN range specifies the left-bound (minimum) value of a range of VLANs associated with the mVPLS SAP. This value must be smaller than or equal to the second VLAN range value. The second VLAN range specifies the right-bound (maximum) value of a range of VLANs associated with the mVPLS SAP.
mst-max-hops
Syntax
mst-max-hops hops-count
no mst-max-hops
Context
config>service>vpls>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the number of hops in the region before BPDU is discarded, and the information held for the port is aged out. The root bridge of the instance sends a BPDU (or M-record) with remaining-hop-count set to configured max-hops. When a bridge receives the BPDU (or M-record), it decrements the received remaining-hop-count by 1 and propagates it in BPDU (or M-record) it generates.
The no form of this command reverts to the default value.
Default
20
Parameters
- hops-count
Specifies the maximum number of hops.
mst-name
Syntax
mst-name region-name
no mst-name
Context
config>service>vpls>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command defines an MST region name. Two bridges are considered a part of the same MST region as soon as their configuration of the MST region name, the MST-revision and VLAN-to-instance assignment are identical.
The no form of this command removes region-name from the configuration.
Default
no mst-name
Parameters
- region-name
Specifies an MST-region name, up to 32 characters.
mst-revision
Syntax
mst-revision revision-number
Context
config>service>vpls>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command defines the MST configuration revision number. Two bridges are considered a part of the same MST region if their configured MST-region name, MST-revision, and VLAN-to-instance are identical.
The no form of this command reverts MST configuration revision to the default value.
Default
0
Parameters
- revision-number
Specifies the MSTP region revision number to define the MSTP region.
path-cost
Syntax
path-cost sap-path-cost
no path-cost
Context
config>service>vpls>sap>stp
config>service>vpls>spoke-sdp>stp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the Spanning Tree Protocol (STP) path cost for the SAP.
The path cost is used by STP to calculate the path cost to the root bridge. The path cost in BPDUs received on the root port is incremented with the configured path cost for that SAP. When BPDUs are sent out other egress SAPs, the newly calculated root path cost is used.
STP suggests that the path cost is defined as a function of the link bandwidth. Because SAPs are controlled by complex queuing dynamics, in the 7210 SAS the STP path cost is a static configuration.
The no form of this command reverts the path cost to the default value.
Parameters
- path-cost
Specifies the path cost for the SAP.
port-num
Syntax
[no] port-num virtual-port-number
Context
config>service>vpls>sap>stp
config>service>vpls>spoke-sdp>stp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the virtual port number that uniquely identifies a SAP within configuration BPDUs. The internal representation of a SAP is unique to a system and has a reference space much bigger than the 12 bits definable in a configuration BPDU. STP takes the internal representation value of a SAP and identifies it with its own virtual port number that is unique to every other SAP defined on the TLS. The virtual port number is assigned at the time that the SAP is added to the TLS. Because the order that the SAP was added to the TLS is not preserved between reboots of the system, the virtual port number may change between restarts of the STP instance.
The virtual port number cannot be administratively modified.
priority
Syntax
priority stp-priority
no priority
Context
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>sap>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the STP priority for the SAP.
STP priority is a configurable parameter associated with a SAP. When configuration BPDUs are received, the priority is used in some circumstances as a tie breaking mechanism to determine whether the SAP will be designated or blocked.
In traditional STP implementations (802.1D-1998), this field is called the port priority and has a value of 0 to 255. This field is coupled with the port number (0 to 255 also) to create a 16-bit value. In the latest STP standard (802.1D-2004), only the upper 4 bits of the port priority field are used to encode the SAP priority. The remaining 4 bits are used to extend the port ID field into a 12-bit virtual port number field. The virtual port number uniquely references a SAP within the STP instance.
STP computes the actual priority by taking the input value and masking out the lower four bits.The result is the value that is stored in the priority parameter; for example, if a value of 0 is entered, masking out the lower 4 bits results in a parameter value of 0. If a value of 255 is entered, the result is 240.
The no form of this command reverts the STP priority to the default value.
Default
128
Parameters
- stp-priority
Specifies the STP priority value for the SAP. Allowed values are integer in the range of 0 to 255, 0 being the highest priority. The actual value used for STP priority (and stored in the configuration) is the result of masking out the lower 4 bits, therefore the actual value range is 0 to 240 in increments of 16.
VPLS SAP commands
sap
Syntax
sap sap-id [eth-ring ring-index]
no sap sap-id
Context
config>service>vpls
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command creates a Service Access Point (SAP) within a service. A SAP is a combination of port and encapsulation parameters that identify the service access point on the interface and within the 7210 SAS. Each SAP must be unique.
A physical port can have only one SAP to be part of one service. Multiple SAPs can be defined over a physical port, but each of these SAPs should belong to a different service.
All SAPs must be explicitly created. If no SAPs are created within a service or on an IP interface, a SAP does not exist on that object.
Enter an existing SAP without the create keyword to edit SAP parameters. The SAP is owned by the service in which it was created.
A SAP can only be associated with a single service. A SAP can only be defined on a port that has been configured as an access port using the config interface port-type port-id mode access command.
If a port is shut down, all SAPs on that port become operationally down. When a service is shut down, SAPs for the service are not displayed as operationally down, although all traffic traversing the service is discarded. The operational state of a SAP is relative to the operational state of the port on which the SAP is defined.
This command is also used to create a ring APS control SAP or a data SAP whose traffic is protected by a ring APS instance.
The no form of this command deletes the SAP with the specified port. When a SAP is deleted, all configuration parameters for the SAP are also deleted. For IES, the IP interface must be shut down before the SAP on that interface may be removed.
Special Cases
- Default SAPs
A default SAP has the following format: port-id:*. This type of SAP is supported only on Ethernet MDAs, and its creation is allowed only in the scope of Layer 2 services (Epipe and VPLS).The 7210 SAS does not support explicit null encapsulation for a VPLS service.
Parameters
- sap-id
Specifies the physical port identifier portion of the SAP definition. See Common CLI command descriptions for command syntax.
- create
Keyword used to create a SAP instance. The create keyword requirement can be enabled or disabled in the environment>create context.
- eth-ring
Keyword to create an instance of a ring APS control SAP or a data SAP whose traffic is protected by a ring APS Instance.
- ring-index
Specifies the ring index of the Ethernet ring.
discard-unknown-source
Syntax
[no] discard-unknown-source
Context
config>service>vpls>sap
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
When this command is enabled, packets received on a SAP or with an unknown source MAC address will be dropped only if the maximum number of MAC addresses for that SAP (see max-nbr-mac-addr) has been reached. If the max-nbr-mac-addr command has not been set for the SAP, enabling the discard-unknown-source command has no effect.
When disabled, the packets are forwarded based on the destination MAC addresses.
The no form of this command causes packets with an unknown source MAC addresses to be forwarded by destination MAC addresses in VPLS.
Default
no discard-unknown-source
ETH-CFM service commands
eth-cfm
Syntax
eth-cfm
Context
config>service>vpls>sap
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context configure ETH-CFM parameters.
mep
Syntax
mep mep-id domain md-index association ma-index [direction {up | down}]
no mep mep-id domain md-index association ma-index
Context
config>service>vpls>sap>eth-cfm
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the ETH-CFM maintenance endpoint (MEP).
Parameters
- mep-id
Specifies the maintenance association end point identifier.
- md-index
Specifies the maintenance domain (MD) index value.
- ma-index
Specifies the MA index value.
- direction {up | down}
Specifies the direction in which the MEP faces on the bridge port. Direction is not supported when a MEP is created directly under the vpls>eth-cfm context (vMEP).
ais-enable
Syntax
[no] ais-enable
Context
config>service>vpls>mesh-sdp>eth-cfm>mep (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>epipe>spoke-sdp>eth-cfm>mep (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>sap>eth-cfm
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables the generation and the reception of AIS messages.
client-meg-level
Syntax
client-meg-level [[level [level ...]]
no client-meg-level
Context
config>service>vpls>mesh-sdp>eth-cfm>mep>ais-enable (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>epipe>spoke-sdp>eth-cfm>mep>ais-enable (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>sap>eth-cfm
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the client maintenance entity group (MEG) levels to use for AIS message generation. Up to 7 levels can be provisioned, with the restriction that the client MEG level must be higher than the local MEG level.
Parameters
- level
Specifies the client MEG level.
interval
Syntax
interval {1 | 60}
no interval
Context
config>service>vpls>mesh-sdp>eth-cfm>mep>ais-enable (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>epipe>spoke-sdp>eth-cfm>mep>ais-enable (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>sap>eth-cfm
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the transmission interval of AIS messages.
Parameters
- 1 | 60
Specifies the transmission interval of AIS messages, in seconds.
priority
Syntax
priority priority-value
no priority
Context
config>service>vpls>mesh-sdp>eth-cfm>mep>ais-enable (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>epipe>spoke-sdp>eth-cfm>mep>ais-enable (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>sap>eth-cfm
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the priority of AIS messages originated by the node.
Parameters
- priority-value
Specifies the priority value of the AIS messages originated by the node.
ccm-enable
Syntax
[no] ccm-enable
Context
config>service>vpls>mep
config>service>vpls>sap>eth-cfm>mep
config>service>vpls>mesh-sdp>mep (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>epipe>spoke-sdp>eth-cfm>mep (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables the generation of CCM messages.
The no form of this command disables the generation of CCM messages.
ccm-ltm-priority
Syntax
ccm-ltm-priority priority
no ccm-ltm-priority
Context
config>service>vpls>sap>eth-cfm>mep
config>service>vpls>mesh-sdp>mep (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C) config>service>epipe>spoke-sdp>eth-cfm>mep (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the priority value for CCMs and LTMs transmitted by the MEP.
By default, the highest priority on the bridge port is configured.
The no form of this command removes the priority value from the configuration.
Parameters
- priority
Specifies the priority of CCM and LTM messages.
eth-test-enable
Syntax
[no] eth-test-enable
Context
config>service>vpls>sap>eth-cfm>mep
config>service>vpls>spoke-sdp>eth-cfm>mep (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
For ETH-test to work, operators need to configure ETH-test parameters on both sender and receiver nodes. The ETH-test can then be performed using the following OAM commands:
oam eth-cfm eth-test mac-address mep mep-id domain md-index association ma-index [priority priority] [data-length data-length]
A check is performed for both the provisioning and test to ensure the MEP is an Y.1731 MEP (MEP provisioned with domain format none, association format icc-based). If not, the operation fails. An error message in the CLI and SNMP indicates the problem.
test-pattern
Syntax
test-pattern {all-zeros | all-ones} [crc-enable]
no test-pattern
Context
config>service>vpls>sap>eth-cfm>mep>eth-test-enable
config>service>vpls>mesh-sdp>eth-cfm>mep>eth-test-enable
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the test pattern for eth-test frames.
The no form of this command removes the values from the configuration.
Parameters
- all-zeros
Keyword that specifies to use all zeros in the test pattern.
- all-ones
Keyword that specifies to use all ones in the test pattern.
- crc-enable
Keyword that generates a CRC checksum.
bit-error-threshold
Syntax
bit-error-threshold bit-errors
no bit-error-threshold
Context
config>service>vpls>sap>eth-cfm>mep
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the threshold value of bit errors.
Parameters
- bit-errors
Specifies the threshold value in bits.
fault-propagation-enable
Syntax
fault-propagation-enable {use-if-tlv | suspend-ccm}
no fault-propagation-enable
Context
config>service>epipe>sap>eth-cfm>mep
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the fault propagation for the MEP.
Parameters
- use-if-tlv
Keyword that specifies to use the interface TLV.
- suspend-ccm
Keyword that specifies to suspend the continuity check messages.
mac-address
Syntax
mac-address mac-address
no mac-address
Context
config>service>epipe>sap>eth-cfm>mep
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the MAC address of the MEP.
The no form of this command reverts the MAC address of the MEP back to that of the port (if the MEP is on a SAP) or the bridge (if the MEP is on a spoke).
Parameters
- mac-address
Specifies the MAC address of the MEP.
low-priority-defect
Syntax
low-priority-defect {allDef | macRemErrXcon | remErrXcon | errXcon | xcon | noXcon}
Context
config>service>epipe>spoke-sdp>eth-cfm>mep (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>mesh-sdp>eth-cfm>mep (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>epipe>sap>eth-cfm>mep
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the lowest priority defect that is allowed to generate a fault alarm.
Default
macRemErrXcon
Values: |
allDef |
DefRDICCM, DefMACstatus, DefRemoteCCM, DefErrorCCM, and DefXconCCM |
macRemErrXcon |
||
Only DefMACstatus, DefRemoteCCM, DefErrorCCM, and DefXconCCM |
||
remErrXcon |
Only DefRemoteCCM, DefErrorCCM, and DefXconCCM |
|
errXcon |
Only DefErrorCCM and DefXconCCM |
|
xcon |
Only DefXconCCM; or |
|
noXcon |
No defects DefXcon or lower are to be reported |
mac-address
Syntax
mac-address mac-address
no mac-address
Context
config>service>vpls>sap>eth-cfm>mep
config>service>vpls>mesh-sdp>eth-cfm>mep (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>epipe>spoke-sdp>eth-cfm>mep (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the MAC address of the MEP.
The no form of this command reverts the MAC address of the MEP back to that of the port (if the MEP is on a SAP) or the bridge (if the MEP is on a spoke).
Parameters
- mac-address
Specifies the MAC address of the MEP.
one-way-delay-threshold
Syntax
one-way-delay-threshold seconds
Context
config>service>vpls>sap>eth-cfm>mep
config>service>epipe>spoke-sdp>eth-cfm>mep (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables or disables eth-test functionality on MEP.
Parameters
- seconds
Specifies the one way delay threshold, in seconds.
mip
Syntax
mip [mac mac-address] [primary-vlan-enable vlan-id]
mip default-mac [primary-vlan-enable vlan-id]
no mip [primary-vlan-enable vlan-id]
Context
config>service>vpls>sap>eth-cfm
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command allows Maintenance Intermediate Points (MIPs) to be created if mhf-creation for the MA is configured using the default option.
For more information about the ETH-CFM matrix support for different platforms, see the 7210 SAS-D, Dxp, K 2F1C2T, K 2F6C4T, K 3SFP+ 8C OAM and Diagnostics Guide.
The no form of this command deletes the MIP.
Parameters
- mac-address
Specifies the MAC address of the MIP.
- default-mac
Keyword that is useful if the user needs to change the MAC back to the default MAC without having to delete the MIP and reconfiguring.
- primary-vlan-enable vlan-id
Specifies a method for linking the MEP with the primary VLAN configured under the bridge-identifier for the MA. MEPs can not be changed from or to primary VLAN functions. This must be configured as part of the creation step and can only be changed by deleting the MEP and recreating it. Primary VLANs are supported only under Ethernet SAPs.
This parameter is supported only with UP MEP on 7210 SAS-D with a dot1q range SAP.
VPLS commands
limit-mac-move
Syntax
limit-mac-move [blockable | non-blockable]
no limit-mac-move
Context
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>sap
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures whether the MAC-move agent, when enabled using the config service vpls mac-move or config service epipe mac-move commands will limit the MAC relearn (move) rate on this SAP.
Default
blockable
Parameters
- blockable
Keyword to specify the agent will monitor the MAC relearn rate on the SAP, and it will block it when the relearn rate is exceeded.
- non-blockable
Keyword to specify this SAP will not be blocked, and another blockable SAP will be blocked instead.
mac-pinning
Syntax
[no] mac-pinning
Context
config>service>vpls>sap
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>mesh-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>endpoint
config>service>pw-template (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command disables relearning of MAC addresses on other SAPs within the VPLS. The MAC address remains attached to a specific SAP for the duration of its age timer.
The age of the MAC address entry in the FIB is set by the age timer. If MAC aging is disabled on a specific VPLS service, any MAC address learned on a SAP with mac-pinning enabled remains in the FIB on this SAP forever. Every event that would otherwise result in relearning will be logged (MAC address, original SAP, new SAP).
max-nbr-mac-addr
Syntax
max-nbr-mac-addr table-size
no max-nbr-mac-addr
Context
config>service>vpls>sap
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>endpoint
config>service>pw-template (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the maximum number of FDB entries for both learned and static MAC addresses for this SAP.
When the configured limit has been reached, and the discard-unknown-source command has been enabled for this SAP or spoke-SDP, packets with unknown source MAC addresses are discarded.
The no form of this command restores the global MAC learning limitations for the SAP.
Default
no max-nbr-mac-addr
Parameters
- table-size
Specifies the maximum number of learned and static entries allowed in the FDB of this service.
revert-time
Syntax
revert-time {revert-time | infinite}
no revert-time
Context
config>service>vpls>endpoint
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the time to wait before reverting to the primary spoke-SDP.
The no form of this command removes the wait time.
Parameters
- revert-time
Specifies the wait time in seconds.
- infinite
Keyword to make the endpoint non-revertive.
statistics
Syntax
statistics
Context
config>service>vpls>sap
Platforms
7210 SAS-D
Description
Commands in this context configure the counters associated with SAP ingress and egress.
egress
Syntax
egress
Context
config>service>vpls>sap>statistics
Platforms
7210 SAS-D
Description
Commands in this context configure the egress SAP statistics counter and set the mode of the counter.
This counter counts the number of packets forwarded through the SAP.
ingress
Syntax
ingress
Context
config>service>vpls>sap>statistics
Platforms
7210 SAS-D
Description
Commands in this context configure the ingress SAP statistics counter.
For access-uplink SAPs, the ingress counters are not enabled by default. For access SAPs, if the ingress counter is enabled by default, it can be disabled.
