Beruflich Dokumente
Kultur Dokumente
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
OL-16147-20
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The following information is for FCC compliance of Class A devices: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant
to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial
environment. This equipment generates, uses, and can radiate radio-frequency energy and, if not installed and used in accordance with the instruction manual, may cause
harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference, in which case users will be required
to correct the interference at their own expense.
The following information is for FCC compliance of Class B devices: The equipment described in this manual generates and may radiate radio-frequency energy. If it is not
installed in accordance with Ciscos installation instructions, it may cause interference with radio and television reception. This equipment has been tested and found to
comply with the limits for a Class B digital device in accordance with the specifications in part 15 of the FCC rules. These specifications are designed to provide reasonable
protection against such interference in a residential installation. However, there is no guarantee that interference will not occur in a particular installation.
Modifying the equipment without Ciscos written authorization may result in the equipment no longer complying with FCC requirements for Class A or Class B digital
devices. In that event, your right to use the equipment may be limited by FCC regulations, and you may be required to correct any interference to radio or television
communications at your own expense.
You can determine whether your equipment is causing interference by turning it off. If the interference stops, it was probably caused by the Cisco equipment or one of its
peripheral devices. If the equipment causes interference to radio or television reception, try to correct the interference by using one or more of the following measures:
Turn the television or radio antenna until the interference stops.
Move the equipment to one side or the other of the television or radio.
Move the equipment farther away from the television or radio.
Plug the equipment into an outlet that is on a different circuit from the television or radio. (That is, make certain the equipment and the television or radio are on circuits
controlled by different circuit breakers or fuses.)
Modifications to this product not authorized by Cisco Systems, Inc. could void the FCC approval and negate your authority to operate the product.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCBs public
domain version of the UNIX operating system. All rights reserved. Copyright 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED AS IS WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF
DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this
URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership
relationship between Cisco and any other company. (1110R)
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
2008-12, Cisco Systems, Inc.
All rights reserved.
C O N T E N T S
Preface
xi
Objectives
xi
xii
xxi
xxiii
CHAPTER
Overview
xxiv
1-1
1-1
1-1
Finding Support Information for Platforms and Cisco IOS Software Images
Cisco 7600 Series ES+ Line Card Restrictions
Supported MIBs
CHAPTER
1-2
1-2
1-2
Configuring the Cisco 7600 Series Ethernet Services ES+ Line Card
Required Configuration Tasks
2-1
2-1
Identifying Slots and Subslots for the Cisco 7600 Series Ethernet Services Plus Line Card
Displaying the Cisco 7600 Series Ethernet Services Plus Line Card Type
Resetting a Cisco 7600 Series Ethernet Services Plus Line Card
SFP-GE-T Support
CHAPTER
2-2
2-3
2-3
3-1
ISSU Support for Cisco 7600 Series Ethernet Services Plus Line Card
CHAPTER
2-2
3-1
4-1
4-7
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
iii
Contents
Verification
4-16
4-24
Configuring MultiPoint Bridging over Ethernet on Cisco 7600 Series ES+ Line Cards
Restrictions and Usage Guidelines 4-34
Examples 4-36
Verification 4-38
4-33
4-49
4-53
4-61
4-64
4-65
4-70
4-71
4-75
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
iv
OL-16147-20
Contents
4-93
4-119
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
Contents
Verification
4-122
4-125
4-132
4-138
4-143
4-175
4-181
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
vi
OL-16147-20
Contents
4-182
4-200
4-269
4-283
4-325
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
vii
Contents
4-337
4-365
4-365
4-370
viii
OL-16147-20
Contents
CHAPTER
5-1
IGMP Snooping for VPLS Pseudowire on Cisco 7600 Series Ethernet Services Plus Line Cards
IP and PPPoE Session Coexistence with Multicast
Restrictions and Usage Guidelines 5-4
Verification 5-8
Troubleshooting
5-4
5-9
CHAPTER
5-1
5-11
6-1
6-1
6-12
6-14
6-23
6-63
6-70
6-71
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
ix
Contents
CHAPTER
Configuring QoS
6-77
7-1
7-3
7-7
7-8
7-22
7-26
7-21
7-30
7-44
Configuring PFC QoS on a Cisco 7600 Series Ethernet Services Plus Line Card 7-47
PFC QoS on a Cisco 7600 Series Ethernet Services Plus Line Card Configuration Guidelines
Configuring Hierarchical QoS
Examples 7-50
7-48
7-48
7-58
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
Contents
7-65
7-67
7-75
7-82
7-89
Examples 7-90
Verification 7-92
Troubleshooting Egress QoS Scheduling on a Port Channel Interface
Layer 2 and Layer 3 QoS ACL Classification for EVC 7-93
Restrictions and Usage Guidelines 7-93
Configuring Layer 2 and Layer 3 QoS ACL Classification
Examples 7-95
Verification 7-96
7-75
7-92
7-94
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
xi
Contents
7-96
CHAPTER
Troubleshooting
7-100
8-1
8-2
8-3
Preparing for Online Insertion and Removal of Cisco 7600 Series ES+ Line Card 8-3
Preparing for Online Removal of a Cisco 7600 Series ES+ Line Card 8-4
Verifying Deactivation and Activation of a Cisco 7600 Series ES+ Line Card 8-5
Deactivation and Activation Configuration Examples 8-6
Line Card Online Diagnostics
Onboard Failure Logging
8-7
8-7
CHAPTER
8-7
9-1
10
Configuring IPoDWDM
9-5
9-6
CHAPTER
9-2
9-12
10-1
10-1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
xii
OL-16147-20
Contents
10-17
10-28
CHAPTER
11
CHAPTER
12
Network Clocking on Cisco 7600 Series Ethernet Services Plus Line Cards
Contents
12-1
12-1
CHAPTER
13
12-1
12-5
12-8
13-1
13-1
13-6
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
xiii
Contents
13-10
13-34
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
xiv
OL-16147-20
Preface
This preface describes the objectives and organization of this document and explains how to find
additional information on related products and services. This preface contains the following sections:
Objectives, page xi
Objectives
This document describes the Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services
PlusT (ES+T) line cards that are supported on the Cisco 7600 series routers. This document also
describes how to configure line card-specific features for the Cisco 7600 Series ES+ and ES+T line card
and how to troubleshoot the installation.
Note
The information provided in this chapter is applicable to both the ES+ and ES+T line cards unless
specified otherwise.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
xi
Preface
Document Revision History
Release No.
Revision
Date
Change Summary
15.2(2)S
OL-16147-20
March 2012
15.1(3)S2
OL-16147-19
December 2011
15.2(1)S
OL-16147-18
November 2011
Pseudo-Multichassis LACP
(p-mLACP) IGMP Snooping State
Synchronization section on page 4-71
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
xii
OL-16147-20
Preface
Document Revision History
Table 1
15.1(3)S1
OL-16147-17
September 2011
15.1(3)S
OL-16147-16
July 2011
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
xiii
Preface
Document Revision History
Table 1
15.0(1)S4
OL-16147-15
15.1(2)S1
OL-16147-14
12.2(33)SRE4 OL-16147-13
July 2011
June 2011
May 2011
15.1(1)S2
OL-16147-12
April 2011
15.1(2)S
OL-16147-11
April 2011
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
xiv
OL-16147-20
Preface
Document Revision History
Table 1
15.1(2)S
OL-16147-11
15.1(1)S
OL-16147-10
March 2011
November 2010
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
xv
Preface
Document Revision History
Table 1
15.1(1)S
OL-16147-10
November 2010
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
xvi
OL-16147-20
Preface
Document Revision History
Table 1
12.2(33)SRD5 OL-16147-09
12.2(33)SRE2 OL-16147-08
September 2010
August 2010
15.0(1)S
OL-16147-07
July 2010
port queueing
Layer 2 Port-channel interface
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
xvii
Preface
Document Revision History
Table 1
15.0(1)S
OL-16147-07
15.0(1)S
15.0(1)S
OL-16147-07
OL-16147-07
July 2010
July 2010
July 2010
12.2(33)SRE1 OL-16147-06
May 2010
12.2(33)SRE1 OL-16147-06
April 2010
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
xviii
OL-16147-20
Preface
Document Revision History
Table 1
12.2(33)SRE1 OL-16147-06
April 2010
12.2(33)SRE1 OL-16147-06
April 2010
12.2(33)SRD4 OL-16147-05
March 2010
12.2(33)SRD4 OL-16147-05
February 2010
12.2(33)SRD4 OL-16147-05
February 2010
12.2(33)SRE
OL-16147-04
February 2010
12.2(33)SRE
OL-16147-04
February 2010
12.2(33)SRE
OL-16147-04
January 2009
12.2(33)SRE
OL-16147-04
December, 2009
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
xix
Preface
Document Revision History
Table 1
12.2(33)SRE
OL-16147-04
12.2(33)SRD3 OL-16147-03
November, 2009
Troubleshooting
Troubleshooting
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
xx
OL-16147-20
Preface
Organization
Table 1
12.2(33)SRD1 OL-116147-02
12.2(33)SRD
EVC on Port-Channel
Organization
This document contains the following chapters:
Section
Title
Chapter 1
Overview
Chapter 2
Configuring the Cisco 7600 Series Ethernet Services ES+ Line Card
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Chapter 7
Configuring QoS
Chapter 8
Troubleshooting
Chapter 9
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
xxi
Preface
Related Documentation
Related Documentation
This section refers you to other documentation that also might be useful as you configure your
Cisco 7600 series router. The documentation listed below is available online.
Cisco 7600 Series Ethernet Services Plus Line Card Hardware Installation Guide
An overview of the Cisco 7600 series router features, benefits, and applications can be found in the
Cisco 7600 Series Internet Router Essentials document located at the following URL:
http://www.cisco.com/en/US/products/hw/routers/ps368/products_quick_start09186a0080092248.html
Some of the following other Cisco 7600 series router publications might be useful to you as you
configure your Cisco 7600 series router.
Several other publications are also related to the Cisco 7600 series router. For a complete reference of
related documentation, refer to the Cisco 7600 Series Routers Documentation Roadmap located at the
following URL:
http://www.cisco.com/en/US/products/hw/routers/ps368/products_documentation_roadmaps_list.html
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
xxii
OL-16147-20
Preface
Document Conventions
Document Conventions
Within the Cisco 7600 Series ES+ line card software configuration guide, the term router is generally
used to refer to a variety of Cisco products (for example, routers, access servers, and switches). Routers,
access servers, and other networking devices that support Cisco IOS software are shown interchangeably
within examples. These products are used only for illustrative purposes; that is, an example that shows
one product does not necessarily indicate that other products are not supported.
This documentation uses the following conventions:
Convention
Description
^ or Ctrl
The ^ and Ctrl symbols represent the Control key. For example, the key combination ^D or Ctrl-D
means hold down the Control key while you press the D key. Keys are indicated in capital letters but
are not case sensitive.
string
A string is a nonquoted set of characters shown in italics. For example, when setting an SNMP
community string to public, do not use quotation marks around the string or the string will include the
quotation marks.
Command syntax descriptions use the following conventions:
Convention
Description
bold
Bold text indicates commands and keywords that you enter exactly as shown.
italics
[x]
A vertical line indicates a choice within an optional or required set of keywords or arguments.
[x | y]
Square brackets enclosing keywords or arguments separated by a vertical line indicate an optional
choice.
{x | y}
Braces enclosing keywords or arguments separated by a vertical line indicate a required choice.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
xxiii
Preface
Obtaining Documentation and Submitting a Service Request
Nested sets of square brackets or braces indicate optional or required choices within optional or required
elements. For example:
Convention
Description
[x {y | z}]
Braces and a vertical line within square brackets indicate a required choice within an optional element.
Examples use the following conventions:
Convention
Description
screen
bold screen
Examples of text that you must enter are set in Courier bold font.
<
Angle brackets enclose text that is not printed to the screen, such as passwords.
>
!
[
An exclamation point at the beginning of a line indicates a comment line. (Exclamation points are also
displayed by the Cisco IOS software for certain processes.)
]
Caution
Means reader be careful. In this situation, you might do something that could result in equipment
damage or loss of data.
Note
Means reader take note. Notes contain helpful suggestions or references to materials that may not be
contained in this manual.
Tip
Means the following information will help you solve a problem. The tips information might not be
troubleshooting or even an action, but could be useful information, similar to a Timesaver.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
xxiv
OL-16147-20
CH A P T E R
Overview
This chapter contains the following sections:
Finding Support Information for Platforms and Cisco IOS Software Images, page 1-2
Note
The information provided in this chapter is applicable to both the ES+ and ES+T line cards unless
specified otherwise.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
1-1
Chapter 1
Overview
Finding Support Information for Platforms and Cisco IOS Software Images
Supported MIBs
The following MIBs are supported in Cisco IOS Release 12.2SRB and later for the Cisco 7600 Series
ES+ line card on a Cisco 7600 series router:
CISCO-ENTITY-ASSET-MIB
CISCO-ENTITY-EXT-MIB
CISCO-ENTITY-FRU-CONTROL-MIB
ENTITY-MIB
OLD-CISCO-CHASSIS-MIB
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
1-2
OL-16147-20
Chapter 1
Overview
Supported MIBs
EVC MIB
CISCO-PORT-STORM-CONTROL-MIB
For more information about MIB support on a Cisco 7600 series router, refer to the Cisco 7600 Series
Internet Router MIB Specifications Guide, at the following URL:
http://www.cisco.com/en/US/docs/routers/7600/technical_references/7600_mib_guides/MIB_Guide_v
er_6/mibgde6.html
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use
Cisco MIB Locator found at the following URL:
http://tools.cisco.com/ITDIT/MIBS/servlet/index
If Cisco MIB Locator does not support the MIB information that you need, you can also obtain a list of
supported MIBs and download MIBs from the Cisco MIBs page at the following URL:
http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml
To access Cisco MIB Locator, you must have an account on Cisco.com. If you have forgotten or lost your
account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify
that your e-mail address is registered with Cisco.com. If the check is successful, account details with a
new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com
by following the directions found at this URL:
https://tools.cisco.com/RPF/register/register.do
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
1-3
Chapter 1
Overview
Supported MIBs
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
1-4
OL-16147-20
CH A P T E R
Identifying Slots and Subslots for the Cisco 7600 Series Ethernet Services Plus Line Card, page 2-2
Displaying the Cisco 7600 Series Ethernet Services Plus Line Card Type, page 2-2
Resetting a Cisco 7600 Series Ethernet Services Plus Line Card, page 2-3
For information about managing your system images and configuration files, refer to the Cisco IOS
Configuration Fundamentals Configuration Guide and Cisco IOS Configuration Fundamentals
Command Reference publications that correspond to your Cisco IOS software release.
For more information about the commands used in this chapter, see the Cisco IOS Release 12.2 SR
Command References at
http://www.cisco.com/en/US/products/ps6922/prod_command_reference_list.html.
Also refer to the related Cisco IOS software command reference and master index publications. For more
information about accessing these publications, see Related Documentation, page -xxii.
Note
The information provided in this chapter is applicable to both the ES+ and ES+T line cards unless
specified otherwise.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
2-1
Chapter 2 Configuring the Cisco 7600 Series Ethernet Services ES+ Line Card
Identifying Slots and Subslots for the Cisco 7600 Series Ethernet Services Plus Line Card
Identifying Slots and Subslots for the Cisco 7600 Series Ethernet
Services Plus Line Card
For information on how to specify the physical locations of a Cisco 7600 Series ES+ line card on the
Cisco 7600 series routers, see Specifying the Slot Location for a Cisco 7600 Cisco 7600 Series Plus Line
Cards, in the Cisco 7600 Series Ethernet Services Plus Line Card Hardware Installation Guide.
The following example shows output from the show idprom command for a Cisco 7600 Series ES+ line
card installed in slot 8 of the router:
Router# show idprom module 8
IDPROM for module #8
(FRU is '7600 ES+')
OEM String = 'Cisco Systems'
Product Number = '7600-ES+40G3CXL'
Serial Number = 'JAB1122026E'
Manufacturing Assembly Number = '73-10984-01'
Manufacturing Assembly Revision = '10'
Hardware Revision = 0.118
Current supplied (+) or consumed (-) = -4.17A
Router#
The following example shows sample output from the show running-config interface command to
verify that the newly created interface appears in the running configuration:
Router# show running-config interface GE 2/1
Building configuration...
Current configuration : 85 bytes
!
interface GE 2/1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
2-2
OL-16147-20
Chapter 2
Configuring the Cisco 7600 Series Ethernet Services ES+ Line Card
Resetting a Cisco 7600 Series Ethernet Services Plus Line Card
no ip address
no ip directed-broadcast
shutdown
end
Purpose
SFP-GE-T Support
The SFP-GE-T on the Cisco 7600-ES+ line card supports speeds of 10 Mbps, 100 Mbps, and 1000 Mbps.
You can configure the speed using the speed command. Only full-duplex mode is supported.
You can configure each Ethernet interface independently using any combination of 10 Mbps, 100 Mbps,
or 1000 Mbps.
To set the interface speed, use the following command in the interface configuration mode.
Command
Purpose
Example:
Router(config-if)# speed 10
Effective from Releases 12.2(33)SRE5, 15.1(3)S1, and 15.2(1)S, auto-negotiation is supported on ES+
cards. Use the speed auto command to configure the auto-negotiation. Remember that, this feature
negotiates only speed. Speeds of 10 Mbps, 100 Mbps, and 1000 Mbps are negotiated if the remote end
support auto-negotiation. By default, the mode is 1G non-auto.
Note
Because auto-negotiation of duplex mode is not supported, you must manually configure the remote port
for full-duplex mode.
To set the auto-negotiation, use the following command in the interface configuration mode:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
2-3
Chapter 2
Configuring the Cisco 7600 Series Ethernet Services ES+ Line Card
SFP-GE-T Support
Command
Purpose
Example:
Router(config-if)# speed auto
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
2-4
OL-16147-20
CH A P T E R
Note
The information provided in this chapter is applicable to both the ES+ and ES+T line cards unless
specified otherwise.
ISSU Support for Cisco 7600 Series Ethernet Services Plus Line
Card
The Cisco 7600 Series ES+ line card supports In-Service Software Upgrade (ISSU) with Enhanced Fast
Software Upgrade (eFSU). ISSU allows for the upgrade and downgrade of Cisco IOS images at different
release levels on the active and standby supervisors. ISSU procedure also applies to upgrade and
downgrade of line card images. A new line card image is loaded, as necessary, when the supervisor
engine software is upgraded or downgraded.
For information, see the Cisco 7600 Series Cisco IOS Software Configuration Guide, 15.0SR at:
http://www.cisco.com/en/US/docs/routers/7600/ios/15S/configuration/guide/7600_15_0s_book.html
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
3-1
Chapter 3
ISSU Support for Cisco 7600 Series Ethernet Services Plus Line Card
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
3-2
OL-16147-20
CH A P T E R
Configuring MultiPoint Bridging over Ethernet on Cisco 7600 Series ES+ Line Cards, page 4-33
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-1
Chapter 4
For more information about the commands used in this chapter, see the Cisco IOS Release 12.2 SR
Command References at
http://www.cisco.com/en/US/products/ps6922/prod_command_reference_list.html.
Note
The information provided in this chapter is applicable to both the ES+ and ES+T line cards unless
specified otherwise.
Note
Table 4-1
SSM/QL support
Tx Port
Rx Port
T1
T1 ESF
Yes
Yes
Yes
T1
T1 SF
No
Yes
Yes
E1
E1 CRC4
Yes
Yes
Yes
E1
E1 FAS
No
Yes
Yes
E1
E1 CAS
No
No
Yes
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-2
OL-16147-20
Chapter 4
SSM/QL support
Tx Port
Rx Port
E1
E1 CAS CRC4
Yes
No
Yes
2048kHz
2048kHz
No
Yes
Yes
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-3
Chapter 4
Table 4-2 lists the External Timing Input and Output Pinouts:
Note
Pin
Signal
Rx Ring
Not used
Tx Ring
Not used
Not used
Not used
Image
H11419
Table 4-2
The pin out for BITS port on ES+ is similar to E1 and T1.
You can implement SyncE on an ES+ card with four different configurations:
Clock Recovery from SyncE: System clock is recovered from the SyncE clocking source (gigabit
and ten gigabit interfaces only). Router uses this clock as the Tx clock for other SyncE interfaces or
ATM/CEoP interfaces.
Clock Recovery from External Interface: System clock is recovered from a BITS clocking source.
Line to External: The clock received from an Ethernet is forwarded to an external SSU. The SynE
feature provides the functionality for clock cleanup. For a router in the middle of synchronization
chain, the received clock may have unacceptable wander and jitter. The router recovers the clock
from the SyncE interface, converts it to the format required for the BITS interface, and sends to a
SSU through the BITS port. The SSU performs the cleanup and sends it back to the BITs interface.
The cleaned up clock is received back from the SSU. This clock is used as Tx clock for the SyncE
ports. For 7600 router, the interface from which the clock is recovered and the BITS port to the SSU
should reside on the same ES+ card.
System to External: The system clock is used as Tx clock for an external interface. By default the
system clock is not transmitted on the external interface.
The SyncE enabled ES+ line card provides the squelching functionality, where an Alarm indication
Signal (AIS) is sent to the Tx interfaces if the clock source goes down. The squelching functionality is
implemented in two cases:
Line to external: If the line source goes down, an AIS is transmitted on the external interface to the
SSU.
System to external: If the router loses all the clock sources, an AIS is sent on the external interface
to the SSU.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-4
OL-16147-20
Chapter 4
You can have a maximum of six clock sources for a 7600 Router and a maximum of 4 clock sources on
an ES+ card. The clock source with highest priority is made the default clock source. You can manage
the clock sources on an ES+ card by changing the priority of the clock sources. You can also manage the
synchronization on ES+ cards using the following management options:
Hold-of Time: If a clock source goes down, the router waits for a specific hold-off time before
removing the source. By default, the value of hold-of time is 300 ms.
Wait to Restore: If a SyncE interface comes up, the router waits for a specific period of time before
considering the SyncE interface for synchronization source. By default, the value is 300 sec.
Force Switch: Forcefully select a synchronization source irrespective of whether the source is
available or within the specified range.
Manual Switch: Forcefully select a synchronization source provided the source is available and
within the range.
Ensures that a node derives timing from the most reliable clock source.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-5
Chapter 4
The clock selection process works in the QL enabled and QL disabled modes. When multiple selection
processes are present in a network element, all processes work in the same mode.
QL-enabled mode
In QL-enabled mode, the following parameters contribute to the selection process:
Quality level
Priority
External commands.
If no external commands are active, the algorithm selects the reference (for clock selection) with the
highest quality level that does not experience a signal fail condition. If multiple inputs have the same
highest quality level, the input with the highest priority is selected. For multiple inputs having the same
highest priority and quality level, the existing reference is maintained (if it belongs to this group),
otherwise an arbitrary reference from this group is selected.
QL-disabled mode
In QL-disabled mode, the following parameters contribute to the selection process:
Signal failure
Priority
External commands
If no external commands are active, the algorithm selects the reference (for clock selection) with the
highest priority that does not experience a signal fail condition. For multiple inputs having the same
highest priority, the existing reference is maintained (if it belongs to this group), otherwise an arbitrary
reference from this group is selected.
Hybrid mode
The SyncE feature requires that each network element along the synchronization path needs to support
SyncE. Timing over Packet (ToP) enables transfer of timing over an asynchronous network. The hybrid
mode uses the clock derived from 1588 (PTP) to drive the system clock. This is achieved by configuring
the Timing over Packet (ToP) interface on the PTP slave as the input source.
Note
The ToP interface does not support QL and works only in the QL-disabled mode.
The ES+ is a family of fixed-port SyncE line cards supporting 20 and 40 gbps bandwidth for the 7600
series routers. The following ES+ cards support SyncE:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-6
OL-16147-20
Chapter 4
If the network clock algorithm is enabled, all the ES+ cards on the router use the system clock as Tx
clock (synchronous mode) for its ethernet interfaces. You cannot change the synchronous mode on
a per interface basis for the line card. The whole line cards functions in the same mode.
On an ES+ card, you can have a maximum of 4 ports configured as clock source at a time.
For a 20x1 gigabit ES+ line card, you can select a maximum of two ports from each NPU.
For a 40x1 gigabit ES+ line card, you can select only one port from each NPU.
You can configure a maximum of 6 ports as a clock source for a Cisco 7600 router.
The line to external for clock clean up is supported only if the line interface and the external (BITS)
interface are on the same ES+ line card.
SyncE feature is SSO co-existent, but not compliant. The clock selection algorithm is restarted on a
switchover. During the switchover the router goes into hold-over mode.
The ES+ SyncE interfaces in WAN mode cannot be used for QL-enabled clock selection. You should
either use them with the system in QL disabled mode or disable ESMC on the interfaces and use
them as QL-disabled interfaces.
It is recommended that you do not configure multiple input sources with the same priority as this
impacts the TSM switching delay.
You cannot implement the network-clock based clock selection algorithm and the new algorithm
simultaneously. Both these algorithms are mutually exclusive.
SyncE is not supported on 1 Gigabit Ethernet copper SFPs (SFP GE-T and GLC-T).
Configuring Synchronous Ethernet on the Cisco 7600 Router with ES+ Line Card
This section describes how to configure SyncE for Cisco 7600 Router. SyncE is implemented on Cisco
7600 router using four different configurations:
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
7.
synchronous mode
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-7
Chapter 4
8.
exit
9.
10. exit
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# network-clock synchronization automatic
Step 4
Example:
Router(config)# network-clock synchronization ssm option 2 GEN1
Step 5
Example:
Router(config)# int gig 5/1
Step 6
Example:
Router(config-if)# clock source line
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-8
OL-16147-20
Chapter 4
Step 7
Command
Purpose
synchronous mode
Example:
Router(config-if)# synchronous mode
Step 8
exit
Example:
Router(config)# exit
Step 9
Example:
Router(config)# network-clock input-source 1 interface
TenGigabitEthernet7/1
Step 10
exit
Example:
Router(config)# exit
Examples
This example shows how to configure clock recovery from SyncE for Cisco 7600 Routers:
Router>enable
Router# configure terminal
Router(config)# network-clock synchronization automatic
Router(config)# network-clock synchronization ssm option 2 GEN1
Router(config)# int gig 5/1
Router(config-if)# clock source line
Router(config-if)# synchronous mode
Router(config)# exit
Router(config)# network-clock input-source 1 interface TenGigabitEthernet7/1
Router(config)# exit
SUMMARY STEPS
1.
enable
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-9
Chapter 4
2.
configure terminal
3.
4.
5.
6.
exit
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# network-clock synchronization automatic
Step 4
Example:
Router(config)# network-clock synchronization ssm option 2 GEN1
Step 5
Example:
Router(config-if-srv)# network-clock
input-source 1 External 7/0/0 t1 sf
Step 6
exit
Example:
Router(config)# exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-10
OL-16147-20
Chapter 4
Examples
This example shows how to configure clock recovery from BITS port for Cisco 7600 Routers:
Router>enable
Router# configure terminal
Router(config)# network-clock synchronization automatic
Router(config)# network-clock synchronization ssm option 2 GEN1
Router(config)# network-clock input-source 1 External 7/0/0 t1 sf
Router(config)# exit
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
exit
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# network-clock synchronization automatic
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-11
Chapter 4
Step 4
Command
Purpose
Example:
Router(config)# network-clock synchronization ssm option 2 GEN1
Step 5
Example:
Router(config)# network-clock output-source system 1 external 4/0/0 t1
sf
Step 6
exit
Example:
Router(config)# exit
Examples
This example shows how to configure system to external clocking for Cisco 7600 Routers:
Router>enable
Router# configure terminal
Router(config)# network-clock synchronization automatic
Router(config)# network-clock synchronization ssm option 2 GEN1
Router(config)# network-clock input-source 1 External 7/0/0 t1 sf
Router(config)# exit
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-12
OL-16147-20
Chapter 4
5.
6.
7.
synchronous mode
8.
exit
9.
10. exit
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# network-clock synchronization automatic
Step 4
Example:
Router(config)# network-clock synchronization ssm option 2 GEN1
Step 5
Example:
Router(config)# int gig 5/1
Step 6
Example:
Router(config-if)# clock source line
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-13
Chapter 4
Step 7
Command
Purpose
synchronous mode
Example:
Router(config-if)# synchronous mode
Step 8
exit
Example:
Router(config)# exit
Step 9
network-clock output-source line priority {interface interface_name | controller {t1 | e1} slot/card/port}}
{external slot/card/port}
Example:
Router(config-if-srv)# encapsulation
dot1q 40 second-dot1q 42
Step 10
exit
Example:
Router(config)# exit
Examples
This example shows how to configure clock recovery from SyncE for Cisco 7600 Routers:
Router>enable
Router# configure terminal
Router(config)# network-clock synchronization automatic
Router(config)# network-clock synchronization ssm option 2 GEN1
Router(config)# network-clock input-source 1 interface TenGigabitEthernet7/1
Router(config)# int gig 5/1
Router(config-if)# clock source line
Router(config-if)# synchronous mode
Router(config)# exit
Router(config)# network-clock output-source line 1 interface GigabitEthernet1/11 External
1/0/0
Router(config)# exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-14
OL-16147-20
Chapter 4
Quality Level Enabled Clock Selection: Use the network-clock synchronization mode
QL-enabled command in global configuration mode to configure the automatic selection process
for QL-enabled mode. This succeeds only if the SyncE interfaces are capable of sending SSM. The
following example shows how to configure network clock synchronization (QL-enabled mode) in
global configuration mode:
Router(config)# network-clock synchronization mode QL-enabled
ESMC Process: Use the esmc process command in global configuration mode to enable the ESMC
process at system level. The no form of the command disables the ESMC process. This command
fails if there is no SyncE-capable interface installed in the platform. The following example shows
how to enable ESMC in global configuration mode:
Router(config)# esmc process
ESMC Mode: Use the esmc mode [tx | rx |<cr>] command in interface configuration mode to
enable ESMC process at interface level. The no form of the command disables the ESMC process.
The following example shows how to enable ESMC in interface configuration mode:
Router(config-if)# esmc mode
tx
Network Clock Source Quality level: Use the network-clock source quality-level command in
interface configuration mode to configure the QL value for ESMC on gigabitethernet port. The value
is based on global interworking options.
If Option 1 is configured, the available values are QL-PRC, QL-SSU-A, QL-SSU-B, QL-SEC,
and QL-DNU.
If Option 2 is configured with GEN 2, the available values are QL-PRS, QL-STU, QL-ST2,
The following example shows how to configure network-clock source quality-level in interface
configuration mode:
Router(config-if)# network-clock source quality-level QL-PRC
The following example shows how to configure the wait-to-restore timer in interface configuration
mode:
Router(config)# int ten 7/1
Router(config-if)# network-clock wait-to-restore 10
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-15
Chapter 4
Hold-off Time: Use network-clock hold-off timer global command to configure hold-off time. You
can configure the hold-off time to zero or any value between 50 to 10000 milliseconds. The default
value is 300 milliseconds. The network-clock hold-off timer can be set at global configuration
mode and interface configuration mode.The following example shows how to configure hold-off
time:
Router(config)# network-clock hold-off 50 global
Force Switch: Use the network-clock switch force command to forcefully select a synchronization
source irrespective of whether the source is available and within the range. The following example
shows how to configure manual switch:
Router(config)# network-clock switch force interface tenGigabitEthernet 7/1 t1
Manual Switch: Use network-clock switch manual command to manually select a synchronization
source provided the source is available and within the range. The following example shows how to
configure manual switch:
Router(config)# network-clock switch manual interface tenGigabitEthernet 7/1 t1
Clear Manual and Force Switch: Use the network-clock clear switch controller-id command to
clear the manual or switch it by force. The following example shows how to clear a switch:
Router(config)# network-clock clear switch t0
Lock out a Source: Use the network-clock set lockout command to lock-out a clock source. A clock
source flagged as lock-out is not selected for SyncE. To clear the lock-out on a source, use the
network-clock clear lockout command. The following example shows how to lock out a clock
source:
Router(config)# network-clock set lockout interface tenGigabitEthernet 7/1
Verification
Use the following commands to verify the SyncE configuration:
Use the show network-clock synchronization command to display the sample output:
Router# show network-clocks synchronization
Symbols:
En - Enable, Dis - Disable, Adis - Admin Disable
NA - Not Applicable
* - Synchronization source selected
# - Synchronization source force selected
& - Synchronization source manually switched
Automatic selection process : Enable
Equipment Clock : 2048 (EEC-Option1)
Clock Mode : QL-Enable
ESMC : Enabled
SSM Option : 1
T0 : TenGigabitEthernet12/1
Hold-off (global) : 300 ms
Wait-to-restore (global) : 300 sec
Tsm Delay : 180 ms
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-16
OL-16147-20
Chapter 4
Revertive : No
Nominated Interfaces
Interface
Internal
*Te12/1
AT6/0/0
SigType
NA
NA
NA
Mode/QL
NA/Dis
Sync/En
NA/En
Prio
251
1
1
QL_IN ESMC Tx
QL-SEC
NA
QL-PRC
QL-SSU-A NA
ESMC Rx
NA
NA
Use the show network-clock synchronization detail command to display all details of
network-clock synchronization parameters at the global and interface levels.