The types of ingress SAP counters are the following:
a counter that counts the total packets or octets received on the SAP
a counter associated with meters defined in the QoS policy of the SAP. This counter counts the in-profile and out-of-profile packets or octets received on the SAP.
forwarded-count
Syntax
[no] forwarded-count
Context
config>service>vpls>sap>statistics>egress
Platforms
7210 SAS-D
Description
This command associates a counter with the SAP. The counter counts the number of packets forwarded through the SAP.
A limited number of such counters are available for use with access SAPs and access-uplink SAPs.
Use this command before enabling applicable accounting record collection on the SAP to associate a counter with the SAP.
The no form of this command disables the packet count.
counter-mode
Syntax
counter-mode {in-out-profile-count | forward-drop-count}
Context
config>service>vpls>sap>statistics>ingress
Platforms
7210 SAS-D
Description
This command sets the counter mode for the counters associated with SAP ingress meters (also known as policers). A pair of counters is available with each meter. These counters count different events based on the counter mode value.
The counter mode can be changed if an accounting policy is associated with a SAP. If the counter mode is changed, the counters associated with the meter are reset and the counts are cleared. If an accounting policy is in use when the counter-mode is changed, a new record will be written into the current accounting file.
Run the following sequence of commands on the specified SAP to ensure the correct statistics are collected when the counter-mode is changed.
Run the config service vpls sap no collect-stats command to disable writing of accounting records for the SAP.
Change the counter-mode to the desired option by running the config service vpls sap counter-mode {in-out-profile-count | forward-drop-count} command.
Run the config service vpls sap collect-stats command to enable writing of accounting records for the SAP.
The no form of this command reverts the counter mode to the default value.
Default
in-out-profile-count
Parameters
- forward-drop-count
Keyword to specify that one counter counts the forwarded packets and octets received on ingress of a SAP and another counts the dropped packets. The forwarded count is the sum of in-profile and out-of-profile packets/octets received on SAP ingress. The dropped count is count of packets/octets dropped by the policer. A packet is determined to be in-profile or out-of-profile based on the meter rate parameters configured. A packet is dropped by the policer if it exceeds the configured PIR rate. The in-profile count and out-of-profile count are not individually available when operating in this mode.
- in-out-profile-count
Keyword to specify that one counter counts the total in-profile packets and octets received on ingress of a SAP and another counts the total out-of-profile packets and octets received on ingress of a SAP. A packet is determined to be in-profile or out-of-profile based on the meter rate parameters configured. A packet is dropped by the policer if it exceeds the configured PIR rate. Dropped counts are not maintained in hardware when this mode is used. It is obtained by subtracting the sum of in-profile count and out-of-profile count from the total SAP ingress received count and displayed.
received-count
Syntax
[no] received-count
Context
config>service>vpls>sap>statistics>ingress
Platforms
7210 SAS-D
Description
This command associates a counter with the SAP. It counts the number of packets and octets received on the SAP (ingress).
A limited number of such counters are available for use with access-uplink SAPs.
Use this command before enabling applicable accounting record collection on the SAP.
The no form of this command disables counter.
static-mac
Syntax
[no] static-mac ieee-mac-address [create]
Context
config>service>vpls>sap
config>service>vpls>mesh-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command creates a local static MAC entry in the VPLS forwarding database (FDB) associated with the SAP.
In a VPLS service, MAC addresses are associated with a SAP or with a Service Distribution Point (SDP). MACs associated with a SAP are classified as local MACs, and MACs associated with an SDP are remote MACs.
Local static MAC entries create a permanent MAC address to SAP association in the forwarding database for the VPLS instance so that MAC address will not be learned on the edge device.
Static MAC definitions on one edge device are not propagated to other edge devices participating in the VPLS instance; that is, each edge device has an independent forwarding database for the VPLS.
Only one static MAC entry (local or remote) can be defined for each MAC address per VPLS instance.
By default, no static MAC address entries are defined for the SAP.
The no form of this command deletes the static MAC entry with the specified MAC address associated with the SAP from the VPLS forwarding database.
Parameters
- ieee-mac-address
Specifies the 48-bit MAC address for the static ARP in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers. Allowed values are any non-broadcast, non-multicast MAC and non-IEEE reserved MAC addresses.
- create
Keyword that is mandatory when specifying a static MAC address.
managed-vlan-list
Syntax
managed-vlan-list
Context
config>service>vpls>sap
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context configure VLAN ranges to be managed by a management VPLS. The list indicates, for each SAP, the ranges of associated VLANs that will be affected when the SAP changes state.
This command is only valid when the VPLS in which it is entered was created as a management VPLS.
default-sap
Syntax
[no] default-sap
Context
config>service>vpls>sap>managed-vlan-list
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command adds a default SAP to the managed VLAN list.
The no form of this command removes the default SAP from the managed VLAN list.
range
Syntax
[no] range vlan-range
Context
config>service>vpls>sap>managed-vlan-list
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures a range of VLANs on an access port managed by an existing management VPLS.
This command is valid only when the VPLS in which it is entered was created as a management VPLS, and when the SAP in which it was entered was created on an Ethernet port with encapsulation type of dot1q or qinq, or on a Sonet/SDH port with encapsulation type of bcp-dot1q.
To modify the range of VLANs, first the new range should be entered and afterwards the old range removed. See Modifying VPLS service parameters for more information.
Parameters
- vlan-range
Specifies the VLAN start value and VLAN end value. The end-vlan must be greater than start-vlan. The format is start-vlan-end-vlan.
VPLS filter and QoS policy commands
egress
Syntax
egress
Context
config>service>vpls>sap
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context configure egress filter policies.
If no egress filter is defined, no filtering is performed.
ingress
Syntax
ingress
Context
config>service>vpls>sap
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context configure ingress SAP Quality of Service (QoS) policies and filter policies.
If no SAP-ingress QoS policy is defined, the system default SAP-ingress QoS policy is used for ingress processing. If no ingress filter is defined, no filtering is performed.
filter
Syntax
filter ip ip-filter-id
filter ipv6 ipv6-filter-id
filter mac mac-filter-id
Context
config>service>vpls>sap>egress
config>service>vpls>sap>ingress
Platforms
Supported on all 7210 SAS platforms as described in this document.
Description
This command associates an IP filter policy or MAC filter policy with an ingress or egress SAP or IP interface.
Filter policies control the forwarding and dropping of packets based on IP or MAC matching criteria. There are two types of filter policies: IP and MAC. Only one type may be applied to a SAP at a time.
The filter command is used to associate a filter policy that has a specified filter ID with an ingress or egress SAP. The filter ID must already be defined before the filter command is executed. If the filter policy does not exist, the operation fails and an error message is returned.
In general, filters applied to SAPs (ingress or egress) apply to all packets on the SAP. One exception is non-IP packets are not applied to IP match criteria, so the default action in the filter policy applies to these packets.
The no form of this command removes any configured filter ID association with the SAP or IP interface. The filter ID is not removed from the system.
Special Cases
- VPLS
Both MAC and IP filters are supported on a VPLS service SAP.
Parameters
- ip ip-filter-id
Specifies IP filter policy. The filter ID must already exist within the created IP filters.
- ipv6 ipv6-filter-id
Specifies the IPv6 filter policy. The filter ID must already exist within the created IPv6 filters.
- mac mac-filter-id
Specifies the MAC filter policy. The specified filter ID must already exist within the created MAC filters. The filter policy must already exist within the created MAC filters.
qos
Syntax
qos policy-id
no qos
Context
config>service>vpls>sap>ingress
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command associates a QoS policy with an ingress SAP or IP interface.
QoS ingress policies are important for the enforcement of SLA agreements. The policy ID must be defined before associating the policy with a SAP. If the policy-id does not exist, an error is returned.
The qos command is used to associate ingress policies. The qos command only allows ingress policies to be associated on SAP ingress. Attempts to associate a QoS policy of the wrong type returns an error.
Only one ingress QoS policy can be associated with a SAP at one time. Attempts to associate a second QoS policy of a specific type returns an error.
By default, if no specific QoS policy is associated with the SAP for ingress, the default QoS policy is used.
The no form of this command removes the QoS policy association from the SAP, and the QoS policy reverts to the default.
Parameters
- policy-id
Specifies the ingress policy ID to associate with SAP on ingress. The policy ID must already exist.
agg-shaper-rate
Syntax
agg-shaper-rate agg-rate
no agg-shaper-rate
Context
config>service>vpls>sap>ingress
Platforms
7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, 7210 SAS-K 3SFP+ 8C
Description
This command specifies the aggregate rate for the SAP shaper. The aggregate SAP shaper is available to limit only the unicast traffic and the BUM traffic across all the FCs of the SAP configured to use ingress queues. Users can specify the CIR rate and the PIR rate. Users must not oversubscribe the total bandwidth available for use by ingress queues.
The no form of this command disables the SAP aggregate rate shaper; that is, the SAP can use up the maximum bandwidth available.
Default
no agg-shaper-rate
Parameters
- agg-rate
Specifies the rate in kilobits per second.
agg-shaper-rate
Syntax
agg-shaper-rate agg-rate
no agg-shaper-rate
Context
config>service>vpls>sap>egress
Description
7210 SAS-K 2F1C2T, 7210 SAS-K 2F6C4T, 7210 SAS-K 3SFP+ 8C
This command configures the aggregate rate for the SAP shaper. The aggregate SAP shaper is available to limit only the unicast traffic and the BUM traffic across all the FCs of the SAP configured to use ingress queues. Users can specify the CIR rate and the PIR rate. Users must not oversubscribe the total bandwidth available for use by ingress queues.
The no form of this command disables the use of SAP aggregate rate shaper; that is, the SAP can use up the maximum bandwidth available.
Default
no agg-shaper-rate
Parameters
- agg-rate
Specifies the rate in kilobits per second.
aggregate-meter-rate
Syntax
aggregate-meter-rate rate-in-kbps [burst burst-in-kbits]
no aggregate-meter-rate
Context
config>service>epipe>sap>ingress
config>service>vpls>sap>ingress
Platforms
7210 SAS-D, 7210 SAS-Dxp
Description
This command configures the SAP ingress aggregate policer. The rate of the SAP ingress aggregate policer must be specified. Users can optionally specify the burst size for the SAP aggregate policer. The aggregate policer monitors the ingress traffic on different FCs and determines the final disposition of the packet. The packet is either forwarded to an identified profile or dropped.
The sum of CIR of the individual FCs configured under the SAP cannot exceed the PIR rate configured for the SAP. Although the 7210 SAS software does not block this configuration, it is not recommended.
The following table lists the final disposition of the packet based on the operating rate of the per-FC policer and the per-SAP aggregate policer.
Per FC meter operating rate |
Per FC assigned color |
SAP aggregate meter operating rate |
SAP aggregate meter color |
Final packet color |
---|---|---|---|---|
Within CIR |
Green |
Within PIR |
Green |
Green or In-profile |
Within CIR 2 |
Green |
Above PIR |
Red |
Green or In-profile |
Above CIR, Within PIR |
Yellow |
Within PIR |
Green |
Yellow or Out-of-Profile |
Above CIR, Within PIR |
Yellow |
Above PIR |
Red |
Red or Dropped |
Above PIR |
Red |
Within PIR |
Green |
Red or Dropped |
Above PIR |
Red |
Above PIR |
Red |
Red or Dropped |
When the SAP aggregate policer is configured, the per-FC policer can be configured only in ‟trtcm2” mode (RFC 4115).
The meter modes ‟srtcm” and ‟trtcm1” are used in the absence of an aggregate meter.
The SAP ingress meter counters increment the packet or octet counts based on the final disposition of the packet.
If ingress frame-based accounting is used, the SAP aggregate meter rate accounts for the Ethernet frame overhead. The system accounts for 12 bytes of IFG and 8 bytes of start delimiter.
The no form of this command removes the aggregate policer from use.
Default
no aggregate-meter-rate
Parameters
- rate-in-kbps
Specifies the rate in kilobits per second.
- burst-in-kilobits
Specifies the burst size for the policer in kilobits. The burst size cannot be configured without configuring the rate.
aggregate-meter-rate
Syntax
aggregate-meter-rate rate-in-kbps [burst burst-in-kbits] [enable-stats]
no aggregate-meter-rate
Context
config>service>vpls>sap>egress
Platforms
7210 SAS-D, 7210 SAS-Dxp
Description
This command configures the access SAP egress aggregate policer. The rate (PIR) of the SAP egress aggregate policer must be specified. Users can optionally specify the burst size for the SAP aggregate policer. The aggregate policer monitors the traffic sent out of the SAP and determines the final disposition of the packet, which is either forwarded or dropped.
Users can optionally associate a set of two counters to count total forwarded packets and octets, and total dropped packets and octets. When this counter is enabled, the amount of resources required increases by twice the amount of resources taken up when the counter is not used. If the enable-stats keyword is specified during the creation of the meter, the counter is allocated by software (if available). To free up the counter and relinquish its use, the user can use the no aggregate-meter-rate command and then recreate the meter using the aggregate-meter rate command.
If egress frame-based accounting is used, the SAP egress aggregate meter rate accounts for the Ethernet frame overhead. The system accounts for 12 bytes of IFG and 8 bytes of start delimiter. Frame-based accounting does not affect the count of octets maintained by the counter (if in use).
Before enabling this command for a SAP, resources must be allocated to this feature from the egress-internal-tcam resource pool using the config system resource-profile egress-internal-tcam egress-sap-aggregate-meter command. Refer to the 7210 SAS-D, Dxp, K 2F1C2T, K 2F6C4T, K 3SFP+ 8C Basic System Configuration Guide for information.
The egress aggregate meter is not FC-aware. The forward and drop decisions are made based on the order in which the packets are sent out of the SAP by the egress port scheduler.
The no form of this command removes the egress aggregate policer from use.
Default
no aggregate-meter-rate
Parameters
- rate-in-kbps
Specifies the rate in kilobits per second.
- burst-in-kbits
Specifies the burst size for the policer in kilobits. The burst size cannot be configured without configuring the rate.
- enable-stats
Keyword to specify if the counter to count forwarded and dropped packets and octets is allocated. If this keyword is used while configuring the meter, the counter is allocated.
accounting-policy
Syntax
accounting-policy acct-policy-id
no accounting-policy
Context
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>mesh-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>sap
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Note: This command is not applicable for access uplink SAPs.
This command creates the accounting policy context that can be applied to a SAP.
An accounting policy must be defined before it can be associated with a SAP.
If the policy-id does not exist, an error message is generated.
A maximum of one accounting policy can be associated with a SAP at one time. Accounting policies are configured in the config>log context.
The no form of this command removes the accounting policy association from the SAP, and the accounting policy reverts to the default.
Default
default accounting policy
Parameters
- acct-policy-id
Specifies the accounting policy ID as configured in the config>log>accounting-policy context.
collect-stats
Syntax
[no] collect-stats
Context
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>mesh-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>sap
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command is not applicable for access uplink SAPs.
This command enables accounting and statistical data collection for either the SAP, network port, or IP interface. by default, when applying accounting policies the data is collected in the appropriate records and written to the designated billing file.
When the no collect-stats command is issued the statistics are still accumulated by the cards. However, the CPU will not obtain the results and write them to the billing file. If a subsequent collect-stats command is issued then the counters written to the billing file include all the traffic while the no collect-stats command was in effect.
Default
no collect-stats
VPLS SDP commands
mesh-sdp
Syntax
mesh-sdp sdp-id[:vc-id] [vc-type {ether | vlan}]
no mesh-sdp sdp-id[:vc-id]
Context
config>service>vpls
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command binds a VPLS service to an existing Service Distribution Point (SDP). Mesh SDPs bound to a service are logically treated like a single bridge ‟port” for flooded traffic where flooded traffic received on any mesh SDP on the service is replicated to other ‟ports” (spoke-SDPs and SAPs) and not transmitted on any mesh SDPs.
This command creates a binding between a service and an SDP. The SDP has an operational state that determines the operational state of the SDP within the service; for example, if the SDP is administratively or operationally down, the SDP for the service is down.
The SDP must already be defined in the config>service>sdp context to associate the SDP with a valid service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id does exist, a binding between that sdp-id and the service is created.
SDPs must be explicitly associated and bound to a service. If an SDP is not bound to a service, no far-end devices can participate in the service.
The no form of this command removes the SDP binding from the service. The SDP configuration is not affected, only the binding of the SDP to a service. When removed, no packets are forwarded to the far-end router.
Special Cases
- VPLS
Several SDPs can be bound to a VPLS. Each SDP must be destined to a different router. If two sdp-id bindings terminate on the same router, an error occurs and the second SDP is binding is rejected.
Parameters
- sdp-id
Specifies the SDP identifier.
- vc-id
Specifies the virtual circuit identifier. This value is used to validate the VC ID portion of each mesh SDP binding defined in the service. The default value of this object is equal to the service ID.
- vc-type
Keyword that overrides the default VC type signaled for the spoke or mesh binding to the far end of the SDP. The VC type is a 15-bit quantity containing a value that represents the type of VC. The actual signaling of the VC type depends on the signaling parameter defined for the SDP. If signaling is disabled, the vc-type command can still be used to define the dot1q value expected by the far-end provider equipment. A change of the bindings VC type causes the binding to signal the new VC type to the far end when signaling is enabled.
VC types are derived according to IETF draft-martini-l2circuit-trans-mpls.
The VC type value for Ethernet is 0x0005.
The VC type value for an Ethernet VLAN is 0x0004.
- ether
Keyword that defines the VC type as Ethernet. The ethernet and vlan keywords are mutually exclusive. When the VC type is not defined, the default is Ethernet for spoke-SDP bindings. Defining Ethernet is the same as executing no vc-type and restores the default VC type for the spoke-SDP binding. (hex 5)
- vlan
Keyword that defines the VC type as VLAN. The ethernet and vlan keywords are mutually exclusive. When the VC type is not defined, the default is Ethernet for mesh SDP bindings.
spoke-sdp
Syntax
spoke-sdp sdp-id[:vc-id] [vc-type {ether | vlan}] [create] [split-horizon-group group-name] endpoint no-endpoint
no spoke-sdp sdp-id[:vc-id] [vc-type {ether | vlan}] [create] endpoint no-endpoint
Context
config>service>vpls
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command binds a service to an existing SDP. A spoke-SDP is treated like the equivalent of a traditional bridge ‟port” where flooded traffic received on the spoke-SDP is replicated on all other ‟ports” (other spoke and mesh SDPs and SAPs) and not transmitted on the port on which it was received.
On the 7210 SAS-K 2F6C4T, the spoke-sdp command is supported on a routed VPLS when it is bound to a VPRN service. All configuration using the config>service>spoke-sdp context is supported on the routed VPLS.
The SDP has an operational state that determines the operational state of the SDP within the service; for example, if the SDP is administratively or operationally down, the SDP for the service is down.
The SDP must exist in the config>service>sdp context before it can be associated with a VPLS service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id exists, a binding between the specific sdp-id and service is created.
SDPs must be explicitly associated and bound to a service to allow far-end devices to participate in the service.
The no form of this command removes the SDP binding from the service; the SDP configuration is not affected. When the SDP binding is removed, no packets are forwarded to the far-end router.
Special Cases
- VPLS
Several SDPs can be bound to a VPLS service. Each SDP must use unique vc-ids. An error message is generated if two SDP bindings with identical vc-ids terminate on the same router. Split horizon groups can only be created in the scope of a VPLS service.
Parameters
- sdp-id
Specifies the SDP identifier.
- vc-id
Specifies the virtual circuit identifier.
- create
Keyword that is mandatory for creating a spoke-SDP.
- endpoint endpoint-name
Specifies the service endpoint to which this SDP bind is attached. The service ID of the SDP binding must match the service ID of the service endpoint.
- no endpoint
Removes the association of a spoke-SDP with an explicit endpoint name.
- ether
Keyword to specify the VC type as Ethernet. The ether and vlan keywords are mutually exclusive. When the VC type is not defined then the default is Ethernet for spoke-SDP bindings. Defining Ethernet is the same as executing no vc-type and restores the default VC type for the spoke-SDP binding. (hex 5)
- split-horizon-group group-name
Specifies the name of the split horizon group to which the SDP belongs.
- vc-type
Specifies to override the default VC type signaled for the spoke or mesh binding to the far end of the SDP. The VC type is a 15-bit quantity containing a value that represents the VC type. The actual signaling of the VC type depends on the signaling parameter defined for the SDP. If signaling is disabled, the vc-type command can still be used to define the dot1q value expected by the far-end provider equipment. If signaling is disabled, a change of the binding VC type causes the binding to signal the new VC type to the far end.
VC types are derived in accordance with IETF draft-martini-l2circuit-trans-mpls.
The VC type value for Ethernet is 0x0005.
The VC type value for an Ethernet VLAN is 0x0004.
- vlan
Keyword that defines the VC type as VLAN. The ethernet and vlan keywords are mutually exclusive. When the VC type is not defined then the default is Ethernet for spoke-SDP bindings.
The VLAN VC-type requires at least one dot1q tag within each encapsulated Ethernet packet transmitted to the far end.
control-word
Syntax
[no] control word
Context
config>service>vpls>mesh-sdp
config>service>vpls>spoke-sdp
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command enables the use of the control word on pseudowire packets in VPLS and enables the use of the control word individually on each mesh SDP or spoke-SDP. By default, the control word is disabled.
When the control word is enabled, all VPLS packets, including the BPDU frames, are encapsulated with the control word when sent over the pseudowire. The T-LDP control plane behavior is the same as in the implementation of the control word for VLL services. The configuration for the two directions of the Ethernet pseudowire should match.
The no form of this command reverts the mesh SDP or spoke-SDP to the default behavior of not using the control word.
Default
no control word
egress
Syntax
egress
Context
config>service>vpls>mesh-sdp
config>service>vpls>spoke-sdp
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command configures the egress SDP context.
hash-label
Syntax
hash-label [signal-capability]
no hash-label
Context
config>service>vpls>mesh-sdp
config>service>vpls>spoke-sdp
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command configures the hash label on VLL or VPLS services that are bound to RSVP SDP, 3107 BGP SDP, segment routing, or LDP SDP, using the auto-bind mode with the ldp, rsvp-te, or mpls options. When this feature is enabled, the ingress datapath is modified such that the result of the hash on the packet header is communicated to the egress datapath for use as the value of the label field of the hash label. The ingress datapath appends the hash label at the bottom of the stack (BoS) and sets the S-bit to one (1).
On 7210 SAS devices, the hash label is not used on the local node for ECMP and LAG hashing. It is available for use by LSR nodes, through which the traffic flows, that are capable of using the labels for hashing.
Packets generated in the CPM that are forwarded with a label within the context of a service (for example, OAM packets) must also include a hash label at the BoS and set the S-bit accordingly.
The TTL of the hash label is set to 0.
Signaling of the hash label capability is enabled by adding the signal-capability option under the VLL spoke-SDP, VPLS spoke-SDP or mesh SDP interface, or PW template instance. In this case, the decision of the local PE to insert the hash label on the user and control plane packets is determined by the outcome of the signaling process and can override the local PE configuration. The following process flow applies when the hash-label and signal-capability options are enabled on the local PE.
The 7210 SAS local PE inserts the flow label interface parameters sub-TLV with T=1 and R=1 in the PW ID FEC element in the label mapping message for the specific spoke-SDP or mesh SDP.
If a remote PE does not send the flow label sub-TLV in the PW ID FEC element, or sends a flow label sub-TLV in the PW ID FEC element with T=FALSE and R=FALSE, the local node disables the hash label capability. Consequently, the local PE node does not insert a hash label in the user and control plane packets that it forwards on the spoke-SDP or mesh SDP. The local PE also drops user and control plane packets received from a remote PE if they include a hash label. The dropped packets may be caused by:
a remote 7210 SAS PE that does not support the hash-label command
a remote 7210 SAS PE that has the hash-label command enabled but does not support the signal-capability option
a remote 7210 SAS PE that supports the hash-label command and the signal-capability option, but the user did not enable them due to a misconfiguration
If the remote PE sends a flow label sub-TLV in the PW ID FEC element with T=TRUE and R=TRUE, the local PE enables the hash label capability. Consequently, the local PE node inserts a hash label in the user and control plane packets that it forwards on the spoke-SDP or mesh SDP. The local PE node also accepts user and control plane packets from the remote PE with a hash label. The local PE node drops user and control plane packets from the remote PE without a hash label.
If the hash-label command is enabled on the local PE with the signal-capability option configured and on the remote PE without the signal-capability option configured on the spoke-SDP or mesh-SDP, the hash label is included in the pseudowire packets received by the local PE. These packets must be dropped. To resolve this situation, you must disable the signal-capability option on the local node, which results in the insertion of the hash label by both PE nodes.
If the hash-label option is not supported or is not enabled on the local configuration of the spoke-SDP or mesh-SDP at the remote PE, the hash label is not included in the pseudowire received by the local PE.
If the signal-capability option is enabled or disabled in the CLI, the router must withdraw the label it sent to its peer and send a new label mapping message with the new value of the F bit in the flow label interface parameters sub-TLV of the PW ID FEC element.
This feature is supported only for VLL and VPLS services. It is not supported for VPRN services. It is also not supported on multicast packets forwarded using RSVP P2MP LPS or mLDP LSP in both the base router instance and in the multicast VPN (mVPN) instance.
In 7750 and possibly other vendor implementations, to allow applications where the egress LER infers the presence of the hash label implicitly from the value of the label, the Most Significant Bit (MSB) of the result of the hash is set before copying into the hash label. This means that the value of the hash label is always in the range [524,288 to 1,048,575] and does not overlap with the signaled/static LSP and signaled/static service label ranges. This also guarantees that the hash label does not match a value in the reserved label range. 7210 SAS devices do not set the MSB in the hash label value for service traffic. Therefore, the user must ensure that both ends are correctly configured to either process hash labels or disable them. The MSB bit is set for MPLS/OAM traffic on 7210 SAS devices.
The cpe-ping, mac-ping, and svc-ping commands are not supported on the 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C when the hash-label command is enabled.
The no form of this command disables the use of the hash label.
Default
no hash-label
Parameters
- signal-capability
Keyword that enables the signaling and negotiation of the use of the hash label between the local and remote PE nodes.
ingress
Syntax
ingress
Context
config>service>vpls>mesh-sdp
config>service>vpls>spoke-sdp
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command configures the ingress SDP context.
vc-label
Syntax
[no] vc-label vc-label
Context
config>service>vpls>mesh-sdp>egress
config>service>vpls>spoke-sdp>egress
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command configures the egress VC label.
Parameters
- vc-label
Specifies a VC egress value that indicates a specific connection.
vc-label
Syntax
[no] vc-label vc-label
Context
config>service>vpls>mesh-sdp>ingress
config>service>vpls>spoke-sdp>ingress
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command configures the ingress VC label.
Parameters
- vc-label
Specifies a VC ingress value that indicates a specific connection.
vlan-vc-tag
Syntax
vlan-vc-tag vlan-id
no vlan-vc-tag [vlan-id]
Context
config>service>vpls>spoke-sdp
config>service>vpls>mesh-sdp
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command specifies an explicit dot1q value used when encapsulating to the SDP far end. When signaling is enabled between the near and far end, the configured dot1q tag can be overridden by a received TLV specifying the dot1q value expected by the far end. This signaled value must be stored as the remote signaled dot1q value for the binding. The provisioned local dot1q tag must be stored as the administrative dot1q value for the binding.
When the dot1q tag is not defined, the default value of zero is stored as the administrative dot1q value. Setting the value to zero is equivalent to not specifying the value.
The no form of this command disables the command.
Default
no vlan-vc-tag
Parameters
- vlan-id
Specifies a valid VLAN identifier to bind an 802.1Q VLAN tag ID.
IGMP snooping commands
disable-router-alert-check
Syntax
[no] disable-router-alert-check
Context
config>service>vpls>sap>igmp-snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables the Internet Group Management Protocol (IGMP) router alert check option.
The no form of this command disables the router alert check.
description
Syntax
description description-string
no description
Context
config>service>vpls>igmp-snooping>mvr
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command creates a text description stored in the configuration file for a configuration context. The description command associates a text string with a configuration context to help identify the content in the configuration file.
The no form of this command removes the string from the configuration.
Parameters
- description-string
Specifies the description character string. Allowed values are any string up to 80 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes.
fast-leave
Syntax
[no] fast-leave
Context
config>service>vpls>sap>igmp-snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables fast leave. When the IGMP fast leave processing is enabled, the 7210 SAS immediately removes a SAP from the multicast group when it detects an IGMP ‟leave” on that SAP.
Fast-leave processing allows the switch to remove a SAP that sends a ‟leave” from the forwarding table without first sending out group-specific queries to the SAP, and therefore speeds up the process of changing channels (‟zapping”).
Fast leave should only be enabled when there is a single receiver present on the SAP.
When fast-leave is enabled, the configured last-member-query-interval value is ignored.
Default
no fast-leave
from-vpls
Syntax
from-vpls service-id
no from-vpls
Context
config>service>vpls>sap>igmp-snooping>mvr
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the VPLS from which multicast traffic is copied upon receipt of an IGMP join request. IGMP snooping must be enabled on the MVR VPLS.
Default
no from-vpls
Parameters
- service-id
Specifies the MVR VPLS from which multicast channels should be copied into this SAP.
group
Syntax
[no] group grp-address
Context
config>service>vpls>sap>igmp-snooping>static
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command adds a static multicast group as a (*, g). When a static IGMP group is added, multicast data for that (*,g) or (s,g) is forwarded to the specific SAP without receiving any membership report from a host.
Parameters
- grp-address
Specifies an IGMP multicast group address that receives data on an interface. The IP address must be unique for each static group.
group-policy
Syntax
group-policy policy-name
no group-policy
Context
config>service>vpls>igmp-snooping>mvr
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command identifies filter policy of multicast groups to be applied to this VPLS entity. The sources of the multicast traffic must be a member of the VPLS. By default, no group policy is identified.
The no form of this command removes the policy association from the VPLS configuration.
Parameters
- policy-name
Specifies the group policy name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes. Routing policies are configured in the config>router>policy-options context. The router policy must be defined before it can be imported.
force-vlan-vc-forwarding
Syntax
[no] force-vlan-vc-forwarding
Context
config>service>epipe>spoke-sdp
config>service>vpls>mesh-sdp
config>service>vpls>spoke-sdp
config>service>pw-template
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command forces VC VLAN-type forwarding in the datapath for spoke-SDPs or mesh SDPs that have either VC type. This command is not allowed on VLAN VC type SDPs.
The no form of this command reverts to the default value.
Default
disabled
igmp-snooping
Syntax
igmp-snooping
Context
config>service>vpls
config>service>vpls>sap
config>service>vpls>spoke-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>mesh-sdp (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>pw-template (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables the IGMP snooping context.
max-num-sources
Syntax
max-num-sources max-num-sources
no max-num-sources
Context
config>service>vpls>sap>igmp-snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the maximum number of multicast sources allowed per group.
The no form of this command removes the value from the configuration.
Parameters
- max-num-sources
Specifies the maximum number of multicast sources allowed per group.
import
Syntax
import policy-name
no import
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>spoke-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>mesh-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>pw-template>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the import routing policy to be used for IGMP packets to be used on this SAP or SDP. Only a single policy can be imported on a single SAP or SDP at any time.
The no form of this command removes the policy association from the SAP or SDP.
Default
no import
Parameters
- policy-name
Specifies the import policy name. Values can be string up to 32 characters of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes. These policies are configured in the config>router>policy-options context The router policy must be defined before it can be imported.
last-member-query-interval
Syntax
last-member-query-interval tenths-of-seconds
no last-member-query-interval
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>spoke-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>mesh-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>pw-template>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the maximum response time used in group-specific queries sent in response to ‟leave” messages and is also the amount of time between 2 consecutive group-specific queries. This value may be tuned to modify the leave latency of the network. A reduced value results in reduced time to detect the loss of the last member of a group.
The configured last-member-query-interval is ignored when fast-leave is enabled on the SAP.
Default
10
Parameters
- seconds
Specifies the frequency, in tenths of seconds, at which query messages are sent.
max-num-groups
Syntax
max-num-groups count
no max-num-groups
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>spoke-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>mesh-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>pw-template>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the maximum number of multicast groups that can be joined on this SAP or SDP. If the node receives an IGMP join message that would exceed the configured number of groups, the request is ignored.
Default
no max-num-groups
Parameters
- count
Specifies the maximum number of groups that can be joined on this SAP.
mrouter-port
Syntax
[no] mrouter-port
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>spoke-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>mesh-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configues whether a multicast router is attached behind this SAP.
Configuring a SAP or SDP as an mrouter-port has a double effect. Firstly, all multicast traffic received on another SAP or SDP is copied to this SAP or SDP. Secondly, IGMP reports generated by the system as a result of someone joining or leaving a multicast group, are sent to this SAP or SDP.
If two multicast routers exist in the network, one of them becomes the active querier. While the other multicast router (non-querier) stops sending IGMP queries, it should still receive reports to keep its multicast trees up to date. To support this, the mrouter-port command should be enabled on all SAPs or SDPs connecting to a multicast router.
The IGMP version to be used for the reports (v1or v2) can only be determined after an initial query has been received. Until that time, no reports are sent on the SAP, even if mrouter-port is enabled.
If the send-queries command is enabled on this SAP or SDP, the mrouter-port command cannot be configured.
Default
no mrouter-port
mvr
Syntax
mvr
Context
config>service>vpls>igmp-snooping
config>service>vpls>sap>igmp-snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context configure Multicast VPLS Registration (MVR) parameters.
query-interval
Syntax
query-interval seconds
no query-interval
Context
config>service>vpls>igmp-snooping
config>service>vpls>sap>igmp-snooping
config>service>vpls>spoke-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>mesh-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>pw-template>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the IGMP query interval. If the send-queries command is enabled, this command specifies the interval between two consecutive general queries sent by the system on this SAP or SDP. The configured query-interval must be greater than the configured query-response-interval. If send-queries is not enabled on this SAP or SDP, the configured query-interval value is ignored.
Default
query-interval 125
Parameters
- seconds
Specifies the time interval, in seconds, that the router transmits general host-query messages.
query-src-ip
Syntax
query-src-ip ip-address
no query-src-ip
Context
config>service>vpls>igmp-snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the IP source address used in IGMP queries.
query-response-interval
Syntax
query-response-interval seconds
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>spoke-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>mesh-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>pw-template>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the IGMP query response interval. If the send-queries command is enabled, this command specifies the maximum response time advertised in IGMP queries.
The query-response-interval must be smaller than the query-interval.
If send-queries is not enabled on this SAP or SDP, the query-response-interval value is ignored.
Default
query-response-interval 10
Parameters
- seconds
Specifies the length of time to wait to receive a response to the host-query message from the host.
report-src-ip
Syntax
report-src-ip ip-address
no report-src-ip
Context
config>service>vpls>igmp-snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the source IP address used when generating IGMP reports. According the IGMPv3 standard, a zero source address is allowed in sending IGMP reports. However, for interoperability with some multicast routers, the source IP address of IGMP group reports can be configured using this command.
Default
report-src-ip 0.0.0.0
Parameters
- ip-address
Specifies the source IP source address in transmitted IGMP reports.
robust-count
Syntax
robust-count robust-count
no robust-count
Context
config>service>vpls>igmp-snooping
config>service>vpls>sap>igmp-snooping
config>service>vpls>spoke-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>mesh-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>pw-template>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
If the send-queries command is enabled, this command allows tuning for the expected packet loss on a SAP or SDP. The robust-count value allows tuning for the expected packet loss on a subnet and is comparable to a retry count. If this SAP or SDP is expected to be ‟lossy”, this parameter may be increased. IGMP snooping on this SAP or SDP is robust to (robust-count-1) packet losses.