Router# show network-clocks synchronization detail
Symbols:
En - Enable, Dis - Disable, Adis - Admin Disable
NA - Not Applicable
* - Synchronization source selected
# - Synchronization source force selected
& - Synchronization source manually switched
Automatic selection process : Enable
Equipment Clock : 2048 (EEC-Option1)
Clock Mode : QL-Enable
ESMC : Enabled
SSM Option : 1
T0 : TenGigabitEthernet12/1
Hold-off (global) : 300 ms
Wait-to-restore (global) : 300 sec
Tsm Delay : 180 ms
Revertive : No
Force Switch: FALSE
Manual Switch: FALSE
Number of synchronization sources: 2
sm(netsync NETCLK_QL_ENABLE), running yes, state 1A
Last transition recorded: (sf_change)-> 1A (ql_change)-> 1A (sf_change)-> 1A
(ql_change)-> 1A (ql_change)-> 1A (sf_change)-> 1A (ql_change)-> 1A (sf_change)-> 1A
(sf_change)-> 1A (ql_change)-> 1A
Nominated Interfaces
Interface
Internal
*Te12/1
AT6/0/0
SigType
NA
NA
NA
Mode/QL
NA/Dis
Sync/En
NA/En
Prio
251
1
1
QL_IN ESMC Tx
QL-SEC
NA
QL-PRC
QL-SSU-A NA
ESMC Rx
NA
NA
Interface:
--------------------------------------------Local Interface: Internal
Signal Type: NA
Mode: NA(Ql-enabled)
SSM Tx: Disable
SSM Rx: Disable
Priority: 251
QL Receive: QL-SEC
QL Receive Configured: QL Receive Overrided: QL Transmit: QL Transmit Configured: Hold-off: 0
Wait-to-restore: 0
Lock Out: FALSE
Signal Fail: FALSE
Alarms: FALSE
Slot Disabled: FALSE
Local Interface: Te12/1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-17
Chapter 4
Signal Type: NA
Mode: Synchronous(Ql-enabled)
ESMC Tx: Enable
ESMC Rx: Enable
Priority: 1
QL Receive: QL-PRC
QL Receive Configured: QL Receive Overrided: QL Transmit: QL-DNU
QL Transmit Configured: Hold-off: 300
Wait-to-restore: 300
Lock Out: FALSE
Signal Fail: FALSE
Alarms: FALSE
Slot Disabled: FALSE
Local Interface: AT6/0/0
Signal Type: NA
Mode: NA(Ql-enabled)
SSM Tx: Enable
SSM Rx: Enable
Priority: 1
QL Receive: QL-SSU-A
QL Receive Configured: QL Receive Overrided: QL Transmit: QL Transmit Configured: Hold-off: 300
Wait-to-restore: 300
Lock Out: FALSE
Signal Fail: FALSE
Alarms: FALSE
Slot Disabled: FALSE
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-18
OL-16147-20
Chapter 4
QL rx overrided: QL-DNU
ESMC Information rate: 1 packet/second
ESMC Expiry: 5 second
Use the show esmc detail command to display all details of esmc parameters at the global and
interface levels.
Router# show esmc detail
Interface: TenGigabitEthernet12/1
Administative configurations:
Mode: Synchronous
ESMC TX: Enable
ESMC RX: Enable
QL TX: QL RX: Operational status:
Port status: UP
QL Receive: QL-PRC
QL Transmit: QL-DNU
QL rx overrided: ESMC Information rate: 1 packet/second
ESMC Expiry: 5 second
ESMC Tx Timer: Running
ESMC Rx Timer: Running
ESMC Tx interval count: 1
ESMC INFO pkts in: 2195
ESMC INFO pkts out: 6034
ESMC EVENT pkts in: 1
ESMC EVENT pkts out: 16
Interface: TenGigabitEthernet12/2
Administrative configurations:
Mode: Synchronous
ESMC TX: Enable
ESMC RX: Enable
QL TX: QL RX: Operational status:
Port status: UP
QL Receive: QL-DNU
QL Transmit: QL-DNU
QL rx overrided: QL-DNU
ESMC Information rate: 1 packet/second
ESMC Expiry: 5 second
ESMC Tx Timer: Running
ESMC Rx Timer: Running
ESMC Tx interval count: 1
ESMC INFO pkts in: 0
ESMC INFO pkts out: 2159
ESMC EVENT pkts in: 0
ESMC EVENT pkts out: 10
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-19
Chapter 4
Debug Command
Purpose
debug esmc
debug esmc
debug esmc
name>]
debug esmc
name>]
debug esmc
name>]
error
event
packet [interface <interface
packet rx [interface <interface
packet tx [interface <interface
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-20
OL-16147-20
Chapter 4
Troubleshooting Scenarios
Note
Before you troubleshoot, ensure that all the network clock synchronization configurations are complete.
Troubleshooting
Table 4-3 provides the troubleshooting solutions for the synchronous ethernet feature.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-21
Chapter 4
Table 4-3
Troubleshooting Scenarios
Problem
Incorrect clock limit set or disabled queue limit
mode
Solution
Warning
RouterB#show network-clocks
synchronization
Symbols:
En - Enable, Dis - Disable,
Adis - Admin Disable NA - Not Applicable
- Synchronization source selected
#
force selected
- Synchronization source
SigType
Mode/QL
ESMC Tx ESMC Rx
Internal
251
QL-ST3
NA
NA
SONET 3/0/0
3
QL-ST3
NA
*PO3/1/0
1
QL-ST3
NA
SONET 2/3/0
4
QL-ST3
NA
NA/Dis
NA
NA
NA/En
NA
NA
NA/En
NA
NA
NA/En
NA
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-22
OL-16147-20
Chapter 4
Problem
Solution
Warning
Warning
Warning
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-23
Chapter 4
Metro Architecture
IP Core
POP
Service
router
Service
router
BRAS
BRAS
V
Single node
possible
L2/MPLS Access
L2 Access network
L2 Switches facing DSLAM
Service Router:
QinQ termination/L2/L3 VPN
L3 Multicast
Access Router:
Selective QinQ, L3 Multicast
DHCP Relay
DSLAM:
Dot1q Tag imposition
1:1 VLAN per sub
N:1 VLAN for Video
Access
router
Access
router
Qin Q
DSLAMs
Central
Office
Central
Office
VIP
191299
DSLAMs
Flexible QinQ Mapping and Service Awareness on Cisco 7600 Series ES+ line cards provides the
following functionality:
cross-connected to another port by changing the tag. This is a 1-to-1 mapping service and there
is no MAC learning involved.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-24
OL-16147-20
Chapter 4
Double tag Ethernet local switching where the received double tag traffic from one port is
cross-connected to another port by changing both tags. The mapping to each double tag
combination to the cross-connect is 1-to-1. There is no MAC learning involved.
Hairpinning:It is a cross connect between two EFPS on the same port.
Note
Double tag translation (2-to-2 translation) Layer 2 switchingTwo received tagged frames are
popped and two new tags are pushed.
bridging VLAN. The double tags are popped and the egress line card adds new double tags and
sends the packet out.
Double tag routingSame as regular dot1q tag routing except that double tags are used to
Scalable EoMPLS VCSingle tag packets are sent across the tunnel.
if the Layer 2 PDUs are untagged, packets are treated per the physical port configuration. (With
an untagged service instance with bridge-domain command, the CPU stops the PDU depending
on the configuration). When the feature is configured on the EFP, the BPDU is passed by the
EFP to the feature which makes the decision accordingly.
Service Scalability:
Service Instances per network processor: 8000
Service instances per Line Card: 16000
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-25
Chapter 4
Service instances per port channel: 8000. This is subject to the number of members per NP. This
value would reduce by the factor of the member links per NP. If the member links are spread
across NPs, then the maximum number of service instances per port channel is unchanged.
Using TCAM entries: The number of TCAMs an EVC uses depends on the encapsulation
TCAMS used - 1
Example 2
service instance 1 eth
encap dot1q 200 second dot1q 300
TCAMs used - 1
Example 3
service instance 1 eth
encap dot1q 201, 202
TCAMs used - 4
First entry to match vlans 20-23
Second entry to match vlans 24-31
Third entry to match vlans 32-39
Fourth entry to match vlan 40
A range does not always mean multiple TCAMs as shown in this example where only one TCAM
entry is used.
Example 5
service instance 1 ethernet
encap dot1q 8-15
service instance 2 ethernet
encap dot1q 2000 second-dot1q 96-127
QoS Scalability:
Service instances per router: 32, 000
Bridge-domains: 4, 000
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-26
OL-16147-20
Chapter 4
QoS Scalability:
Shaping: Parent queue is 2,000 and child queue is 16,000
Marking: Parent queue is 2,000 and child queue is 16,000
Maximum number of child queues (leaf) supported for ES+T line card is 16 per port.
cos command
WRED aggregate
Queue-limit
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id} | pop {1 | 2} | translate {1-to-1 {dot1q vlan-id | dot1ad vlan-id}| 2-to-1 dot1q vlan-id | dot1ad
vlan-id}| 1-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id} | 2-to-2 {dot1q
vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id}}symmetric
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-27
Chapter 4
Step 3
Command
Purpose
or
interface tengigabitethernet slot/port
Example:
Router(config)# interface
gigabitethernet 4/1
Step 4
Example:
Router(config-if)# service instance 101
ethernet
Step 5
Example:
Router(config-if-srv)# encapsulation
dot1q 13
Step 6
Example:
Router(config-if-srv)# rewrite ingress
tag push dot1q 20 symmetric
Examples
Single Tag VLAN Connect
This example shows an incoming frame with a dot1q tag of 10 enters TenGigabitEthernet 1/1. It is index
directed to TenGigabitEthernet 1/2 and exits with a dot1q tag of 11. No MAC learning is involved.
Note
Because there is a VLAN translation end to end, Layer2 protocol need to be carefuly considered.
Typically, the use case has both sides on the same encapsulation.
This example shows a typical configuration of a DSLAM facing port of the first PE router.
! DSLAM facing port
Router# enable
Router# configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-28
OL-16147-20
Chapter 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-29
Chapter 4
QinQ VLAN
Router(config)# interface TenGigabitEthernet 1/2
Router(config-if)# switchport
Router(config-if)# switchport mode trunk
Router(config-if)# switchport trunk vlan allow 11
QinQ VLAN
Router(config)# interface TenGigabitEthernet 1/2
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-30
OL-16147-20
Chapter 4
Verification
Use these commands to verify operation.
Command
Purpose
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-31
Chapter 4
Command
Purpose
Troubleshooting
Use these debug commands to troubleshoot Flexible QinQ feature.
Debug commands
Command
Purpose
Table 4-4 provides the troubleshooting solutions for the Flexible mapping feature.
Table 4-4
Problem
Solution
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-32
OL-16147-20
Chapter 4
Problem
Solution
Wrong interface configured and tag manipulation incorrectly Use the command show platform np interface detail to verfiy
programmed.
the interface and tag details. Share the output with TAC for
further investigation.
VLAN ID is incorrectly programmed
Use the show plat soft qos tcamfeature and show plat soft
qos tcamt commands to verify the TCAM entries. Share the
output with TAC for further investigation.
Simultaneously configure Layer 2 and Layer 3 services such as Layer 2 VPN, Layer 3 VPN, and
Layer 2 bridging on the same physical port.
Define a broadcast domain in a system. Customer instances that are part of a broadcast domain can
be in the same physical port or in different ports.
Configure multiple service instances with different encapsulations and map them to a single bridge
domain.
Perform local switching between service instances under the same bridge domain.
Perform local switching across different physical interfaces using service instances that are part of
the same bridge domain.
Replicate flooded packets from the core to all service instances under the bridge domain.
Configure a Layer 2 tunneling service or Layer 3 terminating service under the bridge domain
VLAN.
MPBE accomplishes this by manipulating VLAN tags for each service instance and mapping the
manipulated VLAN tags to Layer 2 or Layer 3 services. Possible VLAN tag manipulations include:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-33
Chapter 4
Configuring MultiPoint Bridging over Ethernet on Cisco 7600 Series ES+ Line Cards
440 MPB VCs are supported under one bridge-domain (110 per network processor).
IGMP snooping is supported with MPB VCs as long as the service instance is terminated on the
bridge-domain (must pop all tags, symmetric).
1.
enable
2.
configure terminal
3.
4.
5.
6.
[no] rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id
dot1q vlan-id} | pop {1 | 2} | translate {1-to-1 {dot1q vlan-id | dot1ad vlan-id}| 2-to-1 dot1q vlan-id |
dot1ad vlan-id}| 1-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id} | 2-to-2
{dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id}} symmetric
7.
SUMMARY STEPS
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-34
OL-16147-20
Chapter 4
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface
gigabitethernet 4/1
Step 4
Example:
Router(config-if)# service instance 101
ethernet
Step 5
Example:
Router(config-if-srv)# encapsulation
dot1q 10
Step 6
Example:
Router(config-if-srv)# rewrite ingress
tag push dot1q 200 symmetric
Step 7
Example:
Router(config-if-srv)# bridge-domain 12
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-35
Chapter 4
Configuring MultiPoint Bridging over Ethernet on Cisco 7600 Series ES+ Line Cards
Examples
Single Tag Termination Example
In this example, the single tag termination identifies customers based on a single VLAN tag and maps
the single-VLAN tag to the bridge-domain.
Router# enable
Router# configure terminal
Router(config)# interface TenGigabitEthernet 1/1
Router(config-if)# service instance 10 ethernet
Router(config-if-srv)# encapsulation dot1q 10
Router(config-if-srv)# rewrite ingress tag pop 1 symmetric
Router(config-if-srv)# bridge-domain 12
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-36
OL-16147-20
Chapter 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-37
Chapter 4
Configuring MultiPoint Bridging over Ethernet on Cisco 7600 Series ES+ Line Cards
In this example, service instances are configured on Ethernet interfaces and terminated on the bridge
domain.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 2/1
Router(config-if)# service instance 100 ethernet
Router(config-if-srv)# encapsulation dot1q 1000
Router(config-if-srv)# bridge-domain 10
Router(config)# interface GigabitEthernet 1/1
Router(config-if)# switchport
Router(config-if)# switchport mode trunk
Router(config-if)# switchport trunk allowed vlan 10
Verification
Use these commands to verify operation.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-38
OL-16147-20
Chapter 4
Command
Purpose
NPE11
NPE10
ge2/4.4
gi3/0/0/0
primary
NPE12
fa1/0.4
ge2/4.2
backp
gi3/0/0/11
ge1/3.4
72a
fa1/0.2
NPE14
ge1/3.2
Note
191978
Figure 4-2
The primary interface is the interface for which you configure a backup. During operation, the primary
interface is active and the backup (secondary) interface operates in standby mode. If the primary
interface goes down (due to loss of signal), the router begins using the backup interface.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-39
Chapter 4
While the primary interface is active (up) the backup interface is in standby mode. If the primary
interface goes down, the backup interface transitions to the up state and the router begins using it in place
of the primary. When the primary interface comes back up, the backup interface transitions back to
standby mode. While in standby mode, the backup interface is effectively down and the router does not
monitor its state or gather statistics for it.
This feature provides the following benefits:
Supports several types of uplinks: MultiProtocol Label Switching (MPLS), Virtual Private LAN
Service (VPLS), and switchports.
The Backup Interface for Flexible UNI feature makes use of these Ethernet components:
Ethernet virtual circuit (EVC)An association between two or more UNIs that identifies a
point-to-point or point-to-multipoint path within the provider network. For more information about
EVCs, see the Troubleshooting section on page 4-21.
Ethernet flow point (EFP)The logical demarcation point of an EVC on an interface. An EVC that
uses two or more UNIs requires an EFP on the associated ingress interface and egress interface of
every device that the EVC passes through.
You can use the same IP address on both the primary and secondary interfaces. This enables the
interface to support L3 termination (single or double tagged).
The configurations on the primary and backup interfaces must match. The router does not check that
the configurations match; however, the feature does not work if the configurations are not the same.
Note
If the configuration includes the xconnect command, you must specify a different VCID on
the primary and backup interfaces.
The duplicate resources needed for the primary and secondary interfaces are taken from the total
resources available on the router and thus affect available resources. For example, each xconnect
command consumes resources on both the primary and backup interfaces.
Any features configured on the primary and backup interfaces (such as bridge-domain, xconnect,
and connect commands) transition up or down as the interface itself transitions between states.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-40
OL-16147-20
Chapter 4
Switchover time between primary and backup interfaces is best effort. The time it takes the backup
interface to transition from standby to active mode depends on the link-state detection time and the
amount of time needed for EVCs and their features to transition to the up state.
Configuration changes and administrative actions made on the primary interface are automatically
reflected on the backup interface.
The router monitors and gathers statistics for the active interface only, not the backup. During
normal operation, the primary interface is active; however, if the primary goes down, the backup
becomes active and the router begins monitoring and gathering statistics for it.
When the primary interface comes back up, the backup interface always transitions back to standby
mode. Once the signal is restored on the primary interface, there is no way to prevent the interface
from being restored as the primary.
1.
enable
2.
configure terminal
3.
4.
SUMMARY STEPS
Note
You must apply the same configuration to both the primary and backup interfaces or the feature
does not work. To configure EVC service instances on the interfaces, use the service instance,
encapsulation, rewrite, bridge-domain, and xconnect commands. For information, see the
Configuring MultiPoint Bridging over Ethernet on Cisco 7600 Series ES+ Line Cards section
on page 4-33 and the Configuring Any Transport over MPLS section on page 6-1.
5.
6.
7.
exit
8.
9.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-41
Chapter 4
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface gigabitethernet 3/1
Step 4
Example:
Router(config)# backup interface
gigabitethernet 4/1
Note
Step 5
You must apply the same configuration to both the primary and backup interfaces or the feature does not work.
To configure EVC service instances on the interfaces, use the service instance, encapsulation, rewrite,
bridge-domain, and xconnect commands. For information, see the Configuring MultiPoint Bridging over Ethernet
on Cisco 7600 Series ES+ Line Cards section on page 4-33 and the Configuring Any Transport over MPLS
section on page 6-1.
Router(config-if)# backup delay enable-delay
disable-delay
Example:
Router(config-if)# backup delay 0 0
Note
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-42
OL-16147-20
Chapter 4
Step 6
Command or Action
Purpose
Example:
Router(config-if)# backup load 50 10
Step 7
exit
Example:
Router(config-if)# exit
Step 8
Example:
Router(config-if)# connect primary gi3/2 gi3/3
Step 9
Example:
Router(config-if)# connect backup gi4/2 gi4/2
Step 10
Example:
Router(config-if)# connect primary gi3/2 gi3/3
Step 11
Example:
Router(config-if)# connect backup gi4/2 gi4/3
Step 12
exit
Example:
Router(config-if)# exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-43
Chapter 4
Note
If you have configured any interface (L3, Switchport, or EVC) using the backup interface command,
then you are not supposed to run the shutdown command on the active interface. If you run shutdown,
then the standby interface will also go down.
The following example shows a sample configuration in which:
Each interface supports two service instances (2 and 4), and each service instance uses a different
type of forwarding (bridge-domain and xconnect).
The xconnect command for service instance 2 uses a different VCID on each interface.
Router# enable
Router# configure terminal
Router(config)# interface gi3/1
Router(config-if)# backup interface gi4/1
Router(config-if)# service instance 4 ethernet
Router(config-if-srv)# encapsulation dot1q 4
Router(config-if-srv)# rewrite ingress tag pop 1 symmetric
Router(config-if-srv)# bridge-domain 4
Router(config-if-srv)# exit
Router(config-if)# service instance 2 ethernet
Router(config-if-srv)# encapsulation dot1q 2
Router(config-if-srv)# rewrite ingress tag pop 1 symmetric
Router(config-if-srv)# xconnect 10.0.0.0 2 encap mpls
Router(config)# interface gi4/1
Router(config-if)# service instance 4 ethernet
Router(config-if-srv)# encapsulation dot1q 4
Router(config-if-srv)# rewrite ingress tag pop 1 symmetric
Router(config-if-srv)# bridge-domain 4
Router(config-if-srv)# exit
Router(config-if)# service instance 2 ethernet
Router(config-if-srv)# encapsulation dot1q 2
Router(config-if-srv)# rewrite ingress tag pop 1 symmetric
Router(config-if-srv)# xconnect 10.0.0.0 5 encap mpls
Verification
This section lists the commands to display information about the primary and backup interfaces
configured on the router. In the examples that follow, the primary interface is gi3/1 and the secondary
(backup) interface is gi3/11.
To display a list of backup interfaces, use the show backup command in privileged EXEC mode.
Our sample output shows a single backup (secondary) interface:
Router# show backup
Primary Interface
----------------GigabitEthernet 3/1
Secondary Interface
------------------GigabitEthernet 3/11
Status
-----normal operation
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-44
OL-16147-20
Chapter 4
To display information about a primary or backup interface, use the show interfaces command in
privileged EXEC mode. Issue the command on the interface for which you want to display
information. The following examples show the output displayed when the command is issued on the
primary (gi3/1) and backup (gi3/11) interfaces:
Router# show interface gi3/1
GigabitEthernet3/1 is up, line protocol is up (connected)
Hardware is GigEther SPA, address is 0005.dc57.8800 (bia 0005.dc57.8800)
Backup interface GigabitEthernet 3/11, failure delay 0 sec, secondary disable delay
0 sec, kickin load not set, kickout load not set
[]
Router# show interface gi3/11
GigabitEthernet3/11 is standby mode, line protocol is down (disabled)
If the primary interface goes down, the backup (secondary) interface is transitioned to the up state, as
shown in the command output that follows. Notice how the command output changes if you reissue the
show backup and show interfaces commands at this time: the show backup status changes, the line
protocol for gi3/1 is now down (notconnect), and the line protocol for gi3/11 is now up (connected).
Router# !!! Link gi3/1 (active) goes down
22:11:11: %LINK-DFC3-3-UPDOWN: Interface GigabitEthernet3/1, changed state to down
22:11:12: %LINK-DFC3-3-UPDOWN: Interface GigabitEthernet3/11, changed state to up
22:11:12: %LINEPROTO-DFC3-5-UPDOWN: Line protocol on Interface GigabitEthernet3/1,
changed state to down
22:11:13: %LINEPROTO-DFC3-5-UPDOWN: Line protocol on Interface GigabitEthernet3/11,
changed state to up
Router# show backup
Primary Interface
Secondary Interface
Status
---------------------------------------GigabitEthernet3/1 GigabitEthernet3/11 backup mode
Router# show interface gi3/1
GigabitEthernet3/1 is down, line protocol is down (notconnect)
Hardware is GigEther SPA, address is 0005.dc57.8800 (bia 0005.dc57.8800)
Backup interface GigabitEthernet3/11, failure delay 0 sec, secondary disable delay 0
sec,
Router# show interface gi3/11
GigabitEthernet3/11 is up, line protocol is up (connected)
Example
Figure 4-3 shows a sample configuration of a backup interface for Flexible UNI. The configuration
includes several EVCs (service instances), configured as follows:
Service instance 4 is configured on primary and backup interfaces (links) that terminate in a bridge
domain, with a VPLS uplink onto network provider edge NPE12.
Service instance 2 is configured as scalable Ethernet over MPLS, peering with an SVI VPLS on
NPE12.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-45
Chapter 4
NPE11
NPE10
ge2/4.4
gi3/0/0/0
primary
NPE12
fa1/0.4
ge2/4.2
backp
gi3/0/0/11
ge1/3.4
72a
fa1/0.2
NPE14
ge1/3.2
191978
Figure 4-3
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-46
OL-16147-20
Chapter 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-47
Chapter 4
Troubleshooting
Table 4-5 provides troubleshooting solutions for the backup interface of the Flexible UNI feature.
Table 4-5
Problem
Solution
The backup interface is in a standby state or the line protocol Use the show interfaces command on the specific interface in
is down
privileged EXEC mode to display interface and line protocol
details. Share the output with TAC for further investigation.
This sample output of the command is displayed when the
command on the primary (gi3/0/0) and backup (gi3/0/11)
interfaces:
NPE-11# show int gi3/0/0
GigabitEthernet3/0/0 is up, line protocol is up
(connected)
Hardware is GigEther SPA, address is 0005.dc57.8800
(bia 0005.dc57.8800)
Backup interface GigabitEthernet3/0/11, failure
delay 0 sec, secondary disable delay
0 sec, kickin load not set, kickout load not set
[...]
NPE-11# show int gi3/0/11
GigabitEthernet3/0/11 is standby mode, line protocol
is down (disabled)
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-48
OL-16147-20
Chapter 4
EVC On Port-Channel
An EtherChannel bundles individual Ethernet links into a single logical link that provides the aggregate
bandwidth of up to eight physical links.The EVC EtherChannel feature provides support for
EtherChannels on Ethernet Virtual Connection Services (EVCS) service instances.
For more information on EtherChannels, and how to configure EtherChannels on Layer 2 or Layer 3
LAN ports, see Configuring EtherChannels at
http://www.cisco.com/en/US/docs/routers/7600/ios/15S/configuration/guide/channel.html.
The EVC EtherChannel feature supports MPBE, local connect, and xconnect service types.
Load balancing is accomplished on a Ethernet flow point (EFP) basis where a number of EFPs exclusively
pass traffic through member links. In a default load balancing, you have no control over how the EFPs
are grouped together, and sometimes the EFP grouping may not be ideal. To avoid this, use manual load
balancing to control the EFP grouping.
All member links of the port-channel are on Cisco 7600-ES+ line cards.
Bridge-domain, xconnect, connect EVCs, switchports, and IP subinterfaces are allowed over the
port-channel interface and the main interface.
The EFP limit decreases with the number of member links on the NP. For instance, if there are 4
members within the same NP, the EVC limit on the NP decreases to 2000, that is (8000/4).
Note
For a switchport (not for data traffic), use the service instance ethernet command to create
a service instance to support OAM requirements.
If you configure a physical port as part of a channel group, you cannot configure EVCs under that
physical port.
A physical port that is part of an EVC port-channel cannot have switchport configuration.
You can apply QoS policies under EVCs on a port-channel with the exception that ingress microflow
policing is not supported. For more information on configuring QoS with EVCs, see Configuring
QoS, page 7-1.
You cannot use the bandwidth percent or police percent commands on EVC port-channels in flat
policy-maps or in parent of HQoS policy-maps.
1.
enable
2.
configure terminal
3.
4.
[no] ip address
5.
SUMMARY STEPS
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-49
Chapter 4
EVC On Port-Channel
6.
7.
rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id} | pop {1 | 2} | translate {1-to-1 {dot1q vlan-id | dot1ad vlan-id}| 2-to-1 dot1q vlan-id | dot1ad
vlan-id}| 1-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id} | 2-to-2 {dot1q
vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id}} symmetric
8.
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface port-channel
11
Step 4
[no] ip address
Example:
Router(config-if)# no ip address
Step 5
Example:
Router(config-if)# service instance 101
ethernet
Step 6
encapsulation {default|untagged|dot1q
vlan-id [second-dot1q vlan-id]}
Example:
Router(config-if-srv)# encapsulation
dot1q 13
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-50
OL-16147-20
Chapter 4
Step 7
Command
Purpose
Example:
Router(config-if-srv)# rewrite ingress
tag push dot1q 20 symmetric
Step 8
Example:
or
Router(config-if-srv)# bridge-domain 12
Examples
This example shows a single port-channel interface is created with three possible member links from
slots 1 and 2:
Router# enable
Router# configure terminal
Router(config)# interface Port-channel5
Router(config)# interface GigabitEthernet 2/1
Router(config-if)# channel-group 5 mode on
This example shows scalable Eompls and EVC connect sample configuration.
Router#enable
Router#configure terminal
Router(config)#interface GigabitEthernet 3/0/0
Router(config-if)#service instance 10 ethernet
Router(config-srv)#encapsulation dot1q 20
Router(config-if-srv)#rewrite ingress tag pop 1 sym
Router(config-if-srv)#exit
Router(config-if)#exit
Router(config)#interface GigabitEthernet 3/0/1
Router(config-if)#service instance 12 ethernet
Router(config-srv)#encapsulation dot1q 30
Router(config-if-srv)#rewrite ingress tag pop 1 sym
Router(config-if-srv)#exit
Router(config-if)#exit
Router(config)#connect TEST GigabitEthernet 3/0/0 10 GigabitEthernet 3/0/1 12
Router#sh connection all
ID
Name
Segment 1
Segment 2
State
================================================================================
57
TEST
Gi3/0/0:10
Gi3/0/1:12
UP
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-51
Chapter 4
EVC On Port-Channel
Router# enable
Router# configure terminal
Router(config)# interface port-channel10
Router(config-if)# no ip address
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# encapsulation dot1q 11
Router(config-if-srv)# rewrite ingress tag pop 1 symmetric
Router(config-if)# service-policy input x
Router(config-if)# service-policy output y
Router(config-if-srv)# bridge-domain 1500
Purpose
Troubleshooting
Table 4-6 provides the troubleshooting solutions for the EVC on a Port-Channel.
Table 4-6
Problem
Solution
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-52
OL-16147-20
Chapter 4
SPAN on Port: The traffic on all EVCs on the port or port channel is included for a SPAN session
along with routed traffic on that port.
SPAN on VLAN: The traffic on all EVC bridge-domains with the same VLAN is included for a
SPAN session along with other switchports on the same VLAN.
SPAN on EVC: The traffic on a given EFP or a set of EFPs is included for a SPAN session.
EVC SPAN is effective only if the EVC is on the ES+ line card.
If a combination of switchports and EVC bridge-domain exists, then for flood case packet on both
is spanned. VLAN and SPAN are configured in the transmit direction on the source port.
If a combination of different EVC bridge-domain exists, then for flood case packet on all the EVCs
is spanned. VLAN and SPAN are configured in the transmit direction on the source port.
For EVCs configured as a part of more than one SPAN session (EVC, VLAN, or port), traffic is
monitored on only one session.
EFPs and VLAN cannot be configured as source in the same monitor session.
For a 10G port, the aggregate of ingress traffic and SPAN traffic cannot exceed 10G.
For a 10G port with port-shaper, the aggregate of port traffic and SPAN traffic cannot exceed the
port-shaper.
For a 1G port, the total SPAN traffic can be as high as 10G, but due to network processor limitations
and fabric bottleneck, the net traffic can be reduced.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-53
Chapter 4
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
[no] ip address
5.
6.
7.
rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id} | pop {1 | 2} | translate {1-to-1 {dot1q vlan-id | dot1ad vlan-id}| 2-to-1 dot1q vlan-id | dot1ad
vlan-id}| 1-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id} | 2-to-2 {dot1q
vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id}} symmetric
8.
exit
9.
| tx | both]
11. destination interface{GigabitEthernet |Port-channel | TenGigabitEthernet}
12. [no] shutdown
13. end
DETAILED STEPS
Command
Purpose
Step 1
enable
Step 2
configure terminal
Step 3
Step 4
[no] ip address
Step 5
Step 6
encapsulation {default|untagged|dot1q
vlan-id [second-dot1q vlan-id]}
Step 7
rewrite ingress tag {push {dot1q vlan-id | Specifies the tag manipulation on the frame ingress to the
dot1q vlan-id second-dot1q vlan-id | dot1ad service instance.
vlan-id dot1q vlan-id} | pop {1 | 2} |
translate {1-to-1 {dot1q vlan-id | dot1ad
vlan-id}| 2-to-1 dot1q vlan-id | dot1ad
vlan-id}| 1-to-2 {dot1q vlan-id
second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id} | 2-to-2 {dot1q vlan-id
second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id}} symmetric
Step 8
exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-54
OL-16147-20
Chapter 4
Command
Purpose
Step 9
monitor session
local_span_session_number type [local |
local-tx]
Step 10
Step 11
destination interface{GigabitEthernet
|Port-channel | TenGigabitEthernet}
Step 12
no shutdown
Step 13
end
Sample Configuration
This is an example for configuring SPAN on EVC.
Router# enable
Router# configure terminal
Router(config)# interface port-channel 11
Router(config-if)# no ip address
Router(config-if)# service instance 101 ethernet
Router(config-if-srv)# encapsulation dot1q 13
Router(config-if-srv)# rewrite ingress tag push dot1q 20 symmetric
Router(config-if-srv)# exit
Router(config)# monitor session 1 type local
Router(config-mon-local)# source service instance 2 - 100 Port-channel 1 both
Router(config-mon-local)# destination interface Port-channel 3
Router(config-mon-local)# no shut
Router(config-mon-local)# end
Local Session
Admin Enabled
Po1:
Po3
2-100
Troubleshooting
For specific troubleshooting information, contact Cisco Technical Assistance Center (TAC) at this
location:
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-55
Chapter 4
All member links of the port-channel are on Cisco 7600-ES+ line cards.
Only bridge-domain, xconnect, connect EVCs, and IP subinterfaces are allowed over the
port-channel interface. You cannot apply a switchport and EVC configuration under the same
port-channel interface.
If you configure a physical port as part of a channel group, you cannot configure EVCs under that
physical port.
A physical port that is part of an EVC port-channel cannot have switchport configuration.
You can apply QoS policies under EVCs on a port-channel with the exception that ingress microflow
policing is not supported. For more information on configuring QoS with EVCs, see Configuring
QoS, page 7-1.
You cannot use the bandwidth percent or police percent commands on EVC port-channels in flat
policy-maps or in parent of HQoS policy-maps.
1.
enable
2.
configure terminal
3.
interface port-channel
4.
[no] ip address
SUMMARY STEPS
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-56
OL-16147-20
Chapter 4
5.
6.
7.
rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id
dot1q vlan-id} | pop {1 | 2} | translate {1-to-1 {dot1q vlan-id | dot1ad vlan-id}| 2-to-1 dot1q
vlan-id | dot1ad vlan-id}| 1-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id} | 2-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id}} symmetric
8.
9.
Note
The channel-group command options are applicable when configuring port-channel over EVC and the
options active/passive are applicable when configuring port-channel over EVC with LACP.