If send-queries is not enabled, this command is ignored.
Default
robust-count 2
Parameters
- robust-count
Specifies the robust count for the SAP.
precedence
Syntax
precedence precedence-value| primary
no precedence
Context
config>service>vpls>spoke-sdp
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command configures the spoke-SDP precedence.
Default
precedence 4
Parameters
- precedence-value
Specifies the spoke-SDP precedence.
- primary
Keyword to specify the precedence is primary.
propagate-mac-flush
Syntax
[no] propagate-mac-flush
Context
config>service>vpls
Platforms
7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C
Description
This command configures whether MAC flush messages received from the specific LDP are propagated to all spoke and mesh SDPs within the context of this VPLS service. The propagation follows the split-horizon principle and any datapath blocking to avoid the looping of these messages.
Default
no propagate-mac-flush
send-queries
Syntax
[no] send-queries
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>spoke-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>mesh-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>pw-template>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures whether to send IGMP general query messages on the SAP or SDP.
When the send-queries command is configured, all query reports generated locally are of the type belonging to the configured version. If a report of a version higher than the configured version is received, the report is dropped and a new counter to track the wrong version is incremented. If send-queries is not configured, the version command has no effect, and the version used is the version of the querier.
Default
no send-queries
group
Syntax
[no] group grp-address
Context
config>service>vpls>sap>igmp-snooping>static
config>service>vpls>spoke-sdp>snooping>static (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>mesh-sdp>snooping>static (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command adds a static multicast group either as a (*, g) or as one or more (s,g) records. When a static IGMP group is added, multicast data for that (*,g) or (s,g) is forwarded to the specific SAP or SDP without receiving a membership report from a host.
Parameters
- grp-address
Specifies an IGMP multicast group address that receives data on an interface. The IP address must be unique for each static group.
source
Syntax
[no] source ip-address
Context
config>service>vpls>sap>igmp-snooping>static>group
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command adds a static (s,g) entry, to allow multicast traffic for a multicast group from a specified source. For a multicast group, more than one source address can be specified. Static (s,g) entries cannot be added, if a starg is previously created.
The no form of this command removes the source from the configuration.
Parameters
- ip-address
Specifies the IPv4 unicast address.
starg
Syntax
[no] starg
Context
config>service>vpls>sap>igmp-snooping>static>group
config>service>vpls>spoke-sdp>igmp-snooping>static>group (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>mesh-sdp>igmp-snooping>static>group (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command adds a static (*,g) entry to allow multicast traffic for the corresponding multicast group from any source. This command can only be enabled if no existing source addresses for this group are specified.
The no form of this command removes the starg entry from the configuration.
Default
no starg
static
Syntax
static
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>spoke-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>mesh-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context configure static group addresses. Static group addresses can be configured on a SAP or SDP. When present either as a (*, g) entry, multicast packets matching the configuration are forwarded even if no join message was registered for the specific group.
version
Syntax
version version
no version
Context
config>service>vpls>sap>igmp-snooping
config>service>vpls>mesh-sdp>igmp-snooping
config>service>vpls>spoke-sdp>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>vpls>mesh-sdp>snooping>static (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
config>service>pw-template>igmp-snooping (only supported on 7210 SAS-K 2F6C4T and 7210 SAS-K 3SFP+ 8C)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the version of IGMP that is running on this SAP. This object can be used to configure a router capable of running either value. For IGMP to function correctly, all routers on a LAN must be configured to run the same version of IGMP on that LAN.
When the send-queries command is configured, all query reports generated locally are of the type belonging to the configured version. If a report of a version higher than the configured version is received, the report is dropped and a new counter to track the wrong version is incremented. If send-queries is not configured, the version command has no effect, and the version used is the version of the querier.
Parameters
- version
Specifies the IGMP version.
to-sap
Syntax
to-sap sap-id
no to-sap
Context
config>service>vpls>sap>igmp-snooping>mvr
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the SAP to which the multicast data needs to be copied.
In some scenarios, the multicast traffic should not be copied from the MVR VPLS to the SAP on which the IGMP message was received (standard MVR behavior) but to another SAP.
Default
no to-sap
Parameters
- sap-id
Specifies the SAP to which multicast channels should be copied.
VPLS show commands
fdb-info
Syntax
fdb-info
Context
show>service
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Displays global FDB usage information.
Output
The following output is an example of FDB usage information, and Output fields: FDB-info describes the output fields.
Sample outputA:7210-SASE# show service fdb-info
===============================================================================
Forwarding Database(FDB) Information
====================================================================================
============ Service Id : 1 Mac Move : Disabled
Primary Factor : 3 Secondary Factor : 2
Mac Move Rate : 2 Mac Move Timeout : 10
Mac Move Retries : 3
Table Size : 250 Total Count : 1
Learned Count : 0 Static Count : 0
Host-learned Count: 1
Remote Age : 900 Local Age : 300
High Watermark : 95% Low Watermark : 90%
Mac Learning : Enabled Discard Unknown : Disabled
Mac Aging : Enabled Relearn Only : False
Mac Subnet Len : 48
-------------------------------------------------------------------------------
Total Service FDBs : 1
Total FDB Configured Size : 250
Total FDB Entries In Use : 1
PBB MAC Address Indices In Use : 0
-------------------------------------------------------------------------------
===============================================================================
A:7210-SASE#
Label |
Description |
---|---|
|
The value that identifies a service. |
|
Indicates the administrative state of the MAC movement feature associated with the service. |
|
The maximum rate at which MACs can be relearned in this TLS service, before the SAP where the moving MAC was last seen is automatically disabled to protect the system against undetected loops or duplicate MACs. The rate is computed as the maximum number of relearns allowed in a 5 second interval. The default rate of 10 relearns per second corresponds to 50 relearns in a 5 second period. |
|
Indicates the time in seconds to wait before a SAP that has been disabled after exceeding the maximum relearn rate is reenabled. A value of zero indicates that the SAP will not be automatically re-enabled after being disabled. If after the SAP is reenabled it is disabled again, the effective retry timeout is doubled to avoid thrashing. |
|
The maximum number of learned and static entries allowed in the FDB. |
|
The current number of entries (both learned and static) in the FDB of this service. |
|
The current number of learned entries in the FDB of this service. |
|
The current number of static entries in the FDB of this service. |
|
The number of seconds used to age out FDB entries learned on an SDP. These entries correspond to MAC addresses learned on remote SAPs. |
|
The seconds used to age out FDB entries learned on local SAPs. |
|
The use of the FDB table of this service at which a ‟table full” alarm is raised by the agent. |
|
The use of the FDB table of this service at which a ‟table full” alarm is cleared by the agent. |
|
Specifies whether the MAC learning process is enabled in this service. |
|
Specifies whether frames received with an unknown destination MAC are discarded in this service. |
|
Specifies whether the MAC aging process is enabled in this service. |
|
Specifies whether MAC pinning is enabled in this service. |
|
When enabled, indicates that either the FDB table of this service is full or that the maximum system-wide number of MACs supported by the agent has been reached, and therefore MAC learning is temporary disabled, and only MAC relearns can take place. |
|
The current number of service FDBs configured on this node. |
|
The sum of configured FDBs. |
|
The total number of entries (both learned and static) in use. |
fdb-mac
Syntax
fdb-mac ieee-address [expiry]
Context
show>service
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays the FDB entry for a specific MAC address.
Parameters
- ieee-address
Specifies the 48-bit MAC address for which to display the FDB entry in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff, where aa, bb, cc, dd, ee and ff are hexadecimal numbers.
- expiry
Shows the time until the MAC is aged out.
Output
The following output is an example of MAC address FDB entry information, and Output fields: FDB-MAC describes the output fields.
Sample output*A:ALA-12# show service fdb-mac 00:99:00:00:00:00
==============================================================================
Services Using Forwarding Database Mac 00:99:00:00:00:00
==============================================================================
ServId MAC Source-Identifier Type/
Age Last Change
------------------------------------------------------------------------------
1 00:99:00:00:00:00 sap:1/2/7:0 Static
==============================================================================
*A:ALA-12#
Label |
Description |
---|---|
|
The service ID number. |
|
The specified MAC address |
|
The location where the MAC is defined. |
|
|
sap-using
Syntax
sap-using [ingress | egress] filter filter-id
sap-using [sap sap-id]
Context
show>service
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays SAP information.
If no optional parameters are specified, the command displays a summary of all defined SAPs. The optional parameters restrict output to only SAPs matching the specified properties.
Parameters
- ingress
Keyword that specifies matching an ingress policy.
- egress
Keyword that specifies matching an egress policy.
- filter filter-id
Specifies the ingress or egress filter policy ID for which to display matching SAPs.
- sap-id
Specifies the physical port identifier portion of the SAP definition. See Common CLI command descriptions for command syntax.
Output
The following output is an example of SAP information, and Output fields: SAP-using describes the output fields.
Sample output*A:ALU_SIM2>config>service>vpls# show service sap-using
===============================================================================
Service Access Points
===============================================================================
PortId SvcId Ing. Ing. Egr. Adm Opr
QoS Fltr Fltr
-------------------------------------------------------------------------
1/1/1:10 1 1 none 1none Up Up
1/1/3:500.* 1 1 none 1none Up Up
1/1/1:200 200 1 none 1none Up Up
1/1/3:100.200 200 1 none 1none Up Up
1/1/1:300 300 1 none 1none Up Up
-------------------------------------------------------------------------------
Number of SAPs : 5
-------------------------------------------------------------------------------
*A:ALU_SIM2>config>service>vpls#
Label |
Description |
---|---|
|
The ID of the access port where the SAP is defined. |
|
The service identifier. |
|
The SAP ingress QoS policy number specified on the ingress SAP. |
|
The MAC or IP filter policy ID applied to the ingress SAP. |
|
The filter policy ID applied to the egress SAP. |
|
The accounting policy ID assigned to the SAP. |
|
The administrative state of the SAP. |
|
The actual state of the SAP. |
service-using
Syntax
service-using [epipe] [ies] [vpls] [mirror] [customer customer-id]
Context
show>service
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays the services matching certain usage properties. If no optional parameters are specified, all services defined on the system are displayed.
Parameters
- epipe
Displays matching Epipe services.
- ies
Displays matching IES instances.
- vpls
Displays matching VPLS instances.
- mirror
Displays matching mirror services.
- customer customer-id
Displays services only associated with the specified customer ID.
Output
The following output is an example of service information, and Output fields: service-using describes the output fields.
Sample output*A:ALA-12# show service service-using customer 10
==============================================================================
Services
==============================================================================
ServiceId Type Adm Opr CustomerId Last Mgmt Change
------------------------------------------------------------------------------
1 VPLS Up Up 10 09/05/2006 13:24:15
100 IES Up Up 10 09/05/2006 13:24:15
300 Epipe Up Up 10 09/05/2006 13:24:15
------------------------------------------------------------------------------
Matching Services : 3
==============================================================================
*A:ALA-12#
*A:ALA-12# show service service-using epipe
===============================================================================
Services [epipe]
===============================================================================
ServiceId Type Adm Opr CustomerId Last Mgmt Change
-------------------------------------------------------------------------------
6 Epipe Up Up 6 09/22/2006 23:05:58
7 Epipe Up Up 6 09/22/2006 23:05:58
8 Epipe Up Up 3 09/22/2006 23:05:58
103 Epipe Up Up 6 09/22/2006 23:05:58
-------------------------------------------------------------------------------
Matching Services : 4
===============================================================================
*A:ALA-12#
*A:ALA-14# show service service-using
===============================================================================
Services
===============================================================================
ServiceId Type Adm Opr CustomerId Last Mgmt Change
-------------------------------------------------------------------------------
10 mVPLS Down Down 1 10/26/2006 15:44:57
11 mVPLS Down Down 1 10/26/2006 15:44:57
100 mVPLS Up Up 1 10/26/2006 15:44:57
101 mVPLS Up Up 1 10/26/2006 15:44:57
102 mVPLS Up Up 1 10/26/2006 15:44:57
-------------------------------------------------------------------------------
Matching Services : 5
-------------------------------------------------------------------------------
*A:ALA-14#
*A:SetupCLI# show service service-using
===========================================================================
Services
===========================================================================
ServiceId Type Adm Opr CustomerId Last Mgmt Change
-------------------------------------------------------------------------------
23 mVPLS Up Down 2 09/25/2007 21:45:58
100 Epipe Up Down 2 09/25/2007 21:45:58
101 Epipe Up Down 2 09/25/2007 21:45:58
102 Epipe Up Down 2 09/25/2007 21:45:58
105 Epipe Up Down 2 09/25/2007 21:45:58
110 Epipe Up Down 1 09/25/2007 21:45:58
990 IES Up Down 1 09/25/2007 21:45:58
1000 Mirror Up Down 1 09/25/2007 21:45:59
1001 Epipe Up Down 1 09/25/2007 21:45:58
1002 Epipe Up Down 1 09/25/2007 21:45:58
1003 Epipe Up Down 1 09/25/2007 21:45:58
1004 Epipe Up Down 1 09/25/2007 21:45:58
2000 Mirror Up Down 1 09/25/2007 21:45:59
...
-------------------------------------------------------------------------------
Matching Services : 27
-------------------------------------------------------------------------------
*A:SetupCLI#
*A:SetupCLI# show service service-using
===========================================================================
Services
===========================================================================
ServiceId Type Adm Opr CustomerId Last Mgmt Change
-------------------------------------------------------------------------------
23 mVPLS Up Down 2 09/25/2007 21:45:58
100 Epipe Up Down 2 09/25/2007 21:45:58
101 Epipe Up Down 2 09/25/2007 21:45:58
102 Epipe Up Down 2 09/25/2007 21:45:58
105 Epipe Up Down 2 09/25/2007 21:45:58
110 Epipe Up Down 1 09/25/2007 21:45:58
990 IES Up Down 1 09/25/2007 21:45:58
1000 Mirror Up Down 1 09/25/2007 21:45:59
1001 Epipe Up Down 1 09/25/2007 21:45:58
1002 Epipe Up Down 1 09/25/2007 21:45:58
1003 Epipe Up Down 1 09/25/2007 21:45:58
...
-------------------------------------------------------------------------------
Matching Services : 27
-------------------------------------------------------------------------------
*A:SetupCLI#
Label |
Description |
---|---|
|
The service identifier. |
|
Specifies the service type configured for the service ID. |
|
The administrative state of the service. |
|
The operating state of the service. |
|
The ID of the customer who owns this service. |
|
The date and time of the most recent management-initiated change to this service. |
id
Syntax
id service-id
Context
show>service
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays information for a particular service ID.
Parameters
- service-id
Specifies the unique service identification number that identifies the service in the service domain.
- all
Displays detailed information about the service.
- arp
Displays ARP entries for the service.
- base
Displays basic service information.
- fdb
Displays FDB entries.
- igmp-snooping
Displays IGMP snooping information.
- interface
Displays service interfaces.
- mstp-configuration
Displays MSTP information.
- sap
Displays SAPs associated to the service.
- stp
Displays STP information.
all
Syntax
all
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays detailed information for all aspects of the service.
Output
The following output is an example of detailed service information, and Output fields: service ID all describes the output fields.
Sample output*A:Dut-G# show service id 1 all
===============================================================================
Service Detailed Information
===============================================================================
Service Id : 1 Vpn Id : 0
Service Type : VPLS
Name : (Not Specified)
Description : Default tls description for service id 1
Customer Id : 1 Creation Origin : manual
Last Status Change: 03/06/2020 06:12:06
Last Mgmt Change : 03/06/2020 06:12:02
Admin State : Up Oper State : Up
Admin State : Def. Mesh VC Id : 1
SAP Count : 2
SAP Type: : Any Customer vlan: : n/a
VSD Domain : <none>
SPI load-balance : Disabled
TEID load-balance : Disabled
-------------------------------------------------------------------------------
BGP Information
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Split Horizon Group specifics
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
ETH-CFM service specifics
-------------------------------------------------------------------------------
Tunnel Faults : ignore V-Mep Extensions : Enabled
-------------------------------------------------------------------------------
Service Access Points
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
SAP 1/1/7:1
-------------------------------------------------------------------------------
Service Id : 1
SAP : 1/1/7:1 Encap : q-tag
Description : SAP 1/1/7:1 on Ethernet Ring 1
Admin State : Up Oper State : Up
Flags : None
VLAN Authentication: Disabled VLAN Auth Status : N/A
Last Status Change : 03/06/2020 06:12:13
Last Mgmt Change : 03/06/2020 06:12:06
Dot1Q Ethertype : 0x8100 QinQ Ethertype : 0x8100
Max Nbr of MAC Addr: No Limit Total MAC Addr : 0
Learned MAC Addr : 0 Static MAC Addr : 0
OAM MAC Addr : 0 DHCP MAC Addr : 0
Host MAC Addr : 0 Intf MAC Addr : 0
SPB MAC Addr : 0 Cond MAC Addr : 0
Admin MTU : 9212 Oper MTU : 9212
Ingr IP Fltr-Id : n/a Egr IP Fltr-Id : n/a
Ingr Mac Fltr-Id : n/a Egr Mac Fltr-Id : n/a
Ingr IPv6 Fltr-Id : n/a Egr IPv6 Fltr-Id : n/a
tod-suite : None
Limit Unused BW : Disabled
Mac Learning : Enabled Discard Unkwn Srce: Disabled
Mac Aging : Enabled Mac Pinning : Disabled
BPDU Translation : Disabled
L2PT Termination : Disabled
Acct. Pol : None Collect Stats : Disabled
Anti Spoofing : None Dynamic Hosts : Enabled
Oper Group : (none) Monitor Oper Grp : (none)
Host Lockout Plcy : n/a
Lag Link Map Prof : (none)
Cflowd : Disabled
-------------------------------------------------------------------------------
Eth-Ring Information
-------------------------------------------------------------------------------
Ethernet Ring : 1 Path : b
Control Flag : Yes
-------------------------------------------------------------------------------
Stp Service Access Point specifics
-------------------------------------------------------------------------------
Stp Admin State : Down Stp Oper State : Down
Core Connectivity : Down
Port Role : N/A Port State : Forwarding
Port Number : N/A Port Priority : 128
Port Path Cost : 10 Auto Edge : Enabled
Admin Edge : Disabled Oper Edge : N/A
Link Type : Pt-pt BPDU Encap : Dot1d
Root Guard : Disabled Active Protocol : N/A
Last BPDU from : N/A
CIST Desig Bridge : N/A Designated Port : N/A
Forward transitions: 0 Bad BPDUs rcvd : 0
Cfg BPDUs rcvd : 0 Cfg BPDUs tx : 0
TCN BPDUs rcvd : 0 TCN BPDUs tx : 0
TC bit BPDUs rcvd : 0 TC bit BPDUs tx : 0
RST BPDUs rcvd : 0 RST BPDUs tx : 0
MST BPDUs rcvd : 0 MST BPDUs tx : 0
-------------------------------------------------------------------------------
ARP host
-------------------------------------------------------------------------------
Admin State : outOfService
Host Limit : 1 Min Auth Interval : 15 minutes
-------------------------------------------------------------------------------
QOS
-------------------------------------------------------------------------------
Ingress qos-policy : 1 Egress qos-policy : 1
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Rate : n/a Burst : n/a
-------------------------------------------------------------------------------
Egress Aggregate Meter
-------------------------------------------------------------------------------
Rate : n/a Burst : n/a
-------------------------------------------------------------------------------
DHCP
-------------------------------------------------------------------------------
Description : (Not Specified)
Admin State : Down Lease Populate : 0
DHCP Snooping : Down Action : Keep
Proxy Admin State : Down
Proxy Lease Time : N/A
Emul. Server Addr : Not Configured
-------------------------------------------------------------------------------
Subscriber Management
-------------------------------------------------------------------------------
Admin State : Down MAC DA Hashing : False
Def Sub-Id : None
Def Sub-Profile : None
Def SLA-Profile : None
Def Inter-Dest-Id : None
Sub-Ident-Policy : None
Subscriber Limit : 1
Single-Sub-Parameters
Prof Traffic Only : False
Non-Sub-Traffic : N/A
Static host management
MAC learn options : N/A
-------------------------------------------------------------------------------
Ingress QoS Classifier Usage
-------------------------------------------------------------------------------
Classifiers Allocated: 2 Meters Allocated : 1
Classifiers Used : 1 Meters Used : 1
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Sap Statistics
-------------------------------------------------------------------------------
Packets Octets
Ingress Stats: 319 20416
Egress Stats: 311 19904
Ingress Drop Stats: 0 0
-------------------------------------------------------------------------------
Sap per Meter stats (in/out counter mode)
-------------------------------------------------------------------------------
Packets Octets
Ingress Meter 1
For. InProf : 64 4096
For. OutProf : 255 16320
-------------------------------------------------------------------------------
SAP 1/1/9:1
-------------------------------------------------------------------------------
Service Id : 1
SAP : 1/1/9:1 Encap : q-tag
Description : SAP 1/1/9:1 on Ethernet Ring 1
Admin State : Up Oper State : Up
Flags : None
VLAN Authentication: Disabled VLAN Auth Status : N/A
Last Status Change : 03/06/2020 06:12:08
Last Mgmt Change : 03/06/2020 06:12:06
Dot1Q Ethertype : 0x8100 QinQ Ethertype : 0x8100
Max Nbr of MAC Addr: No Limit Total MAC Addr : 0
Learned MAC Addr : 0 Static MAC Addr : 0
OAM MAC Addr : 0 DHCP MAC Addr : 0
Host MAC Addr : 0 Intf MAC Addr : 0
SPB MAC Addr : 0 Cond MAC Addr : 0
Admin MTU : 9212 Oper MTU : 9212
Ingr IP Fltr-Id : n/a Egr IP Fltr-Id : n/a
Ingr Mac Fltr-Id : n/a Egr Mac Fltr-Id : n/a
Ingr IPv6 Fltr-Id : n/a Egr IPv6 Fltr-Id : n/a
tod-suite : None
Limit Unused BW : Disabled
Mac Learning : Enabled Discard Unkwn Srce: Disabled
Mac Aging : Enabled Mac Pinning : Disabled
BPDU Translation : Disabled
L2PT Termination : Disabled
Acct. Pol : None Collect Stats : Disabled
Anti Spoofing : None Dynamic Hosts : Enabled
Oper Group : (none) Monitor Oper Grp : (none)
Host Lockout Plcy : n/a
Lag Link Map Prof : (none)
Cflowd : Disabled
-------------------------------------------------------------------------------
Eth-Ring Information
-------------------------------------------------------------------------------
Ethernet Ring : 1 Path : a
Control Flag : Yes
-------------------------------------------------------------------------------
Stp Service Access Point specifics
-------------------------------------------------------------------------------
Stp Admin State : Down Stp Oper State : Down
Core Connectivity : Down
Port Role : N/A Port State : Forwarding
Port Number : N/A Port Priority : 128
Port Path Cost : 10 Auto Edge : Enabled
Admin Edge : Disabled Oper Edge : N/A
Link Type : Pt-pt BPDU Encap : Dot1d
Root Guard : Disabled Active Protocol : N/A
Last BPDU from : N/A
CIST Desig Bridge : N/A Designated Port : N/A
Forward transitions: 0 Bad BPDUs rcvd : 0
Cfg BPDUs rcvd : 0 Cfg BPDUs tx : 0
TCN BPDUs rcvd : 0 TCN BPDUs tx : 0
TC bit BPDUs rcvd : 0 TC bit BPDUs tx : 0
RST BPDUs rcvd : 0 RST BPDUs tx : 0
MST BPDUs rcvd : 0 MST BPDUs tx : 0
-------------------------------------------------------------------------------
ARP host
-------------------------------------------------------------------------------
Admin State : outOfService
Host Limit : 1 Min Auth Interval : 15 minutes
-------------------------------------------------------------------------------
QOS
-------------------------------------------------------------------------------
Ingress qos-policy : 1 Egress qos-policy : 1
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Rate : n/a Burst : n/a
-------------------------------------------------------------------------------
Egress Aggregate Meter
-------------------------------------------------------------------------------
Rate : n/a Burst : n/a
-------------------------------------------------------------------------------
DHCP
-------------------------------------------------------------------------------
Description : (Not Specified)
Admin State : Down Lease Populate : 0
DHCP Snooping : Down Action : Keep
Proxy Admin State : Down
Proxy Lease Time : N/A
Emul. Server Addr : Not Configured
-------------------------------------------------------------------------------
Subscriber Management
-------------------------------------------------------------------------------
Admin State : Down MAC DA Hashing : False
Def Sub-Id : None
Def Sub-Profile : None
Def SLA-Profile : None
Def Inter-Dest-Id : None
Sub-Ident-Policy : None
Subscriber Limit : 1
Single-Sub-Parameters
Prof Traffic Only : False
Non-Sub-Traffic : N/A
Static host management
MAC learn options : N/A
-------------------------------------------------------------------------------
Ingress QoS Classifier Usage
-------------------------------------------------------------------------------
Classifiers Allocated: 2 Meters Allocated : 1
Classifiers Used : 1 Meters Used : 1
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Sap Statistics
-------------------------------------------------------------------------------
Packets Octets
Ingress Stats: 319 20416
Egress Stats: 311 19904
Ingress Drop Stats: 0 0
-------------------------------------------------------------------------------
Sap per Meter stats (in/out counter mode)
-------------------------------------------------------------------------------
Packets Octets
Ingress Meter 1
For. InProf : 64 4096
For. OutProf : 255 16320
-------------------------------------------------------------------------------
VPLS Spanning Tree Information
-------------------------------------------------------------------------------
VPLS oper state : Up Core Connectivity : Down
Stp Admin State : Down Stp Oper State : Down
Mode : Rstp Vcp Active Prot. : N/A
Bridge Id : 80:00.ab:8f:80:f8:c0:01 Bridge Instance Id: 0
Bridge Priority : 32768 Tx Hold Count : 6
Topology Change : Inactive Bridge Hello Time : 2
Last Top. Change : 0d 00:00:00 Bridge Max Age : 20
Top. Change Count : 0 Bridge Fwd Delay : 15
Root Bridge : N/A
Primary Bridge : N/A
Root Path Cost : 0 Root Forward Delay: 0
Rcvd Hello Time : 0 Root Max Age : 0
Root Priority : 0 Root Port : N/A
-------------------------------------------------------------------------------
Forwarding Database specifics
-------------------------------------------------------------------------------
Service Id : 1 Mac Move : Disabled
Mac Move Rate : 2 Mac Move Timeout : 10
Mac Move Retries : 3
Table Size : 250 Total Count : 0
Learned Count : 0 Static Count : 0
Host-learned Count: 0 Intf MAC Count : 0
Spb Count : 0 Cond MAC Count : 0
Remote Age : 900 Local Age : 300
High Watermark : 95% Low Watermark : 90%
Mac Learning : Enabled Discard Unknown : Disabled
Mac Aging : Enabled Relearn Only : False
-------------------------------------------------------------------------------
IGMP Snooping Base info
-------------------------------------------------------------------------------
Admin State : Down
Querier : No querier found
-------------------------------------------------------------------------------
Sap Oper MRtr Send Max Max MVR Num
Id Stat Port Qrys Grps Srcs From-VPLS Grps
-------------------------------------------------------------------------------
sap:1/1/7:1 Up No No None None Local 0
sap:1/1/9:1 Up No No None None Local 0
===============================================================================
===============================================================================
-------------------------------------------------------------------------------
WLAN Gateway specifics
-------------------------------------------------------------------------------
Admin State : disabled
Description : (Not Specified)
SAP-template : (Not Specified)
Last management change : (Not Specified)
Not supported on 7210
===============================================================================
===============================================================================
VPLS VXLAN, Ingress VXLAN Network Id: 0
===============================================================================
Egress VTEP, VNI
===============================================================================
VTEP Address Egress VNI Num. MACs Mcast Oper State L2 PBR
-------------------------------------------------------------------------------
No Matching Entries
===============================================================================
-------------------------------------------------------------------------------
Service Endpoints
-------------------------------------------------------------------------------
No Endpoints found.
-------------------------------------------------------------------------------
===============================================================================
VPLS Sites
===============================================================================
Site Site-Id Dest Mesh-SDP Admin Oper Fwdr
-------------------------------------------------------------------------------
No Matching Entries
===============================================================================
===============================================================================
Label |
Description |
---|---|
|
The service identifier. |
|
The number that identifies the VPN. |
|
Specifies the type of service. |
|
The SDP identifier. |
|
Generic information about the service. |
|
The customer identifier. |
|
The date and time of the most recent management-initiated change to this customer. |
|
The number of SAPs specified for this service. |
|
The number of SDPs bound to this service. |
|
Name of the split-horizon group for this service. |
|
Description of the split-horizon group. |
|
The date and time of the most recent management-initiated change to this split-horizon group. |
|
The SDP identifier. |
|
Indicates whether this service SDP binding is a spoke or a mesh. |
|
The desired largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented. |
|
The actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented. |
|
Specifies the type of delivery used by the SDP: MPLS. |
|
The administrative state of this SDP or SAP. |
|
The operational state of this SDP or SAP. |
|
The label used by the far-end device to send packets to this device in this service by this SDP. |
|
The label used by this device to send packets to the far-end device in this service by this SDP. |
|
The ID of the ingress filter policy. |
|
The ID of the egress filter policy. |
|
Specifies the IP address of the remote end of the MPLS tunnel defined by this SDP. |
|
The date and time of the most recent change to this customer. |
|
Specifies how often the SDP echo request messages are transmitted on this SDP. |
|
Specifies the length of the SDP echo request messages transmitted on this SDP. |
|
Specifies the maximum number of consecutive SDP echo request messages that can be unacknowledged before the keepalive protocol reports a fault. |
|
Specifies the amount of time to wait before the keepalive operating status is eligible to enter the alive state. |
|
When the SDP type is MPLS, a list of LSPs used to reach the far-end router displays. All the LSPs in the list must terminate at the IP address specified in the Far End field. |
|
The total number SDPs applied to this service ID. |
|
The service identifier. |
|
The ID of the access port where this SAP is defined. |
|
Generic information about the SAP. |
|
The value of the label used to identify this SAP on the access port. |
|
The administrative state of the SAP. |
|
The operating state of the SAP. |
|
The date and time of the last change. |
|
The desired largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented. |
|
The actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented. |
|
The SAP ingress QoS policy ID. |
|
The SAP egress QoS policy ID. |
|
The SAP ingress filter policy ID. |
|
The SAP egress filter policy ID. |
|
Indicates the multi-service site that the SAP is a member. |
|
Indicates the ingress QoS scheduler for the SAP. |
|
Indicates the egress QoS scheduler for the SAP. |
|
Indicates the accounting policy applied to the SAP. |
|
Specifies whether accounting statistics are collected on the SAP. |
|
The number of packets or octets dropped. |
|
The number of high priority packets, as determined by the SAP ingress QoS policy. |
|
The number of low priority packets, as determined by the SAP ingress QoS policy. |
|
The number of low priority packets, as determined by the SAP ingress QoS policy. |
|
The number of in-profile packets or octets (rate below CIR) forwarded. |
|
The number of out-of-profile packets or octets (rate above CIR) forwarded. |
|
The number of in-profile packets or octets discarded. |
|
The number of out-of-profile packets or octets discarded. |
|
The number of in-profile packets or octets (rate below CIR) forwarded. |
|
The number of out-of-profile packets or octets (rate above CIR) forwarded. |
|
The index of the ingress QoS queue of this SAP. |
|
The packets or octets count of the high priority traffic for the SAP. |
|
The number of high priority traffic packets or octets dropped. |
|
The packets or octets count of the low priority traffic. |
|
The number of low priority traffic packets or octets dropped. |
|
The number of in-profile packets or octets (rate below CIR) forwarded. |
|
The number of out-of-profile octets (rate above CIR) forwarded. |
|
The index of the egress QoS queue of the SAP. |
|
The number of in-profile packets or octets (rate below CIR) forwarded. |
|
The number of in-profile packets or octets dropped for the SAP. |
|
The number of out-of-profile packets or octets (rate above CIR) forwarded. |
|
The number of out-of-profile packets or octets discarded. |
|
Specifies whether DHCP relay is enabled on this SAP. |
|
Specifies whether Option 82 processing is enabled on this SAP. |
|
Specifies the Option 82 processing on this SAP or interface: keep, replace, or drop. |
|
Specifies whether the If Index is inserted in circuit ID suboption of Option 82. |
|
Specifies whether the far-end MAC address is inserted in Remote ID suboption of Option 82. |
|
Specifies the service-id of the management VPLS managing this SAP. |
|
Specifies the MST instance inside the management VPLS managing this SAP. |
|
The bridge ID of the sender of the last BPDU received on this SAP. |
|
Specifies the SAP ID inside the management VPLS managing this SAP. |
|
Specifies the STP state inherited from the management VPLS. |
|
Specifies the service ID of the management VPLS managing this SAP. |
|
The bridge ID of the sender of the last BPDU received on this SAP. |
|
Specifies the SAP ID inside the management VPLS managing this spoke-SDP. |
|
Specifies the STP state inherited from the management VPLS. |
arp
Syntax
arp [ip-address] | [mac ieee-address] | [sap sap-id] | [interface ip-int-name]
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays the ARP table for the VPLS instance. The ARP entries for a subscriber interface are displayed uniquely. Each MAC associated with the subscriber interface child group-interfaces is displayed with each subscriber interface ARP entry for easy lookup.
Parameters
- mac ieee-address
Displays only ARP entries in the ARP table with the specified 48-bit MAC address. The MAC address is in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff, where aa, bb, cc, dd, ee and ff are hexadecimal numbers.
- sap sap-id
Displays SAP information for the specified SAP ID.
- interface
Keyword to specify matching service ARP entries associated with the IP interface.
- ip-address
Specifies the IP address of the interface for which to display matching ARP entries.
- ip-int-name
Specifies the IP interface name for which to display matching ARPs.
Output
Output fields: ARP describes show service ID ARP output fields.
Label |
Description |
---|---|
|
The IP address. |
|
The specified MAC address. |
Type Static — FDB entries created by management. |
|
Learned — Dynamic entries created by the learning process. |
|
Other — Local entries for the IP interfaces created. |
|
|
The age of the ARP entry. |
|
The interface applied to the service. |
|
The SAP ID. |
base
Syntax
base [msap]
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays basic information about the service ID including service type, description, and SAPs.
Output
The following output is an example of basic service ID information, and Output fields: base describes the output fields.