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface port-channel
12
Step 4
[no] ip address
Example:
Router(config-if)# no ip address
Step 5
Example:
Router(config-if)# service instance 101
ethernet
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-57
Chapter 4
Step 6
Command
Purpose
Example:
Router(config-if-srv)# encapsulation
dot1q 13
Step 7
Example:
Router(config-if-srv)# rewrite ingress
tag push dot1q 20 symmetric
Step 8
Example:
Router(config-if-srv)# bridge-domain 12
Step 9
Example:
Router (config) # interface gig 5/1
Step 10
Example:
Router(config-if)# channel-protocol
lacp
Step 11
Example:
Router(config-if)# channel-group 5 mode
active
Examples
In this example, a single port-channel interface is created with three possible member links from slots 1
and 2:
Router# enable
Router# configure terminal
Router(config)# interface Port-channel5
Router(config-if)# no ip address
Router(config-if)# service instance 1 ethernet
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-58
OL-16147-20
Chapter 4
This is configuration for LACP over a configured EVC port-channel, under an interface:
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 1/1
Router(config-if)# channel-protocol lacp
Router(config-if)# channel-group 5 mode ?
Router(config-if)# channel-group 5 mode active
Router(config-if)# channel-group 5 mode passive
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-59
Chapter 4
Verification
Use these commands to verify EVC configuration.
Command
Purpose
Troubleshooting
For information on troubleshooting LACP support for EVC Port Channel feature, see Table 4-6 on
page 4-52.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-60
OL-16147-20
Chapter 4
Apply security and QoS at the interface, sub-interface, and service levels.
You can use a collection of sequential ACL rules to filter network traffic. Though the ACLs are applied
on a network interface, you can use this feature to apply Layer 2 on different EVCs. Table 4-7 maps the
supported layers with their parameters and Table 4-8 lists the commands used to activate the Layer 2
ACLs.
Table 4-7
Layer
Based on
Layer 2
Table 4-8
ACL commands
Layer
Action
Layer 2
Command
mac access-group {aclname} in
If a Layer 2 ACL is applied to an EFP (Ethernet Flow Point) with a Layer 2 ACL, the new ACL
replaces the previous ACL.
A Layer 2 ACL configuration applied on the EVC interface should contain the source MAC address,
destination MAC address, and the address mask.
You can apply a maximum of 256 unique ACLs on all the EVCs.
Maximum number of 16 ACEs (Access Control Elements) per ACL are supported.
enable
2.
configure terminal
3.
mac access-list extended {aclname} {permit | deny} {host a.b.c host x.y.z}
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-61
Chapter 4
4.
exit
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
me7600-5(config)#mac access-list extended
test-l2-acl
Step 4
exit
enable
2.
configure terminal
3.
4.
5.
6.
7.
exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-62
OL-16147-20
Chapter 4
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface gigabitethernet
4/0/0
Step 4
Example:
Router(config-if)# service instance 101
ethernet
Step 5
encapsulation dot1q
vlan id
Example:
Router(config-if-srv)# encapsulation
dot1q 5
Step 6
aclname
in
Example:
me7600-5(config-if-srv)# mac access-group
test-l2-acl in
Step 7
exit
Examples
You can view the ACL counters for an EVC as shown in this example:
LLB-India-7#sh ethernet service instance id 1 int gig3/0/0 detail
Service Instance ID: 1
L2 ACL (inbound): l2acl
<=====
Associated Interface: GigabitEthernet3/0/0
Associated EVC: test
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-63
Chapter 4
L2protocol drop
CE-Vlans:
Interface Dot1q Tunnel Ethertype: 0x8100
State: Up
L2 ACL permit count: 0
L2 ACL deny count: 0
EFP Statistics:
Pkts In
Bytes In
Pkts Out Bytes Out
0
0
0
0
<=====
<=====
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-64
OL-16147-20
Chapter 4
The following EVCs are supported on the same interface and bridge-domain:
dot1q encapsulation
QinQ encapsulation
Untagged encapsulation
Multiple EVCs are supported on the same port, all having the same or different bridge domains.
Multiple EVCs are supported on different ports, all having the same or different bridge domains.
With Cisco IOS Release 12.2(33)SRE, DHCP snooping with Option 82 is supported on EVC
port-channels.
1.
enable
2.
configure terminal
3.
4.
[no] ip address
5.
6.
7.
8.
rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id} | pop {1 | 2} | translate {1-to-1 {dot1q vlan-id | dot1ad vlan-id}| 2-to-1 dot1q vlan-id | dot1ad
vlan-id}| 1-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id} | 2-to-2 {dot1q
vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id}} symmetric
9.
SUMMARY STEPS
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-65
Chapter 4
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface gigabitethernet
slot/subslot/port[.subinterface-number]
or
interface tengigabitethernet
slot/subslot/port[.subinterface-number]
or
interface port-channel number
Example:
Router(config)# interface gigabitethernet 4/1
Step 4
no ip address
Example:
Router# Router(config-if)# no ip address
Step 5
Example:
Router(config-if)# negotiation auto
Step 6
Example:
Step 7
Example:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-66
OL-16147-20
Chapter 4
Step 8
Command
Purpose
Example:
Router(config-if-srv)# rewrite ingress tag push
dot1q 20 symmetric
Step 9
Example:
Router(config)# ip dhcp relay information option
subscriber-id 123
Step 10
Example:
Router(config-if-srv)# bridge-domain 12
Example
This example shows a typical configuration on the relay agent and the server. This is a configuration on
the relay agent:
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet8/1
Router(config-if)# no ip address
Router(config-if)# negotiation auto
Router(config-if)# service instance 2 ethernet
Router(config-if-srv)# encapsulation dot1q 2
Router(config-if-srv)# rewrite ingress tag pop 1 symmetric
ip dhcp relay information option subscriber-id 11
Router(config-if-srv)# bridge-domain 100
Router(config)# interface Vlan100
Router(config-if)# ip address 10.0.0.1 255.255.255.0
Router(config-if)# ip helper-address global 20.0.0.2
Router(config-if)# ip helper-address 20.0.0.2
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-67
Chapter 4
Verification
Use this commands to verify operation.
Command
Purpose
Troubleshooting
Table 4-9 provides the troubleshooting solutions for the DHCP Snooping feature.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-68
OL-16147-20
Chapter 4
Table 4-9
Problem
Solution
2.
3.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-69
Chapter 4
change with minimal traffic disruption in the network. A system configured with DHCP snooping creates
a DHCP snooping database, which contains DHCP snooping entries (MAC/IP bindings) learnt from the
different VLANs.
The DHCP snooping binding data is added in the active supervisor after successfully synchronizing the
snooping information between the local standby and remote PoAs (active and standby supervisor PoA).
Note
For more information on pmLACP and p-mLACP failure, see Pseudo MLACP Support on Cisco 7600
section in the Cisco 7600 Series ES+ and ES+T Line Card Configuration Guide.
The active PoA synchronizes the DHCP snooping binding tables with the standby PoA.
1.
The standby PoA uses the synchronized DHCP binding information for IP source guard (IPSG) and
Dynamic ARP Inspection (DAI).
2.
On switchover, the standby EFP becomes active and any spoofed ARP, MAC or IP traffic is dropped
by the new Active PoA.
The manual load-balance VLAN list and LAG configuration should be same on both the PoAs.
The bridge-domain configured under a p-mLACP port-channel EVC should not be part of any other
non-pmLACP interfaces.
For proper DHCP snooping database synchronization, ensure that the ICRM link is up.
All the PoAs should be configured as p-mLACP peers to enable DHCP snooping database
synchronization.
It is recomended that all the PoAs should be configured for non-revertive mode.
During the mLACP failures A, B, C, and E, the database entries are not lost. In case of p-mLACP
failure D, the database entries are lost but they are restored after synchronization with the peer PoA
through the ICRM link.
The maximum number of DHCP Snooping entries supported per PoA is 20000; 10000 entries on the
active VLAN on the active PoA and 10000 entries synchronized from another PoA through the ICCP
link.
This feature is supported on the ES20 and ES+ line cards in the access mode only.
This feature is supported on both SUP720 and RSP720 (1 GHz & 10 GHz).
For the Virtual Private Lan Service (VPLS)-decoupled mode, all the Ethernet Flow Points (EFPs)
participating in a bridge-domain should have the outer tag VLAN range set to either primary or
secondary VLANs, but not both.
If an EFP is deleted from a PoA, you should remove it from the all the peer PoAs.
While adding EFPs to a PoA, add the standby EFP before adding the active EFP.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-70
OL-16147-20
Chapter 4
Note
Feature
Per PoA
20000
Troubleshooting Tips
Table 4-11 lists the commands to troubleshoot the p-mLACP DHCP Snooping State Synchronization.
Table 4-11 Troubleshooting Scenarios
Command
Use
Note
For more information on pmLACP and p-mLACP failure, see Pseudo MLACP Support on Cisco 7600
section in the Cisco 7600 Series ES+ and ES+T Line Card Configuration Guide.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-71
Chapter 4
POA creates snooping entries for its active VLANs based IGMP reports and the snooping entries are
synchronized to the peer POA using ICCP, where this information corresponds to the standby
VLANs on peer POA.
The peer POA processes the ICCP messages received from the other POA, and pre-programs the
multicast forwarding table based on the received IGMP information.
When p-mLACP fails (A, B, C, D, E) on one of the POA, the peer POA moves its standby VLANs
to active and triggers IGMP reports towards the Designated Router/mrouter based on the IGMP
information received via ICCP for these VLANs.
Next, the peer POA starts forwarding multicast data traffic based on pre-programmed multicast
forwarding table without any delay, enabling fast convergence.
Figure 4-4 shows the basic p-mLACP IGMP Snooping State Synchronization process.
Figure 4-4
IGMP
hosts
mrouter
DSLAM
7600
Downstream
MC-LAG
Upstream
MC-LAG
300142
7600
The maximum number of IGMP Snooping entries supported per PoA is 10000.
This feature is supported on the ES20 and ES+ line cards in the access mode only.
This feature is supported on both SUP720 and RSP720 (1 GHz & 10 GHz).
For the Virtual Private Lan Service (VPLS)-decoupled mode, all the Ethernet Flow Points (EFPs)
participating in a bridge-domain should have the outer tag VLAN range set to either primary or
secondary VLANs, but not both.
If an EFP is deleted from a PoA, you should remove it from the all the peer PoAs.
While adding EFPs to a PoA, add the standby EFP before adding the active EFP.
IGMP Snooping is not supported with Hierarchical Virtual Private LAN Service (H-VPLS) and
MAC Tunneling Protocol (MTP) scenarios and topologies.
Table 4-12 lists the scalability numbers for IGMP snooping state synchronization.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-72
OL-16147-20
Chapter 4
Table 4-12
Note
Feature
Per PoA
Per RG
p-mLACP IGMP
snooping state
synchronization
10K
20K
10K
All p-mLACP restrictions also apply to IGMP Snooping over p-mLACP feature.
Troubleshooting Tips
Table 4-13 lists the troubleshooting solutions for the p-mLACP IGMP Snooping State Sync
implementation.
Table 4-13 Troubleshooting Scenarios
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-73
Chapter 4
Problem
Solution
1.
2.
2.
3.
4.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-74
OL-16147-20
Chapter 4
The number of ACLs and ACEs that can be configured as part of IP source guard are bounded by
the hardware resources on the line card.
The IP source guard is meant to verify host source IP and MAC information. Only ingress traffic is
filtered. It is not applicable to egress direction.
The IP source guard is not effective for software forwarded packets. When a non-recoverable TCAM
exception occurs for the IP source guard, the IP filtering is not effective and packets are permitted.
IP source guard is supported on port-channel service instances effective from Cisco IOS release
15.1(2)S.
enable
2.
configure terminal
3.
4.
[no] ip address
5.
6.
7.
rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id} | pop {1 | 2} | translate {1-to-1 {dot1q vlan-id | dot1ad vlan-id}| 2-to-1 dot1q vlan-id | dot1ad
vlan-id}| 1-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id} | 2-to-2 {dot1q
vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id}} symmetric
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-75
Chapter 4
Note
To distinguish if the packet is DHCP, all tags must be pop; push and translate are not
supported with the IP source guard for service instance feature.
8.
9.
10. exit
11. end
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
or
or
interface port-channel number
Example:
Router(config)# interface gigabitethernet 4/1
Step 4
[no] ip address
Example:
Router(config-if)# no ip address
Step 5
Example:
Step 6
Example:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-76
OL-16147-20
Chapter 4
Step 7
Command
Purpose
Example:
Router(config-if-srv)# rewrite ingress tag pop 1
symmetric
Step 8
Example:
Router(config-if-srv)# ip verify source vlan
dhcp-snooping
Step 9
Example:
Router(config-if-srv)# bridge-domain 12
Step 10
exit
Example:
Router(config-if)# exit
Step 11
end
Example:
Router(config)# end
Example
This example shows how to configure IP source guard for a service instance with single tag (Dot1q)
encapsulation.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet7/1
Router(config-if)# no ip address
Router(config-if)# service instance 71 ethernet
Router(config-if-srv)# encapsulation dot1q 71
Router(config-if-srv)# rewrite ingress tag pop 1 symmetric
Router(config-if-srv)# ip verify source vlan dhcp-snooping
Router(config-if-srv)# bridge-domain 10
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-77
Chapter 4
This is example shows how to configure IP source guard for a service instance with double tag (QinQ)
encapsulation.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet7/1
Router(config-if)# no ip address
Router(config-if)# service instance 71 ethernet
Router(config-if-srv)# encapsulation dot1q 71 second-dot1q 100
Router(config-if-srv)# rewrite ingress tag pop 1 symmetric
Router(config-if-srv)# ip verify source vlan dhcp-snooping
Router(config-if-srv)# bridge-domain 10
This example shows how to configure IP source guard for a service instance with untagged
encapsulation.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet7/1
Router(config-if)# no ip address
Router(config-if)# service instance 71 ethernet
Router(config-if-srv)# encapsulation untagged
Router(config-if-srv)# ip verify source vlan dhcp-snooping
Router(config-if-srv)# bridge-domain 10
This example shows how to configure IP source guard for a service instance with default encapsulation.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet7/1
Router(config-if)# no ip address
Router(config-if)# service instance 71 ethernet
Router(config-if-srv)# encapsulation default
Router(config-if-srv)# ip verify source vlan dhcp-snooping
Router(config-if-srv)# bridge-domain 10
This example shows how to configure IP source guard for a service instance with single tag
encapsulation on a port-channel interface.
Router# enable
Router# configure terminal
Router(config)# interface port-channel 2
Router(config-if)# no ip address
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# encapsulation dot1q 100
Router(config-if-srv)# ip verify source vlan dhcp-snooping
Router(config-if-srv)# bridge-domain 10
Verification
Use the show ip verify source interface to verify the configuration:
router# show ip verify source interface gi5/1 efp_id 10
Interface Filter-type Filter-mode IP-address
Mac-address
Vlan
ID
-------------------------------------------------------------------- ---------Gi5/1 ip-mac
active
123.1.1.1
00:0A:00:0A:00:0A 100
10
router# show ip verify source interface gi5/1
Interface Filter-type Filter-mode IP-address
ID
Mac-address
Vlan
EFP
EFP
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-78
OL-16147-20
Chapter 4
-----------
---------------
123.1.1.1
123.1.1.2
123.1.1.3
-----------------
00:0A:00:0A:00:0A
00:0A:00:0A:00:0B
00:0A:00:0A:00:0C
100
100
100
10
20
30
Troubleshooting
Table 4-14 provides troubleshooting solutions for the IP source guard feature.
Table 4-14
Problem
Solution
1.
2.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-79
Chapter 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-80
OL-16147-20
Chapter 4
Main interface where the EFP is configured must be up and running with MSTP as the selected
Spanning Tree Mode (PVST and Rapid-PVST are not supported).
The co-existence of REP and mLACP with MST on the same port is not supported.
Any action performed on VPORT (which represents a particular VLAN in a physical port) affects
the bridge domain and other services.
This feature cannot co-exist with Ethernet Bridging on FR/ATM that support only PVST.
Supports 64 MSTs and one CIST (common and internal spanning tree).
Service instances without any VLAN ID in the encapsulation are not supported, because a unique
VLAN ID is required to map an EVC to an MST instance.
Supports EFPs with unambigous outer VLAN tag (that is, no range, list on outer VLAN, neither
default nor untagged).
Changing the VLAN (outer encapsulation VLAN of EVC) mapping to a different MST instance will
move the EVC port to the new MST instance.
Changing an EVC service instance to a VLAN that has not been defined in MST 1 will result in
mapping of EVC port to MST 0.
The peer router of the EVC port must also be running MST.
MST is supported only on EVC BD. EVCs without BD configuration will not participate in MST
When an MST is configured on the outer VLAN, you can configure any number of service instances
with the same outer VLAN as shown in the following configuration example.
nPE1#sh run int gi12/5
Building configuration...
Current configuration : 373 bytes
!
interface GigabitEthernet12/5
description connected to CE1
no ip address
service instance 100 ethernet
encapsulation dot1q 100 second-dot1q 1
bridge-domain 100
!
service instance 101 ethernet
encapsulation dot1q 100 second-dot1q 2
bridge-domain 101
!
service instance 102 ethernet
encapsulation dot1q 100 second-dot1q 120-140
bridge-domain 102
!
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-81
Chapter 4
end
Priority
Address
Hello Time
Interface
------------------Gi12/5
Gi12/6
Role
---Root
Altn
Cost
--------20000
20000
Prio.Nbr
-------128.2821
128.2822
Type
-------------------------------P2p
P2p
nPE1#
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-82
OL-16147-20
Chapter 4
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface
gigabitethernet 4/1
Step 4
Example:
Router(config-if)# service instance 101
ethernet
Step 5
Example:
Router(config-if-srv)# encapsulation
dot1q 13
Step 6
Example:
Router(config-if-srv)# bridge-domain 12
Examples
In the following example, two interfaces participate in MST instance 0, the default instance to which all
VLANs are mapped:
Router# enable
Router# configure terminal
Router(config)# interface g4/1
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# encapsulation dot1q 2
Router(config-if-srv)# bridge-domain 100
Router(config-if-srv)# interface g4/3
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# encapsulation dot1q 2
Router(config-if-srv)# bridge-domain 100
Router(config-if-srv)# end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-83
Chapter 4
Verification
Use this command to verify the configuration:
Router# show spanning-tree vlan 2
MST0
Spanning tree enabled protocol mstp
Root ID
Priority
32768
Address
0009.e91a.bc40
This bridge is the root
Hello Time
2 sec Max Age 20 sec
Bridge ID
Priority
Address
Hello Time
Interface
Role Sts Cost
Prio.Nbr Type
------------------- ---- --- --------- -------- -------------------------------Gi4/1
Desg FWD 20000
128.1537 P2p
Gi4/3
Back BLK 20000
128.1540 P2p
In this example, interface gi4/1 and interface gi4/3 are connected back-to-back. Each has a service
instance (EFP) attached to it. The EFP on both interfaces has an encapsulation VLAN ID of 2. Changing
the VLAN ID from 2 to 8 in the encapsulation directive for the EFP on interface gi4/1 stops the MSTP
from running in the MST instance to which the old VLAN is mapped and starts the MSTP in the MST
instance to which the new VLAN is mapped:
Router(config-if)# interface g4/1
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# encap dot1q 8
Router(config-if-srv)# end
Priority
Address
Hello Time
Interface
Role Sts Cost
Prio.Nbr Type
------------------- ---- --- --------- -------- -------------------------------Gi4/3
Desg FWD 20000
128.1540 P2p
Router# show spanning-tree vlan 8
MST2
Spanning tree enabled protocol mstp
Root ID
Priority
32770
Address
0009.e91a.bc40
This bridge is the root
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-84
OL-16147-20
Chapter 4
Hello Time
Bridge ID
Priority
Address
Hello Time
2 sec
Interface
Role Sts Cost
Prio.Nbr Type
------------------- ---- --- --------- -------- -------------------------------Gi4/1
Desg FWD 20000
128.1537 P2p
In this example, interface gi4/3 (with an EFP that has an outer encapsulation VLAN ID of 2 and a bridge
domain of 100) receives a new service:
Router# enable
Router# configure terminal
Router(config)# interface g4/3
Router((config-if)# service instance 2 ethernet
Router((config-if-srv)# encap dot1q 2 second-dot1q 100
Router((config-if-srv)# bridge-domain 200
Now there are two EFPs configured on interface gi4/3 and both of them have the same outer VLAN 2.
interface GigabitEthernet4/3
no ip address
service instance 1 ethernet
encapsulation dot1q 2
bridge-domain 100
!
service instance 2 ethernet
encapsulation dot1q 2 second-dot1q 100
bridge-domain 200
The preceding configuration does not affect the MSTP operation on the interface; there is no state change
for interface gi4/3 in the MST instance it belongs to.
Router# show spanning-tree mst 1
##### MST1
Bridge
Root
vlans mapped:
2
address 0009.e91a.bc40
this switch for MST1
priority
Interface
Role Sts Cost
Prio.Nbr Type
---------------- ---- --- --------- -------- -------------------------------Gi4/3
Desg FWD 20000
128.1540 P2p
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-85
Chapter 4
Address 0001.6441.68c0
Cost 20000
Port 3329 (Port-channel5)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 000a.f331.8e80
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Interface Role Sts Cost Prio.Nbr Type
------------------- ---- --- --------- -------- -------------------------------Gi2/0/0 Desg FWD 20000 128.257 P2p
Po5 Root FWD 10000 128.3329 P2p
Po6 Altn BLK 10000 128.3330 P2p
Troubleshooting
Table 4-15 provides troubleshooting solutions for the MST on EVC Bridge Domain feature.
Table 4-15
Troubleshooting Scenarios
Problem
Solution
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-86
OL-16147-20
Chapter 4
Problem
Solution
2.
3.
4.
5.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-87
Chapter 4
Ensure that the management interfaces are not part of a link state group.
LST does not allow any interface, upstream or downstream, to be part of more than one link state
group.
When you configure LST for the first time, you must add upstream interfaces to the link state group
before adding downstream, otherwise the state of the downlink interfaces are error-disabled.
The configurable interfaces are physical (both routed and switch port), port-channel, sub-interface
and VLAN.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
interface slot/port
5.
6.
end
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-88
OL-16147-20
Chapter 4
Step 3
Command or Action
Purpose
Example:
Router(config)# link state track 1
Step 4
interface slot/port
Configures an interface.
Example:
Router(config)# interface gigabitethernet 2/1
Step 5
Step 6
Example:
Router(config-if)# link state group 1 upstream
end
Example:
Router(config-if)# end
This example shows how to create a link-state group and configure the interfaces:
Router# configure terminal
Router(config)# link state track 1
Router(config)# interface gigabitethernet3/1
Router(config-if)# link state group 1 upstream
Router(config-if)# interface gigabitethernet3/3
Router(config-if)# link state group 1 upstream
Router(config-if)# interface gigabitethernet3/5
Router(config-if)# link state group 1 downstream
Router(config-if)# interface gigabitethernet3/7
Router(config-if)# link state group 1 downstream
Router(config-if)# end
Verification
Use the show link state group command to display the link-state group information.
Router> show link state group 1
Link State Group: 1 Status: Enabled, Down
Use the show link state group detail command to display detailed information about the group.
Router> show link state group detail
(Up):Interface up (Dwn):Interface Down (Dis):Interface disabled
Link State Group: 1 Status: Enabled, Down
Upstream Interfaces : Gi3/5(Dwn) Gi3/6(Dwn)
Downstream Interfaces : Gi3/1(Dis) Gi3/2(Dis) Gi3/3(Dis) Gi3/4(Dis)
Link State Group: 2 Status: Enabled, Down
Upstream Interfaces : Gi3/15(Dwn) Gi3/16(Dwn) Gi3/17(Dwn)
Downstream Interfaces : Gi3/11(Dis) Gi3/12(Dis) Gi3/13(Dis) Gi3/14(Dis)
(Up):Interface up (Dwn):Interface Down (Dis):Interface disabled
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-89
Chapter 4
Problem
Solution
Enabling MAC Address Security for EVC Bridge Domain, page 4-91
Enabling MAC Address Security for EVC Bridge Domain, page 4-91
Disabling MAC Address Security for EVC Bridge Domain on an EFP, page 4-93
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-90
OL-16147-20
Chapter 4
System wide, the following limits apply to the total configured whitelist and learned MAC
addresses:
Total number of MAC addresses supported under MAC Security is limited to 32K.
Total number of MAC addresses supported under MAC Security, per bridge domain, is limited
to 10K.
Total number of MAC addresses supported under MAC Security, per EFP, is limited to 1K.
You can configure or remove the various MAC security elements irrespective of whether MAC
security is enabled on the EFP. However, these configurations will become operational only after
MAC security is enabled.
Upon enabling the MAC Address Security for EVC Bridge Domain feature, existing MAC address
table entries on the EFP are removed.
The MAC Address Security for EVC Bridge Domain feature can be configured on an EFP only if
the EFP is a member of a bridge domain.
If you disassociate the EFP from the BD, the MAC security feature is completely removed.
For port-channel, this configuration is propagated to all member links in the port-channel.
Consistent with the already implemented bridge domain EVC port-channel functionality, packets on
a secured EFP are received on any member link, but all the egress packets are sent out to one of the
selected member links.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
bridge-domain bridge-id
7.
mac security
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-91
Chapter 4
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface gigabitethernet
slot/subslot/port
or
interface tengigabitethernet
slot/subslot/port
or
interface port-channel number
Example:
Router(config)# interface
gigabitethernet 4/1
Step 4
Example:
Router(config-if)# service instance 101
ethernet
Step 5
Example:
Router(config-if-srv)# encapsulation
dot1q 13
Step 6
bridge-domain bridge-id
Example:
Router(config-if-srv)# bridge-domain 12
Step 7
Example:
Router(config-if-srv)# mac security or
Router(config-if-srv)# no mac security
Examples
This example shows how to enable MAC address security for EVC bridge domain.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 2/1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-92
OL-16147-20
Chapter 4
This example shows how to disable MAC address security for EVC bridge domain.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 2/1
Router(config-if)# service instance 10 ethernet
Router(config-if-srv)# no mac security
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
no mac security
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface gigabitethernet
slot/subslot/port
or
interface tengigabitethernet
slot/subslot/port
or
interface port-channel number
Example:
Router(config)# interface
gigabitethernet 4/1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-93
Chapter 4
Step 4
Command
Purpose
Example:
Router(config-if)# service instance 101
ethernet
Step 5
no mac security
Example:
Router(config-if-srv)# no mac security
Examples
This example shows how to disable MAC address security for EVC bridge domain.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 2/1
Router(config-if)# service instance 10 ethernet
Router(config-if-srv)# no mac security
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
bridge-domain bridge-id
7.
8.
mac security
9.
no mac security
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-94
OL-16147-20
Chapter 4
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface gigabitethernet
slot/subslot/port
or
interface tengigabitethernet
slot/subslot/port
or
interface port-channel number
Example:
Router(config)# interface
gigabitethernet 4/1
Step 4
Example:
Router(config-if)# service instance 101
ethernet
Step 5
Example:
Router(config-if-srv)# encapsulation
dot1q 13
Step 6
bridge-domain bridge-id
Example:
Router(config-if-srv)# bridge-domain 12
Step 7
Example:
Router(config-if-srv)# mac security
address permit 0000.1111.2222
Step 8
mac security
Example:
Router(config-if-srv)# mac security
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-95
Chapter 4
Examples
This example shows how to configure whitelisted MAC addresses on an EFP that is a member of a bridge
domain.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 2/1
Router(config-if)# service instance 10 ethernet
Router(config-srv)# encapsulation dot1q 20
Router(config-if-srv)# bridge-domain 100
Router(config-if-srv)# mac security address permit 0000.1111.2222
Router(config-if-srv)# mac security
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
bridge-domain bridge-id
7.
8.
mac security
9.
no mac security
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-96
OL-16147-20
Chapter 4
Step 3
Command
Purpose
interface gigabitethernet
slot/subslot/port
or
interface tengigabitethernet
slot/subslot/port
or
interface port-channel number
Example:
Router(config)# interface
gigabitethernet 4/1
Step 4
Example:
Router(config-if)# service instance 101
ethernet
Step 5
Example:
Router(config-if-srv)# encapsulation
dot1q 13
Step 6
bridge-domain bridge-id
Example:
Router(config-if-srv)# bridge-domain 12
Step 7
Example:
Step 8
Note
mac security
Example:
Router(config-if-srv)# mac security
Step 9
no mac security
Example:
Router(config-if-srv)# no mac security
Examples
This example configures sticky MAC addresses on an EFP.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 2/1
Router(config-if)# service instance 10 ethernet
Router(config-if-srv)# encapsulation dot1q 20
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-97
Chapter 4
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
bridge-domain bridge-id
7.
8.
9.
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-98
OL-16147-20
Chapter 4
Step 3
Command
Purpose
interface gigabitethernet
slot/subslot/port
or
interface tengigabitethernet
slot/subslot/port
or
interface port-channel number
Example:
Router(config)# interface
gigabitethernet 4/1
Step 4
Example:
Router(config-if)# service instance 101
ethernet
Step 5
Example:
Router(config-if-srv)# encapsulation
dot1q 13
Step 6
bridge-domain bridge-id
Example:
Router(config-if-srv)# bridge-domain 12
Step 7
Example:
Router(config-if-srv)# mac security
aging time 200
Step 8
Example:
Router(config-if-srv)# mac security
static
Step 9
Example:
Router(config-if-srv)# mac security
stickly
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-99
Chapter 4
Step 10
Command
Purpose
mac security
Example:
Router(config-if-srv)# mac security
Step 11
no mac security
Example:
Router(config-if-srv)# no mac security
Examples
This example shows how to configure the aging time for secure addresses to 10 minutes.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 2/1
Router(config-if)# service instance 10 ethernet
Router(config-if-srv)# encapsulation dot1q 20
Router(config-if-srv)# bridge-domain 100
Router(config-if-srv)# mac security aging time 10
Router(config-if-srv)# mac security
This example shows a configuration where the aging out of addresses is based on inactivity of the
sending hosts. An address will age out if it is not seen for 10 minutes.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 2/1
Router(config-if)# service instance 10 ethernet
Router(config-if-srv)# encapsulation dot1q 20
Router(config-if-srv)# bridge-domain 100
Router(config-if-srv)# mac security aging time 10 inactivity
Router(config-if-srv)# mac security
The mac security aging time command only ages out secure addresses that are learned. To enable aging
out of whitelist or sticky addresses when the mac security aging time command is configured, use the
mac security aging static command (applies aging controls to statically configured addresses) or the
mac security aging sticky command (applies aging controls to persistent, that is, sticky, addresses). The
configuration below shows an example of applying aging to a sticky address.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 1/1
Router(config-if)# service instance 10 ethernet
Router(config-if-srv)# encapsulation dot1q 10
Router(config-if-srv)# bridge-domain 100
Router(config-if-srv)# mac security
Router(config-if-srv)# mac security sticky
Router(config-if-srv)# mac security aging time 100
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-100
OL-16147-20
Chapter 4
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
bridge-domain bridge-id
7.
8.
mac security
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface gigabitethernet
slot/subslot/port
or
interface tengigabitethernet
slot/subslot/port
or
interface port-channel number
Example:
Router(config)# interface
gigabitethernet 4/1
Step 4
Example:
Router(config-if)# service instance 101
ethernet
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-101
Chapter 4
Step 5
Command
Purpose
Example:
Router(config-if-srv)# encapsulation
dot1q 13
Step 6
bridge-domain bridge-id
Example:
Router(config-if-srv)# bridge-domain 12
Step 7
Example:
Step 8
mac security
Example:
Router(config-if-srv)# mac security
Examples
This example configures an upper limit of 10 for the number of secured MAC addresses allowed on an
EFP.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 2/1
Router(config-if)# service instance 10 ethernet
Router(config-if-srv)# encapsulation dot1q 20
Router(config-if-srv)# bridge-domain 100
Router(config-if-srv)# mac security maximum addresses 10
Router(config-if-srv)# mac security
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-102
OL-16147-20
Chapter 4
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# bridge-domain 12
Step 4
Example:
Router(config-bdomain)# mac limit
maximum addresses 1000
Examples
This example configures an upper limit of 1000 for the number of secured MAC addresses.
Router# enable
Router# configure terminal
Router(config)# bridge-domain 100
Router(config-if-srv)# mac limit maximum address 1000
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-103
Chapter 4
6.
bridge-domain bridge-id
7.
8.
mac security
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface gigabitethernet
slot/subslot/port
or
interface tengigabitethernet
slot/subslot/port
or
interface port-channel number
Example:
Router(config)# interface
gigabitethernet 4/1
Step 4
Example:
Router(config-if)# service instance 101
ethernet
Step 5
Example:
Router(config-if-srv)# encapsulation
dot1q 13
Step 6
bridge-domain bridge-id
Example:
Router(config-if-srv)# bridge-domain 12
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-104
OL-16147-20
Chapter 4
Step 7
Command
Purpose
Example:
Router(config-if-srv)# mac security
violation restrict
Step 8
mac security
Example:
Router(config-if-srv)# mac security
Examples
This example configures a restrict violation response on EFP.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 2/1
Router(config-if)# service instance 10 ethernet
Router(config-if-srv)# encapsulation dot1q 20
Router(config-if-srv)# bridge-domain 100
Router(config-if-srv)# mac security violation restrict
Router(config-if-srv)# mac security
Error Recovery
This section describes how to recover from violation causing an EFP shutdown (default violation
response) and contains the following sections:
Manual recovery
Automatic recovery
Manual Recovery
For manual recovery, use the clear ethernet service instance id id interface interface-name errdisable
command to bring the service instance out of an error disabled state as shown below:
Router# enable
Router# configure terminal
Router# clear ethernet service instance id 10 interface gi1/1 errdisable
Automatic recovery
For automatic recovery, use the errdisable recovery cause mac security command. You must specify
the timer interval. The valid value is from 30 to 86400 second. In the configuration example that follows,
the EFP recovers 60 seconds after the violation causes the shutdown.