Sample outputA:ALU-7210>config>service>vpls# show service id 700 base
===============================================================================
Service Basic Information
===============================================================================
Service Id : 700 Vpn Id : 0
Service Type : VPLS
Customer Id : 1
Last Status Change: 09/19/2005 16:25:28
Last Mgmt Change : 09/21/2005 14:07:07
Admin State : Down Oper State : Down
SAP Count : 1
Uplink Type: : L2
SAP Type: : Null-star Customer vlan: : n/a
-------------------------------------------------------------------------------
Service Access & Destination Points
-------------------------------------------------------------------------------
Identifier Type AdmMTU OprMTU Adm Opr
-------------------------------------------------------------------------------
sap:1/1/2 null 1514 1514 Up Down
===============================================================================
A:ALU-7210>config>service>vpls#
*A:ALU_SIM2>config>service>vpls# show service id 600 base
===============================================================================
Service Basic Information
===============================================================================
Service Id : 600 Vpn Id : 0
Service Type : uVPLS
Customer Id : 1
Last Status Change: 11/17/2008 00:12:16
Last Mgmt Change : 11/14/2008 03:36:21
Admin State : Up Oper State : Down
SAP Count : 3
Uplink Type: : L2
SAP Type: : Dot1q Customer vlan: : n/a
-------------------------------------------------------------------------------
Service Access & Destination Points
-------------------------------------------------------------------------------
Identifier Type AdmMTU OprMTU Adm Opr
-------------------------------------------------------------------------------
sap:1/1/1:950 q-tag 1518 1518 Down Down
sap:1/1/2:1450 q-tag 1518 1518 Down Down
sap:1/1/3:3000.* qinq 1522 1522 Down Down
===============================================================================
*A:ALU_SIM2>config>service>vpls#
*A:7210SAS-D>show>service# id 15 base
===============================================================================
Service Basic Information
===============================================================================
Service Id : 15 Vpn Id : 0
Service Type : Epipe
Description : (Not Specified)
Customer Id : 40
Last Status Change: 01/01/1970 00:00:14
Last Mgmt Change : 01/11/1970 23:34:24
Admin State : Down Oper State : Down
SAP Count : 1
Uplink Type: : L2
SAP Type: : Any Customer vlan: : n/a
-------------------------------------------------------------------------------
Service Access & Destination Points
-------------------------------------------------------------------------------
Identifier Type AdmMTU OprMTU Adm Opr
-------------------------------------------------------------------------------
sap:1/1/1 null 1514 1514 Up Down
===============================================================================
*A:SAS-D>show>service#
*A:7210SAS# show service id 10 base
===============================================================================
Service Basic Information
===============================================================================
Service Id : 10 Vpn Id : 0
Service Type : VPLS
Name : (Not Specified)
Description : (Not Specified)
Customer Id : 1
Last Status Change: 02/06/2106 06:28:12
Last Mgmt Change : 01/10/1970 01:55:31
Admin State : Down Oper State : Down
MTU : Not Applicable Def. Mesh VC Id : 10
SAP Count : 0
Uplink Type: : L2
SAP Type: : Dot1q Range Customer vlan: : n/a
-------------------------------------------------------------------------------
Service Access & Destination Points
-------------------------------------------------------------------------------
Identifier Type AdmMTU OprMTU Adm Opr
-------------------------------------------------------------------------------
No Matching Entries
======================================================================
*A:7210SAS# show service id 10 base
Label |
Description |
---|---|
Service Id |
The service identifier. |
|
Displays the type of service. |
|
Generic information about the service. |
|
The customer identifier. |
|
The date and time of the most recent management-initiated change to this customer. |
|
The administrative state of the service. |
|
The operational state of the service. |
|
The largest frame size (in octets) that the port can handle. |
|
The largest frame size (in octets) that the SAP can handle. |
|
The number of SAPs defined on the service. |
|
The type of SAPs allowed in the service. It also describes the applied processing by the node to the packets received on these SAPs. |
|
Specifies the service access (SAP). |
|
Specifies the actual largest service frame size (in octets) that can be transmitted through this port, without requiring the packet to be fragmented. |
|
The operating state of the SAP. |
bgp-ad
Syntax
bgp-ad
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command shows BGP AD related information for the service.
Output
The following output is an example of BGP AD information, and Output fields: BGP-AD describes the fields.
Sample output*A:dut-a>show>service# id 5 bgp-ad
-------------------------------------------------------------------------------
BGP Auto-discovery Information
-------------------------------------------------------------------------------
Admin State : Up
Vpls Id : 100:5
Prefix : 1.1.1.1
-------------------------------------------------------------------------------
*A:dut-a>show>service#
Label |
Description |
---|---|
Admin state |
Displays the administrative state. |
VPLS ID |
Displays the VPLS ID. |
Prefix |
Displays the prefix. |
fdb
Syntax
fdb [sap sap-id [expiry]] | [mac ieee-address [expiry]] | [detail] [expiry]
Context
show>service>id
show>service>fdb-mac
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays FDB entries for a specific MAC address.
Parameters
- sap sap-id
Specifies the physical port identifier portion of the SAP. See Common CLI command descriptions for command syntax.
- detail
Displays detailed information.
- expiry
Displays time until the MAC is aged out.
Output
The following output is an example of FDB information, and Output fields: FDB describes the output fields.
Sample outputA:ALU-7210# show service id 1 fdb
===============================================================================
Forwarding Database, Service 1
===============================================================================
Service Id : 1 Mac Move : Disabled
Primary Factor : 3 Secondary Factor : 2
Mac Move Rate : 2 Mac Move Timeout : 10
Mac Move Retries : 3
Table Size : 250 Total Count : 1
Learned Count : 0 Static Count : 0
Host-learned Count: 1
Remote Age : 900 Local Age : 300
High Watermark : 95% Low Watermark : 90%
Mac Learning : Enabled Discard Unknown : Disabled
Mac Aging : Enabled Relearn Only : False
Mac Subnet Len : 48
===============================================================================
A:ALU-7210#
Label |
Description |
---|---|
|
Displays the service ID. |
|
Displays the associated MAC address. |
|
Displays the administrative state of the MAC movement feature associated with this service. |
|
Displays a factor for the primary ports defining how many MAC-relearn periods should be used to measure the MAC-relearn rate. |
|
Displays a factor for the secondary ports defining how many MAC-relearn periods should be used to measure the MAC-relearn rate. |
|
Displays the maximum rate at which MACs can be relearned in this service, before the SAP where the moving MAC was last seen is automatically disabled to protect the system against undetected loops or duplicate MAs. The rate is computed as the maximum number of relearns allowed in a 5 second interval: for example, the default rate of 2 relearns per second corresponds to 10 relearns in a 5 second period. |
|
Displays the time in seconds to wait before a SAP that has been disabled after exceeding the maximum relearn rate is re-enabled. A value of zero indicates that the SAP will not be automatically re-enabled after being disabled. If after the SAP is re-enabled it is disabled again, the effective retry timeout is doubled to avoid thrashing. |
|
Displays the number of times retries are performed for re-enabling the SAP. |
Table Size |
Specifies the maximum number of learned and static entries allowed in the FDB of this service. |
Total Count |
Displays the total number of learned entries in the FDB of this service. |
|
Displays the current number of learned entries in the FDB of this service. |
|
Displays the current number of static entries in the FDB of this service. |
|
Displays the current number of OAM entries in the FDB of this service. |
|
Displays the current number of DHCP-learned entries in the FDB of this service. |
|
Displays the current number of host-learned entries in the FDB of this service. |
|
Displays the number of seconds used to age out FDB entries learned on an SAP. These entries correspond to MAC addresses learned on remote SAPs. |
|
Displays the number of seconds used to age out FDB entries learned on local SAPs. |
|
Displays the utilization of the FDB table of this service at which a table full alarm will be raised by the agent. |
|
Displays the utilization of the FDB table of this service at which a table full alarm will be cleared by the agent. |
|
Specifies whether the MAC learning process is enabled |
|
Specifies whether frames received with an unknown destination MAC are discarded. |
|
Indicates whether the MAC aging process is enabled. |
|
When enabled, displays that either the FDB table of this service is full, or that the maximum system-wide number of MAs supported by the agent has been reached, and therefore MAC learning is temporary disabled, and only MAC relearns can take place. |
|
Displays the number of bits to be considered when performing MAC-learning or MAC-switching. |
|
The location where the MAC is defined. |
|
|
|
|
L — Learned - Dynamic entries created by the learning process. |
|
OAM — Entries created by the OAM process. |
|
H — Host, the entry added by the system for a static configured subscriber host. |
|
D or DHCP — DHCP-installed MAC. Learned addresses can be temporarily frozen by the DHCP snooping application for the duration of a DHCP lease. |
|
P — Indicates the MAC is protected” by the MAC protection feature. |
|
Static — Statically configured. |
|
Last Change |
Indicates the time of the most recent state changes. |
l2pt
Syntax
l2pt disabled
l2pt [detail]
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays Layer 2 Protocol Tunnel (L2-PT) route information associated with this service.
Parameters
- disabled
Displays only entries with termination disabled. This helps identify configuration errors.
- detail
Displays detailed information.
Output
The following output is an example of L2PT information, and Output fields: L2PT describes the output fields.
Sample output*A:7210SAS>show>service# id 1 l2pt detail
===============================================================================
L2pt details, Service id 1
===============================================================================
Service Access Points
-------------------------------------------------------------------------------
SapId L2pt- Admin Bpdu- Oper Bpdu-
termination translation translation
-------------------------------------------------------------------------------
1/1/1 stp cdp vtp dtp pagp udld disabled disabled
-------------------------------------------------------------------------------
Number of SAPs : 1
===============================================================================
===============================================================================
L2pt summary, Service id 1
===============================================================================
L2pt-term L2pt-term Bpdu-trans Bpdu-trans Bpdu-trans Bpdu-trans
enabled disabled auto disabled pvst stp
-------------------------------------------------------------------------------
SAP's 1 0 0 1 0 0
SDP's 0 0 0 0 0 0
-------------------------------------------------------------------------------
Total 1 0 0 1 0 0
===============================================================================
*A:7210SAS>show>service#
Label |
Description |
---|---|
|
Displays the 24 bit (0 to 16777215) service instance identifier for the service. |
|
Indicates if L2-PT-termination or BPDU-translation is in use in this service by at least one SAP or spoke-SDP binding. If in use, at least one of L2PT-termination or BPDU-translation is enabled. When enabled it is not possible to enable STP on this service. |
|
Indicates that L2-PT-termination is disabled. |
|
Specifies the number of L2-PT PDUs are translated before being sent out on a port or SAP. |
|
Indicates that BPDU-translation is disabled. |
|
Displays the number of SAPs with L2PT or BPDU translation enabled or disabled. |
|
Displays the number of SDPs with L2PT or BPDU translation enabled or disabled. |
|
Displays the column totals of L2PT entities. |
|
The ID of the access point where this SAP is defined. |
|
Indicates whether L2pt termination is enabled or disabled. |
|
Specifies whether BPDU translation is administratively enabled or disabled. |
|
Specifies whether BPDU translation is operationally enabled or disabled. |
|
Specifies the SAP ID. |
mac-move
Syntax
mac-move
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays MAC move related information about the service.
mrouters
Syntax
mrouters [detail]
Context
show>service>id>mld-snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays all multicast routers.
sap
Syntax
sap sap-id [sap-id [detail | stp]]
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays information for the SAPs associated with the service.
If no optional parameters are specified, a summary of all associated SAPs is displayed.
Parameters
- sap sap-id
Specifies the ID that displays SAPs for the service in the slot/mda/port[.channel] form. See Common CLI command descriptions for command syntax.
- detail
Displays detailed information for the SAP.
- stp
Displays the STP information of the SAP.
Output
The following output is an example of SAP information, and Output fields: SAP describes the output fields.
Sample output*A:ALU_SIM2>config>service# show service id 1 sap 1/1/3:500.* detail
===============================================================================
Service Access Points(SAP)
===============================================================================
Service Id : 1
SAP : 1/1/3:500.* Encap : qinq
QinQ Dot1p : Default
Dot1Q Ethertype : 0x8100 QinQ Ethertype : 0x8100
Admin State : Up Oper State : Down
Flags : PortOperDown
Last Status Change : 11/17/2008 00:26:56
Last Mgmt Change : 11/14/2008 02:45:15
Loopback Mode : Internal No-svc-port used : 1/1/13
Loopback Src Addr : 00:00:00:22:22:22
Loopback Dst Addr : 00:00:00:11:11:11
Max Nbr of MAC Addr: No Limit Total MAC Addr : 0
Learned MAC Addr : 0 Static MAC Addr : 0
Ingress qos-policy : 1 Egress qos-policy : 1
Shared Q plcy : n/a Multipoint shared : Disabled
Ingr IP Fltr-Id : n/a Egr IP Fltr-Id : n/a
Ingr Mac Fltr-Id : n/a Egr Mac Fltr-Id : n/a
tod-suite : TodResourceUnavail qinq-pbit-marking : both
Egr Agg Rate Limit : max
Mac Learning : Enabled Discard Unkwn Srce: Disabled
Mac Aging : Enabled Mac Pinning : Disabled
L2PT Termination : Disabled BPDU Translation : Disabled
Vlan-translation : None
Acct. Pol : None Collect Stats : Disabled
Anti Spoofing : None Nbr Static Hosts : 0
-------------------------------------------------------------------------------
Stp Service Access Point specifics
-------------------------------------------------------------------------------
Mac Move : Blockable
Stp Admin State : Up Stp Oper State : Up
Core Connectivity : Down
Port Role : Disabled Port State : Discarding
Port Number : 2049 Port Priority : 128
Port Path Cost : 10 Auto Edge : Enabled
Admin Edge : Disabled Oper Edge : False
Link Type : Pt-pt BPDU Encap : Dot1d
Root Guard : Disabled Active Protocol : Rstp
Last BPDU from : N/A
CIST Desig Bridge : This Bridge Designated Port : 34817
Forward transitions: 1 Bad BPDUs rcvd : 0
Cfg BPDUs rcvd : 0 Cfg BPDUs tx : 0
TCN BPDUs rcvd : 0 TCN BPDUs tx : 0
RST BPDUs rcvd : 0 RST BPDUs tx : 124267
MST BPDUs rcvd : 0 MST BPDUs tx : 0
-------------------------------------------------------------------------------
Sap Statistics
-------------------------------------------------------------------------------
Packets
Ingress Packets rcvd: 0
-------------------------------------------------------------------------------
Sap per Meter stats
-------------------------------------------------------------------------------
Packets Octets
Ingress Meter 1 (Unicast)
For. InProf : 0 0
For. OutProf : 0 0
Ingress Meter 11 (Multipoint)
For. InProf : 0 0
For. OutProf : 0 0
===============================================================================
*A:ALU_SIM2>config>service#
*A:PE-A# show service id 10 sap 2/2/5:10 mrp
===============================================================================
Service Access Points(SAP)
===============================================================================
Service Id : 10
SAP : 2/2/5:10 Encap : q-tag
Description : Default sap description for service id 10
Admin State : Up Oper State : Up
Flags : None
Multi Svc Site : None
Last Status Change : 01/16/2008 09:37:57
Last Mgmt Change : 01/16/2008 09:37:41
-------------------------------------------------------------------------------
SAP MRP Information
-------------------------------------------------------------------------------
Join Time : 0.2 secs Leave Time : 1.0 secs
Leave All Time : 10.0 secs Periodic Time : 1.0 secs
Periodic Enabled : false
Rx Pdus : 11 Tx Pdus : 12
Dropped Pdus : 0 Tx Pdus : 12
Rx New Event : 0 Rx Join-In Event : 150
Rx In Event : 10 Rx Join Empty Evt : 10
Rx Empty Event : 10 Rx Leave Event : 0
Tx New Event : 0 Tx Join-In Event : 140
Tx In Event : 0 Tx Join Empty Evt : 20
Tx Empty Event : 10 Tx Leave Event : 0
-------------------------------------------------------------------------------
SAP MMRP Information
-------------------------------------------------------------------------------
MAC Address Registered Declared
-------------------------------------------------------------------------------
01:1e:83:00:00:65 Yes Yes
01:1e:83:00:00:66 Yes Yes
01:1e:83:00:00:67 Yes Yes
01:1e:83:00:00:68 Yes Yes
01:1e:83:00:00:69 Yes Yes
01:1e:83:00:00:6a Yes Yes
01:1e:83:00:00:6b Yes Yes
01:1e:83:00:00:6c Yes Yes
01:1e:83:00:00:6d Yes Yes
01:1e:83:00:00:6e Yes Yes
-------------------------------------------------------------------------------
Number of MACs=10 Registered=10 Declared=10
-------------------------------------------------------------------------------
*A:PE-A#
Label |
Description |
---|---|
|
The service identifier. |
|
The SAP and qtag. |
|
The encapsulation type of the SAP. |
|
Specifies an Ethernet type II Ethertype value. |
|
The administrative state of the SAP. |
|
The operational state of the SAP. |
|
Specifies the conditions that affect the operating status of this SAP. Display output includes: ServiceAdminDown, SapAdminDown, InterfaceAdminDown, PortOperDown, L2OperDown, SapIngressQoSMismatch, SapEgressQoSMismatch,RelearnLimitExceeded, ParentIfAdminDown, NoSapIpipeCeIpAddr, TodResourceUnavail, TodMssResourceUnavail, SapParamMismatch, CemSapNoEcidOrMacAddr, SapIngressNamedPoolMismatch, SapEgressNamedPoolMismatch, NoSapEpipeRingNode. |
|
Specifies the time of the most recent operating status change to this SAP. |
|
Specifies the time of the most recent management-initiated change to this SAP. |
|
The ingress QoS policy ID assigned to the SAP. |
|
The ingress filter policy ID assigned to the SAP. |
|
The egress filter policy ID assigned to the SAP. |
|
The accounting policy ID assigned to the SAP. |
|
Specifies whether collect stats is enabled. |
|
|
|
Specifies the meter ID. |
|
The number of in-profile packets and octets (rate below CIR) forwarded. |
|
The number of out-of-profile packets and octets. (rate above CIR and below PIR) forwarded by the ingress meter. |
|
The profile ID applied to the ingress SAP. |
|
The profile ID applied to the egress SAP. |
|
The indication that OAM cells are being processed. |
|
The AAL-5 encapsulation type. |
|
Displays the Ethernet port loopback mode. |
|
Displays the configured loopback source address. |
|
Displays the configured loopback destination address. |
|
Displays the port ID of the port on which no service is configured. This port is used for the port loop back with MAC swap functionality. |
stp
Syntax
stp [detail]
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays information for the STP instance for the service.
Parameters
- detail
Displays detailed information.
Output
The following output is an example of STP information, and Output fields: STP describes the output fields.
Sample output*A:ALU_SIM2>config>service>vpls>sap# show service id 1 stp
===============================================================================
Stp info, Service 1
===============================================================================
Bridge Id : 00:00.00:45:67:32:10:ab Top. Change Count : 2
Root Bridge : This Bridge Stp Oper State : Up
Primary Bridge : N/A Topology Change : Inactive
Mode : Rstp Last Top. Change : 1d 18:34:36
Vcp Active Prot. : N/A
Root Port : N/A External RPC : 0
===============================================================================
Stp port info
===============================================================================
Sap Id Oper- Port- Port- Port- Oper- Link- Active
State Role State Num Edge Type Prot.
-------------------------------------------------------------------------------
1/1/21:1 Up Designated Forward 2048 True Pt-pt Rstp
lag-1:1.1 Up Designated Forward 2049 False Pt-pt Rstp
lag-2:1.1 Up Designated Forward 2050 False Pt-pt Rstp
===============================================================================
*A:ALU_SIM2>config>service>vpls>sap#
*A:ALU_SIM2>config>service>vpls>sap# show service id 1 stp detail
===============================================================================
Spanning Tree Information
===============================================================================
-------------------------------------------------------------------------------
VPLS Spanning Tree Information
-------------------------------------------------------------------------------
VPLS oper state : Up
Stp Admin State : Up Stp Oper State : Up
Mode : Rstp Vcp Active Prot. : N/A
Bridge Id : 00:00.00:45:67:32:10:ab Bridge Instance Id: 0
Bridge Priority : 0 Tx Hold Count : 6
Topology Change : Inactive Bridge Hello Time : 2
Last Top. Change : 1d 18:35:18 Bridge Max Age : 20
Top. Change Count : 2 Bridge Fwd Delay : 15
Root Bridge : This Bridge
Primary Bridge : N/A
Root Path Cost : 0 Root Forward Delay: 15
Rcvd Hello Time : 2 Root Max Age : 20
Root Priority : 0 Root Port : N/A
-------------------------------------------------------------------------------
Spanning Tree Sap Specifics
-------------------------------------------------------------------------------
SAP Identifier : 1/1/21:1 Stp Admin State : Up
Port Role : Designated Port State : Forwarding
Port Number : 2048 Port Priority : 128
Port Path Cost : 10 Auto Edge : Enabled
Admin Edge : Disabled Oper Edge : True
Link Type : Pt-pt BPDU Encap : Dot1d
Root Guard : Disabled Active Protocol : Rstp
Last BPDU from : N/A
CIST Desig Bridge : This Bridge Designated Port : 34816
Forward transitions: 2 Bad BPDUs rcvd : 0
Cfg BPDUs rcvd : 0 Cfg BPDUs tx : 0
TCN BPDUs rcvd : 0 TCN BPDUs tx : 0
RST BPDUs rcvd : 0 RST BPDUs tx : 79126
MST BPDUs rcvd : 0 MST BPDUs tx : 0
SAP Identifier : lag-1:1.1 Stp Admin State : Up
Port Role : Designated Port State : Forwarding
Port Number : 2049 Port Priority : 128
Port Path Cost : 10 Auto Edge : Enabled
Admin Edge : Disabled Oper Edge : False
Link Type : Pt-pt BPDU Encap : Dot1d
Root Guard : Disabled Active Protocol : Rstp
Last BPDU from : 10:00.00:f3:f0:98:97:00
CIST Desig Bridge : This Bridge Designated Port : 34817
Forward transitions: 1 Bad BPDUs rcvd : 0
Cfg BPDUs rcvd : 0 Cfg BPDUs tx : 0
TCN BPDUs rcvd : 0 TCN BPDUs tx : 0
RST BPDUs rcvd : 5 RST BPDUs tx : 79128
MST BPDUs rcvd : 0 MST BPDUs tx : 0
SAP Identifier : lag-2:1.1 Stp Admin State : Up
Port Role : Designated Port State : Forwarding
Port Number : 2050 Port Priority : 128
Port Path Cost : 10 Auto Edge : Enabled
Admin Edge : Disabled Oper Edge : False
Link Type : Pt-pt BPDU Encap : Dot1d
Root Guard : Disabled Active Protocol : Rstp
Last BPDU from : 20:00.00:e0:b1:99:cb:2a
CIST Desig Bridge : This Bridge Designated Port : 34818
Forward transitions: 1 Bad BPDUs rcvd : 0
Cfg BPDUs rcvd : 0 Cfg BPDUs tx : 0
TCN BPDUs rcvd : 0 TCN BPDUs tx : 0
RST BPDUs rcvd : 6 RST BPDUs tx : 78760
MST BPDUs rcvd : 0 MST BPDUs tx : 0
===============================================================================
*A:ALU_SIM2>config>service>vpls>sap#
Label |
Description |
---|---|
|
Specifies the MAC address used to identify this bridge in the network. |
|
Specifies how fast a bridge changes its state when moving toward the forwarding state. |
|
Specifies the amount of time between the transmission of Configuration BPDUs. |
|
Specifies the maximum age of STP information learned from the network on any port before it is discarded. This is the actual value that this bridge is currently using. |
|
Defines the priority of the STP instance associated with this service. |
|
Specifies whether a topology change is currently in progress. |
|
Specifies the time (in hundredths of a second) since the last time a topology change was detected by the STP instance associated with this service. |
|
Specifies the total number of topology changes detected by the STP instance associated with this service since the management entity was last reset or initialized. |
|
Specifies the bridge identifier of the root of the spanning tree as determined by the STP instance associated with this service. This value is used as the Root Identifier parameter in all configuration BPDUs originated by this node. |
|
Specifies the cost of the path to the root bridge as seen from this bridge. |
|
Specifies how fast the root changes its state when moving toward the forwarding state. |
|
Specifies the amount of time between the transmission of configuration BPDUs. |
|
Specifies the maximum age of STP information learned from the network on any port before it is discarded. |
|
This object specifies the priority of the bridge that is currently selected as root-bridge for the network. |
|
Specifies the port number of the port which provides the lowest cost path from this bridge to the root bridge. |
|
The ID of the access port where this SAP is defined. |
|
Specifies the type of encapsulation used on BPDUs sent out and received on this SAP. |
|
Specifies the value of the port number field which is contained in the least significant 12 bits of the 16-bit port ID associated with this SAP. |
|
Specifies the value of the port priority field which is contained in the most significant 4 bits of the 16-bit port ID associated with this SAP. |
|
Specifies the contribution of this port to the path cost of paths toward the spanning tree root which include this port. |
|
Specifies the port identifier of the port on the designated bridge for this port's segment. |
|
Specifies the bridge identifier of the bridge which this port considers to be the designated bridge for this port's segment. |
mstp-configuration
Syntax
mstp-configuration
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays the MSTP specific configuration data. This command is valid only on a management VPLS.
Output
The following output is an example of MSTP configuration information, and Output Fields: MSTP configuration describes output fields.
Sample outputA:SASD1>show>service>id# stp mst-instance 1
===============================================================================
MSTP specific info for service 1 MSTI 1
===============================================================================
Regional Root : This Bridge Root Port : N/A
Internal RPC : 0 Remaining Hopcount: 20
==================================================================
MSTP port info for MSTI 1
==================================================================
Sap Id Oper- Port- Port- Port- Same
State Role State Num Region
------------------------------------------------------------------
1/1/2:0.* Up Designated Forward 2048 True
1/1/5:0.* Up Alternate Discard 2049 False
1/1/6:0.* Up Master Forward 2050 False
==================================================================
A:SASD1>show>service>id#
Label |
Description |
---|---|
|
Displays the MSTP region name. |
|
Displays the MSTP region revision. |
|
Displays the MSTP maximum hops specified. |
|
Displays the MSTP instance number. |
|
Displays the MSTP priority. |
|
Displays the VLAN range of the MSTP instance. |
dhcp
Syntax
dhcp
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context display DHCP information for the specified service.
statistics
Syntax
statistics [sap sap-id]
statistics [sdp sdp-id:vc-id]
statistics [interface interface-name]
Context
show>service>id>dhcp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Displays DHCP statistics information.
Parameters
- sap sap-id
Specifies the physical port identifier portion of the SAP definition.
- sdp-id
Specifies the SDP identifier.
- interface interface-name
Displays information for the specified IP interface.
Output
The following output is an example of DHCP statistics information, and Output fields: DHCP statistics describes the output fields.
Sample output*A:7210SAS>show>service>id>dhcp# statistics
====================================================================
DHCP Global Statistics, service 1
====================================================================
Rx Packets : 416554
Tx Packets : 206405
Rx Malformed Packets : 0
Rx Untrusted Packets : 0
Client Packets Discarded : 0
Client Packets Relayed : 221099
Client Packets Snooped : 0
Client Packets Proxied (RADIUS) : 0
Client Packets Proxied (Lease-Split) : 0
Server Packets Discarded : 0
Server Packets Relayed : 195455
Server Packets Snooped : 0
DHCP RELEASEs Spoofed : 0
DHCP FORCERENEWs Spoofed : 0
====================================================================
*A:7210SAS>show>service>id>dhcp#
Label |
Description |
---|---|
|
The number of packets received from the DHCP clients. Includes DHCP packets received from both DHCP client and DHCP server. |
|
The number of packets transmitted to the DHCP clients. Includes DHCP packets transmitted from both DHCP client and DHCP server. |
|
The number of corrupted and invalid packets received from the DHCP clients. Includes DHCP packets received from both DHCP client and DHCP server |
|
The number of untrusted packets received from the DHCP clients. In this case, a frame is dropped due to the client sending a DHCP packet with Option 82 filled in before ‟trust” is set under the DHCP interface command. |
|
The number of packets received from the DHCP clients that were discarded. |
|
The number of packets received from the DHCP clients that were forwarded. |
|
The number of packets received from the DHCP clients that were snooped. |
|
The number of packets received from the DHCP server that were discarded. |
|
The number of packets received from the DHCP server that were forwarded. |
|
The number of packets received from the DHCP server that were snooped. |
summary
Syntax
summary [interface interface-name]
Context
show>service>id>dhcp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Displays DHCP configuration summary information.
Parameters
- interface interface-name
Displays information for the specified IP interface.
Output
The following output is an example of DHCP summary information, and Output fields: DHCP summary describes the output fields.
Sample outputA:7210SAS# show service id 1 dhcp summary
DHCP Summary, service 1
=======================================================================
Interface Name Arp Used/ Info Admin
SapId/Sdp Populate Provided Option State
-------------------------------------------------------------------------------
egr_1 No 0/0 Replace Up
i_1 No 0/0 Replace Up
-------------------------------------------------------------------------------
Interfaces: 2
=======================================================================
*A:7210SAS>show>service>id>dhcp#
Label |
Description |
---|---|
|
Name of the router interface. |
|
Specifies whether or not ARP populate is enabled. 7210 SAS does not support ARP populate. |
|
7210 SAS does not maintain lease state. |
|
Indicates whether Option 82 processing is enabled on the interface. |
|
Indicates the administrative state. |
IGMP snooping show commands
igmp-snooping
Syntax
igmp-snooping
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context display IGMP snooping information.
all
Syntax
all
Context
show>service>id>igmp-snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays detailed information for all aspects of IGMP snooping on the VPLS service.
Output
The following output is an example of detailed IGMP snooping information, and Output fields: IGMP snooping all describes the output fields.
Sample output*A:7210-2>show>service>id>snooping# all
===============================================================================
IGMP Snooping info for service 900
===============================================================================
IGMP Snooping Base info
-------------------------------------------------------------------------------
Admin State : Up
Querier : 5.5.5.5 on SAP 1/1/14:100
-------------------------------------------------------------------------------
Sap Oper MRtr Send Max Num Num
Id State Port Queries Groups Groups
-------------------------------------------------------------------------------
sap:1/1/13:100 Up No Disabled No Limit 0
sap:1/1/14:100 Up No Disabled No Limit 0
sap:1/1/17:100 Up No Disabled No Limit 1
sap:1/1/18:100 Up No Disabled No Limit 1
-------------------------------------------------------------------------------
IGMP Snooping Querier info
-------------------------------------------------------------------------------
Sap Id : 1/1/14:100
IP Address : 10.10.10.2
Expires : 254s
Up Time : 0d 00:02:42
Version : 2
General Query Interval : 125s
Query Response Interval : 10.0s
Robust Count : 2
-------------------------------------------------------------------------------
IGMP Snooping Multicast Routers
-------------------------------------------------------------------------------
MRouter Sap Id Up Time Expires Version
-------------------------------------------------------------------------------
10.10.10.2 1/1/14:100 0d 00:02:44 254s 2
-------------------------------------------------------------------------------
Number of mrouters: 1
------------------------------------------------------------------------------
IGMP Snooping Proxy-reporting DB
-------------------------------------------------------------------------------
Group Address Up Time
-------------------------------------------------------------------------------
239.6.6.6 0d 00:02:17
239.9.9.9 0d 00:02:56
-------------------------------------------------------------------------------
Number of groups: 2
-------------------------------------------------------------------------------
IGMP Snooping SAP 1/1/13:100 Port-DB
-------------------------------------------------------------------------------
Group Address Type From-
VPLS Up Time Expires
-------------------------------------------------------------------------------
Number of groups: 0
-------------------------------------------------------------------------------
IGMP Snooping SAP 1/1/14:100 Port-DB
-------------------------------------------------------------------------------
Group Address Type From-
VPLS Up Time Expires
===============================================================================
*A:7210-2>show>service>id>snooping#
Label |
Description |
---|---|
|
The administrative state of the IGMP instance. |
|
Displays the address of the IGMP querier on the IP subnet to which the interface is attached. |
|
Displays the SAP IDs of the service ID. |
|
Displays the operational state of the SAP IDs of the service ID. |
|
Specifies if the port is a multicast router port. |
|
Specifies whether the send-queries command is enabled or disabled. |
|
Specifies the maximum number of multicast groups that can be joined on this SAP. |
|
Specifies MVR from VPLS. |
|
Specifies the actual number of multicast groups that can be joined on this SAP. |
|
Displays the from VPLS drop count. |
|
Displays the to SAP drop count. |
|
Displays the administrative state of MVR. |
|
The MVR policy name. |
mfib
Syntax
mfib [brief]
mfib [group grp-address]
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays the multicast FIB on the VPLS service.
Parameters
- brief
Displays a brief output.
- group grp-address
Displays the multicast FIB for a specific multicast group address.
Output
The following output is an example of multicast FIB information, and Output fields: service MFIB describes the output fields.
Sample output*A:SAS# show service id 1 mfib
===============================================================================
Multicast FIB, Service 1
===============================================================================
Group Address Sap/Sdp Id Svc Id Fwd/Blk
-------------------------------------------------------------------------------
239.4.4.4 sap:1/1/1 Local Fwd
-------------------------------------------------------------------------------
Number of entries: 1
==============================================================================
*A:7210-2# show service id 5 mfib
===============================================================================
Multicast FIB, Service 5
===============================================================================
Source Address Group Address Sap Id Svc Id Fwd/Blk
-------------------------------------------------------------------------------
* 239.5.34.1 sap:lag-1:5.* Local Fwd
10.5.5.1 239.5.34.1 sap:lag-1:5.* Local Blk
sap:lag-2:5.* Local Fwd
* 239.5.34.2 sap:lag-1:5.* Local Fwd
10.5.5.1 239.5.34.2 sap:lag-1:5.* Local Blk
sap:lag-2:5.* Local Fwd
* 239.5.34.3 sap:lag-1:5.* Local Fwd
10.5.5.1 239.5.34.3 sap:lag-1:5.* Local Blk
sap:lag-2:5.* Local Fwd
* 239.5.34.4 sap:lag-1:5.* Local Fwd
10.5.5.1 239.5.34.4 sap:lag-1:5.* Local Blk
sap:lag-2:5.* Local Fwd
* 239.5.34.5 sap:lag-1:5.* Local Fwd
10.5.5.1 239.5.34.5 sap:lag-1:5.* Local Blk
sap:lag-2:5.* Local Fwd
-------------------------------------------------------------------------------
Number of entries: 10
===============================================================================
*A:7210-2
Label |
Description |
---|---|
|
IPv4 multicast group address. |
|
Indicates the SAP to which the corresponding multicast stream will be forwarded or blocked. |
|
Indicates whether the corresponding multicast stream will be blocked or forwarded. |
|
Specifies the number of entries in the MFIB. |
|
Indicates the number of multicast packets forwarded for the corresponding source or group. |
|
Indicates the number of octets forwarded for the corresponding source or group. |
|
Indicates the service to which the corresponding multicast stream will forwarded or blocked. Local means that the multicast stream will be forwarded or blocked to a SAP local to the service. |
mrouters
Syntax
mrouters [detail]
Context
show>service>id>igmp-snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays all multicast routers.
Parameters
- detail
Displays detailed information.
Output
The following output is an example of multicast router information, and Output fields: IGMP-snooping mrouters describes the output fields.