Router# enable
Router# configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-105
Chapter 4
Verification
Use the following commands to verify operation.
Command
Purpose
Displays all the EFPs in the system that have MAC Security
enabled.
Router# show bridge-domain id mac security last violation Displays information about the last violation recorded on each
of the service instances belonging to the bridge domain.
Router# show bridge-domain id mac security statistics
Troubleshooting
Table 4-17 provides troubleshooting solutions for the MAC Security feature.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-106
OL-16147-20
Chapter 4
Table 4-17
Problem
Solution
EFP is disabled and is unable to automatically recover from Use the errdisable recovery cause mac-security interval or
error disable state
clear ethernet service instance id id interface interface-name
errdisable commands to re-enable the EFP.
Mac security aging timer is inactive
Ethernet virtual circuit (EVC)An association between two or more UNIs that identifies a
point-to-point or point-to-multipoint path within the provider network.
Each EFP is identified with an EVC. An EVC ID is globally unique within a network. In addition, an
EFP is associated with one bridge domain. All the EFPs in a bridge domain belong to the same EVC
(when specified).
For EFPs, untagged, single-tagged, and double-tagged encapsulations exist with dot1q, QinQ, and IEEE
dot1ad Ether types. Different EFPs belonging to a bridge domain can have different encapsulations.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-107
Chapter 4
The following line cards and supervisors that have three or more match registers are supported:
ES20 line cards
ES+ line cards
RSP720-3C-10GE and
Supervisor Engine 32
WS-X67xx line cards (with supported supervisor)
Generic VLAN Registration Protocol (GVRP) and CFM coexistence is also supported
configuring CFM
PVST and GVRP; there is no restriction for the order of configuration.
CFM uses two match registers to identify the control packet type; PVST also uses a match register
to identify its control packet type. So in order for both protocols to work on the same system each
line card needs to support three match registers, at least one being able to support only a 44 bit MAC
match.
This message is displayed when no match registers are available.
CFM is enabled system wide except on supervisor ports due to spanning tree
configuration on supervisor ports for CFM due to hardware limitations on these
ports. Continued with enabling CFM system-wide to allow coexistence with other
protocols such as PVST.
This message is displayed when the 48 bit match register is not available.
CFM is enabled system wide except it's disabled on supervisor ports due to spanning
tree or GVRP configuration. Unable to program all port ASIC MAC match registers
on supervisor ports for CFM due to hardware limitations on these ports. Continued
with enabling CFM system-wide to allow coexistence with other protocols such such
as PVST or GVRP.System has handled this by disabling CFM on all supervisor ports.
If this is unacceptable configure STP mode to MST and re-enable CFM or disable CFM
completely.
attempt is made to power up an unsupported line card or to insert an unsupported line card into
the router:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-108
OL-16147-20
Chapter 4
Unsupported module in slot 3, power not allowed: Module has insufficient match
registers. Enabled relevant protocols include SSTP CFM_MULTICAST.
Note
Slot 3 in the above message refers to the module with unsufficient match registers.
PVST mode is the default spanning-tree mode. It is enabled when you boot the router.
Note
You cannot disable PVST spanning-tree mode or MST spanning-tree mode with the no versions of the
spanning-tree mode mst or spanning-tree mode pvst commands; you must enable the other
spanning-tree mode to disable the existing spanning-tree mode. For example, if you want to disable the
MST spanning-tree mode, you must enable the PVST spanning-tree mode.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# spanning-tree mode pvst
Step 4
Example:
Router(config)# ethernet cfm enable
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-109
Chapter 4
Router# enable
Router# configure terminal
Router(config)# spanning-tree mode pvst
Router(config)# ethernet cfm enable
enable
2.
configure terminal
3.
gvrp global
4.
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
gvrp global
Example:
Router(config)# gvrp global
Step 4
Example:
Router(config)# ethernet cfm enable
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-110
OL-16147-20
Chapter 4
enable
2.
configure terminal
3.
gvrp global
4.
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
gvrp global
Example:
Router(config)# gvrp global
Step 4
Example:
Router(config)# spanning-tree mode pvst
Verification
Use the following commands to verify operation.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-111
Chapter 4
Command
Purpose
Router# remote command switch show platform mrm info Displays protocols using port ASIC match registers. However,
the feature will not be enabled if the match registers are not
programmed.
0x8100 802.1q
0x9100 Q-in-Q
0x88a8 802.1ad
You can use the dot1 q tunneling ethertype ethertype-value command to configure the custom
ethertype within a physical port.
In the following sample configuration, ethertype is set to 0x9100, service instance is created, and
Rewrite process is initiated:
interface GigabitEthernet 1/1
dot1q tunneling ethertype 0x9100
service instance <number> ethernet
encapsulation dot1q <vlan 1> [second-dot1q <vlan 2>]
Rewrite <Rewrite>
Note
Note
Cisco IOS Release 12.2(33)SRE adds support for custom ethertype to port-channels.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-112
OL-16147-20
Chapter 4
Note
To avoid hierarchical provider bridges when any Custom Ethertype is configured, NNI interface does not
support ingress push Rewrite except for encap untagged.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-113
Chapter 4
If a custom ethertype is configured on the port-channel, the same ethertype is implicitly configured
for all the other member interfaces.
You cannot configure Custom ethertype explicitly under a member interface of a port-channel.
An ES+ port configured with custom ethertype cannot become member of port-channel.
1.
enable
2.
configure terminal
3.
4.
5.
6.
7.
Rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id dot1q vlan-id} | pop
{1 | 2} | translate {1-to-1 {dot1q vlan-id}| 2-to-1 dot1q vlan-id }| 1-to-2 {dot1q vlan-id second-dot1q
vlan-id dot1q vlan-id} | 2-to-2 {dot1q vlan-id second-dot1q vlan-id dot1q vlan-id}} symmetric
SUMMARY STEPS
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface
gigabitethernet 4/1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-114
OL-16147-20
Chapter 4
Step 4
Command
Purpose
Example:
Router(config-if)# dot1q tunneling
ethertype 0x88A8
Step 5
Example:
Router(config-if)# service instance 101
ethernet
Step 6
Example:
Router(config-if-srv)# encapsulation
dot1q 100 second dot1q 200
Step 7
Example:
Router(config-if-srv)# Rewrite ingress
tag push dot1q 20
Examples
Single Tag Encap with Connect with Custom Ethertype Configured
In the following example, Custom Ethertype is configured on a single tag encap using the connect
configuration:
Router#sh running-config int Gi1/1
//Building configuration...
interface GigabitEthernet 1/1
no ip address
dot1q tunneling ethertype 0x9100
no mls qos trust
service instance 1 ethernet
encapsulation dot1q 10
Router#sh running-config int Gi1/2
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-115
Chapter 4
no ip address
dot1q tunneling ethertype 0x9100
mls qos trust dscp
service instance 1 ethernet
encapsulation dot1q 10
Router)# connect LC1 GigabitEthernet 1/1 1 GigabitEthernet 1/2 1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-116
OL-16147-20
Chapter 4
Verification
Use the following commands to verify operations.
Command
Purpose
Troubleshooting
Table 4-18 provides troubleshooting solutions for the Custom Ethertype feature.
Table 4-18
Troubleshooting Scenarios
Problem
Solution
Use the show platform npc xlif channel-id port <port sram
line command to verify if the port-sram is programmed
correctly and displays the configured ethertype. Share the
output with TAC for further investigation.
Incorrect programming of cusom-ethertype in a port-channel Use the show vlan internal usage command to trace errors
subinterface
related to custom etherytype programming and find the
internal VLAN allocated to the sub-interface. You can use the
internal VLAN to verify if the XLIF entry is present in the
ES40 line card. Use this to verify if the custom ethertype is
properly programmed in the XLIF.
Unknown errors and events on the port channel
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-117
Chapter 4
When the user configures a link ID for a port-channel member link and configures that member link
as the preferred egress link for some service instances in that port-channel, there is redistribution of
traffic. The redistribution is such that:
Service instances that were configured to be sent over the preferred egress member link is sent
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-118
OL-16147-20
Chapter 4
Consider the example where the platform has chosen an egress link that has the load share bit
2. Before the user has configured the link ID = 2 for Member 1, this EFP traffic has been sent
over Member 3. After the user configuration, since member 1 now has the load share bit = 2,
this traffic is now be sent over member 1.
The reverse also happens; traffic that was going through member 1 before the user configuration
now goes through member 3.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
exit
6.
7.
8.
9.
exit
10. exit
11. interface port-channel number
12. [no] port-channel load-balance link ID
13. [no] backup link ID_list
14. [no] service-instance service_instance_list
15. [no] group service_group_list
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-119
Chapter 4
Step 3
Command
Purpose
Example:
Router(config)# interface gigabitethernet 4/1
Step 4
Example:
Router(config-if)# channel-group 2 mode on link 3
Step 5
exit
Example:
Router(config-if)# exit
Step 6
Example:
Router(config)# interface port-channel 11
Step 7
Example:
Router(config-if)# service instance 101 ethernet
Step 8
Example:
Router(config-if-srv)# encapsulation dot1q 10
Step 9
exit
Example:
Router(config-if-srv)# exit
Step 10
exit
Example:
Router(config-if)# exit
Step 11
Example:
Router(config)# interface port-channel 11
Step 12
Example:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-120
OL-16147-20
Chapter 4
Step 13
Command
Purpose
Example:
Step 14
Example:
Router(config-if-lb)# service-instance 10
Step 15
Example:
Router(config-if-lb)# group 10
Example
The following example shows four member links across two different channel-groups:
Router(config)# interface Gi0/1
Router(config-if)# channel-group 1 mode on link 3
Router(config)# interface Gi0/2
Router(config-if)# channel-group 1 mode on link 4
Router(config)# interface Gi0/3
Router(config-if)# channel-group 2 mode on link 3
Router(config)# interface Gi0/4
Router(config-if)# channel-group 2 mode on link 7
Router(config)# interface Port-channel1
Router(config-if)# service instance 10 ethernet
Router(config-if-srv)# encapsulation dot1Q 10
Router(config-if-srv)# service instance 20 ethernet
Router(config-if-srv)# encapsulation dot1Q 20
Router(config-if-srv)# service instance 60 ethernet
Router(config-if-srv)# group 10
Router(config-if-srv)# service instance 70 ethernet
Router(config-if-srv)# group 10
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-121
Chapter 4
Verification
Use the following commands to verify operation.
Table 4-19
Command
Purpose
Troubleshooting Scenarios
Problem
Solution
Re-configure the link group with the specific link ID and these
keywords:
Ensure that:
The back up link ID does not overlap with the primary link
ID.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-122
OL-16147-20
Chapter 4
Problem
Solution
Invalid input
Switchports
Note
Layer 3 (routed port) to Layer 2 (switchport) conversion is allowed only when there are no
subinterfaces configured on the port.
In Cisco IOS Release 15.0(1)S, the following storm control feature enhancements are covered on 67xx,
6196, ES20 and ES+ line cards:
Port-channel interfaces: Support for port-channel interfaces on ES20 and ES+ line cards.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-123
Chapter 4
Shutdown: When a storm is detected and the storm traffic exceeds the accepted threshold, the
affected interface moves to error disable state. The traffic threshold is calculated as a percentage of
the total bandwidth of the port (%BW). Use the error disable detection and the recovery feature, or
the shut or no shut command to re-enable the port on the affected interface.
The port receives multicast and broadcast traffic beyond its configured bandwidth.
The value of the TotalSuppDiscards counter increments. This value is displayed when you use the
show interface gigabitEthernet <slot/port> counters storm-control command.
Note
These restrictions and usage guidelines apply only to the Cisco 7600 Series ES+ line cards.
The broadcast and multicast suppression share the same suppression rate, therefore, when you
configure a different rate either for broadcast or multicast the new rate will apply to broadcast and
multicast.
Storm control feature is not supported on the member interfaces of a port channel.
Untagged frames can be subjected to storm control by having a service instance which marks all
untagged frames. Once such a service instance is created, these frames behave like any storm control
on any other EVC.
The maximum storm control rate is 4 Gbps (on 10 Gigabit interfaces it can be 40% of line rate)
When storm control is applied on an interface that has an inbound Layer 2 ACL applied, all packets
are dropped irrespective of the configured suppression level.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-124
OL-16147-20
Chapter 4
Any additions or changes made to the storm control configuration on the port-channel interface is
automatically updated across all the port-channel member-links.
You can add an interface to a port-channel if the storm control configuration on the interface and the
port-channel are alike.
You can either club member-links to form a port- channel and then configure the port-channel
or change the storm control configuration on the interface to match with the port-channel,
before adding it to the port-channel.
Using the default interface command twice, removes the storm control feature from a member-link
interface.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
7.
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface
gigabitethernet 4/1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-125
Chapter 4
Step 4
Command
Purpose
Example:
Router(config-if)# service instance 101
ethernet
Step 5
Example:
Router(config-if-srv)# encapsulation
dot1q 13
Step 6
Example:
Step 7
Example:
Router(config-if)# storm-control
broadcast level 30
Example
This example shows a configuration for ports with EVCs on them:
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 4/1
Router(config-if)# service instance 2 ethernet
Router(config-if-srv)# encapsulation dot1q 20
Router(config-if-srv)# bridge-domain 10
Router(config-if)# storm-control multicast level 45
enable
2.
configure terminal
3.
4.
switchport
5.
6.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-126
OL-16147-20
Chapter 4
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface gigabitethernet 4/1
Step 4
switchport
Example:
Router(config-if)# switchport
Step 5
Example:
Router(config-if)# switchport mode trunk
Step 6
Example:
Router(config-if)# storm-control broadcast level
30
Example
This example shows a configuration for ports with switchport configuration:
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 4/1
Router(config)# switchport
Router(config)# switchport mode trunk
Router(config)# storm-control multicast level 45
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-127
Chapter 4
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
end
7.
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Step 4
Example:
Router(config)# interface port-channel 1/0/18
Step 5
Note
Example:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-128
OL-16147-20
Chapter 4
Command
Purpose
Step 6
end
Step 7
Example:
For more information regarding the commands, see the following command reference guides:
Example
The following is a sample configuration for storm control on a Layer 2 port channel on the ES+ line card:
interface Port-channel22
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
storm-control broadcast level 0.01
storm-control multicast level 0.01
storm-control action shutdown
storm-control action trap
interface GigabitEthernet2/13
switchport
switchport mode trunk
storm-control broadcast level 0.01
storm-control multicast level 0.01
storm-control action shutdown
storm-control action trap
channel-group 22 mode on
interface GigabitEthernet2/21
switchport
switchport mode trunk
storm-control broadcast level 0.01
storm-control multicast level 0.01
storm-control action shutdown
storm-control action trap
channel-group 22 mode on
Use the show interfaces interface counters storm-control command to display the total suppression
percentage of packets for the broadcast, multicast and unicast storm control traffic on all interfaces or
on a specified interface. The storm control shutdown on an interface depends on the TotalSuppDiscards
counter (displayed in the example). This counter increments when a traffic storm occurs.
Router# show interfaces counters storm-control
Port
Gi1/1
Gi1/2
Gi1/3
Gi1/4
Gi1/5
Gi1/6
UcastSupp %
100.00
100.00
100.00
100.00
100.00
100.00
McastSupp %
100.00
100.00
100.00
100.00
100.00
100.00
BcastSupp %
100.00
100.00
100.00
100.00
100.00
100.00
TotalSuppDiscards
0
0
0
0
0
0
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-129
Chapter 4
Gi1/7
Gi1/8
Gi1/9
Gi1/10
Gi1/11
Gi1/12
Gi1/13
Gi1/14
Gi1/15
Gi1/16
Gi1/17
Gi1/18
Gi1/19
Gi1/20
Gi1/21
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
20.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
20.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
2943374677
0
0
0
0
0
0
0
0
0
0
434529474
0
0
0
Port
Gi1/22
Gi1/23
Gi1/24
Gi1/25
Gi1/26
Gi1/27
Gi1/28
Gi1/29
Gi1/30
Gi1/31
Gi1/32
Gi1/33
Gi1/34
Gi1/35
Gi1/36
Gi1/37
Gi1/38
Gi1/39
Gi1/40
UcastSupp %
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
McastSupp %
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
BcastSupp %
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
100.00
TotalSuppDiscards
499018427
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
Router#
Router# show interfaces gig1/18 counters storm-control
Port
Gi1/18
UcastSupp %
100.00
McastSupp %
100.00
BcastSupp %
100.00
TotalSuppDiscards
434529474
Verification
Use the following commands to verify operation.
Table 4-21
Command
Purpose
slot/port} | switchport]
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-130
OL-16147-20
Chapter 4
1.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-131
Chapter 4
Storm control over EVC can be configured on connect, cross connect and bridge-domain interfaces.
Storm control over EVC can be configured only for broadcast or multicast packets, not for unicast
packets.
If storm control is already configured at the port level, you cannot configure storm control over EVC
and vice versa.
When an EVC moves to the error-disable state, auto-recovery can be configured for storm-control
after a certain pre-determined interval.
Storm control over EVC is supported only on the Cisco 7600 ES+ line card.
If storm control is enabled on a port channel EVC, the configuration is applied per network
processor (NP).
Summary Steps
1.
enable
2.
configure terminal
3.
4.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-132
OL-16147-20
Chapter 4
5.
6.
7.
bridge-domain bridge-id
8.
end
Detailed Steps
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface
gigabitethernet 4/1
Step 4
Example:
Router(config-if)# service instance 101
ethernet
Step 5
Example:
Router(config-if-srv)# encapsulation
dot1q 100
Step 6
bridge-domain bridge-id
Example:
Router(config-subif)# bridge-domain 12
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-133
Chapter 4
Step 7
Command
Purpose
Example:
Router(config-if)# storm-control
broadcast cir 11000000
Step 8
end
Example:
Router(config-if)# end
Note
When the ingress packets exceed the configured rate, the EVC moves to error-disable state if the action
is configured as shutdown. You can configure the EVC to move to up state after a certain interval using
errdisable recovery casue storm-control interval command. The accepted interval varies from 30 to
86400 seconds.
Examples
This example shows how to configure storm control over an EVC.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 1/1
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# encapsulation dot1q 100
Router(config-if-srv)# bridge-domain 200
Router(config-if-srv)# storm-control broadcast cir 11000000
Router(config-if)# end
This example shows how to configure storm control over a port channel EVC.
Router# enable
Router# configure terminal
Router(config)# interface port-channel 1
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# encapsulation dot1q 200
Router(config-if-srv)# bridge-domain 100
Router(config-if-srv)# storm-control multicast cir 11000000
Router(config-if)# end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-134
OL-16147-20
Chapter 4
Verification
Use the show ethernet service instance id id interface type slot/port stats command to verify the storm
control over EVC configuration.
Router# show ethernet service instance id 1204 interface gigabit ethernet 2/7 stats
Port maximum number of service instances: 8000
Service Instance 1204, Interface GigabitEthernet2/7
Pkts In
Bytes In
Pkts Out Bytes Out
2262238 452447600
150570
30114000
StormControl Discard Pkts: 1809909
Asymmetric Carrier-Delay
During redundant link deployments where the remote network element is enabled, a link or port may be
displayed as up before the port or link is ready to forward data. This anomaly leads to traffic loss during
switchover as up events are notified faster than the required routing protocol convergence time. With
existing conventional carrier delay, both up and down events are notified within equal time that might
not be feasible in certain network deployments. Asymmetric carrier-delays ensure stable topologies
compared to conventional carrier-delay implementation.
Table 4-22 lists the differences between the conventional carrier-delay and asymmetric carrier-delay
implementations.
Table 4-22
Traffic losses and timer optimization issues due to Optimal timer configurations are achieved due to
single configurable delay values for both up and separate for timer values for up and down events.
down events.
The minimum valid carrier-delay down time that user can configure is 11 milliseconds for Gigabit
ports. By default, carrier-delay is configured to 10 milliseconds during a card bootup. However, even
if you configure a value less than 11 milliseconds , there will not be any impact on the carrier delay.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-135
Chapter 4
Asymmetric Carrier-Delay
Note
As the fast link feature and carrier-delay features are mutually exclusive, fast link feature is enabled
by default.
If you configure carrier-delay values, fast link feature is disabled on a line card.
Though the fast link feature is configured by default in the card, the carrier-delay feature overwrites
the fast link feature when configured.
If you have not configured the carrier-delay values, fast link feature values are utilized for down
event notification.
If you are using Cisco IOS release version 12.2(33) SRE or prior versions and asymmetric carrier delay
is configured on the interface, the show running-config command may display carrier-delay msec 0.
This issue is fixed in Cisco IOS 15.0(1)S and further releases.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
end
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface gigabit
ethernet 8/0/14
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-136
OL-16147-20
Chapter 4
Step 4
Command or Action
Purpose
Example:
Router(config-if)# carrier-delay up 300
Router(config-if)# carrier-delay down 10
Step 5
end
Router(config-if)# end
Verification
You can use the show run command to display the carrier-delay configurations on an ES+ physical
interface. The first example shows asymmetric carrier-delay configuration and the second example
shows symmetric carrier delay configuration.
Router# show running-config interface GigabitEthernet 8/0/4
Building configuration...
Current configuration:
!
interface GigabitEthernet8/0/4
no ip address
carrier-delay up 300
carrier-delay down 10
shutdown
Router# show running-config interface GigabitEthernet 2/0/1
Building configuration...
Current configuration:
!
interface GigabitEthernet2/0/1
no ip address
carrier-delay msec 10
shutdown
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-137
Chapter 4
This feature only changes egress EFP traffic in the port-channel and does not affect the ingress traffic.
In the case of bridge domain, ingress traffic may enter any port that has an EFP in the same bridge
domain as the EFP in the port-channel. In the case of local switching (connect) and cross-connect
(xconnect), ingress traffic is received at the EFP or port specified in the connect or cross-connect
configuration. This feature coexists with current service instance feature support and supports the
existing scale of 8000 service instance per processor (all 8000 service instances can be on one interface).
This feature supports HA and SSO as well as OIR.
When the user configures a link ID for a port-channel member link and configures that member link
as the preferred egress link for some service instances in that port-channel, there is redistribution of
traffic. The redistribution is such that:
Service instances that were configured to be sent over the preferred egress member link is sent
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-138
OL-16147-20
Chapter 4
4.
5.
exit
6.
7.
8.
9.
exit
10. exit
11. interface port-channel number
12. [no] port-channel load-balance link ID
13. [no] backup link ID_list
14. [no] service-instance service_instance_list
15. [no] group service_group_list
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface gigabitethernet 4/1
Step 4
Example:
Router(config-if)# channel-group 2 mode on link 3
Step 5
exit
Example:
Router(config-if)# exit
Step 6
Example:
Router(config)# interface port-channel 11
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-139
Chapter 4
Step 7
Command
Purpose
Example:
Router(config-if)# service instance 101 ethernet
Step 8
Example:
Router(config-if-srv)# encapsulation dot1q 10
Step 9
exit
Example:
Router(config-if-srv)# exit
Step 10
exit
Example:
Router(config-if)# exit
Step 11
Example:
Router(config)# interface port-channel 11
Step 12
Example:
Step 13
Example:
Step 14
Example:
Router(config-if-lb)# service-instance 10
Step 15
Example:
Router(config-if-lb)# group 10
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-140
OL-16147-20
Chapter 4
Example
The following example shows four member links across two different channel-groups:
Router(config)# interface Gi0/1
Router(config-if)# channel-group 1 mode on link 3
Router(config)# interface Gi0/2
Router(config-if)# channel-group 1 mode on link 4
Router(config)# interface Gi0/3
Router(config-if)# channel-group 2 mode on link 3
Router(config)# interface Gi0/4
Router(config-if)# channel-group 2 mode on link 7
Router(config)# interface Port-channel1
Router(config-if)# service instance 10 ethernet
Router(config-if-srv)# encapsulation dot1Q 10
Router(config-if-srv)# service instance 20 ethernet
Router(config-if-srv)# encapsulation dot1Q 20
Router(config-if-srv)# service instance 60 ethernet
Router(config-if-srv)# group 10
Router(config-if-srv)# service instance 70 ethernet
Router(config-if-srv)# group 10
Verification
Use the following commands to verify operation.
Table 4-23
Command
Purpose
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-141
Chapter 4
ACL Type
Ingress Support
Egress Support
Layer 2
Yes
No
Yes
Yes
Ingress ACLs are internally configured on every member interface because the traffic can enter any of
the member links. Therefore, the load balancing algorithm does not change the way the ingress ACLs
behave.
When per-flow load balancing is configured on the port-channel, traffic for an EVC can exit from any
of the member links. Therefore, with the per-flow load balancing feature enabled on the port channel,
the egress ACL is internally configured on each of the member links in the egress direction. When the
per-flow load balancing configuration is removed from the port-channel interface, the egress ACL
information is internally removed from each active member link, and configured on the member selected
by the load balancing algorithm.
Restrictions
Following restrictions apply for EVC port channel per flow load balancing:
When flow-based load balancing is configured, bandwidth of the port channel should be configured
such that it is equal to the member links port bandwidth. Use the bandwidth bandwidth_value
command in the port-channel interface.
EVC port channel per flow load balancing is supported over connect and cross connect.
EVC port channel per flow load balancing is not supported over a bridge domain.
Flow based load balancing cannot co-exist with other load balancing schemes.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-142
OL-16147-20
Chapter 4
If you configure QoS on a EVC port channel, QoS policies are installed on each port channel
member link with the same QoS configuration of the EVC port channel. For example, if you
configure 1 Mbps bandwidth on a EVC port channel with four active member links, 1 Mbps is
configured on each member link.
If EVCs within a port-channel interface are part of a service group with EVCs and sub interfaces
configured, you cannot remove the flow-based load balancing configuration.
Summary Steps
1.
enable
2.
configure terminal
3.
4.
5.
end
Detailed Steps
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface port-channel 1
Step 4
Example:
Router(config-if)# port-channel load-balance
flow-based
Step 5
end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-143
Chapter 4
Example
This example shows configuring flow based load balancing on a port channel interface.
Router# enable
Router# configure terminal
Router(config)# interface Port-channel 1
Router(config-if)# bandwidth 1000000
Router(config-if)# port-channel load-balance flow-based
Router(config-if)# end
Verification
Use the show running-config interface port-channel channel-number command to verify the EVC port
channel per flow load balancing configuration.
Router# enable
Router# configure terminal
Router(config)# interface Port-channel 2
Router(config-if)# port-channel load-balance flow-based
Router(config-if)# bandwidth 1000000
Router(config-if)# end
Router# show running-config interface Port-channel 2
Building configuration...
Current configuration : 113 bytes
!
interface Port-channel2
band width 1000000
no ip address
port-channel load-balance flow-based
end
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
mtu bytes
5.
no ip address
6.
7.
8.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-144
OL-16147-20
Chapter 4
9.
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface port-channel 4
Step 4
mtu bytes
Example:
Router(config-if)# mtu 9216
Step 5
no ip address
Example:
Router(config-if)# no ip address
Step 6
Example:
Router(config-if)# port-channel load-balance
flow-based
Step 7
Example:
Router(config-if)#service instance 2 ethernet
Step 8
Example:
Router(config-if-srv)#encapsulation dot1q 2
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-145
Chapter 4
Step 9
Command
Purpose
ip access-group {access-list-name |
access-list-number} {in | out}
Example:
Router(config-if-srv)#ip access-group acl3 out
Step 10
Example:
Router(config-if-srv)#xconnect 2.2.2.2 2
encapsulation mpls
Step 11
end
Configuration Examples
This example shows how to configure Layer 3 and Layer 4 ACLs on an EVC port channel with per flow
load balancing.
Router# enable
Router# configure terminal
Router(config)# interface port-channel 4
Router(config-if)# mtu 9216
Router(config-if)# no ip address
Router(config-if)# port-channel load-balance flow-based
Router(config-if)# service instance 2 ethernet
Router(config-if-srv)# encapsulation dot1q 2
Router(config-if-srv)# ip access-group acl3 out
Router(config-if-srv)# xconnect 2.2.2.2 2 encapsulation mpls
Router(config-if-srv)# end
Verification
Use the show ip access-lists access-list-name command to list the ACL configuration.
Router# show ip access-lists acl3
Extended IP access list acl3
10 permit tcp any eq 1003 any eq 5003
Use the show ethernet service instance id id command to display information about ethernet customer
service instances.
Router# show ethernet service instance id 3
interface port-channel 4 stats Port maximum number of service instances: 8000 Service
Instance 3, Interface Port-channel4
Pkts In
Bytes In
Pkts Out Bytes Out
0
0
14359328 1794916000
SACL permit out count: 14362672
SACL deny out count: 504376
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-146
OL-16147-20
Chapter 4
Dual-homed devices (DHD) to provide network redundancy between two or more service provider
networks.
Allows the LACP state machine and protocol to operate in a dual- homed mode.
Each switch is a point of attachments (PoA), where one PoA is active, and the other is a standby, and the
active PoA executes the multichassis link aggregation group with a DHD. A virtual LACP peer on the
PoA is created giving the impression that a DHD is connected to one node.
shows the placement of PoAs and DHDs in an MLACP configuration.
Figure 4-5
Standby PoA
(Point of Attachment)
Standby PW
Standby AC
DHD
(Dual-Homed Device)
Active PW
Active PoA
(Point of Attachment)
247311
Active AC
The two PoAs form a redundancy group, and only one of the PoAs is active at any given time.
Only two PoAs form a redundancy group; however, you can configure a maximum of 50 redundancy
groups connecting to other DHDs.
Active links exist only between a DHD and active PoAs. None of the links between the DHD and
the standby PoA relay traffic other than Bridge Protocol Data Unit (BPDU)s.
A switchover from an active PoA to a standby PoA occurs when there is a failure on the:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-147
Chapter 4
The default switchover mechanism uses dynamic port priority changes on the port channel and member
link(s) to provide revertive mode and nonrevertive mode options. The default operation in a multichassis LACP is revertive.
Bruteforce is a switchover mechanism where the member link is in a err-disable state after a switchover.
To recover the port channel and enable the member link on a new standby PoA, use the err disable
recovery cause mlacp-minlink command in the global configuration mode.
Use the lacp max-bundle command on all the PoAs to operate in the PoA control and shared control
modes. The max-bundle value argument should not be less than the total number of links in the Link
Aggregation Group (LAG) that are connected to the PoA. Each PoA may be connected to the DHD with
a different number of links for the LAG and, therefore, configured with a different value for the
max-bundle value argument.
Note
The lacp failover brute-force command cannot be used with a nonrevertive configuration.
Supported only on ES20 and ES40 line cards, all member links on a port-channel should be on same
type of line card.
Cisco IOS Release 12.2(33)SRE supports service instances only on an MLACP port-channel.
A PoA may be active for one port-channel, and standby for a different port-channel.
In any LACP configuration, ensure that the numerical value of the system-priority of the virtual
LACP instance on the PoAs is lower (higher priority) than that on the DHD for all control variants.
It is not recommended to configure different max bundle configurations on a PoA. For example, if
DHD 1 to PoA has 4 links, PoA2 should also have 4 links.
When Cisco 7600 routers are used to form a redundancy group within a PoA, the member links
should adhere to the constraints listed in the previous paragraph. These constraints are not validated
across PoAs and you should ensure that configuration between the two PoAs are identical.
Ensure that the etherchannel usage configuration is identical on the two PoAs.
A maximum of two PoAs in a redundancy group and 50 redundancy groups per node are supported.
Multiple Spanning Tree (MST) on an EVC is not supported on MLACP etherchannel ports.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-148
OL-16147-20
Chapter 4
DHD port-channel cannot use Spanning Tree Protocol (STP) or Resilient Ethernet Protocol (REP)
or Reverse Layer 2 Gateway Protocol (RL2GP) as a redundancy option. DHD port-channel disables
the STP enabled by default.
You can configure the channel-group command as active and configuring the channel-group
command as passive is not supported.
As the lacp direct-loadswap command is not applicable on a PoA, member links on a PoA are not
protected with links on the same PoA.
We do not recommend you to have different bundle configurations on a DHD. For example, if DHD
1 to PoA1 has four links, DHD 1 to PoA 2 should also have the same number of links.
Use the port-channel min-link command to configure each PoA with the minimum number of
links. This maintains the LAG in an active state.
The lacp max-bundle command must be used on all the PoAs to operate in PoA control and shared
control modes. The value of the max-bundle should not be less than the total number of interfaces
in the LAG that are connected to the PoA.
If you use the lacp failover command with brute force, then after the switchover, the port-channel
member link moves to a errdisabled state.By default, the interval is 300 seconds (tunable range is
30 seconds to 300 seconds).To recover the port-channel, use the errdisable recovery cause
mlacp-minlink command. EVC with connect as forwarding function is not supported.
The lacp failover non-revertive and lacp failover brute-force commands are mutually exclusive
within the same port-channel.
For best switchover performance, configure LACP fast-switchover in PoAs and DHDs.
Use the errdisable recovery cause mlacp-minlink command to auto-recover the port-channel after
timer expiration.
The core interfaces in a VPLS core should be a ES20 or ES40 line card.
When switching to MLACP mode from P-MLACP mode, ensure that you:
Enable max bundle configuration to have MLACP active or standby.
Shutdown interface on both PoA to avoid any possible traffic loop.
1.
enable
2.
configure terminal
3.
redundancy
4.
5.
SUMMARY STEPS
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-149
Chapter 4
6.
7.
8.
9.
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
redundancy
Example:
Router(config)# redundancy
Step 4
Example:
Router(configure-red)# interchassis
group 400
Step 5
Example:
Router(configure-red)#
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-150
OL-16147-20
Chapter 4
Step 6
Command
Purpose
Example:
Router(configure-red)# member ip
172.3.3.3
Step 7
Example:
Step 8
Example:
Router(config-r-ic)# mlacp
aaaa.aaaa.aaab
Step 9
Example:
Router(config-r-ic)# mlacp system-priority 100
Step 10
Example:
Router(config-r-ic)# backbone interface GigabitEthernet2/3
Step 11
exit
Step 12
To identify the PoA uplink failure, configure the portchannel interface or any physical interface.
Example:
Router# interface Port-channel1
Step 13
lacp max-bundle
{max-bundle value}
Example:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-151
Chapter 4
Step 14
Command
Purpose
Example:
P19_C7609-S(config-if)#lacp failover ?
brute-force
Brute force interface
failover
non-revertive Non revertive interface
failover
Step 15
Specifies that the port-channel is an MLACP port-channel. The group-id should match the configured redundancy group.
Example:
Router(config-red)#interchassis group
230
Step 16
Example:
Router(config-r-ic)# mlacp 5
Step 17
exit
Examples
The following is a configuration example for Virtual Private Wire Services (VPWS):
ACTIVE POA
redundancy
interchassis group 100
monitor peer bfd
member ip 172.3.3.3
backbone interface GigabitEthernet2/3
backbone interface GigabitEthernet2/4
mlacp system-priority 200
mlacp node-id 0
!
interface Port-channel1
no ip address
load-interval 30
speed nonegotiate
port-channel min-links 4
lacp failover brute-force
lacp fast-switchover
lacp max-bundle 4
mlacp lag-priority 28000
mlacp interchassis group 100
service instance 2 ethernet
encapsulation dot1q 2
rewrite ingress tag pop 1 symmetric
xconnect 172.2.2.2 2 pw-class mlacp
backup peer 172.4.4.4 2 pw-class mlacp
!
pseudowire-class mlacp
encapsulation mpls
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-152
OL-16147-20
Chapter 4
Use the show lacp multi-chassis group command to display the interchassis redundancy group value
and the operational LACP parameters.
MLACP-PE1# show lacp multi-chassis group 100
Interchassis Redundancy Group 100
Operational LACP Parameters:
RG State:
Synchronized
System-Id:
200.000a.f331.2680
ICCP Version: 0
Backbone Uplink Status: Connected
Local Configuration:
Node-id:
0
System-Id: 200.000a.f331.2680
Peer Information:
State:
Up
Node-id:
7
System-Id:
2000.0014.6a8b.c680
ICCP Version: 0
State Flags: Active
Standby
Down
AdminDown
Standby Reverting
Unknown
mLACP Channel-groups
Channel
State
Priority
Group
Local/Peer Local/Peer
1
A/S
28000/32768
A
S
D
AD
SR
U
Active Links
Local/Peer
4/4
Inactive Links
Local/Peer
0/0
Use the show lacp multi-chassis portchannel command to display the interface port-channel value
channel group, LAG state, priority, inactive links peer configuration, and standby links.
MLACP-PE1# show lacp multi-chassis port-channel 1
Interface Port-channel1
Local Configuration:
Address: 000a.f331.2680
Channel Group: 1
State: Active
LAG State: Up
Priority: 28000
Inactive Links: 0
Total Active Links: 4
Bundled: 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-153
Chapter 4
Selected: 4
Standby: 0
Unselected: 0
Peer Configuration:
Interface: Port-channel1
Address: 0014.6a8b.c680
Channel Group: 1
State: Standby
LAG State: Up
Priority: 32768
Inactive Links: 0
Total Active Links: 4
Bundled: 0
Selected: 0
Standby: 4
Unselected: 0
Use the show mpls ldp iccp command to display the LDP session and ICCP state information.
MLACP-PE1# show mpls ldp iccp
ICPM RGID Table
iccp:
rg_id: 100, peer addr: 172.3.3.3
ldp_session 0x3, client_id 0
iccp state: ICPM_ICCP_CONNECTED
app type: MLACP
app state: ICPM_APP_CONNECTED, ptcl ver: 0
ICPM RGID Table total ICCP sessions: 1
ICPM LDP Session Table
iccp:
rg_id: 100, peer addr: 172.3.3.3
ldp_session 0x3, client_id 0
iccp state: ICPM_ICCP_CONNECTED
app type: MLACP
app state: ICPM_APP_CONNECTED, ptcl ver: 0
ICPM LDP Session Table total ICCP sessions: 1
Use the show mpls l2transport command to display the local interface and session details, destination
address, and status.
MLACP-PE1# show mpls l2transport vc 2
Local intf
------------Po1
Po1
Local circuit
-------------------------Eth VLAN 2
Eth VLAN 2
Dest address
--------------172.2.2.2
172.4.4.4
VC ID
---------2
2
Status
---------UP
STANDBY
Use the show etherchannel summary command to display the status and identity of the MLACP
member links.
MLACP-PE1# show etherchannel summary
Flags: D - down
P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3
S - Layer2
U - in use
f - failed to allocate aggregator
M
u
w
d
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-154
OL-16147-20
Chapter 4
Use the show lacp internal command to display the device, port, and member- link information.
MLACP-PE1# show lacp internal
Flags: S - Device is requesting Slow LACPDUs
F - Device is requesting Fast LACPDUs
A - Device is in Active mode
P - Device is in Passive mode
Channel group 1
Port
Gi2/9
Gi2/20
Gi2/31
Gi2/40
Flags
SA
SA
SA
SA
State
bndl-act
bndl-act
bndl-act
bndl-act
LACP port
Priority
28000
28000
28000
28000
Admin
Key
0x1
0x1
0x1
0x1
Oper
Key
0x1
0x1
0x1
0x1
Port
Number
0x820A
0x8215
0x8220
0x8229
Port
State
0x3D
0x3D
0x3D
0x3D
0x1
0x1
0x1
0x1
0x1
0x1
0x1
0x1
0xF30C
0xF316
0xF321
0xF303
0x5
0x5
0x7
0x7
FA
FA
FA
FA
hot-sby
hot-sby
hot-sby
hot-sby
32768
32768
32768
32768
POA2
redundancy
interchassis group 100
monitor peer bfd
member ip 172.1.1.1
backbone interface GigabitEthernet3/3
backbone interface GigabitEthernet3/5
mlacp system-priority 2000
mlacp node-id 7
!
interface Port-channel1
no ip address
load-interval 30
speed nonegotiate
port-channel min-links 4
lacp failover brute-force
lacp fast-switchover
lacp max-bundle 4
mlacp interchassis group 100
service instance 2 ethernet
encapsulation dot1q 2
rewrite ingress tag pop 1 symmetric
xconnect 172.2.2.2 2 pw-class mlacp
backup peer 172.4.4.4 2 pw-class mlacp
!
pseudowire-class mlacp
encapsulation mpls
status peer topology dual-homed
mpls ldp graceful-restart
!
!
interface Loopback0
ip address 172.3.3.3 255.255.255.255
!
interface GigabitEthernet3/2
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-155
Chapter 4
Use the show lacp multi-chassis group command to display the LACP parameters, local configuration,
status of the backbone uplink, peer information, node ID, channel, state, priority active, and inactive
links.
MLACP-PE3# show lacp multi-chassis group 100
Interchassis Redundancy Group 100
Operational LACP Parameters:
RG State:
Synchronized
System-Id:
200.000a.f331.2680
ICCP Version: 0
Backbone Uplink Status: Connected
Local Configuration:
Node-id:
7
System-Id: 2000.0014.6a8b.c680
Peer Information:
State:
Up
Node-id:
0
System-Id:
200.000a.f331.2680
ICCP Version: 0
State Flags: Active
Standby
Down
AdminDown
Standby Reverting
Unknown
mLACP Channel-groups
Channel
State
Priority
Group
Local/Peer Local/Peer
1
S/A
32768/28000
A
S
D
AD
SR
U
Active Links
Local/Peer
4/4
Inactive Links
Local/Peer
0/0
Use the show lacp multi-chassis portchannel command to display the interface port-channel value
channel group, LAG state, priority, inactive links peer configuration, and standby links.
MLACP-PE3# show lacp multi-chassis port-channel 1
Interface Port-channel1
Local Configuration:
Address: 0014.6a8b.c680
Channel Group: 1
State: Standby
LAG State: Up
Priority: 32768
Inactive Links: 0
Total Active Links: 4
Bundled: 0
Selected: 0
Standby: 4
Unselected: 0
Peer Configuration:
Interface: Port-channel1
Address: 000a.f331.2680
Channel Group: 1
State: Active
LAG State: Up
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-156
OL-16147-20
Chapter 4
Priority: 28000
Inactive Links: 0
Total Active Links: 4
Bundled: 4
Selected: 4
Standby: 0
Unselected: 0
Use the show mpls ldp iccp command to display the LDP session and ICCP state information.
MLACP-PE3# show mpls ldp iccp
ICPM RGID Table
iccp:
rg_id: 100, peer addr: 172.1.1.1
ldp_session 0x2, client_id 0
iccp state: ICPM_ICCP_CONNECTED
app type: MLACP
app state: ICPM_APP_CONNECTED, ptcl ver: 0
ICPM RGID Table total ICCP sessions: 1
ICPM LDP Session Table
iccp:
rg_id: 100, peer addr: 172.1.1.1
ldp_session 0x2, client_id 0
iccp state: ICPM_ICCP_CONNECTED
app type: MLACP
app state: ICPM_APP_CONNECTED, ptcl ver: 0
ICPM LDP Session Table total ICCP sessions: 1
MLACP-PE3# sh mpls l2transport vc 2
Local intf
------------Po1
Po1
Local circuit
-------------------------Eth VLAN 2
Eth VLAN 2
Dest address
--------------172.2.2.2
172.4.4.4
VC ID
---------2
2
Status
---------STANDBY
STANDBY
Use the show etherchannel summary command to display the status and identity of the MLACP
member links.
MLACP-PE3# show etherchannel summary
Flags: D - down
P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3
S - Layer2
U - in use
f - failed to allocate aggregator
M
u
w
d
Use the show lacp internal command to display the device, port, and member- link information.
MLACP-PE3# show lacp 1 internal
Flags: S - Device is requesting Slow LACPDUs
F - Device is requesting Fast LACPDUs
A - Device is in Active mode
P - Device is in Passive mode
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-157
Chapter 4
Channel group 1
Port
Gi3/2
Gi3/11
Gi3/21
Gi3/32
Flags
FA
FA
FA
FA
State
bndl-sby
bndl-sby
bndl-sby
bndl-sby
LACP port
Priority
32768
32768
32768
32768
Admin
Key
0x1
0x1
0x1
0x1
Oper
Key
0x1
0x1
0x1
0x1
Port
Number
0xF303
0xF30C
0xF316
0xF321
Port
State
0x7
0x5
0x5
0x7
0x1
0x1
0x1
0x1
0x1
0x1
0x1
0x1
0x8215
0x8220
0x8229
0x820A
0x3D
0x3D
0x3D
0x3D
bndl
bndl
bndl
bndl
28000
28000
28000
28000
The following is a configuration example for a Virtual Private Lan Service (VPLS):
Active POA
redundancy
interchassis group 100
monitor peer bfd
member ip 172.3.3.3
backbone interface GigabitEthernet2/3
backbone interface GigabitEthernet2/4
mlacp system-priority 200
mlacp node-id 0
!
interface Port-channel1
no ip address
speed nonegotiate
port-channel min-links 2
lacp fast-switchover
lacp max-bundle 4
mlacp lag-priority 28800
mlacp interchassis group 100
service instance 4000 ethernet
encapsulation dot1q 4000
rewrite ingress tag pop 1 symmetric
bridge-domain 4000
!
l2 vfi VPLS manual
vpn id 4000
neighbor 172.2.2.2 encapsulation mpls
neighbor 172.4.4.4 encapsulation mpls
status decoupled
!
interface Vlan4000
xconnect vfi VPLS
!
mpls ldp graceful-restart
!
interface Loopback0
ip address 172.1.1.1 255.255.255.255
!
interface GigabitEthernet2/3
ip address 120.0.0.1 255.255.255.0
carrier-delay 0
mpls ip
bfd interval 100 min_rx 100 multiplier 3
!
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-158
OL-16147-20
Chapter 4
interface GigabitEthernet2/9
channel-group 1 mode active
!
Use the show lacp mg command to display the LACP parameters, local configuration, status of the
backbone uplink, peer information, node ID, channel, state, priority active, and inactive links.
MLACP-PE1# show lacp multi-chassis group 100
Interchassis Redundancy Group 100
Operational LACP Parameters:
RG State:
Synchronized
System-Id:
200.000a.f331.2680
ICCP Version: 0
Backbone Uplink Status: Connected
Local Configuration:
Node-id:
0
System-Id: 200.000a.f331.2680
Peer Information:
State:
Up
Node-id:
7
System-Id:
2000.0014.6a8b.c680
ICCP Version: 0
State Flags: Active
Standby
Down
AdminDown
Standby Reverting
Unknown
mLACP Channel-groups
Channel
State
Priority
Group
Local/Peer Local/Peer
1
A/S
28000/32768
A
S
D
AD
SR
U
Active Links
Local/Peer
4/4
Inactive Links
Local/Peer
0/0
Use the show lacp multi-chassis portchannel command to display the interface port-channel value
channel group, LAG state, priority, inactive links peer configuration, and standby links.
MLACP-PE1# show lacp multi-chassis port-channel 1
Interface Port-channel1
Local Configuration:
Address: 000a.f331.2680
Channel Group: 1
State: Active
LAG State: Up
Priority: 28000
Inactive Links: 0
Total Active Links: 4
Bundled: 4
Selected: 4
Standby: 0
Unselected: 0
Peer Configuration:
Interface: Port-channel1
Address: 0014.6a8b.c680
Channel Group: 1
State: Standby
LAG State: Up
Priority: 32768
Inactive Links: 0
Total Active Links: 4
Bundled: 0
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-159
Chapter 4
Selected: 0
Standby: 4
Unselected: 0
Use the show mpls ldp iccp command to display the LDP session and ICCP state information.
MLACP-PE1# show mpls ldp iccp
ICPM RGID Table
iccp:
rg_id: 100, peer addr: 172.3.3.3
ldp_session 0x3, client_id 0
iccp state: ICPM_ICCP_CONNECTED
app type: MLACP
app state: ICPM_APP_CONNECTED, ptcl ver: 0
ICPM RGID Table total ICCP sessions: 1
ICPM LDP Session Table
iccp:
rg_id: 100, peer addr: 172.3.3.3
ldp_session 0x3, client_id 0
iccp state: ICPM_ICCP_CONNECTED
app type: MLACP
app state: ICPM_APP_CONNECTED, ptcl ver: 0
ICPM LDP Session Table total ICCP sessions: 1
Use the show mpls l2transport command to display the local interface and session details, destination
address, and the status.
MLACP-PE1# show mpls l2transport vc 4000
Local intf
------------VFI VPLS
VFI VPLS
Local circuit
Dest address
VC ID
Status
-------------------------- --------------- ---------- ---------VFI
172.2.2.2
4000
UP
VFI 172.4.4.4 4000
UP
Use the show etherchannel summary command to display the status and identity of the MLACP
member links.
MLACP-PE1# show etherchannel summary
Flags: D - down
P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3
S - Layer2
U - in use
f - failed to allocate aggregator
M
u
w
d
Use the show lacp internal command to display the device, port, and member-link information.
MLACP-PE1# show lacp internal
Flags: S - Device is requesting Slow LACPDUs
F - Device is requesting Fast LACPDUs
A - Device is in Active mode
P - Device is in Passive mode
Channel group 1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-160
OL-16147-20
Chapter 4
Port
Gi2/9
Gi2/20
Gi2/31
Gi2/40
Flags
SA
SA
SA
SA
State
bndl-act
bndl-act
bndl-act
bndl-act
LACP port
Priority
28000
28000
28000
28000
Admin
Key
0x1
0x1
0x1
0x1
Oper
Key
0x1
0x1
0x1
0x1
Port
Number
0x820A
0x8215
0x8220
0x8229
Port
State
0x3D
0x3D
0x3D
0x3D
0x1
0x1
0x1
0x1
0x1
0x1
0x1
0x1
0xF30C
0xF316
0xF321
0xF303
0x5
0x5
0x7
0x7
FA
FA
FA
FA
hot-sby
hot-sby
hot-sby
hot-sby
32768
32768
32768
32768
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-161
Chapter 4
Use the show lacp multi-chassis group interchassis group number command to display the LACP
parameters, local configuration, status of the backbone uplink, peer information, nodeID, channel, state,
priority, active, and inactive links.
MLACP-PE3# show lacp multi-chassis group 100
Interchassis Redundancy Group 100
Operational LACP Parameters:
RG State:
Synchronized
System-Id:
200.000a.f331.2680
ICCP Version: 0
Backbone Uplink Status: Connected
Local Configuration:
Node-id:
7
System-Id: 2000.0014.6a8b.c680
Peer Information:
State:
Up
Node-id:
0
System-Id:
200.000a.f331.2680
ICCP Version: 0
State Flags: Active
Standby
Down
AdminDown
Standby Reverting
Unknown
mLACP Channel-groups
Channel
State
Priority
Group
Local/Peer Local/Peer
1
S/A
32768/28000
A
S
D
AD
SR
U
Active Links
Local/Peer
4/4
Inactive Links
Local/Peer
0/0
Use the show lacp multi-chassis portchannel command to display the interface port-channel value
channel group, LAG state, priority, inactive links peer configuration, and standby links.
MLACP-PE3# show lacp multi-chassis port-channel 1
Interface Port-channel1
Local Configuration:
Address: 0014.6a8b.c680
Channel Group: 1
State: Standby
LAG State: Up
Priority: 32768
Inactive Links: 0
Total Active Links: 4
Bundled: 0
Selected: 0
Standby: 4
Unselected: 0
Peer Configuration:
Interface: Port-channel1
Address: 000a.f331.2680
Channel Group: 1
State: Active
LAG State: Up
Priority: 28000
Inactive Links: 0
Total Active Links: 4
Bundled: 4
Selected: 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-162
OL-16147-20
Chapter 4
Standby: 0
Unselected: 0
MLACP-PE3# show mpls ldp iccp
ICPM RGID Table
iccp:
rg_id: 100, peer addr: 172.1.1.1
ldp_session 0x2, client_id 0
iccp state: ICPM_ICCP_CONNECTED
app type: MLACP
app state: ICPM_APP_CONNECTED, ptcl ver: 0
ICPM RGID Table total ICCP sessions: 1
ICPM LDP Session Table
iccp:
rg_id: 100, peer addr: 172.1.1.1
ldp_session 0x2, client_id 0
iccp state: ICPM_ICCP_CONNECTED
app type: MLACP
app state: ICPM_APP_CONNECTED, ptcl ver: 0
ICPM LDP Session Table total ICCP sessions: 1
MLACP-PE3# sh mpls l2transport vc 2
Local intf
------------VFI VPLS
VFI VPLS
Local circuit
Dest address
VC ID
Status
-------------------------- --------------- ---------- ---------VFI
172.2.2.2
4000
UP
VFI 172.4.4.4 4000
UP
Use the show etherchannel summary command to display the status and identity of the MLACP member
links.
MLACP-PE3#show etherchannel summary
Flags: D - down
P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3
S - Layer2
U - in use
f - failed to allocate aggregator
M
u
w
d
Use the show lacp internal command to display the device, port, and member- link information.
MLACP-PE3# show lacp 1 internal
Flags: S - Device is requesting Slow LACPDUs
F - Device is requesting Fast LACPDUs
A - Device is in Active mode
P - Device is in Passive mode
Channel group 1
Port
Gi3/2
Gi3/11
Gi3/21
Flags
FA
FA
FA
State
bndl-sby
bndl-sby
bndl-sby
LACP port
Priority
32768
32768
32768
Admin
Key
0x1
0x1
0x1
Oper
Key
0x1
0x1
0x1
Port
Number
0xF303
0xF30C
0xF316
Port
State
0x7
0x5
0x5
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-163
Chapter 4
Gi3/32
FA
bndl-sby
32768
0x1
0x1
0xF321
0x7
0x1
0x1
0x1
0x1
0x1
0x1
0x1
0x1
0x8215
0x8220
0x8229
0x820A
0x3D
0x3D
0x3D
0x3D
bndl
bndl
bndl
bndl
28000
28000
28000
28000
PMLACP Implementation
DHD
POA1
D
C
Allow: VLAN 11-20
Block: VLAN 1-10
E
POA2
282865
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-164
OL-16147-20
Chapter 4
In the illustration, POA ports are configured for a PMLACP role, and ports are configured in
active-active mode with manual VLAN load-balancing. The POAs are configured to allow certain
VLANs on one of their downlinks but not the other VLANs. The POA activates its uplinks for locally
active VLANs. DHD is configured to enable all VLANs on both its uplinks. Traffic from DHD is initially
flooded on both uplinks until DHD learns which uplink is active for which VLANs.
Failover Operations
The PMLACP feature provides network resiliency by protecting against port, link, and node failures.
Figure 4-7 explains the failure points in a network.
Figure 4-7
Standby POA
E
D
DHD
Pseudo
mLACP
ICCP
A
B
C
E
Active POA
310687
Access side link or port failure (failure types A- C): PMLACP on the failing POA initiates a failover
to the peer for any VLANs that were active on the failed link or links. This failover is initiated by
sending an MLACP port state Type Length Value (TLV) message, indicating that the port state is
down.
Node failure (failure type D): PMLACP on the surviving POA receives a node failure notification
and initiates a failover of all VLANs in standby mode on all shared MLAGs.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-165
Chapter 4
POA uplink failure (failure type E): The failing POA sends a message to the peer about the core
isolation using the MLACP system state TLV, indicating that the POA is isolated. It will then place
all VLANs in the blocking mode.
All the three failover events involve the peer POA receiving a notification of the failure. At this point the
receiving standby POA completes the following steps:
1.
Unblocks any of the affected VLANs which were in standby or blocked mode.
2.
Sends a MAC flush message to the access side network device through a Multiple VLAN
Registration Protocol (MVRP) message. This message reflects all the VLANs which are being
activated only for the associated interface. When DHD receives the MVRP message, DHD responds
by flushing the MAC address tables for those VLANs.
3.
Failure Recovery
PMLACP uses revertive mode after a failure recovery to support the active-active model. The reversal
process is also similar to the failover process. The standby POA initates the reversal for each VLAN by
indicating that the POA is relinquishing its active role for the VLAN. This is done though an ICCP
PLACP interface state TLV message, which indicates that it is no longer in active mode for the affected
VLANs. Upon TLV receipt, the recovering POA unblocks the affected VLANs and triggers the MAC
flushes towards access side and core side.
Revertive mode is enabled by default. If you want to choose when to trigger reversion after the failover
recovery, you can configure non revertive mode. The non revertive mode is enabled by configuring the
command lacp failover non-revertive under port channel.
If PMLACP is enabled on a port channel, Resilient Ethernet Protocol (REP), Spanning Tree Protocol
(STP), Link Aggregation Control Protocol (LACP), VLAN Trunking Protocol (VTP), or other layer
2 control protocols are not supported.
The ethernet VLAN color blocking needs to be configured on all VLANs under the port channel if
it has EVC xconnect or MTP configured on it. Use the ethernet vlan color-block vlan all command
for configuring it.
Both POAs must contain the same configuration of manual-load balance VLAN list and LAG.
The bridge-domain that is configured under a PMLACP port channel EVC should not be part of any
other non PMLACP interfaces.
Only one port channel of MLACP or PMLACP type is supported on a single redundancy group
(RG). There can be one MLACP port channel and another PMLACP port channel on a single RG,
but not two port channels of the same type.
The port-channel configuration on both POAs must be the same, but port-channel members need not
be the same.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-166
OL-16147-20
Chapter 4
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
pseudowire-class pw-class-name
4.
encapsulation mpls
5.
6.
exit
7.
8.
vpn id vpn-id
9.
10. exit
11. redundancy
12. interchassis group number
13. monitor peer bfd
14. member IP IP-address
15. mlacp node-id number
16. mlacp system-priority priority
17. backbone interface interface
18. exit
19. interface port-channel port-channel number
20. no ip address
21. mlacp interchassis group group-id
22. mlacp mode active-active
23. mlacp load-balance primary vlan range
24. mlacp load-balance secondary vlan range
25. ethernet vlan color-block all
26. service instance id ethernet
27. encapsulation dot1q vlan id
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-167
Chapter 4
or
brige-domain bridge-domain-id
30. backup peer peer-id vc-id pw-class pw-class-name
31. exit
32. interface vlan bridge-domain-id
33. xconnect vfi vfi-name
34. end
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
pseudowire-class pw-class-name
Example:
Router(config)# pseudowire-class vpws
Step 4
encapsulation mpls
Example:
Router(config-pw-class)# encapsulation
mpls
Step 5
Example:
Step 6
exit
Example:
Router(config-pw-class)# exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-168
OL-16147-20
Chapter 4
Step 7
Command
Purpose
Example:
Step 8
Note
vpn id vpn-id
Example:
Router(config-vfi)# vpn id 17
Step 9
Example:
Step 10
exit
Example:
Router(config-vfi)# exit
Step 11
redundancy
Example:
Router(config)# redundancy
Step 12
Example:
Router(configure-red)# interchassis
group 100
Step 13
Example:
Router(configure-r-ic)# monitor peer
bfd
Step 14
member ip IP-address
Note
Example:
Router(configure-r-ic)# member ip
172.3.3.3
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-169
Chapter 4
Step 15
Command
Purpose
Example:
Router(config-r-ic)# mlacp node-id 5
Step 16
Example:
Step 17
Example:
Router(config-r-ic)# backbone interface GigabitEthernet2/3
Step 18
exit
Example:
Router(config-r-ic)# exit
Step 19
Example:
Router(config)# interface Port-channel
10
Step 20
no ip address
Example:
Router(config-if)# no ip address
Step 21
Example:
Specifies that the port-channel is an MLACP port-channel. The group-id should match the configured redundancy group.
Step 22
Example:
Router(config-if)# mlacp mode
active-active
Step 23
Example:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-170
OL-16147-20
Chapter 4
Step 24
Command
Purpose
Example:
Router(config-if)# mlacp load-balance
secondary vlan 110-120
Step 25
Example:
Note
Step 26
Example:
Router(config-if)# service instance 101
ethernet
Step 27
Example:
Router(config-if-srv)# encapsulation
dot1q 100
Step 28
Example:
Router(config-if-srv)# rewrite ingress
tag pop 1 symmetric
Step 29
or
brige-domain bridge-domain-id
Example:
Router(config-if-srv)# xconnect 3.3.3.3
90 pseudowire-class vpws
Note
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-171
Chapter 4
Step 30
Command
Purpose
Example:
Router(config-if-srv)# backup peer
4.3.3.3 90 pseudowire-class vpws
Step 31
exit
Step 32
Example:
Router(config-if)# interface vlan 201
Step 33
Note
Example:
Router(config-if)# xconnect vfi vpls
Step 34
end
Example:
Router(config-if)# end
Configuration Examples
This is a configuration example for PMLACP with EVC xconnect on two POAs, A and B. In this example
primary VLAN range is configured as 100-109 on router A and 110-120 on router B. The VLAN range
is interchanged so that the primary VLAN range of router A becomes the secondary VLAN range in
router B and the secondary VLAN range of router A becomes the primary VLAN range in router B.
RouterA> enable
RouterA# configure terminal
RouterA(config)# pseudowire-class vpws
RouterA(config-pw-class)# encapsulation mpls
RouterA(config-pw-class)# status peer topology dual-homed
RouterA(config-pw-class)# exit
RouterA(config)# l2 vfi vpls manual
RouterA(config-vfi)# vpn id 100
RouterA(config-vfi)# neighbor 3.3.3.3 encapsulation mpls
RouterA(config-vfi)# exit
RouterA(config)# redundancy
RouterA(config-red)# interchassis group 100
RouterA(config-r-ic)# monitor peer bfd
RouterA(config-r-ic)# member ip 2.2.2.2
RouterA(config-r-ic)# backbone interface GigabitEthernet8/0/10
RouterA(config-r-ic)# mlacp system-priority 100
RouterA(config-r-ic)# mlacp node-id 1
Router(config)# interface Port-channel10
RouterA(config-if)# no ip address
RouterA(config-if)# mlacp interchassis group 100
RouterA(config-if)# mlacp mode active-active
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-172
OL-16147-20
Chapter 4
RouterB> enable
RouterB# configure terminal
RouterB(config)# pseudowire-class vpws
RouterB(config-pw-class)# encapsulation mpls
RouterB(config-pw-class)# status peer topology dual-homed
RouterB(config-pw-class)# exit
RouterB(config)# l2 vfi vpls manual
RouterB(config-vfi)# vpn id 100
RouterB(config-vfi)# neighbor 3.3.3.3 encapsulation mpls
RouterB(config-vfi)# exit
RouterB(config)# redundancy
RouterB(config-red)# interchassis group 100
RouterB(config-r-ic)# monitor peer bfd
RouterB(config-r-ic)# member ip 1.1.1.1
RouterB(config-r-ic)# backbone interface GigabitEthernet8/0/10
RouterB(config-r-ic)# mlacp system-priority 100
RouterB(config-r-ic)# mlacp node-id 2
Router(config)# interface Port-channel 10
RouterB(config-if)# no ip address
RouterB(config-if)# mlacp interchassis group 100
RouterB(config-if)# mlacp mode active-active
RouterB(config-if)# mlacp load-balance primary vlan 110-120
RouterB(config-if)# mlacp load-balance secondary vlan 100-109
RouterB(config-if)# ethernet vlan color-block all
RouterB(config-if)# service instance 10 ethernet
RouterB(config-if-srv)# encapsulation dot1q 100
RouterB(config-if-srv)# rewrite ingress tag pop 1 symmetric
RouterB(config-if-srv)# xconnect 3.3.3.3 90 pseudowire-class vpws
RouterB(config-if-srv)# backup peer 4.3.3.3 91
RouterB(config-if)# service instance 11 ethernet
RouterB(config-if-srv)# encapsulation dot1q 101
RouterB(config-if-srv)# rewrite ingress tag pop 1 symmetric
RouterB(config-if-srv)# bridge-domain 201
RouterB(config-if-srv)# exit
RouterB(config-if)# exit
RouterB(config)# interface vlan 201
RouterB(config-if)# no shutdown
RouterB(config-if)# xconnect vfi vpls
RouterB(config-if)# end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-173
Chapter 4
Verification
Use the show lacp multi-chassis load-balance port-channel number command to verify the PMLACP
configuration information on the port channel interface.
Use the show lacp multi-chassis group command to display the interchassis redundancy group and the
operational LACP parameters.
PE1# show lacp multi-chassis group
Interchassis Redundancy Group 100
Operational LACP Parameters:
RG State:
Synchronized
System-Id:
32768.001b.0de6.3080
ICCP Version: 0
Backbone Uplink Status: Connected
Local Configuration:
Node-id:
1
System-Id: 32768.001b.0de6.3080
Peer Information:
State:
Up
Node-id:
2
System-Id:
32768.f866.f2d2.6680
ICCP Version: 0
State Flags: Active - A
Standby
- S
Down
- D
AdminDown
- AD
Standby Reverting - SR
Unknown
- U
mLACP Channel-groups
Channel
State
Priority
Active Links
Inactive Links
Group
Local/Peer Local/Peer
Local/Peer
Local/Peer
10
A/A
32768/32768
2/2
0/0
Redundancy Group 100 (0x64)
Applications connected: mLACP, Pseudo-mLACP
Monitor mode: BFD
member ip: 2.2.2.2 "PE2", CONNECTED
BFD neighbor: GigabitEthernet2/9, next hop 192.168.41.2, UP
mLACP state: CONNECTED
Pseudo-mLACP state: CONNECTED
backbone int GigabitEthernet8/0/9: UP (IP)
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-174
OL-16147-20
Chapter 4
Interface
=========
GigabitEthernet2/9
Use the show lacp multi-chassis load-balance group command to display the PMLACP configuration
information including redundancy group, link states and interface status.
Troubleshooting Tips
Table 4-25
Troubleshooting Tips
Command
Purpose
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-175
Chapter 4
A L2TPv3 tunnel is a control connection between two PE routers. One L2TPv3 tunnel can have multiple
data connections, and each data connection is termed as an L2TPv3 session. The control connection is
used to establish, maintain, and release sessions. Each session is identified by a session ID which is
unique across the entire router.
Figure 4-8
Attachment VC
Pseudowire
Attachment VC
Tunnel
IP Network
PE1
P router
P router
PE2
CE
P router
282928
CE
In Figure 4-8, the attachment Virtual Circuit (VC) represents a physical or a logical port that connects a
Customer Edge (CE) device to a Provider Edge (PE) device. A pseudowire is defined as a VC connecting
two attachment VCs, and it consists of two L2TPv3 tunnel paths, one in each direction.
There must be at least one distinct L2TPv3 tunnel per Layer 2 facing linecard.
The L2TPv3 feature on a Cisco 7600 router is supported on ES+ and SIP 400 line cards.
The Cisco 7600 router supports only IPv4 tunnelling for the Layer 2 frames.
The L2TPv3 feature does not support configurations such as EoL2TPv3oMPLS on the encapsulating
PE.
L2TPv3 is not supported in conjunction with EVC features. L2TPv3 coexists with EVC on the same
port. That is, while one sub-interface is used to tunnel dot1q tagged traffic over L2TP, another
sub-interface is used to perform EVC features.