Sample output
*A:7210-2 show service id 3 igmp-snooping mrouters
===============================================================================
IGMP Snooping Multicast Routers for service 3
===============================================================================
MRouter Sap Id Up Time Expires Version
-------------------------------------------------------------------------------
10.20.1.2 lag-2:3.* 0d 02:30:39 197s 3
-------------------------------------------------------------------------------
Number of mrouters: 1
===============================================================================
*A:SNPG-1#
*A:7210-2# show service id 3 igmp-snooping mrouters detail
===============================================================================
IGMP Snooping Multicast Routers for service 3
===============================================================================
-------------------------------------------------------------------------------
MRouter 10.20.1.2
-------------------------------------------------------------------------------
Sap Id : lag-2:3.*
Expires : 181s
Up Time : 0d 02:30:55
Version : 3
General Query Interval : 125s
Query Response Interval : 10.0s
Robust Count : 2
-------------------------------------------------------------------------------
Number of mrouters: 1
===============================================================================
*A:7210-2#
Label |
Description |
---|---|
MRouter |
Specifies the multicast router port. |
Sap/Sdp Id |
Specifies the SAP and SDP ID multicast router ports. |
Up Time |
Displays the length of time the mrouter has been up. |
Expires |
Displays the amount of time left before the query interval expires. |
Version |
Displays the configured version of IGMP running on this interface. |
General Query Interval |
The frequency at which host-query packets are transmitted. |
Query Response Interval |
The time to wait to receive a response to the host-query message from the host. |
Robust Count |
Specifies the value used to calculate several IGMP message intervals. |
Number of Mrouters |
Displays the number of multicast routers. |
mvr
Syntax
mvr
Context
show>service>id>igmp-snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays Multicast VPLS Registration (MVR) information.
port-db
Syntax
port-db sap sap-id [detail]
port-db sap sap-id group grp-ip-address
Context
show>service>id>igmp-snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays information about the IGMP snooping port database for the VPLS service.
Parameters
- group grp-ip-address
Displays the IGMP snooping port database for a specific multicast group address.
- sap sap-id
Displays the IGMP snooping port database for a specific SAP. See Common CLI command descriptions for command syntax.
- group grp-address
Displays IGMP snooping statistics matching the specified group address.
- source ip-address
Displays IGMP snooping statistics matching one particular source within the multicast group.
Output
The following output is an example of IGMP snooping port database information, and Output fields: IGMP snooping port DB describes the output fields.
Sample output*A:7210-2>show>service>id>snooping# port-db sap 1/1/18:100
===============================================================================
IGMP Snooping SAP 1/1/18:100 Port-DB for service 900
===============================================================================
Group Address Type From-VPLS Up Time Expires
-------------------------------------------------------------------------------
239.6.6.6 dynamic local 0d 00:12:35 260s
-------------------------------------------------------------------------------
Number of groups: 1
===============================================================================
*A:7210-2>show>service>id>snooping#
*A:7210-2# show service id 5 igmp-snooping port-db sap lag-1:5.*
===============================================================================
IGMP Snooping SAP lag-1:5.* Port-DB for service 5
===============================================================================
Group Address Mode Type Up Time Expires Num
Src
-------------------------------------------------------------------------------
239.5.34.1 exclude dynamic 0d 00:23:38 216s 1
239.5.34.2 exclude dynamic 0d 00:23:38 216s 1
239.5.34.3 exclude dynamic 0d 00:23:38 216s 1
239.5.34.4 exclude dynamic 0d 00:23:38 216s 1
239.5.34.5 exclude dynamic 0d 00:23:38 216s 1
-------------------------------------------------------------------------------
Number of groups: 5
===============================================================================
*A:7210-2#
*A:7210-2>show>service>id>snooping# port-db sap 1/1/18:100 detail
===============================================================================
IGMP Snooping SAP 1/1/18:100 Port-DB for service 900
-------------------------------------------------------------------------------
IGMP Group 239.6.6.6
-------------------------------------------------------------------------------
Type : dynamic
Up Time : 0d 00:12:39 Expires : 259s
Compat Mode : IGMP Version 2
V1 Host Expires : 0s V2 Host Expires : 259s
-------------------------------------------------------------------------------
Number of groups: 1
===============================================================================
*A:7210-2>show>service>id>snooping#
Label |
Description |
---|---|
|
The IP multicast group address for which this entry contains information. |
|
Specifies the type of membership reports received on the interface for the group. In include mode, reception of packets sent to the specified multicast address is requested only from those IP source addresses listed in the source-list parameter of the IGMP membership report. In exclude mode, reception of packets sent to the specific multicast address is requested from all IP source addresses except those listed in the source-list parameter. |
|
Indicates how this group entry was learned. If this group entry was learned by IGMP, the value is set to dynamic. For statically configured groups, the value is set to static. |
|
Specifies the IGMP mode. This is used so routers are compatible with earlier version routers. IGMPv3 hosts must operate in Version 1 and Version 2 compatibility modes. IGMPv3 hosts must keep state per local interface regarding the compatibility mode of each attached network. A host compatibility mode is determined from the host compatibility mode variable, which can be in one of three states: IGMPv1, IGMPv2 or IGMPv3. This variable is kept per interface and is dependent on the version of general queries heard on that interface as well as the earlier version querier present timers for the interface. |
|
The time remaining until the local router will assume that there are no longer any IGMP Version 1 members on the IP subnet attached to this interface. Upon hearing any IGMPv1 membership report, this value is reset to the group membership timer. While this time remaining is non-zero, the local router ignores any IGMPv2 leave messages for this group that it receives on this interface. |
|
The time remaining until the local router will assume that there are no longer any IGMP Version 2 members on the IP subnet attached to this interface. Upon hearing any IGMPv2 membership report, this value is reset to the group membership timer. While this time remaining is non-zero, the local router ignores any IGMPv3 leave messages for this group that it receives on this interface. |
|
The source address for which this entry contains information. |
|
The time since the source group entry was created. |
|
The amount of time remaining before this entry will be aged out. |
|
Indicates the number of IGMP group and source specific queries received on this SAP. |
|
Indicates whether this entry is on the forward list or block list. |
|
Indicates the number of groups configured for this SAP. |
proxy-db
Syntax
proxy-db [detail]
proxy-db group grp-ip-address
Context
show>service>id>igmp-snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays information about the IGMP snooping proxy reporting database for the VPLS service.
Parameters
- group grp-ip-address
Displays the IGMP snooping proxy reporting database for a specific multicast group address.
Output
The following output is an example of IGMP snooping proxy reporting database information, and Output fields: IGMP snooping proxy-database describes the output fields.
Sample output*A:7210-2 show service id 5 igmp-snooping proxy-db
===============================================================================
IGMP Snooping Proxy-reporting DB for service 5
===============================================================================
Group Address Mode Up Time Num Sources
-------------------------------------------------------------------------------
239.5.34.1 exclude 0d 00:25:54 0
239.5.34.2 exclude 0d 00:25:54 0
239.5.34.3 exclude 0d 00:25:54 0
239.5.34.4 exclude 0d 00:25:54 0
239.5.34.5 exclude 0d 00:25:54 0
-------------------------------------------------------------------------------
Number of groups: 5
===============================================================================
*A:7210-2
*A:7210-2>show>service>id>snooping# proxy-db detail
===============================================================================
IGMP Snooping Proxy-reporting DB for service 900
-------------------------------------------------------------------------------
IGMP Group 239.6.6.6
-------------------------------------------------------------------------------
Up Time : 0d 00:15:17
------------------------------
Source Address Up Time
------------------------------
No sources.
-------------------------------------------------------------------------------
IGMP Group 239.9.9.9
-------------------------------------------------------------------------------
Up Time : 0d 00:15:56
------------------------------
Source Address Up Time
------------------------------
No sources.
-------------------------------------------------------------------------------
Number of groups: 2
===============================================================================
*A:7210-2>show>service>id>snooping#
Label |
Description |
---|---|
|
The IP multicast group address for which this entry contains information. |
|
Specifies the type of membership reports received on the interface for the group. In the include mode, reception of packets sent to the specified multicast address is requested only from those IP source addresses listed in the source-list parameter of the IGMP membership report. |
In the exclude mode, reception of packets sent to the specific multicast address is requested from all IP source addresses except those listed in the source-list parameter. |
|
|
The total operational time in seconds. |
|
Indicates the number of IGMP group and source specific queries received on this interface. |
|
Number of IGMP groups. |
|
The source address for which this entry contains information. |
querier
Syntax
querier
Context
show>service>id>igmp-snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays information about the IGMP snooping queriers for the VPLS service.
Output
The following output is an example of IGMP snooping querier information, and Output fields: IGMP snooping queriers describes the output fields.
Sample output*A:7210-2# show service id 3 igmp-snooping querier
===============================================================================
IGMP Snooping Querier info for service 3
===============================================================================
Sap Id : lag-2:3.*
IP Address : 10.20.1.2
Expires : 226s
Up Time : 0d 02:30:11
Version : 3
General Query Interval : 125s
Query Response Interval : 10.0s
Robust Count : 2
===============================================================================
*A:7210-2#
Label |
Description |
---|---|
|
Specifies the SAP ID of the service. |
|
Specifies the IP address of the querier. |
|
The time left, in seconds, that the query will expire. |
|
The length of time the query has been enabled. |
|
The configured version of IGMP. |
|
The frequency at which host-query packets are transmitted. |
|
The time to wait to receive a response to the host-query message from the host. |
|
Specifies the value used to calculate several IGMP message intervals. |
static
Syntax
static [sap sap-id]
Context
show>service>id>igmp-snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays information about static IGMP snooping source groups for the VPLS service.
Parameters
- sap sap-id
Displays static IGMP snooping source groups for a specific SAP. See Common CLI command descriptions for command syntax.
Output
The following is an example of static IGMP snooping information, and Output fields: IGMP snooping static describes the output fields.
Sample output*A:7210-2# show service id 4093 igmp-snooping static
===============================================================================
IGMP Snooping Static Source Groups for service 4093
===============================================================================
-------------------------------------------------------------------------------
IGMP Snooping Static Source Groups for SAP 1/1/5:4093
-------------------------------------------------------------------------------
Source Group
-------------------------------------------------------------------------------
10.93.93.1 239.93.39.1
10.93.93.1 239.93.39.2
10.93.93.1 239.93.39.3
10.93.93.1 239.93.39.4
10.93.93.1 239.93.39.5
-------------------------------------------------------------------------------
Static (*,G)/(S,G) entries: 5
-------------------------------------------------------------------------------
IGMP Snooping Static Source Groups for SAP lag-3:4093
-------------------------------------------------------------------------------
Source Group
-------------------------------------------------------------------------------
10.93.93.1 239.93.39.1
10.93.93.1 239.93.39.2
10.93.93.1 239.93.39.3
10.93.93.1 239.93.39.4
10.93.93.1 239.93.39.5
-------------------------------------------------------------------------------
Static (*,G)/(S,G) entries: 5
===============================================================================
*A:7210-2#
Label |
Description |
---|---|
|
Displays the IP source address used in IGMP queries. |
|
Displays the static IGMP snooping source groups for a specified SAP. |
statistics
Syntax
statistics [sap sap-id]
Context
show>service>id>igmp-snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays IGMP snooping statistics for the VPLS service.
Parameters
- sap sap-id
Displays IGMP snooping statistics for a specific SAP. See Common CLI command descriptions for command syntax.
Output
The following output is an example of IGMP snooping statistics, and Output fields: IGMP-snooping statistics describes the output fields.
Sample output*A:7210-2# show service id 5 igmp-snooping statistics
===============================================================================
IGMP Snooping Statistics for service 5
===============================================================================
Message Type Received Transmitted Forwarded
-------------------------------------------------------------------------------
General Queries 0 228 0
Group Queries 0 0 0
Group-Source Queries 0 0 0
V1 Reports 0 0 0
V2 Reports 0 0 0
V3 Reports 282 0 0
V2 Leaves 0 0 0
Unknown Type 0 N/A 0
-------------------------------------------------------------------------------
Drop Statistics
-------------------------------------------------------------------------------
Bad Length : 0
Bad IP Checksum : 0
Bad IGMP Checksum : 0
Bad Encoding : 0
No Router Alert : 0
Zero Source IP : 0
Wrong Version : 0
Send Query Cfg Drops : 0
Import Policy Drops : 0
Exceeded Max Num Groups : 0
Exceeded Max Num Sources : 0
===============================================================================
*A:7210-2#
Label |
Description |
---|---|
Message Type |
The column heading for IGMP or MLD snooping messages. |
General Queries |
The number of general query messages received, transmitted, and forwarded. |
Group Queries |
The number of group query messages received, transmitted, and forwarded. |
Group-Source Queries |
The number of group-source query messages received, transmitted, and forwarded. |
V1 Reports |
The number of IGMPv1 or MLDv1 report messages received, transmitted, and forwarded. |
V2 Reports |
The number of IGMPv2 or MLDv2 report messages received, transmitted, and forwarded. |
V3 Reports |
(IGMP only) The number of IGMPv3 report messages received, transmitted, and forwarded. |
V2 Leaves |
(IGMP only) The number of IGMP leave messages received, transmitted, and forwarded. |
Unknown Type |
The number of unknown type messages received, transmitted, and forwarded. |
Drop Statistics |
|
Bad Length |
The number of packets dropped due to bad length. |
Bad IP Checksum |
(IGMP only) The number of packets dropped due to a bad IP checksum. |
Bad IGMP Checksum |
The number of packets dropped due to a bad IGMP checksum. |
Bad Encoding |
The number of packets dropped due to bad encoding. |
No Router Alert |
The number of packets dropped because there was no router alert. |
Zero Source IP |
The number of packets dropped due to a source IP address of 0.0.0.0 or 00:00:00:00:00:00:00:00. |
Wrong Version |
The number of packets dropped due to a wrong version of IGMP or MLD. |
Send Query Cfg Drops |
The number of messages dropped because of send query configuration errors. |
Import Policy Drops |
The number of messages dropped because of import policy. |
Exceeded Max Num Groups |
The number of packets dropped because the maximum number of groups has been exceeded. |
Exceeded Max Num Sources |
The number of packets dropped because the maximum number of sources has been exceeded. |
VPLS clear commands
id
Syntax
id service-id
Context
clear>service
clear>service>statistics
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command clears commands for a specific service.
Parameters
- service-id
Specifies the ID that uniquely identifies a service.
fdb
Syntax
fdb {all | mac ieee-address | sap sap-id]
Context
clear>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command clears FDB entries for the service.
Parameters
- all
Clears all FDB entries.
- mac ieee-address
Clears only FDB entries in the FDB table with the specified 48-bit MAC address. The MAC address can be expressed in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers.
- sap-id
Specifies the physical port identifier portion of the SAP definition. See Common CLI command descriptions for command syntax.
sap
Syntax
sap sap-id {all | counters | stp}
Context
clear>service>statistics
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command clears statistics for the SAP bound to the service.
Parameters
- sap-id
See Common CLI command descriptions for command syntax.
- all
Clears all queue statistics and STP statistics associated with the SAP.
- counters
Clears all queue statistics associated with the SAP.
counters
Syntax
counters
Context
clear>service>statistics>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command clears all traffic queue counters associated with the service ID.
stp
Syntax
stp
Context
clear>service>statistics>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Clears all spanning tree statistics for the service ID.
detected-protocols
Syntax
detected-protocols {all | sap sap-id}
Context
clear>service>id>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
RSTP automatically falls back to STP mode when it receives an STP BPDU. This command forces the system to revert to the default RSTP mode on the SAP.
Parameters
- all
Clears all detected protocol statistics.
- sap-id
Clears the specified lease state SAP information. See Common CLI command descriptions for command syntax.
igmp-snooping
Syntax
igmp-snooping
Context
clear>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context clear IGMP snooping data.
port-db
Syntax
port-db [sap sap-id] [group grp-address]
Context
clear>service>id>igmp-snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command clears the information about the IGMP snooping port database for the VPLS service.
Parameters
- sap sap-id
Clears IGMP snooping statistics matching the specified SAP ID and optional encapsulation value. See Common CLI command descriptions for command syntax.
- group grp-address
Clears IGMP snooping statistics matching the specified group address.
querier
Syntax
querier
Context
clear>service>id>igmp-snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command clears the information about the IGMP snooping queriers for the VPLS service.
statistics
Syntax
statistics { all | sap sap-id}
Context
clear>service>id>snooping
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command clears IGMP snooping statistics.
Parameters
- all
Clears all statistics for the service ID.
- sap sap-id
Clears statistics for the specified SAP ID.
VPLS debug commands
id
Syntax
id service-id
Context
debug>service
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command debugs commands for a specific service.
Parameters
- service-id
Specifeis the ID that uniquely identifies a service.
event-type
Syntax
[no] event-type {config-change | svc-oper-status-change | sap-oper-status-change}
Context
debug>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables a particular debugging event type.
The no form of this command disables the event type debugging.
Parameters
- config-change
Debugs configuration change events.
- svc-oper-status-change
Debugs service operational status changes.
- sap-oper-status-change
Debugs SAP operational status changes.
sap
Syntax
[no] sap sap-id
Context
debug>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables debugging for a particular SAP.
Parameters
- sap-id
Specifies the SAP ID.
stp
Syntax
stp
Context
debug>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables the context for debugging STP.
all-events
Syntax
all-events
Context
debug>service>id>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables STP debugging for all events.
bpdu
Syntax
[no] bpdu
Context
debug>service>id>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables STP debugging for received and transmitted BPDUs.
exception
Syntax
[no] exception
Context
debug>service>id>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables STP debugging for exceptions.
fsm-state-changes
Syntax
[no] fsm-state-changes
Context
debug>service>id>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables STP debugging for FSM state changes.
fsm-timers
Syntax
[no] fsm-timers
Context
debug>service>id>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables STP debugging for FSM timer changes.
port-role
Syntax
[no] port-role
Context
debug>service>id>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables STP debugging for changes in port roles.
port-state
Syntax
[no] port-state
Context
debug>service>id>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables STP debugging for port states.
sap
Syntax
[no] sap sap-id
Context
debug>service>id>stp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables STP debugging for a specific SAP.
Parameters
- sap-id
Specifies the physical port identifier portion of the SAP definition. See Common CLI command descriptions for command syntax.