Effective with Cisco IOS release 15.1(3)S, 4000 IP tunnels are supported on ES+ line cards.
The L2TPv3 feature does not support SSO. You must enable cookies for L2TPv3 session on HA
setups.
Configuring L2TPv3
Before configuring L2TPv3, ensure the following:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-176
OL-16147-20
Chapter 4
Create loopback interfaces to host the local IP addresses used by the L2TP tunnels. On a 7600 router,
create multiple loopback interfaces to accommodate routing protocol configuration and L2TPv3
configuration. The mls l2tpv3 reserve command must be configured under loopback to indicate the
Layer 2 network or CE side facing interface. This interface must be on ES+ or SIP400 LC.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
l2tp-class name
4.
exit
5.
6.
7.
8.
exit
9.
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-177
Chapter 4
Step 3
Command
Purpose
l2tp-class name
Example:
Router(config)#l2tp-class H-NAME
Note
Step 4
exit
Example:
Router(config-l2tp-class)# exit
Step 5
Example:
Router(config)# interface loopback 8000
Step 6
Example:
Router(config-if)# ip address 200.1.1.1 mask
255.255.255.0
Step 7
Example:
Step 8
exit
Example:
Router(config-if)#exit
Step 9
Example:
Router(config)# pseudowire-class eth8000
Step 10
encapsulation l2tpv3
Example:
Router(config-pw-class)#encapsulation l2tpv3
Step 11
Example:
Router(config-pw-class)#protocol l2tpv3 H-NAME
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-178
OL-16147-20
Chapter 4
Step 12
Command
Purpose
Example:
Router(config-pw-class)#ip local interface
Loopback 8000
Step 13
exit
Example:
Router(config-pw-class)# exit
Step 14
Example:
Router(config)#interface GigabitEthernet3/4.100
Step 15
Example:
Step 16
Example:
Step 17
exit
Example:
Router(config-subif-xconn)#exit
Configuration Examples
This example shows how to configure L2TPv3:
Router# enable
Router# configure terminal
Router (config)#l2tp-class H-NAME
Router (config-l2tp-class)#exit
Router (config)#interface Loopback8000
Router (config-if)#ip address 200.1.1.1 255.255.255.0
Router (config-if)#mls l2tpv3 reserve interface Gig3/1 Gig3/10
Router (config-if)#exit
Router (config)#pseudowire-class eth8000
Router (config-pw-class)#encapsulation l2tpv3
Router (config-pw-class)#protocol l2tpv3 H-NAME
Router (config-pw-class)#ip local interface Loopback8000
Router (config-pw-class)#exit
Router (config)#interface GigabitEthernet3/4.100
Router (config-subif)#encapsulation dot1Q 100
Router (config-subif)#xconnect 100.1.1.1 80 encap l2tpv3 pw-class eth8000
Router (config-subif-xconn)#exit
Router (config-subif)#exit
Router (config)#exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-179
Chapter 4
Verification
Use the following commands to verify the L2TPv3 configuration:
Router #show l2tp tunnel
L2TP Tunnel Information Total tunnels 2 sessions 2
LocTunID
RemTunID
Remote Name
State
Remote Address
est
est
100.1.1.1
100.1.2.1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-180
OL-16147-20
Chapter 4
Troubleshooting Tips
For specific troubleshooting information, contact Cisco Technical Assistance Center (TAC) at this
location:
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
The root bridge itself (the bridge with the lowest bridge id/priority).
The bridge with the second lowest bridge ID/priority, and with a 0 cost path to the root.
Using R-L2GP, you can statically configure the BPDUs instead of dynamic configuration.
For more information, see Configuring STP and MST at:
http://www.cisco.com/en/US/docs/routers/7600/ios/15S/configuration/guide/spantree.html#wp110187
4.
R-L2GP is not compatible with pre-standard MST. This combination is not supported.
Because VLAN ID is required for EVC service instance to MST instance mapping, EVC service
instances without any VLAN ID in the encapsulation are not supported. This includes:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-181
Chapter 4
Untagged encapsulation
Priority-tagged encapsulation
Default encapsulation
In EVC service instance, MST runs on the encapsulation VLAN, not on the broadcast-domain
VLAN.
R-L2GP does not provide any automatic detection or recovery mechanisms for BPDU data.
MST instance zero under RL2GP must be configured before RL2GP instance is attached to a port.
Configure MST instance zero on the same nPE pair as RL2GP instance.
In case of EVC service instance configuration, Encap vlan and BD vlan should be part of the same
MST instance to send the TCNs on the BD-Vlans.
Configure MST
Configuration of MST must be done before configuring RL2GP and attaching it to a port. For MST
configuration, you need to configure:
Hello Time
Name
Revision
MSTI information (VLAN mapping, bridge priority, port priority, and cost)
Priority Vector information (bridge ID, port ID, Root Bridge ID)
Since the R-L2GP configuration is bundled with the MSTI configuration, the above parameters can be
recycled from the MSTI and MST region (currently only one MST region is supported on IOS)
configurations. This section describes how to configure Reverse L2GP for 7600. It consists of the
following sections:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-182
OL-16147-20
Chapter 4
Configuring MST
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# spanning-tree mst configuration
Step 4
Example:
Router(config-mst)# name Cisco
Step 5
revision version
Example:
Router(config-mst)# revision 5
Step 6
Example:
Router(config-mst)# instance 2 vlans 1-100
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-183
Chapter 4
2.
remote-id id
3.
4.
5.
mst root
6.
mst cost
DETAILED STEPS
Step 1
Command
Purpose
Example:
Router(config)# spanning-tree pseudo-information
transmit 10
Step 2
remote-id id
Example:
Router(config-pseudo)# remote-id 5
Step 3
Example:
Step 4
Example:
Step 5
mst root
Example:
Router(config-pseudo)# mst root
Step 6
mst cost
Example:
Router(config-pseudo)# mst cost
2.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-184
OL-16147-20
Chapter 4
DETAILED STEPS
Step 1
Command
Purpose
Example:
Router(config)# interface gigabitethernet 4/1
Step 2
Example:
Router(config-if)# spanning-tree
pseudo-information transmit 10
2.
vpn id vpn_id
3.
4.
5.
exit
6.
7.
DETAILED STEPS
Step 1
Command
Purpose
Example:
Router(config)# l2 vfi vfitest1 manual
Step 2
vpn id vpn_id
Example:
Router(config-vfi)# vpn id 303
Step 3
Example:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-185
Chapter 4
Step 4
Command
Purpose
Example:
Router(config-vfi)# neighbor 10.10.10.10 1
encapsulation mpls
Step 5
exit
Example:
Router(config-vfi)# exit
Router(config)#
Step 6
Example:
Router(config)# interface vlan 23
Step 7
Example:
Router(config-if)# xconnect vfi vfi16
Examples
This is a sample configuration for switch port:
----- PE1 configuration ----Step 1:
PE1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
PE1(config)#spanning-tree mode mst
PE1(config)#spanning-tree extend system-id
PE1(config)#spanning-tree pseudo-information transmit 2
PE1(config-pseudo)# remote-id 1
PE1(config-pseudo)# mst 0 root 32768 0000.0000.0001
%Warning: Please make same configuration change on mst instance 0 for
remote Pseudo Info instance also.
Difference in mst instance 0 config
on Pseudo Info pair can cause network instability
PE1(config-pseudo)# mst 1 root 32768 0000.0000.0002
PE1(config-pseudo)# mst 1 cost 100
PE1(config-pseudo)#exit
PE1(config)#spanning-tree mst configuration
PE1(config-mst)#instance 1 vlan 100-200, 400-500
Step 2:
PE1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
PE1(config)#interface TenGigabitEthernet4/1
PE1(config-if)# switchport
PE1(config-if)# switchport mode trunk
PE1(config-if)# spanning-tree pseudo-information transmit 2
PE1(config-if)#end
PE1#
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-186
OL-16147-20
Chapter 4
Step 3:
PE1(config)#l2 vfi bpdupw manual
PE1(config-vfi)#vpn id 100
PE1(config-vfi)#forward permit l2protocol all
PE1(config-vfi)#neighbor 22.22.22.22 encapsulation mpls
PE1(config-vfi-neighbor)#
Step 4:
PE1#configure terminal
Enter configuration commands, one per line.
PE1(config)#interface Vlan1
PE1(config-if)#no ip address
PE1(config-if)#xconnect vfi bpdupw
PE1(config-if)#end
PE1#
vlans mapped:
1-99,201-399,501-4094
address 0013.5f21.e240 priority
32768 (32768 sysid 0)
this switch for the CIST
hello time 2 , forward delay 15, max age 20, txholdcount 6
hello time 2 , forward delay 15, max age 20, max hops
20
Interface
----------------------------------------------Te4/1
PW 22.22.22.22:100
##### MST1
Bridge
Root
vlans mapped:
100-200,400-500
address 0013.5f21.e240 priority
this switch for MST1
Interface
----------------------------------------------Te4/1
PW 22.22.22.22:100
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-187
Chapter 4
vlans mapped:
1-99,201-399,501-4094
address 0013.5f21.e240 priority
32768 (32768 sysid 0)
this switch for the CIST
hello time 2 , forward delay 15, max age 20, txholdcount 6
hello time 2 , forward delay 15, max age 20, max hops
20
vlans mapped:
100-200,400-500
address 0013.5f21.e240 priority
this switch for MST1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-188
OL-16147-20
Chapter 4
Step 1:
PE2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
PE2(config)#spanning-tree mode mst
PE2(config)#spanning-tree extend system-id
PE2(config)#spanning-tree pseudo-information transmit 1
PE2(config-pseudo)# remote-id 2
PE2(config-pseudo)# mst 0 root 32768 0000.0000.0001
%Warning: Please make same configuration change on mst instance 0 for
remote Pseudo Info instance also.
Difference in mst instance 0 config
on Pseudo Info pair can cause network instability
PE2(config-pseudo)# mst 1
PE2(config-pseudo)# mst 1
PE2(config-pseudo)# exit
PE2(config)#spanning-tree
PE2(config-mst)# instance
PE2(config-mst)#end
PE2#
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-189
Chapter 4
Step 2:
PE2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
PE2(config)#interface GigabitEthernet13/7
PE2(config-if)#switchport
PE2(config-if)#switchport mode trunk
PE2(config-if)#spanning-tree pseudo-information transmit 1
PE2(config-if)#end
PE2#
Step 3:
PE2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
PE2(config)#l2 vfi bpdupw manual
PE2(config-vfi)#vpn id 100
PE2(config-vfi)#forward permit l2protocol all
PE2(config-vfi)#neighbor 11.11.11.11 encapsulation mpls
PE2(config-vfi)#end
PE2#
Step 4:
PE2#configure terminal
Enter configuration commands, one per line.
PE2(config)#interface Vlan1
PE2(config-if)#no ip address
PE2(config-if)#xconnect vfi bpdupw
PE2(config-if)#end
PE2#
vlans mapped:
1-99,201-399,501-4094
address 0015.c7f9.cc40 priority
32768 (32768 sysid 0)
this switch for the CIST
hello time 2 , forward delay 15, max age 20, txholdcount 6
hello time 2 , forward delay 15, max age 20, max hops
20
Interface
--------------------------PW 11.11.11.11:100
Gi13/7
##### MST1
Bridge
Root
vlans mapped:
100-200,400-500
address 0015.c7f9.cc40 priority
this switch for MST1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-190
OL-16147-20
Chapter 4
Interface
--------------------------PW 11.11.11.11:100
Gi13/7
vlans mapped:
1-99,201-399,501-4094
address 0015.c7f9.cc40 priority
32768 (32768 sysid 0)
this switch for the CIST
hello time 2 , forward delay 15, max age 20, txholdcount 6
hello time 2 , forward delay 15, max age 20, max hops
20
vlans mapped:
100-200,400-500
address 0015.c7f9.cc40 priority
this switch for MST1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-191
Chapter 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-192
OL-16147-20
Chapter 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-193
Chapter 4
vlans mapped:
1-99,201-399,501-4094
address 0013.5f21.e240 priority
32768 (32768 sysid 0)
this switch for the CIST
hello time 2 , forward delay 15, max age 20, txholdcount 6
hello time 2 , forward delay 15, max age 20, max hops
20
Interface
----------------------------------------------Te4/1
PW 22.22.22.22:100
##### MST1
Bridge
Root
vlans mapped:
100-200,400-500
address 0013.5f21.e240 priority
this switch for MST1
Interface
----------------------------------------------Te4/1
PW 22.22.22.22:100
vlans mapped:
1-99,201-399,501-4094
address 0013.5f21.e240 priority
32768 (32768 sysid 0)
this switch for the CIST
hello time 2 , forward delay 15, max age 20, txholdcount 6
hello time 2 , forward delay 15, max age 20, max hops
20
128
cost
200
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-194
OL-16147-20
Chapter 4
Designated root
address 0013.5f21.e240 priority 32768 cost
0
Design. regional root address 0013.5f21.e240 priority 32768 cost
0
Designated bridge
address 0013.5f21.e240 priority 32768 port id 128.1022
Pseudo-info (id 255) is running
Timers: message expires in 0 sec, forward delay 0, forward transitions 1
Bpdus sent 0, received 0
##### MST1
Bridge
Root
vlans mapped:
100-200,400-500
address 0013.5f21.e240 priority
this switch for MST1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-195
Chapter 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-196
OL-16147-20
Chapter 4
PE2#
Step 4:
PE2#configure terminal
Enter configuration commands, one per line.
PE2(config)#interface Vlan1
PE2(config-if)# no ip address
PE2(config-if)# xconnect vfi bpdupw
PE2(config-if)#end
PE2#
vlans mapped:
1-99,201-399,501-4094
address 0015.c7f9.cc40 priority
32768 (32768 sysid 0)
this switch for the CIST
hello time 2 , forward delay 15, max age 20, txholdcount 6
hello time 2 , forward delay 15, max age 20, max hops
20
Interface
--------------------------PW 11.11.11.11:100
Gi13/7
##### MST1
Bridge
Root
vlans mapped:
100-200,400-500
address 0015.c7f9.cc40 priority
this switch for MST1
Interface
--------------------------PW 11.11.11.11:100
Gi13/7
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-197
Chapter 4
vlans mapped:
1-99,201-399,501-4094
address 0015.c7f9.cc40 priority
32768 (32768 sysid 0)
this switch for the CIST
hello time 2 , forward delay 15, max age 20, txholdcount 6
hello time 2 , forward delay 15, max age 20, max hops
20
vlans mapped:
100-200,400-500
address 0015.c7f9.cc40 priority
this switch for MST1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-198
OL-16147-20
Chapter 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-199
Chapter 4
Troubleshooting
Table 4-26 provides troubleshooting solutions for the Reverse L2GP feature.
Table 4-26
Problem
Solution
Verify if :
System loops
Limit the scope of the data traffic flood by creating multicast groups. The static MAC address
assignment is important to avoid dynamically learning the traffic in both directions and also to limit
the flooding scope by creating a static multicast group.
Resolve the problem of MAC address aging out as the dynamic learning is disabled.
Configure fully meshed pseudowire network between core facing routers and place them under
single multicast group.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-200
OL-16147-20
Chapter 4
You cannot configure unicast static MAC address and MAC security on the same EFP
simultaneously. For multicast addresses, static MAC and MAC security can be simultaneously
supported under EFP.
Static MACs are related to a L2 Bridge-domain table, so only the bridged services are supported.
When static MAC is configured on VPLS PW, and core-facing interface fails resulting in egress
interface to move to available interface, the traffic may be delayed.
Static MAC configuration is supported only on EVC bridge-domain interfaces and VFI pseudowires.
Static Mac configuration on EFP is supported on ES+ and ESM20 line cards
Static Mac configuration on VFI PW is supported on ES+, ESM20 and SIP 400 line cards.
Number of MACs per Bridge-domain or VFI (unicast and multicast) is limited to 1024.
A static unicast MAC can be configured either globally or within a EVC or PW, not both. If a static
unicast MAC is configured within a EVC or PW first, then configuring the same MAC address
globally using the command mac-address-table static H.H.H vlan vlan_id [drop | interface]
makes the configuration within EVC or PW invalid.
The next section describes how to configure Static MAC on EFP and PW for the Cisco 7600 router. You
need to configure MPLS on core-facing router before configuring static MAC on PW. The information
about configuring MPLS on core-facing router is included as a separate section.
Configuring Static MAC over EFP for the Cisco 7600 Router, page 4-201
Configuring Static MAC over Pseudowire for the Cisco 7600 Router, page 4-206
Configuring Static MAC over EFP for the Cisco 7600 Router
This section describes how to configure static MAC over EFP or SIs.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
bridge-domain bridge-id
7.
8.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-201
Chapter 4
9.
exit
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# Router(config)# interface gigabitethernet 4/1
Step 3
Example:
Router(config)# Interface
GigabitEthernet2/0/0
Step 4
Example:
Router(config-if)# service instance 101
ethernet
Step 5
Example:
Router(config-if-srv)# encapsulation
dot1q 100 second dot1q 200
Step 6
bridge-domain bridge-id
Example:
Router(config-if-srv)# bridge-domain 12
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-202
OL-16147-20
Chapter 4
Step 7
Command
Purpose
Example:
Router(config-if-srv)# mac static address 0002.1122.0010
Step 8
Example:
Router(config-if-srv)# mac static address 0002.1122.0010
exit
Example:
Step9
Router(config-if-srv)# exit
Examples
This example shows how to configure static MAC over EFP or SIs:
Router# enable
Router# configure terminal
Router(config-if)# service instance 10 ethernet
Router(config-srv)# encapsulation dot1q 20
Router(config-if-srv)# bridge-domain 100
Router(config-if-srv)# mac static address 0002.1122.0010
Router(config-if-srv)# mac static address 0100.5e00.1111
Router(config-if-srv)# mac static address 0002.1122.0011
Router(config-if-srv)# mac static address 0100.5e00.1112
Router(config-if-srv)# mac static address 0002.1122.0012
Router(config-if-srv)# mac static address 0100.5e00.1113
Router(config-if-srv)# exit
disable-snooping
auto-learn
auto-learn
disable-snooping
SUMMARY STEPS
1.
enable
2.
configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-203
Chapter 4
3.
4.
5.
mpls ip
6.
7.
exit
8.
9.
10. exit
11. mpls ldp router-id loopback loopback_Id force
12. router ospf ospf_Id
13. network loopback_network wildcard_mask area 0
14. exit
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface gigabitethernet 3/0/0
Step 4
Example:
Router(config-if)# ip address
10.192.0.2 255.255.0.0
Step 5
mpls ip
Enables MPLS.
Example:
Router(config-if)# mpls ip
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-204
OL-16147-20
Chapter 4
Step 6
Command
Purpose
Example:
Router(config-if)# mpls label protocol
ldp
Step 7
exit
Example:
Router(config-if)# exit
Step 8
Example:
Router(config)# interface loopback 0
Step 9
Example:
Router(config-if)# ip address 1.1.1.1
mask 255.255.255.255
Step 10
exit
Example:
Router(config)# exit
Step 11
Example:
Router(config)# mpls ldp router-id
loopback 0 force
Step 12
Example:
Router(config)# router ospf 50
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-205
Chapter 4
Step 13
Command
Purpose
Example:
Router(config)# network 192.168.1.1
255.255.255.225 area 0
Step 14
exit
Example:
Router(config)# exit
Configuring Static MAC over Pseudowire for the Cisco 7600 Router
This section describes how to configure static MAC over pseudowire.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
vpn id vpn_id
5.
6.
7.
8.
exit
9.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-206
OL-16147-20
Chapter 4
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config-vfi)# l2 vfi smac_vfi
manual
Step 4
vpn id vpn_id
Example:
Router(config-vfi)# vpn id 30
Step 5
Example:
Router(vfi-config)# bridge-domain 40
vlan
Step 6
Example:
Router(vfi-config)# neighbor
192.168.1.1 encapsulation mpls
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-207
Chapter 4
Step 7
Command
Purpose
Example:
Step 8
exit
Example:
Router(config)# exit
Step 9
Example:
Router(config)# interface vlan 40
Step 10
Example:
Router(config-if)# xconnect vfi
smac_vfi
Step 11
exit
Example:
Router(config-if)# exit
Examples
This example shows how to configure static MAC over pseudowire.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 4/1/0
Router(config)# l2 vfi foo-core manual
Router(config-vfi)# vpn id 100
Router(config-vfi)# bridge-domain 10 vlan
Router(config-vfi)# neighbor 11.0.0.1 encapsulation mpls
Router(config-vfi-neighbor)# mac static address 0002.1122.0010 auto-learn
Router(config-vfi-neighbor)# mac static address 0100.5e00.1111
Router(config-vfi-neighbor)# mac static address 0002.1122.0011
Router(config-vfi-neighbor)# mac static address 0100.5e00.1112 disable-snooping
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-208
OL-16147-20
Chapter 4
Verification
Use the following commands to verify a configuration:
You can use the show bridge-domain domain_Id mac static address command to verify the
configuration:
Bridge-Domain ID : 10
Static MAC count : System : 8, bridge-domain : 8
Port Address Action
vfi foo-core neighbor 1.1.1.1 100 0000.0200.1112
vfi foo-core neighbor 1.1.1.1 100 0000.1111.1001 auto-learn
vfi foo-core neighbor 1.1.1.1 100 0100.5e11.1002
vfi foo-core neighbor 1.1.1.1 100 0100.5e11.1003 disable-snooping
Gi2/0/0 ServInst 2 0000.1111.1003
Gi2/0/0 ServInst 2 0000.1111.1004 auto-learn
Po500 ServInst 1 0000.0000.0777
Po500 ServInst 1 0100.5e00.1111 disable-snooping
You can use the show ethernet service instance id si_Id interface interface mac static address
command to verify the configuration:
Router#Router# show ethernet service instance id 1 interface Gi 2/0/0 mac static
address
Bridge domain ID : 10
Port static MAC count : 2
Port Address Action
Gi2/0/0 ServInst 1 0000.1111.1001
Gi2/0/0 ServInst 1 0000.1111.1002 auto-learn
You can use the show vfi { name vfi_name> | neighbor peer_ip_address vcid id } mac static
address command to verify the configuration:
Router#show vfi neighbor 1.1.1.1 vcid 100 mac static address
Bridge domain ID : 10
Port Address Action
vfi foo-core neighbor 1.1.1.1 100 0000.0200.1112
vfi foo-core neighbor 1.1.1.1 100 0000.1111.1001
vfi foo-core neighbor 1.1.1.1 100 0000.1111.1002 auto-learn
vfi foo-core neighbor 1.1.1.1 100 0100.5e11.1002
Troubleshooting
Table 4-27 provides the troubleshooting solutions for the REP over EVC feature
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-209
Chapter 4
Table 4-27
Problem
Solution
1.
2.
3.
An REP segment is a connected chain of ports configured with a segment ID. Each segment consists of
standard (non-edge) segment ports and two user-configured edge ports. REP is supported on Layer 2
trunk interfaces and EVC ports. REP controls a group of ports connected in a segment, ensures that the
segment does not create any bridging loops, and responds to link failures within the segment. REP
provides a basis for constructing more complex networks and supports VLAN load balancing. REP
extends the network resiliency across Cisco IP Next-Generation Network (NGN) Carrier Ethernet
Design. REP is designed to provide network and application convergence within 50 to 200 ms. REP is a
segment protocol that integrates easily into existing Carrier Ethernet networks. It allows network
architects to limit the scope of STP domains. REP can also notify the STP about potential topology
changes, allowing interoperability with Spanning Tree.
REP is a distributed and secure protocol and does not rely on a master node controlling the status of the
ring. Hence, the failures can be detected locally either through loss of signal (LOS) or loss of neighbor
adjacency. Any REP port can initiate a switchover after acquiring the secure key to unblock the alternate
port. An REP segment is a chain of ports connected to each other and configured with the same segment
ID. Each end of a segment terminates on an edge switch. The port where the segment terminates is called
the edge port.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-210
OL-16147-20
Chapter 4
E1
REP not
supported
273792
E2
REP ports
In access ring topologies, the neighboring switch might not support REP, as shown in Figure 4-2. In this
case, you can configure the non-REP facing ports (E1 and E2) as edge no-neighbor ports. These ports
inherit all the properties of edge ports. You can configure these no-neighbor ports as any other edge port
and also enable the ports to send STP or REP topology change notices to the aggregation switch. In this
case the STP Topology Change Notice (TCN) that is sent is a Multiple Spanning-Tree (MST) STP
message.
These sections describes how to configure REP on the Cisco 7600 router:
The ports on a C7600 platform are classified into three different types: switchports, routed ports, and
EVC ports. By default, a port is a routed port. REP is not supported on routed ports. You need to
configure a port to a switchport or EVC port to configure REP on it. A port that is configured with one
or more service instances is called an EVC port.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-211
Chapter 4
This feature allows you to configure an EVC port to participate in a REP segment. REP can selectively
block or forward data traffic on particular VLANs. For EVC, the VLAN Id refers to the outer tag of the
dot1q encapsulation that is configured on a service instance. REP is supported on a bridge-domain
service. If ethernet vlan color-block all command is configured, REP is supported on connect and
xconnect services.
For more information on REP, see the Cisco IOS and NX-OS Software Resilient Ethernet Protocol guide
at http://www.cisco.com/en/US/docs/ios/lanswitch/configuration/guide/lsw_cfg_rep.html and
http://www.cisco.com/en/US/prod/collateral/switches/ps6568/ps6580/prod_white_paper0900aecd806e
c6fa.pdf.
REP is not supported on service instances configured with encapsulation, untagged, or default type.
Cisco recommends that you begin by configuring one port and then configure the contiguous ports
to minimize the number of segments and the number of blocked ports.
REP can handle only one failure in a segment. If there is more than one failure in a REP segment,
traffic is lost.
You must configure all trunk ports in the segment with the same set of allowed VLANs, or a
misconfiguration may occur.
Since REP blocks all VLANs until another REP interface sends a message to unblock it, you might
lose connectivity to the port if you enable REP in a Telnet session that accesses the EVC port
through the same interface.
You cannot execute REP and STP/MST or REP and Flex Links on the same segment or interface.
If you connect an STP network to the REP segment, be sure that the connection is at the segment
edge. An STP connection that is not at the edge causes a bridging loop because STP does not run on
REP segments. All STP BPDUs are dropped at REP interfaces.
If REP is enabled on two ports, both the ports must be either regular segment ports or edge ports.
REP ports follow these rules:
If only one port is configured in a segment, the port should be an edge port.
If two ports belong to the same segment, both ports must be edge ports or the regular segment
ports.
If two ports belong to the same segment and one is configured as an edge port and other as a
regular segment port, the edge port is treated as a regular segment port.
There can be only two edge ports in a segment, if there are two edge routers in a segment, each
router can have only one edge port. All the other ports on the edge router function as normal
ports.
REP interfaces come up in a blocked state and remains in a blocked state until notified that it is safe
to unblock.
REP sends all LSL PDUs in untagged frames on the native VLAN. The BPA message(untagged) sent
to the Cisco multicast address is sent on the administration VLAN, which is VLAN 1 by default.
Only the hardware flood layer (HFL) packets are sent on admin VLAN.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-212
OL-16147-20
Chapter 4
REP is supported on EtherChannels, but not on an individual port that belongs to an EtherChannel.
It is supported on Swichports and EVC port-channels. REP is implemented on Port-channels instead
of individual ports.
In case of double VLAN tagged frame, REP is implemented only on the outer VLAN tag.
When an edge no-neighbor is configured on a router, configuring and unconfiguring an edge port is
not allowed.
Configuring REP over EVC using cross-connect on the Cisco 7600 Router, page 4-213
Configuring REP over EVC using connect for the Cisco 7600 Router, page 4-217
Configuring REP over EVC using bridge-domain for the Cisco 7600 Router, page 4-222
Configuring REP over EVC using cross-connect on the Cisco 7600 Router
This section describes how to configure REP over EVC using cross-connect at global configuration
level.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
7.
8.
rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id
dot1q vlan-id} | pop {1 | 2} | translate {1-to-1 {dot1q vlan-id | dot1ad vlan-id}| 2-to-1 dot1q
vlan-id | dot1ad vlan-id}| 1-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id} | 2-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id}}
[symmetric]
9.
10. exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-213
Chapter 4
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-214
OL-16147-20
Chapter 4
Step 4
Command
Purpose
Example:
Router(config-if)# rep segment 3 edge
Note
Note
Step 5
Example:
Router(config-if)# ether vlan color-block all
Step 6
Example:
Router(config-if)# service instance 101
ethernet
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-215
Chapter 4
Step 7
Command
Purpose
Example:
Router(config-if-srv)# encapsulation
dot1q 100 second dot1q 200
Step 8
Example:
Router(config-if-srv)# rewrite ingress
tag dot1q single symmetric
Step 9
Example:
Router(config-if-srv)# xconnect
10.0.0.2 999 encapsulation mpls
Step 10
exit
Example:
Router(config-if-srv)# exit
Examples
This example shows how to configure REP over EVC using xconnect.
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 5/3
Router(config-if)# rep segment 120 edge
Router(config-if)# ether vlan color-block all
Router(config-if)# service instance 10 ethernet
Router(config-if-srv)# encapsulation dot1q 20
Router(config-if-srv)# rewrite ingress tag pop 1 symmetric
Router(config-if-srv)# xconnect 10.0.0.1 20 encapsulation mpls
Router(cfg-if-ether-vc-xconn)# exit
Router(config-if-srv)# exit
Router(config-if)# exit
Router(config)# exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-216
OL-16147-20
Chapter 4
Configuring REP over EVC using connect for the Cisco 7600 Router
This section describes how to configure REP over EVC using connect at global configuration level.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
7.
rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id
dot1q vlan-id} | pop {1 | 2} | translate {1-to-1 {dot1q vlan-id | dot1ad vlan-id}| 2-to-1 dot1q
vlan-id | dot1ad vlan-id}| 1-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id} | 2-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id}}
[symmetric]
8.
exit
9.
10. exit
11. interface type slot/port
12. ether vlan color-block all
13. service instance id {Ethernet [service-name}
14. encapsulation dot1q vlan_id
15. rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id
dot1q vlan-id} | pop {1 | 2} | translate {1-to-1 {dot1q vlan-id | dot1ad vlan-id}| 2-to-1 dot1q
vlan-id | dot1ad vlan-id}| 1-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id} | 2-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id}}
[symmetric]
16. exit
17. rep segment segment_id [edge [no-neighbor] [primary]] [preferred]
18. exit
19. connect <connect_name> <interface> <service_instance_id> <interface> <service_instance_id>
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-217
Chapter 4
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Step 4
Example:
Router(config-if)# Ether vlan color-block all
Step 5
Example:
Router(config-if)# service instance 10
ethernet
Step 6
Example:
Router(config-if-srv)# encapsulation
dot1q 10
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-218
OL-16147-20
Chapter 4
Step 7
Command
Purpose
Example:
Router(config-if-srv)# rewrite ingress
tag pop 1 symmetric
Step 8
exit
Example:
Router(config-if-srv)# exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-219
Chapter 4
Step 9
Command
Purpose
Example:
Router(config-if)# rep segment 2 edge
primary
Note
exit
Example:
Router(config-if)# exit
Step 11
Example:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-220
OL-16147-20
Chapter 4
Step 12
Command
Purpose
Example:
Router(config-if)# Ether vlan color-block all
Step 13
Example:
Router(config-if)# service instance 102
ethernet
Step 14
Example:
Router(config-if-srv)# encapsulation
dot1q 100 second dot1q 200
Step 15
Example:
Router(config-if-srv)# rewrite ingress
tag push dot1q 20
Step 16
exit
Example:
Router(config-if-srv)# exit
Step 17
Example:
Router(config-if)# rep segment 2 edge
primary
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-221
Chapter 4
Step 18
Command
Purpose
exit
Example:
Router(config-if)# exit
Step 19
Example:
outer(config)#connect test gigabitEthernet 2/1 10 gigabitEthernet 3/1 20
Examples
This example shows how to configure REP over EVC using connect.
Router# enable
Router# configure terminal
Router(config)# interface gigabitEthernet 2/1
Router(config-if)# ether vlan color-block all
Router(config-if)# service instance 10 ethernet
Router(config-if-srv)# encapsulation dot1q 10
Router(config-if-srv)# rewrite ingress tag pop 1 symmetric
Router(config-if-srv)# exit
Router(config-if)# rep segment 2 edge primary
Router(config-if)# exit
Router(config)# interface gigabitEthernet 3/1
Router(config-if)# service instance 20 ethernet
Router(config-if-srv)# encapsulation dot1q 20
Router(config-if-srv)# rewrite ingress tag pop 1 symmetric
Router(config-if-srv)# exit
Router(config-if)# rep segment 2 edge
Router(config-if)# exit
Router(config)#connect test gigabitEthernet 2/1 10 gigabitEthernet 3/1 20
Router(config-connection)#end
Configuring REP over EVC using bridge-domain for the Cisco 7600 Router
This section describes how to configure REP over EVC using bridge-domain at service instance level.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-222
OL-16147-20
Chapter 4
6.
rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id
dot1q vlan-id} | pop {1 | 2} | translate {1-to-1 {dot1q vlan-id | dot1ad vlan-id}| 2-to-1 dot1q
vlan-id | dot1ad vlan-id}| 1-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id} | 2-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id}}
[symmetric]
7.
bridge-domain bd_Id
8.
exit
9.
10. exit
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Step 4
Example:
Router(config-if-srv)# service instance 101 ethernet
Step 5
Example:
Router(config-if-srv)# encapsulation
dot1q 100 second dot1q 200
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-223
Chapter 4
Step 6
Command
Purpose
Example:
Router(config-if-srv)# rewrite ingress
tag push dot1q 20
Step 7
bridge-domain bd_Id
Example:
Router(config-if-srv)# bridge-domain 10
Step 8
exit
Example:
Router(config-if-srv)# exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-224
OL-16147-20
Chapter 4
Step 9
Command
Purpose
Example:
Router(config-if)# rep segment 2 edge
primary
Note
exit
Example:
Router(config-if)# end
Examples
This example shows how to configure REP over EVC using bridge-domain.
Router# enable
Router# configure terminal
Router(config)# interface gigabitEthernet 4/1
Router(config-if)# service instance 10 ethernet
Router(config-if-srv)# encapsulation dot1q 10
Router(config-if-srv)# rewrite ingress tag pop 1 symmetric
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-225
Chapter 4
This example shows how to configure REP with the edge no-neighbor keyword.
Router# enable
Router# configure terminal
Router(config)# interface gigabitEthernet 7/1
Router(config-if)# switchport
Router(config-if)# switchport mode trunk
Router(config-if)# rep segment 1 edge no-neighbor primary
Router(config-if)# end
Verification
You can use the show rep topology, show rep topology detail and show interface <> rep commands
to verify the REP over EVC configuration. This information is displayed as sample output:
The detailed option provides additional information about the EVC. This can be given on RP and
LC consoles to determine custom ethertype configured under a physical port.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-226
OL-16147-20
Chapter 4
Edge
---Pri*
Sec*
Role
---Open
Open
Open
Alt
Open
Open
Example of show rep topology detail command with REP edge no-neighbor keyword:
Router#show rep topoology segment 3 detail
REP Segment 3
Router, Gi4/0/0 (Primary Edge No-Neighbor)
Open Port, all vlans forwarding
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-227
Chapter 4
Example of show interface <> rep command with REP edge no-neighbor keyword:
Router#show interface gig4/0/0 rep detail
GigabitEthernet4/0/0 REP enabled
Segment-id: 3 (Primary Edge No-Neighbor)
PortID: 03010015FA66FF80
Preferred flag: No
Operational Link Status: TWO_WAY
Current Key: 02040015FA66FF804050
Port Role: Open
Blocked VLAN: <empty>
Admin-vlan: 1
Preempt Delay Timer: disabled
Configured Load-balancing Block Port: none
Configured Load-balancing Block VLAN: none
STCN Propagate to: none
LSL PDU rx: 999, tx: 652
HFL PDU rx: 0, tx: 0
BPA TLV rx: 500, tx: 4
BPA (STCN, LSL) TLV rx: 0, tx: 0
BPA (STCN, HFL) TLV rx: 0, tx: 0
EPA-ELECTION TLV rx: 6, tx: 5
EPA-COMMAND TLV rx: 0, tx: 0
EPA-INFO TLV rx: 135, tx: 136
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-228
OL-16147-20
Chapter 4
The LSL Age Out Timer configuration is available on switchports, EVC, L2 Port-channel and
Port-channel EVC interfaces.
The SUP 720, RSP 720, RSP 10G supervisors and the ES20, ES40, and LAN line cards support the
REP Configurable Timers configuration.
While configuring REP configurable timers, we recommend you shut the port, configure REP and
only then use the no shut command. This prevents the REP from flapping and generating large
number of internal messages.
If incompatible switches are neighbors, configure the correct LSL Age Out value first. In some
scenarios, you might not get the expected convergence range.
In order to inter-operate with switches running old IOS versions, the default LSL Age Out time is
set to 5 seconds, default LSL retries is 5, and the hello packet is sent every one second.
Except for the LSL Age Out time, all the other timer values are retained. For example, the EPA (End
Port Advertisement) hello timer continues to be 4 seconds, as it is not required to send EPA PDUs
at a higher frequency.
While configuring REP configurable timers, we recommend you configure the REP LSL number of
retries first and then configure the REP LSL age out timer value.
SUP720 supervisors.
The REP Configurable Timers feature on SSO is not supported with SUP32 supervisor.
The REP LSL Age Out value can be configured as low as 1520 ms (approximately 500 ms * 3)
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-229
Chapter 4
Configuring the REP Link Status Layer Age Out Timer, page 4-232
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
end
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-230
OL-16147-20
Chapter 4
Step 4
Command
Purpose
Note
Example:
Router(config-if)# rep segment 2 edge
primary
Note
Example:
Step 6
end
Example:
Router(config-if)# end
Example
This example shows how to configure REP link status layer number of retries.
Router# enable
Router# configure terminal
Router(config)# interface gigabitethernet 2/5
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-231
Chapter 4
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
end
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-232
OL-16147-20
Chapter 4
Step 4
Command
Purpose
Example:
Router(config-if)# rep segment 1 edge
primary
Note
Example:
Router(config-if)# rep lsl-age-timer
2000
Step 6
end
Configures REP link status layer age out timer value. The
acceptable range of lsl-age-timer is between 120ms and
10000ms, in multiples of 40ms. The default LSL Age Out
time is 5 seconds.
Exits configuration mode.
Example:
Router(config-if)# end
Example
This example shows how to configure REP link status layer ageout timer value.
Router# enable
Router# configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-233
Chapter 4
Verification
Use the show interfaces <interface name> rep detail command to view the configured LSL number of
retries and the LSL Age Out timer values.
7600-1#show interfaces GigabitEthernet11/1 rep detail
GigabitEthernet11/1
REP enabled
Segment-id: 10 (Segment)
PortID: 0A010009B6D8F700
Preferred flag: No
Operational Link Status: NO_NEIGHBOR
Current Key: 0A010009B6D8F700EEA1
Port Role: Fail No Ext Neighbor
Blocked VLAN: 1-4094
Admin-vlan: 1
Preempt Delay Timer: disabled
LSL Ageout Timer: 120 ms
LSL Ageout Retries: 3
Configured Load-balancing Block Port: none
Configured Load-balancing Block VLAN: none
STCN Propagate to: none
LSL PDU rx: 0, tx: 175
HFL PDU rx: 0, tx: 0
BPA TLV rx: 0, tx: 0
BPA (STCN, LSL) TLV rx: 0, tx: 0
BPA (STCN, HFL) TLV rx: 0, tx: 0
EPA-ELECTION TLV rx: 0, tx: 0
EPA-COMMAND TLV rx: 0, tx: 0
EPA-INFO TLV rx: 0, tx: 0
Command
Purpose
debug rep em
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-234
OL-16147-20
Chapter 4
Command
Purpose
debug rep rf
Troubleshooting scenarios
Table 4-29 lists the potential problems and solutions associated with configuring REP:
Table 4-29
Problem
Solution
Error message Conflict with monitor session is Ensure that you do not configure:
displayed.
A interface as a SPAN destination port and
enable REP on the same port.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-235
Chapter 4
IEEE 802.3ah is a point-to-point and per- physical- wire OAM protocol that detects and isolates
connectivity failures in the network. IEEE 802.1ag draft 8.1 Metro Ethernet Connectivity Fault
Management (CFM) incorporates several OAM facilities that allow you to manage Metro Ethernet
networks, including an Ethernet continuity check, end-to-end Ethernet traceroute facility using
Linktrace message (LTM), Linktrace reply (LTR), Ethernet ping facility using Loopback Message
(LBM), and a Loopback Reply (LBR). These Metro Ethernet CFM protocol elements quickly identify
problems in the network.
Ethernet Connectivity Fault Management (CFM) is an end-to-end per-service-instance Ethernet layer
operations, administration, and maintenance (OAM) protocol. It includes proactive connectivity
monitoring, fault verification, and fault isolation for large Ethernet metropolitan-area networks (MANs)
and WANs. Connectivity Fault Management (CFM) is the indispensable capability that service providers
require to deploy large-scale, multivendor Metro Ethernet services. This feature upgrades the
implementation of CFM to be compliant with the IEEE 802.1ag with the current standard, 802.1ag-2007
and implementation of CFM over L2VFI (Layer 2 Virtual Forwarding Instance Information), cross
connect, EVC, and Switchport.
Key CFM mechanisms are:
Maintenance domains (MDs) that break up the responsibilities for the network administration of a
given end-to-end service.
Maintenance associations (MAs) that monitor service instances within a specified MD.
Maintenance points, (MPs or MIPs), such as Maintenance end points (MEP's) that transmit and
receive CFM protocol messages, and MIPs that catalog information received from MEPs, and
respond to Linktrace and Loopback messages.
Protocols (Continuity Check, Loopback, and Linktrace) that are used to manage faults.
For more information on CFM, see Cisco IOS Carrier Ethernet Configuration Guide, Release 12.2SR at
http://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/12-2sr/ce-cfm-ieee.html.
For more information about the commands used in this section, see Cisco IOS Ethernet Command
Reference Guide at http://www.cisco.com/en/US/docs/ios/cether/command/reference/ce_book.html
Table 4-30and Table 4-31 display the complete support matrix for the CFM D8.1 feature.
Note
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-236
OL-16147-20
Chapter 4
Table 4-30
Supported Matrix1
Line card
CFM on
Switchport or CFM
on Switch + BD for
SVI Based EoMPLS
for VPLS
(pre-std)
CFM on
Routed Port
(pre-std)
CFM
on
Service Instance
with BD
for SVI based
EoMPLS
for VPLS
(pre-std)
WS-SUP720-3BXL
Up MEP
Down MEP
Not Applicable
Down MEP
Port MEP
Port MEP
Up MEP
Down MEP
Down MEP
Port MEP
Not Applicable
Down MEP
Port MEP
Down MEP
Not Applicable
Port MEP
Port MEP
Up MEP
Down MEP
Down MEP
Port MEP
Not Applicable
Port MEP
Up MEP
Down MEP
Down MEP
Port MEP
Not Applicable
Port MEP
Up MEP
Down MEP
Down MEP
Port MEP
Not Applicable
Port MEP
Up MEP
Down MEP
Down MEP
Port MEP
Not Applicable
Down MEP
Port MEP
Down MEP
Not Applicable
Port MEP
Port MEP
Up MEP
Down MEP
Down MEP
Port MEP
Port MEP
Up MEP
Down MEP
Port MEP
WS-X6148A
Up MEP
Down MEP
Port MEP
WS-SUP32-10GE-3B Up MEP
Up MEP
Down MEP
Port MEP
WS-SUP32-GE-3B
Up MEP
Down MEP
Port MEP
RSP720-3C-GE
Up MEP
Down MEP
Port MEP
RSP720-3CXL-GE
Up MEP
Down MEP
Port MEP
RSP720-3C-10GE
Up MEP
Down MEP
Port MEP
RSP720-3CXL-10GE Up MEP
Up MEP
Down MEP
Port MEP
WS-SUP720-3B
CFM
on
Switchport
or
CFM on Switch +
BD
(Standard)
Not Applicable
Up MEP
Down MEP
Port MEP
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-237
Chapter 4
Line card
CFM on
Switchport or CFM
on Switch + BD for
SVI Based EoMPLS
for VPLS
(pre-std)
CFM on
Routed Port
(pre-std)
CFM
on
Service Instance
with BD
for SVI based
EoMPLS
for VPLS
(pre-std)
WS-X6148-FE-SFP
Up MEP
Down MEP
Not Applicable
Down MEP
Port MEP
Port MEP
Up MEP
Down MEP
Down MEP
Port MEP
Not Applicable
Port MEP
Up MEP
Down MEP
Down MEP
Port MEP
Not Applicable
Port MEP
Up MEP
Down MEP
Down MEP
Port MEP
Not Applicable
Port MEP
Up MEP
Down MEP
Down MEP
Port MEP
Not Applicable
Port MEP
Up MEP
Down MEP
Down MEP
Port MEP
Not Applicable
Port MEP
Up MEP
Down MEP
Down MEP
Port MEP
Not Applicable
Port MEP
Down MEP
Not Applicable
Port MEP
Up MEP
Down MEP
Port MEP
WS-X6724-SFP
Up MEP
Down MEP
Port MEP
WS-X6708-10G-3CX Up MEP
L
Down MEP
Up MEP
Down MEP
Port MEP
WS-X6708-10G-3C
Up MEP
Down MEP
Port MEP
WS-X6704-10GE
Up MEP
Down MEP
Port MEP
WS-X6548-GE-TX
Up MEP
Down MEP
Port MEP
WS-X6548-RJ-21
Up MEP
Down MEP
Port MEP
WS-X6524-100FXMM
Up MEP
Down MEP
Port MEP
WS-X6516A-GBIC
CFM
on
Switchport
or
CFM on Switch +
BD
(Standard)
Port MEP
Up MEP
Down MEP
Down MEP
Port MEP
Not Applicable
Port MEP
Up MEP
Down MEP
Port MEP
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-238
OL-16147-20
Chapter 4
Line card
CFM on
Switchport or CFM
on Switch + BD for
SVI Based EoMPLS
for VPLS
(pre-std)
CFM on
Routed Port
(pre-std)
CFM
on
Service Instance
with BD
for SVI based
EoMPLS
for VPLS
(pre-std)
WS-X6748-GE-TX
Up MEP
Down MEP
Not Applicable
Down MEP
Port MEP
Port MEP
Up MEP
Down MEP
Down MEP
Port MEP
Not Applicable
or
Not Supported
( SIP-400 + WAN
SPA
Up MEP
Down MEP
Port MEP
Port MEP
SIP-400 + V2 GE
SPAs
Up MEP
Down MEP
Port MEP
WS-X6748-SFP
CFM
on
Switchport
or
CFM on Switch +
BD
(Standard)
Not
Supported
Not Supported
Not Supported
Not
Supported
Not Supported
Not Supported
Not Supported
Up MEP
SIP-400 + WAN
SPA
or
SIP-400 + V2 GE
SPA as uplink
No Transparency
with CFM Enabled
on the box
SIP-600 + V2 GE
Up MEP
Down MEP
or
Down MEP
Port MEP
v2 10GE SPA
Port MEP
Down MEP
Port MEP
or
WAN SPA
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-239
Chapter 4
CFM
on
Switchport
or
CFM on Switch +
BD
(Standard)
CFM on
Switchport or CFM
on Switch + BD for
SVI Based EoMPLS
for VPLS
(pre-std)
CFM on
Routed Port
(pre-std)
CFM
on
Service Instance
with BD
for SVI based
EoMPLS
for VPLS
(pre-std)
Up MEP
Down MEP
Up MEP
Up MEP
ES20-GE
Down MEP
Port MEP
Down MEP
Down MEP
or
Port MEP
Line card
Port MEP
ES20-10GE
ES+ GE /10GE
Up MEP
Down MEP
Up MEP
Up MEP
Down MEP
Port MEP
Down MEP
Down MEP
Port MEP
Table 4-31
Port MEP
Supported Matrix 2
Line card
CFM
on
Service Instance +
xconnect
(Standard)
WS-SUP720-3BXL
Not Applicable
WS-SUP720-3B
Not Applicable
RSP720-3C-10GE
RSP720-3CXL-GE
Not Applicable
Not Applicable
CFM
on
Service
Instance +
BD
for SVI
based
EoMPLS
for VPLS
(Standard)
CFM
on
L2-VFI
(Standard)
Not
Applicable
Not Applicable
Not
Applicable
Not Applicable
Not
Applicable
Not Applicable
Not
Applicable
Not Applicable
Not
Applicable
Not Applicable
CFM
on
Routed Port
(Standard)
Down MEP
Port MEP
Down MEP
Port MEP
Down MEP
Port MEP
Down MEP
Port MEP
Down MEP
Port MEP
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-240
OL-16147-20
Chapter 4
Line card
CFM
on
Service Instance +
xconnect
(Standard)
RSP720-3C-GE
Not Applicable
WS-SUP32-GE-3B
Not Applicable
WS-X6148-FE-SFP
WS-X6516A-GBIC
Not Applicable
Not Applicable
Not Applicable
WS-X6524-100FXMM
Not Applicable
WS-X6548-RJ-21
Not Applicable
WS-X6548-GE-TX
WS-X6704-10GE
Not Applicable
Not Applicable
CFM
on
Service
Instance +
BD
for SVI
based
EoMPLS
for VPLS
(Standard)
CFM
on
L2-VFI
(Standard)
Not
Applicable
Not Applicable
Not
Applicable
Not Applicable
Not
Applicable
Not Applicable
Not
Applicable
Not Applicable
Not
Applicable
Not Applicable
Not
Applicable
Not Applicable
Not
Applicable
Not Applicable
Not
Applicable
Not Applicable
Not
Applicable
Not Applicable
Not
Applicable
Not Applicable
CFM
on
Routed Port
(Standard)
Down MEP
Port MEP
Down MEP
Port MEP
Down MEP
Port MEP
Down MEP
Port MEP
Down MEP
Port MEP
Down MEP
Port MEP
Down MEP
Port MEP
Down MEP
Port MEP
Down MEP
Port MEP
Down MEP
Port MEP
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-241
Chapter 4
Line card
CFM
on
Service Instance +
xconnect
(Standard)
WS-X6708-10G-3C
Not Applicable
CFM
on
Service
Instance +
BD
for SVI
based
EoMPLS
for VPLS
(Standard)
CFM
on
L2-VFI
(Standard)
Not
Applicable
Not Applicable
Not
Applicable
Not Applicable
WS-X6724-SFP
Not
Applicable
Not Applicable
Not
Applicable
Not Applicable
Not
Applicable
Not Applicable
Not
Supported
Down MEP
WS-X6748-GE-TX
WS-X6748-SFP
SIP-400 + V2 GE
SPAs
Not Applicable
Not Applicable
Not Applicable
Not Supported
No Transperency
Port MEP
Down MEP
Port MEP
Down MEP
Port MEP
Down MEP
Port MEP
Down MEP
Port MEP
Down MEP
Port MEP
Not
Supported
Down MEP
Down MEP
Port MEP
No
Transperenc
y
or
Down MEP
No
Transperenc
y
or
SIP-600 + V2 GE
CFM
on
Routed Port
(Standard)
Not Supported
Not
Supported
Down MEP
Down MEP
Port MEP
V2 10GE SPA
or
WAN SPA
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-242
OL-16147-20
Chapter 4
Line card
ES20-GE
CFM
on
Service Instance +
xconnect
(Standard)
CFM
on
Service
Instance +
BD
for SVI
based
EoMPLS
for VPLS
(Standard)
CFM
on
L2-VFI
(Standard)
Up MEP
Up MEP
Down MEP
Down MEP
Down MEP
Up MEP
Up MEP
Down MEP
Down MEP
CFM
on
Routed Port
(Standard)
Down MEP
Port MEP
or
ES20-10GE
ES+ GE /10GE
Down MEP
Down MEP
Port MEP
Scalable Limits
Table 4-32 maps the supported interfaces with the CFM points and their scalability values.
Table 4-32
Interfaces
Scalable Limits
CFM Points
Scalability Values
Routed Ports
Down MEP
Port MEP
Supported Interfaces
Table 4-33 maps the supported interfaces with the CFM points and their scalability values:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-243
Chapter 4
Table 4-33
Supported Interfaces
Interfaces
CFM Points
Scalability Values
Routed Ports
Down MEP
Port MEP
Supports interworking between routed ports, switch ports, and EVC BD.
You can ping or traceroute to a MEP where Continuity Check (CC) is disabled. However, you cannot
use ping and traceroute for an down MEP on a STP blocked port configured on either a supervisor
port or a LAN port.
With lower CC intervals, CC packets are transmitted in bursts. Ensure that you appropriately
configure the MLS rate limiters to avoid flapping of remote MEPs.
Ping and traceroute on trunk ports for Port-MEP's and down MEP's configured on native vlan is
supported only on ES20 and ES40 line cards.
In 802.3ah E-OAM, the remote-loopback TEST status is not retained across switchovers. The
remote loopback works with a longer OAM timeout value that is greater than 10 seconds.
CFM is not supported with a EVC manual load balancing configuration on a EVC bridge-domain
and a EVC cross-connect interface.Though configuration is not rejected, the feature may not work
as expected.
Migrating CFM D1.0 to D8.1 works with a reduced scale of 2k MEPs on the routed ports. For
example, if there is an EVC service configured within a domain in D1, the link fails while migrating
to D8.1. To avoid this, ensure that you configure the VLAN and the EVC within the domain in D1,
as shown in the next example.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-244
OL-16147-20
Chapter 4
SUMMARY STEPS (COMMON CONFIGURATIONS FOR EVC, SWITCHPORT, AND ROUTED PORTS)
1.
enable
2.
configure terminal
3.
4.
5.
continuity-check
6.
7.
end
DETAILED STEPS (COMMON CONFIGURATIONS FOR EVC, SWITCHPORT, AND ROUTED PORTS)
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Defines a CFM maintenance domain at a particular maintenance Level. It sets the router into config-ecfm configuration mode, where parameters specific to the
maintenance domain can be set.
Step 4
Configures the maintenance association and sets a universally unique ID for a customer service instance (CSI) or
the maintenance association number value, primary
VLAN ID and VPN ID within a maintenance domain in
Ethernet connectivity fault management (CFM) configuration mode.
Example:
Router(config-ecfm)#service s41 evc
41 vlan 41
Step 5
continuity-check
Example:
Router(config-ecfm-srv)#continuity-check
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-245
Chapter 4
Step 6
Command
Purpose
Example:
Router(config-ecfm-srv)#continuity-check interval 10s
10m 10 minutes
10ms 10 ms
10s 10 seconds
1m 1 minute
1s 1 second
3.3ms 3.3 ms
The default is 10seconds.
Step 7
end
enable
2.
configure terminal
3.
interface
4.
5.
encapsulation {encapsulation-type}
6.
bridge-domain {number}
7.
8.
9.
cfm encapsulation
10. end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-246
OL-16147-20
Chapter 4
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
Example:
Router(config)# interface tengigabitethernet 1/0/0
Step 4
Example:
Router(config-interface)#service instance 41 ethernet 41
Step 5
encapsulation {encapsulation-type }
Example:
Router(config-if-srv)#encapsulation
dot1q 41
Step 6
bridge-domain
{number}
Example:
Router(config-if)#bridge-domain 41
Step 7
Example:
Router(config-if-srv)#cfm mep domain L4 mpid 4001
Step 8
Example:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-247
Chapter 4
Step 9
Command
Purpose
cfm encapsulation
Example:
PE1#(config-if-srv)#cfm encapsulation dot1q 100 second-dot1q 200
Step 10
end
enable
2.
configure terminal
3.
interface
4.
switchport
5.
6.
ethernet cfm mep domain domain-name mpid mpid {vlan vlan-id | port}
or
7.
8.
end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-248
OL-16147-20
Chapter 4
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
Example:
Router(config)# interface tengigabitethernet 1/0/0
Step 4
switchport
Example:
Router(config-interface)#switchport
Step 5
Example:
Router(config-if)#switchport mode
trunk
Step 6
Example:
Router(config-if)#ethernet cfm mep
domain L4 mpid 1 vlan 41
mpid: 1 to 8191
vlan-id: 1 to 4094
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-249
Chapter 4
Step 7
Command
Purpose
Example:
PE1(config-if)#ethernet cfm mip level 4 vlan 10
Step 8
end
enable
2.
configure terminal
3.
interface
4.
no ip address
5.
6.
7.
interface gigabitethernet
8.
9.
end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-250
OL-16147-20
Chapter 4
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
Example:
Router(config)# interface tengigabitethernet 1/0/0
Step 4
no ip address
Example:
Router(config-interface)# no ip address
Step 5
Example:
Router(config-if)#no mls qos trust
Step 6
Example:
Router(config-if)#ethernet cfm mep
domain routed mpid 4001 vlan 4001
Step 7
interface gigabitethernet
mpid: 1 to 8191
vlan-id: 1 to 4094
Example:
Router(config)# interface tengigabitethernet 1/0/0.1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-251
Chapter 4
Step 8
Command
Purpose
Example:
PE1(config-if)#encapsulation dot1Q
vlan-id 10
Step 9
end
Verification
Use the following commands to verify operation.
Command
Purpose
Example
The following example shows a configuration of MEP in a switchport:
ethernet cfm domain L4 level 4
service s41 evc 41 vlan 41
continuity-check
int TenGigabitEthernet2/0/0
switchport
switchport mode trunk
ethernet cfm mep domain L4 mpid 1 vlan 41
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-252
OL-16147-20
Chapter 4
The following example shows CFM configuration over a EVC with cross connect in the global domain
configuration mode:
ethernet cfm domain L6 level 6
service xconn evc xconn
continuity-check
The following example shows CFM configuration over a EVC with cross connect in the interface
configuration mode:
ethernet cfm domain L6 level 6
service s100 evc 100
continuity-check
interface Port-channel10
no ip address
service instance 100 ethernet 100
encapsulation dot1q 200
xconnect 3.3.3.3 1 encapsulation mpls
cfm mep domain L6 mpid 602
cfm mip level 7
Forward continuity check messages (CCM) towards the core over cross connect pseudowires.
Forward CFM messages to the access side (after Continuity Check Database [CCDB] based on
maintenance point [MP] filtering rules).
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-253
Chapter 4
As the number of PEs in a VPLS instance scale up, the number of CFM CC messages processed
increases. Accordingly, the configuration of the down-facing MEP on L2VFI for large fully meshed
PW topologies should be considered for only premium valued networks.
In the design of CFM domains, the maintenance level of an Down-facing MEP on the L2VFI
interface must be lower than the level from the AC.
Configuring CFM over EFP with xconnect for the Cisco 7600 Router
This section describes how to configure REP over EVC for the Cisco 7600 router:
Configuring CFM over EFP Interface with Cross ConnectBasic Configuration, page 4-254
Configuring CFM over EFP Interface with Cross ConnectSingle Tag VLAN Cross Connect,
page 4-257
Configuring CFM over EFP Interface with Cross ConnectDouble Tag VLAN Cross Connect,
page 4-259
Configuring CFM over EFP Interface with Cross ConnectSelective QinQ Cross Connect,
page 4-261
Configuring CFM over EFP Interface with Cross ConnectPort-Based Cross Connect Tunnel,
page 4-262
Configuring CFM over EFP Interface with Cross ConnectPort Channel-Based Cross Connect
Tunnel, page 4-264
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
pseudowire-class [pw-class-name]
4.
encapsulation mpls
5.
exit
6.
7.
8.
9.
10. cfm mep domain domain-name [up | down] mpid mpid-value [cos cos-value]
11. exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-254
OL-16147-20
Chapter 4
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
pseudowire-class [pw-class-name]
Example:
Router(config)# pseudowire-class
vlan-xconnect
Step 4
encapsulation mpls
Example:
Step 5
exit
Example:
Router(config-if-srv)# exit
Step 6
Example:
Router(config-if-srv)# interface
Gi2/0/2
Step 7
Example:
Router(config-if-srv)# service instance 101 ethernet
Step 8
Example:
Router(config-if-srv)# encapsulation
dot1q 100 second dot1q 200
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-255
Chapter 4
Step 9
Command
Purpose
xconnect peer-ip-address vc-id {encapsulation {l2tpv3 [manual] | mpls [manual]} | pw-class pw-class-name
}[pw-class pw-class-name] [sequencing
{transmit | receive | both}]
Binds an attachment circuit to a pseudowire, and configures an Any Transport over MPLS (AToM) static
pseudowire.
Example:
Router(config-if-srv)# xconnect
10.0.3.201 123 pw-class vlan-xconnect
Step 10
Example:
Router(config-if-srv)# cfm mep down
mpid 100 domain Core
Step 11
exit
Example:
Router(config-if-srv)# exit
Examples
This example shows how to configure CFM over EVC using cross connect.
PE3#conf terminal
Enter configuration commands, one per line.
PE3(config)#ethernet cfm domain L6 level 6
PE3(config-ecfm)# service s256 evc 256
PE3(config-ecfm-srv)# continuity-check
PE3(config-ecfm-srv)#end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-256
OL-16147-20
Chapter 4
Configuring CFM over EFP Interface with Cross ConnectSingle Tag VLAN Cross Connect
This section describes how to configure CFM over EFP Interface with Single Tag VLAN cross connect.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id
dot1q vlan-id} | pop {1 | 2} | translate {1-to-1 {dot1q vlan-id | dot1ad vlan-id}| 2-to-1 dot1q
vlan-id | dot1ad vlan-id}| 1-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id} | 2-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id}}
[symmetric]
7.
8.
cfm mep domain domain-name [up | down] mpid mpid-value [cos cos-value]
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface Gi2/0/2
Step 4
Example:
Router(config-if)# service instance 101
ethernet
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-257
Chapter 4
Step 5
Command
Purpose
Example:
Router(config-if-srv)# encapsulation
dot1q 100 second dot1q 100
Step 6
Example:
Router(config-if-srv)# rewrite dot1q
single symmetric
Step 7
xconnect peer-ip-address vc-id {encapsulation {l2tpv3 [manual] | mpls [manual]} | pw-class pw-class-name
}[pw-class pw-class-name] [sequencing
{transmit | receive | both}]
Binds an attachment circuit to a pseudowire, and configures an Any Transport over MPLS (AToM) static
pseudowire.
Example:
Router(config)# xconnect 10.0.3.201 123
pw-class vlan-xconnect
Step 8
Example:
Router# cfm mep up mpid 100 domain Core
Examples
This example shows how to configure CFM over EFP Interface with Single Tag VLAN cross connect:
PE3(config)#ethernet cfm domain L2 level 2
PE3(config-ecfm)# service s256 evc 256 direction down
PE3(config-ecfm-srv)# continuity-check
PE3(config-ecfm-srv)#end
PE3#
PE3(config)#int ten 2/0/0
PE3(config-if)#no ip address
PE3(config-if)# service instance 256 ethernet 256
PE3(config-if-srv)# encapsulation dot1q 256
PE3(config-if-srv)# xconnect 1.1.1.1 1 encapsulation mpls
PE3(cfg-if-ether-vc-xconn)# cfm mep domain L6 mpid 256
PE3(config-if-srv-ecfm-mep)#end
PE3#
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-258
OL-16147-20
Chapter 4
Configuring CFM over EFP Interface with Cross ConnectDouble Tag VLAN Cross Connect
This section describes how to configure CFM over EFP Interface with Double Tag VLAN cross connect.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id
dot1q vlan-id} | pop {1 | 2} | translate {1-to-1 {dot1q vlan-id | dot1ad vlan-id}| 2-to-1 dot1q
vlan-id | dot1ad vlan-id}| 1-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id} | 2-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id}}
[symmetric]
7.
8.
cfm mep domain domain-name [up | down] mpid mpid-value [cos cos-value]
9.
exit
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface Gi2/0/2
Step 4
Example:
Router(config-if)# service instance 100
ethernet
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-259
Chapter 4
Step 5
Command
Purpose
Example:
Router(config-if-srv)# encapsulation
dot1q 100 second-dot1q 200
Step 6
Example:
Router(config-if-srv)# rewrite dot1q
double symmetric
Step 7
xconnect peer-ip-address vc-id {encapsulation {l2tpv3 [manual] | mpls [manual]} | pw-class pw-class-name
}[pw-class pw-class-name] [sequencing
{transmit | receive | both}]
Binds an attachment circuit to a pseudowire, and configures an Any Transport over MPLS (AToM) static
pseudowire.
Example:
Router(config)# xconnect 1.1.1.1 100
pw-class vlan-xconnect
Step 8
Example:
Router# cfm mep down mpid 100 domain
Core
Examples
This example shows how to configure CFM over EFP Interface with Double Tag VLAN cross connect:
PE3(config)#ethernet cfm domain L2 level 2
PE3(config-ecfm)# service s256 evc 256 direction down
PE3(config-ecfm-srv)# continuity-check
PE3(config-ecfm-srv)#end
PE3#
PE3(config)#int ten 2/0/0
PE3(config-if)#no ip address
PE3(config-if)# service instance 256 ethernet 256
PE3(config-if-srv)# encapsulation dot1q 256 second-dot1q 257
PE3(config-if-srv)# xconnect 1.1.1.1 1 encapsulation mpls
PE3(cfg-if-ether-vc-xconn)# cfm mep domain L6 mpid 256
PE3(config-if-srv-ecfm-mep)#end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-260
OL-16147-20
Chapter 4
PE3#
Configuring CFM over EFP Interface with Cross ConnectSelective QinQ Cross Connect
This section describes how to configure CFM over EFP Interface with Selective QinQ cross connect.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
exit
5.
6.
7.
8.
cfm mep domain domain-name [up | down] mpid mpid-value [cos cos-value]
9.
exit
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface Gi2/0/2
Step 4
Example:
Router(config-if)# service instance 101
ethernet
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-261
Chapter 4
Step 5
Command
Purpose
Example:
Router(config-if-srv)# encapsulation
default
Step 6
xconnect peer-ip-address vc-id {encapsulation {l2tpv3 [manual] | mpls [manual]} | pw-class pw-class-name
}[pw-class pw-class-name] [sequencing
{transmit | receive | both}]
Binds an attachment circuit to a pseudowire, and configures an Any Transport over MPLS (AToM) static
pseudowire.
Example:
Router(config)# xconnect 10.0.3.201 123
pw-class vlan-xconnect
Step 7
Example:
Router# cfm mep down mpid 100 domain
Core
Examples
This example shows how to configure CFM over EFP Interface with Selective QinQ cross connect:
PE3(config)#ethernet cfm domain L2 level 2
PE3(config-ecfm)# service s256 evc 256 direction down
PE3(config-ecfm-srv)# continuity-check
PE3(config-ecfm-srv)#end
PE3#
PE3(config)#int ten 2/0/0
PE3(config-if)#no ip address
PE3(config-if)# service instance 256 ethernet 256
PE3(config-if-srv)# encapsulation dot1q 256 second-dot1q 257 cos 7
PE3(config-if-srv)# xconnect 1.1.1.1 1 encapsulation mpls
PE3(cfg-if-ether-vc-xconn)# cfm mep domain L6 mpid 256
PE3(config-if-srv-ecfm-mep)#end
PE3#
Configuring CFM over EFP Interface with Cross ConnectPort-Based Cross Connect Tunnel
This section describes how to configure CFM over EFP Interface with Port-Based cross connect Tunnel.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-262
OL-16147-20
Chapter 4
5.
6.
7.
cfm mep domain domain-name [up | down] mpid mpid-value [cos cos-value]
8.
exit
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface Gi2/0/2
Step 4
Example:
Router(config-if)# service instance 100
ethernet
Step 5
Example:
Router(config-if-srv)# encapsulation
dot1q 10-20, 30, 50-60
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-263
Chapter 4
Step 6
Command
Purpose
xconnect peer-ip-address vc-id {encapsulation {l2tpv3 [manual] | mpls [manual]} | pw-class pw-class-name}[pw-class
pw-class-name] [sequencing {transmit |
receive | both}]
Binds an attachment circuit to a pseudowire, and configures an Any Transport over MPLS (AToM) static
pseudowire.
Example:
Router(config)# xconnect 1.1.1.1 100
pw-class vlan-xconnect
Step 7
Example:
Router# cfm mep up mpid 100 domain Core
Examples
This example shows how to configure CFM over EFP Interface with Port-Based cross connect Tunnel:
PE3(config)#ethernet cfm domain L2 level 2
PE3(config-ecfm)# service s256 evc 256 direction down
PE3(config-ecfm-srv)# continuity-check
PE3(config-ecfm-srv)#end
PE3#
PE3(config)#int ten 2/0/0
PE3(config-if)#no ip address
PE3(config-if)# service instance 256 ethernet 256
PE3(config-if-srv)# encapsulation dot1q 256
PE3(config-if-srv)# xconnect 1.1.1.1 1 encapsulation mpls
PE3(cfg-if-ether-vc-xconn)# cfm mep domain L6 mpid 256
PE3(config-if-srv-ecfm-mep)#end
PE3#
Configuring CFM over EFP Interface with Cross ConnectPort Channel-Based Cross Connect
Tunnel
This section describes how to configure CFM over EFP Interface with Port Channel-Based cross connect
Tunnel.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-264
OL-16147-20
Chapter 4
6.
rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id
dot1q vlan-id} | pop {1 | 2} | translate {1-to-1 {dot1q vlan-id | dot1ad vlan-id}| 2-to-1 dot1q
vlan-id | dot1ad vlan-id}| 1-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id} | 2-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id}}
[symmetric]
7.
8.
cfm mep domain domain-name [up | down] mpid mpid-value [cos cos-value]
9.
exit
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface Port-channel
1
Step 4
Example:
Router(config-if)# service instance 101
ethernet
Step 5
Example:
Router(config-if-srv)# encapsulation
dot1q 20 second-dot1q 30
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-265
Chapter 4
Step 6
Command
Purpose
Example:
Router(config-if-srv)# rewrite ingress
tag pop 2 symmetric
Step 7
xconnect peer-ip-address vc-id {encapsulation {l2tpv3 [manual] | mpls [manual]} | pw-class pw-class-name
}[pw-class pw-class-name] [sequencing
{transmit | receive | both}]
Binds an attachment circuit to a pseudowire, and configures an Any Transport over MPLS (AToM) static
pseudowire.
Example:
Router(config)# xconnect 1.1.1.1 100
pw-class vlan-xconnect
Step 8
Example:
Router# cfm mep up mpid 100 domain Core
Examples
This example shows how to configure CFM over EFP Interface with Port Channel-Based cross connect
Tunnel:
PE3(config)#ethernet cfm domain L2 level 2
PE3(config-ecfm)# service s256 evc 256 direction down
PE3(config-ecfm-srv)# continuity-check
PE3(config-ecfm-srv)#end
PE3#
PE3(config)#int port-20
PE3(config-if)#no ip address
PE3(config-if)# service instance 256 ethernet 256
PE3(config-if-srv)# encapsulation dot1q 256
PE3(config-if-srv)# xconnect 1.1.1.1 1 encapsulation mpls
PE3(cfg-if-ether-vc-xconn)# cfm mep domain L6 mpid 256
PE3(config-if-srv-ecfm-mep)#end
Verification
Use the following commands to verify a configuration:
Use the show ethernet cfm ma remote commands to verify the CFM over EVC configuration. This
command shows the basic configuration information for CFM.
Router-30-PE1#show ethernet cfm ma local
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-266
OL-16147-20
Chapter 4
Local MEPs:
-------------------------------------------------------------------------------MPID Domain Name
Lvl
MacAddress
Type CC
Domain Id
Dir
Port
Id
MA Name
SrvcInst
EVC name
-------------------------------------------------------------------------------1
L6
6
000a.f393.56d0 XCON Y
L6
Down
Te2/0/0
N/A
bbb
1
bbb
3
L5
5
0007.8478.4410 XCON Y
L5
Up
Te2/0/0
N/A
bbb
1
bbb
Total Local MEPs: 2
Local MIPs:
* = MIP Manually Configured
-------------------------------------------------------------------------------Level Port
MacAddress
SrvcInst
Type
Id
-------------------------------------------------------------------------------7
Te2/0/0
0007.8478.4410 1
XCON
N/A
Total Local MIPs: 1
Use the show ethernet cfm ma remote to verify the MEP configuration:
Router-30-PE1#show ethernet cfm ma remote
-------------------------------------------------------------------------------MPID Domain Name
MacAddress
IfSt PtSt
Lvl Domain ID
Ingress
RDI MA Name
Type Id
SrvcInst
EVC Name
Age
-------------------------------------------------------------------------------4
L5
000a.f393.56d0
Up
Up
5
L5
Te2/0/0:(2.2.2.2, 1)
bbb
XCON N/A
1
bbb
9s
2
L6
000a.f393.56d0
Up
Up
6
L6
Te2/0/0:(2.2.2.2, 1)
bbb
XCON N/A
1
bbb
1s
Total Remote MEPs: 2
Use the show ethernet cfm mpdb command to verify the catalouge of CC with MIP in intermediate
routers.
PE2#show ethernet cfm mpdb
* = Can Ping/Traceroute to MEP
-------------------------------------------------------------------------------MPID Domain Name
MacAddress
Version
Lvl
Domain ID
Ingress
Expd MA Name
Type Id
SrvcInst
EVC Name
Age
-------------------------------------------------------------------------------600 * L6
0021.d8ca.d7d0
IEEE-CFM
6
L6
Te2/1:(2.2.2.2, 1)
s1
XCON N/A
1
1
2s
700
L7
001f.cab7.fd01
IEEE-CFM
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-267
Chapter 4
7
-
L7
s1
1
Te2/1:(2.2.2.2, 1)
XCON N/A
1
3s
Use the show mpls l2 transport vc 1 detail commaned to show detailed configuration information:
PE1#sh mpls l2 vc 1 deta
Local interface: Te8/0/1 up, line protocol up, Eth VLAN 200 up
Interworking type is Ethernet
Destination address: 3.3.3.3, VC ID: 1, VC status: up
Output interface: Te8/0/0, imposed label stack {21}
Preferred path: not configured
Default path: active
Next hop: 20.1.1.2
Create time: 21:13:27, last status change time: 02:55:33
Signaling protocol: LDP, peer 3.3.3.3:0 up
Targeted Hello: 2.2.2.2(LDP Id) -> 3.3.3.3, LDP is UP
Status TLV support (local/remote)
: enabled/supported
LDP route watch
: enabled
Label/status state machine
: established, LruRru
Last local dataplane
status rcvd: No fault
Last local SSS circuit status rcvd: No fault
Last local SSS circuit status sent: No fault
Last local LDP TLV
status sent: No fault
Last remote LDP TLV
status rcvd: No fault
Last remote LDP ADJ
status rcvd: No fault
MPLS VC labels: local 21, remote 21
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled
Control Word: On (configured: autosense)
VC statistics:
transit packet totals: receive 37, send 1067452272
transit byte totals:
receive 4181, send 72586757556
transit packet drops: receive 0, seq error 0, send 0
Use show mpls forwarding-table command to verify the cross connect VC:
PE1#show mpls forwarding-table
Local
Outgoing
Prefix
Label
Label
or Tunnel Id
17
Pop Label 3.3.3.3/32
21
No Label
l2ckt(1)
Bytes Label
Switched
23038746624
4181
Outgoing
interface
Te8/0/0
Te8/0/1
Next Hop
20.1.1.2
point2point
Use show ethernet cfm error command to view the error report:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-268
OL-16147-20
Chapter 4
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id
dot1q vlan-id} | pop {1 | 2} | translate {1-to-1 {dot1q vlan-id | dot1ad vlan-id}| 2-to-1 dot1q
vlan-id | dot1ad vlan-id}| 1-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id} | 2-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id}}
[symmetric]
7.
8.
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface Port-channel
1
Step 4
Example:
Router(config-if)# service instance 101
ethernet
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-269
Chapter 4
Step 5
Command
Purpose
Example:
Router(config-if-srv)# encapsulation
dot1q 20 second-dot1q 30
Step 6
Example:
Router(config-if-srv)# rewrite ingress
tag pop 2 symmetric
Step 7
xconnect peer-ip-address vc-id {encapsulation {l2tpv3 [manual] | mpls [manual]} | pw-class pw-class-name
}[pw-class pw-class-name] [sequencing
{transmit | receive | both}]
Binds an attachment circuit to a pseudowire, and configures an Any Transport over MPLS (AToM) static
pseudowire.
Example:
Router(config)# xconnect 1.1.1.1 100
pw-class vlan-xconnect
Step 8
Example:
Router# cfm mep up mpid 100 domain Core
Examples
This example shows how to configure CFM over EFP Interface with Port Channel-Based xconnect
Tunnel:
PE3(config)#ethernet cfm domain L2 level 2
PE3(config-ecfm)# service s256 evc 256 direction down
PE3(config-ecfm-srv)# continuity-check
PE3(config-ecfm-srv)#end
PE3#
PE3(config)#int port-20
PE3(config-if)#no ip address
PE3(config-if)# service instance 256 ethernet 256
PE3(config-if-srv)# encapsulation dot1q 256
PE3(config-if-srv)# xconnect 1.1.1.1 1 encapsulation mpls
PE3(cfg-if-ether-vc-xconn)# cfm mep domain L6 mpid 256
PE3(config-if-srv-ecfm-mep)#end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-270
OL-16147-20
Chapter 4
Verification
Use the following commands to verify a configuration:
Use show ethernet cfm ma remote commands to verify the CFM over EFP configuration. This
command shows the basic configuration information for CFM.
Router-30-PE1#show ethernet cfm ma local
Local MEPs:
-------------------------------------------------------------------------------MPID Domain Name
Lvl
MacAddress
Type CC
Domain Id
Dir
Port
Id
MA Name
SrvcInst
EVC name
-------------------------------------------------------------------------------1
L6
6
000a.f393.56d0 XCON Y
L6
Down
Te2/0/0
N/A
bbb
1
bbb
3
L5
5
0007.8478.4410 XCON Y
L5
Up
Te2/0/0
N/A
bbb
1
bbb
Total Local MEPs: 2
Local MIPs:
* = MIP Manually Configured
-------------------------------------------------------------------------------Level Port
MacAddress
SrvcInst
Type
Id
-------------------------------------------------------------------------------7
Te2/0/0
0007.8478.4410 1
XCON
N/A
Total Local MIPs: 1
Use show ethernet cfm mpdb command to verify the catalogue of CC with MIP in intermediate
routers.
PE2#show ethernet cfm mpdb
* = Can Ping/Traceroute to MEP
-------------------------------------------------------------------------------MPID Domain Name
MacAddress
Version
Lvl
Domain ID
Ingress
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-271
Chapter 4
Expd
MA Name
Type Id
SrvcInst
EVC Name
Age
-------------------------------------------------------------------------------600 * L6
0021.d8ca.d7d0
IEEE-CFM
6
L6
Te2/1:(2.2.2.2, 1)
s1
XCON N/A
1
1
2s
700
L7
001f.cab7.fd01
IEEE-CFM
7
L7
Te2/1:(2.2.2.2, 1)
s1
XCON N/A
1
1
3s
Total Remote MEPs: 2
Use show mpls l2 transport vc 1 detail command to show detailed configuration information:
PE1#sh mpls l2 vc 1 deta
Local interface: Te8/0/1 up, line protocol up, Eth VLAN 200 up
Interworking type is Ethernet
Destination address: 3.3.3.3, VC ID: 1, VC status: up
Output interface: Te8/0/0, imposed label stack {21}
Preferred path: not configured
Default path: active
Next hop: 20.1.1.2
Create time: 21:13:27, last status change time: 02:55:33
Signaling protocol: LDP, peer 3.3.3.3:0 up
Targeted Hello: 2.2.2.2(LDP Id) -> 3.3.3.3, LDP is UP
Status TLV support (local/remote)
: enabled/supported
LDP route watch
: enabled
Label/status state machine
: established, LruRru
Last local dataplane
status rcvd: No fault
Last local SSS circuit status rcvd: No fault
Last local SSS circuit status sent: No fault
Last local LDP TLV
status sent: No fault
Last remote LDP TLV
status rcvd: No fault
Last remote LDP ADJ
status rcvd: No fault
MPLS VC labels: local 21, remote 21
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled
Control Word: On (configured: autosense)
VC statistics:
transit packet totals: receive 37, send 1067452272
transit byte totals:
receive 4181, send 72586757556
transit packet drops: receive 0, seq error 0, send 0
Bytes Label
Switched
23038746624
4181
Outgoing
interface
Te8/0/0
Te8/0/1
Next Hop
20.1.1.2
point2point
Use show ethernet cfm error command to view the error report:
PE2#show ethernet cfm error
-------------------------------------------------------------------------------MPID Domain Id
Mac Address
Type
Id Lvl
MAName
Reason
Age
--------------------------------------------------------------------------------
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-272
OL-16147-20
Chapter 4
L3
s2
001d.45fe.ca81
Receive AIS
BD-V
200
8s
PE2#
Problem
Solution
When you configure CFM, the message Match registers are Use the show platform mrm info command on the SP console
not available is displayed.
to verify the match registers. Based on the derived output,
perform these tasks:
1.
2.
3.
4.
2.
3.
4.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-273
Chapter 4
Problem
Solution
Use the show ethernet cfm error command to check for Loop
Trap errors as shown here:
CE(config-if)#do sh ethernet cfm err
-----------------------------------------------------------------------------Level Vlan MPID Remote MAC
Reason
Service ID
-----------------------------------------------------------------------------5
711 550 1001.1001.1001 Loop Trap Error
OUT
PE#sh ethernet cfm err
-----------------------------------------------------------------------------Level Vlan MPID Remote MAC
Reason
Service ID
-----------------------------------------------------------------------------5
711 550 1001.1001.1001 Loop Trap Error
OUT
CFM is deactivated
2.
2.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-274
OL-16147-20
Chapter 4
With this feature, you can scale a Provider Bridged P802.1ad network using an existing Bridged and
Virtual Bridged Local Area Network (VLAN) deployment. Although the current Cisco QinQ capability
provides VLAN scaling, this feature extends the scaling and interoperability between multiple vendors.
Bridges in a Provider Backbone Bridged Network (PBBN) need to learn the MAC address of each host
to make forwarding decisions. MTP resolves this need for MAC address learning by encapsulating both
the data packet and MAC addresses (source and destination) into a new Ethernet frame. The header of
the new Ethernet frame contains:
The MAC scalability is implemented using the B-MACs. Since the new Ethernet frames are encapsulated
with MAC address (host) while traversing the PBBN, a bridge needs to learn the B-MACs only. The
MAC addresses of hosts are hidden from the Provider Backbone Bridges (PBB), resulting in the
PBBridges to learn only the provider MAC address, irrespective of the number of hosts or the number
of host MAC addresses supported. Since the data packets are sent to specific MAC addresses, the
802.1ah cloud is not flooded with unnecessary traffic. A MAC address is a static entry in the MAC
address table on the Backbone Core Bridge.
The VLAN scalability is implemented using the I-SID. The MTP achieves VLAN scalability by using a
backbone VLAN TAG with a 12-bit B-VID and the Service Instance TAG with a 24-bit Service Instance
ID to provide the VLAN scalability necessary to map large number of customers.
Figure 4-10 shows the basic MTP network deployment.
Figure 4-10
Provider
Backbone
Bridged
QinQ
QinQ
.1Q/untagg
QinQ
QinQ
276758
.1Q/untagg
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-275
Chapter 4
Provider Backbone
Bridged Network
Provider Bridged
CE
PB
IB-BEB
IB-BEB
PB
IB-BEB
PB
CE
PB
BC
CE
PB
PB
PB
IB-BEB
276759
CE
MTP Configuration
Table 4-35 lists the relationship between the various entities in a Cisco 7600 Series Router for MTP
implementation.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-276
OL-16147-20
Chapter 4
Table 4-35
Entity to Entity
Relationship
many to one
one to one
many to one
EFP
C-MAC
Bridge
Domain
EFP
I-SID 1
(service
instance)
EFP
B-MAC
Bridge
Domain
EFP
C-MAC
Bridge
Domain
I-SID 2
(service
instance)
276757
EFP
EFP
Scalability Information
Table 4-36 lists scalability information for MTP.
Table 4-36
Scalability Factor
Scalability Number
32000
16000
110
4094
16000
32000
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-277
Chapter 4
Scalability Factor
Scalability Number
32000
16000
MAC address synchronization and MAC address move notification in the C bridge-domain is not
supported.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id
dot1q vlan-id} | pop {1 | 2} | translate {1-to-1 {dot1q vlan-id | dot1ad vlan-id}| 2-to-1 dot1q
vlan-id | dot1ad vlan-id}| 1-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id} | 2-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id}}
[symmetric]
7.
8.
exit
9.
exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-278
OL-16147-20
Chapter 4
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Step 4
Example:
Router(config-if)#service instance 20
ethernet
Step 5
Example:
Router(config-if-srv)#encapsulation
dot1q 40 second-dot1q 42
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-279
Chapter 4
Step 6
Command
Purpose
Example:
Router(config-if-srv)#rewrite ingress
tag pop 1 symmetric
Step 7
Example:
Router(config-if-srv)#bridge-domain 21
c-mac
Step 8
exit
Example:
Router(config-if-srv)#exit
Step 9
exit
Example:
Router(config-if)#exit
Step 10
Configures mac-in-mac tunnel and creates a tunnel identifier for the 802.1ah cloud. Sets the configuration to config-tunnel-min mode.
Example:
Router(config)#ethernet mac-tunnel virtual 22
Step 11
bridge-domain bd_Id
Example:
Router(config-tunnel-minm)#bridge-domain 200
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-280
OL-16147-20
Chapter 4
Step 12
Command
Purpose
Example:
Router(config-tunnel-minm)#service in
23 ethernet
Step 13
Example:
Router(config-tunnel-srv)#encapsulation dot1ah isid 24
Step 14
Example:
Router(config-tunnel-srv)#bridge-domain 21 c-mac
Step 15
exit
Example:
Router(config-tunnel-srv)#exit
Step 16
exit
Example:
Router(config-tunnel-minm)#exit
Step 17
exit
Example:
Router(config)#exit
Examples
This example shows how to configure MTP for Cisco 7600 Routers:
Router>enable
Router#configure terminal
Router(config)#interface GigabitEthernet 3/1
Router(config-if)#service instance 20 ethernet
Router(config-if-srv)#encapsulation dot1q 40 second-dot1q 42
Router(config-if-srv)#rewrite ingress tag pop 1 symmetric
Router(config-if-srv)#bridge-domain 21 c-mac
Router(config-if-srv)#exit
Router(config-if)#exit
Router(config)#ethernet mac-tunnel virtual 22
Router(config-tunnel-minm)#bridge-domain 200
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-281
Chapter 4
Router(config-tunnel-minm)#service in 23 ethernet
Router(config-tunnel-srv)#encapsulation dot1ah isid 24
Router(config-tunnel-srv)#bridge-domain 21 c-mac
Router(config-tunnel-srv)#exit
Router(config-tunnel-minm)#exit
Router(config)#exit
Verification
Use the following commands to verify the MTP configuration and view the related information.
You can use the show platform mtp slot slot_num command to verify the MTP configuration and
view MTP information for each slot:
Router#sh platform mtp slot 3
SLOT
TUNNELENGINE
3
MacTunnelEngine3/0
3
MacTunnelEngine3/1
3
MacTunnelEngine3/2
3
MacTunnelEngine3/3
VLAN_LIST
200
You can use show platform mtp c_bd c-vlan-id to view information about a specific C-VLAN:
Router#sh platform mtp c_bd 21
C_BD
B_BD
SLOT
21
200
3
Router#
PPE
0
You can use show platform mtp b_bd b-vlan-id to view information about a specific B-VLAN:
Router#sh platform mtp b_bd 200
B_BD
SLOT
PPE
200
3
0
Router#
C_BD_COUNT
1
B_BD_COUNT
1
You can use show platform mtp befp b-efp-id to view information about a specific B-EFP:
SLOT
3
PPE
0
C_BD_COUNT
1
Troubleshooting
Table 4-37 provides troubleshooting solutions for the MAC Tunnelling feature.
Table 4-37
Troubleshooting Scenarios
Problem
Solution
2.
Error message displayed when the I-SID (service identifier) Complete these steps:
is configured
1. Check the the maximum number of I-SID you have set.
2.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-282
OL-16147-20
Chapter 4
Problem
Solution
Error message displayed when service instance is configured Complete these steps:
1.
2.
RP is disabled
Link FaultLoss of signal is detected by the receiver; for instance, the peer's laser malfunctions. A
link fault is sent once per second in the information OAM PDU. Link fault applies only when the
physical sublayer is capable of independently transmitting and receiving signals.
Dying GaspAn unrecoverable condition occurs; for example, a power failure. This type of
condition is vendor specific. A notification about the condition may be sent immediately and
continuously.
Critical EventAn unspecified critical event occurs. This type of event is vendor specific. A critical
event may be sent immediately and continuously.
In Remote Loopback mode, an OAM entity can put its remote peer into loopback mode using the
loopback control OAM PDU. Loopback mode helps an administrator ensure the quality of links during
installation or when troubleshooting. In the loopback mode, every frame received is transmitted back on
the same port except for OAM PDUs and pause frames. The periodic exchange of OAM PDUs must
continue during the loopback state to maintain the OAM session.
Note
Effective with Release 15.2(2)S, Dying Gasp and Remote Loopback Initiation is supported on ES+
linecards.
Internet Group Management Protocol (IGMP) packets are not looped back.
If dynamic ARP inspection is enabled, ARP or reverse ARP packets are not looped or dropped.
Control BPDUs like STP, CDP, PAGP, and LACP are not looped back and dropped.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-283
Chapter 4
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
end
6.
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
type number
Configures an interface.
Example:
Router# interface gigabitethernet 1/7
Step 4
Step 5
end
Example:
Router(config-if)# end
Step 6
type number
Example:
Router#ethernet oam remote-loopback start
interface gigabitEthernet 1/7
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-284
OL-16147-20
Chapter 4
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
end
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
type number
Configures an interface.
Example:
Router# interface gigabitethernet 1/7
Step 4
Step 5
end
Example:
Router(config-if)# end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-285
Chapter 4
Configuration Examples
This example shows how to configure the remote loopback initiation:
Router> enable
Router# configure terminal
Router#(config) interface gigabitethernet 1/7
Router(config-if)# ethernet oam remote-loopback supported
Router(config-if)# end
Router#ethernet oam remote-loopback start interface gigabitEthernet 1/7
Verification
This example shows how to verify the configuration:
Router# show ethernet oam status interface gigabitethernet1/7
GigabitEthernet1/7
General
------Admin state:
enabled
Mode:
active
PDU max rate:
10 packets per second
PDU min rate:
1 packet per 1 second
Link timeout:
5 seconds
High threshold action: no action
Link fault action:
no action
Dying gasp action:
error disable interface
Critical event action: no action
Link Monitoring
--------------Status: supported (on)
Symbol Period Error
Window:
Low threshold:
High threshold:
Frame Error
Window:
Low threshold:
High threshold:
10 x 100 milliseconds
1 error frame(s)
none
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-286
OL-16147-20
Chapter 4
This example shows the summary of the remote loopback configuration and the status of the operation:
P19_C7609-S#show ethernet oam summary
Symbols:
* - Master Loopback State, # - Slave Loopback State
& - Error Block State
Capability codes: L - Link Monitor, R - Remote Loopback
U - Unidirection, V - Variable Retrieval
Local
Interface
Gi1/7
MAC Address
-
Remote
OUI
-
Mode
-
Capability
-
The l2protocol forward command is available only on the main interface of switchports and L3
ports. The command is not available on the subinterfaces. All the subinterfaces on a port inherit the
behavior from the main interface. The l2protocol forward command is also available on EVC
service instance.
The l2protocol peer and l2protocol drop commands are not supported.
The l2protocol forward command on a main interface and on EVCs supports only cdp, dtp, vtp,
stp, and dot1x.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-287
Chapter 4
Port
EVC
Switchport
Layer Interfaces
C-UNI
Ethertype 0x8100
Ethertype 0x8100
Ethertype 0x8100
C-VLAN BPDU
C-VLAN BPDU
C-VLAN BPDU
Any EVCs
Trunk or Access
Ethertype 0x88a8
Ethertype 0x88a8
S-VLAN BPDU
Ethertype 0x88a8
Ethertype 0x88a8
Ethertype 0x88a8
S-VLAN BPDU
S-VLAN BPDU
S-VLAN BPDU
Any EVC
Trunk
Trunk
S-UNI
S-NNI
Not supported
Access only
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-288
OL-16147-20
Chapter 4
Figure 4-13
CE-1
PE-1
PE-2
88a8-999
8100-10...
88a8-999
8100-20...
88a8-999
8100-30...
CE-2
8100-10
8100-10
8100-20
8100-20
8100-30
8100-30
S-Bridge Component
The S-bridge component is capable of inserting or removing a service provider VLAN (S-VLAN) for all
traffic on a particular port. IEEE 802.1ad adds a new tag called a Service tag (S-tag) to all the ingress
frames from a customer to the service provider.
The VLAN in the S-tag is used for forwarding the traffic in the service provider network. Different
customers use different S-VLANs, which results in each customer's traffic being isolated. In the S-tag,
provider bridges use an Ethertype value that is different from the standard 802.1Q Ethertype value, and
do not understand the standard Ethertype. This difference makes customer traffic tagged with the
standard Ethertype appear as untagged in the provider network so customer traffic is tunneled in the port
VLAN of the provider port. The 802.1ad service provider user network interfaces (S-UNIs) and network
to network interfaces (NNIs) implement the S-bridge component.
For example, a VLAN tag has a VLAN ID of 1, the C-tag Ethertype value is 8100 0001, the S-tag
Ethertype value is 88A8 0001, and the class of service (CoS) is zero.
C-tag S-tag
------------------------------------------------------- ----------------------------------------------0x8100 | Priority bits | CFI | C-VLAN-ID 0x88A8 | Priority bits | 0 | S-VLAN-ID
------------------------------------------------------- -----------------------------------------------
C-Bridge Component
All the C-VLANs entering on a UNI port in an S-bridge component are provided the same service
(marked with the same S-VLAN). Although, C-VLAN components are not supported, a customer may
want to tag a particular C-VLAN packet separately to differentiate between services. Provider bridges
allow C-VLAN packet tagging with a provider edge bridge, called the C-bridge component of the
provider bridge. C-bridge components are C-VLAN aware and can insert or remove a C-VLAN 802.1Q
tag. The C-bridge UNI port is capable of identifying the customer 802.1Q tag and inserting or removing
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-289
Chapter 4
an S-tag on the packet on a per service instance or C-VLAN basis. A C-VLAN tagged service instance
allows service instance selection and identification by C-VLAN. The 802.1ad customer user network
interfaces (C-UNIs) implement the C-component.
Assignment
Value
01-80-c2-00-00-00
01-80-c2-00-00-01
01-80-c2-00-00-02
01-80-c2-00-00-03
01-80-c2-00-00-04
01-80-c2-00-00-05
01-80-c2-00-00-06
01-80-c2-00-00-07
01-80-c2-00-00-08
01-80-c2-00-00-09
01-80-c2-00-00-0a
01-80-c2-00-00-0b
01-80-c2-00-00-0c
01-80-c2-00-00-0d
01-80-c2-00-00-0e
01-80-c2-00-00-0f
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-290
OL-16147-20
Chapter 4
Table 4-39 shows the Layer 2 MAC addresses reserved for an S-VLAN component. These addresses are
a subset of the C-VLAN component addresses, and the C-bridge does not forward the provider's bridge
protocol data units (BPDUs) to a customer network.
Table 4-39
Assignment
Value
01-80-c2-00-00-01
01-80-c2-00-00-02
01-80-c2-00-00-03
01-80-c2-00-00-04
01-80-c2-00-00-05
01-80-c2-00-00-06
01-80-c2-00-00-07
01-80-c2-00-00-08
01-80-c2-00-00-09
01-80-c2-00-00-0a
UNI-C Ports
The guidelines pertaining to UNI-C ports are:
Table 4-40 shows the Layer 2 PDU destination MAC addresses for customer-facing C-bridge UNI ports,
and how frames are processed.
Table 4-40
Layer 2 PDU Destination MAC Addresses for Customer-Facing C-Bridge UNI Ports
Significance
on C-UNI Port Default Action
Assignment
Protocol
01-80-C2-00-00-00
BPDU
Peer
01-80-C2-00-00-01
BPDU
Drop
01-80-C2-00-00-02
BPDU
Peer
01-80-C2-00-00-03
802.1X
BPDU
May peer
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-291
Chapter 4
Table 4-40
Layer 2 PDU Destination MAC Addresses for Customer-Facing C-Bridge UNI Ports
Significance
on C-UNI Port Default Action
Assignment
Protocol
01-80-C2-00-00-04
Drop
01-80-C2-00-00-05
Drop
01-80-C2-00-00-06
None
Drop
01-80-C2-00-00-07
None
Drop
01-80-C2-00-00-08
None
Drop
01-80-C2-00-00-09
None
Drop
01-80-C2-00-00-0A
None
Drop
01-80-C2-00-000-0B
None
Drop
01-80-C2-00-00-0C
None
Drop
01-80-C2-00-00-0D
None
Drop
01-80-C2-00-00-0E
802.1ab-LLDP
BPDU
May peer
01-80-C2-00-00-0F
Drop
01-80-C2-00-00-10
Read Data
Snoop if
implemented.
Else, discard
01-80-C2-00-00-20
GMRP
Data/BPDU
May peer
01-80-C2-00-00-21
GVRP
Data/BPDU
May peer
01-80-C2-00-00-22
2F
Data/BPDU
May peer
01-00-0C-CC-CC-CC
BPDU
Peer
BPDU
May peer
UNI-S Ports
The guidelines pertaining to UNI-S ports are:
Packets with C-Bridge addresses (00 - 0F) that are not part of S-Bridge addresses (01 - 0A) are
treated as data packet (tunneled).
VLAN-aware L2 protocols cannot be peered because the port is not C-VLAN aware. They can only
be tunneled or dropped.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-292
OL-16147-20
Chapter 4
Table 4-41 shows the Layer 2 PDU destination MAC addresses for customer-facing S-bridge UNI ports,
and how frames are processed.
Table 4-41
Layer 2 PDU Destination MAC Addresses for Customer-Facing S-Bridge UNI Ports
Assignment
Protocol
Significance
on S-UNI Port Default Action
01-80-C2-00-00-00
Data
Data
01-80-C2-00-00-01
BPDU
Drop
01-80-C2-00-00-02
BPDU
Peer
01-80-C2-00-00-03
802.1X
BPDU
Peer
01-80-C2-00-00-04
Drop
01-80-C2-00-00-05
Drop
01-80-C2-00-00-06
BPDU
Drop
01-80-C2-00-00-07
BPDU
Drop
01-80-C2-00-00-08
BPDU
Drop (peer on
NNI)
01-80-C2-00-00-09
BPDU
Drop
01-80-C2-00-00-0A
BPDU
Drop
01-80-C2-00-00-0B
Data if not
Drop
implemented
01-80-C2-00-00-0C
Data if not
Treat as data until
implemented implemented
01-80-C2-00-00-0D
Data if not
Treat as data until
implemented implemented
01-80-C2-00-00-0E
802.1ab-LLDP
BPDU
01-80-C2-00-00-0F
Data
01-80-C2-00-00-10
Data
Data
01-80-C2-00-00-20
GMRP
Data
Data
01-80-C2-00-00-21
GVRP
Data
Data
01-80-C2-00-00-22
2F
Data
Data
01-00-0C-CC-CC-CC
Data
Data
Data
Data
May peer
NNI Ports
The Dot1add NNI ports behave in the same way as the customer facing S-bridge ports, with the following
exceptions:
On NNI ports, frames received with DA 01-80-C2-00-00-08 contain STP BPDU. The frames are
received and transmitted. On S-UNI ports, any such frames that are received are dropped, and none
are sent.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-293
Chapter 4
On NNI ports, frames received with DA 01-80-C2-00-00-02 include CDP Pagp, VTP, DTP, and
UDLD protocols.
MAC Address
Protocol
C-UNI Action
S-UNI Action
NNI Action
01-80-C2-00-00-00
Peer
Data
Data
01-80-C2-00-00-01
Drop
Drop
Drop
01-80-C2-00-00-02
Peer
Peer
01-80-C2-00-00-03
802.1X
May peer
May peer
May peer
01-80-C2-00-00-04
Reserved
Drop
Drop
Drop
01-80-C2-00-00-05
Reserved
Drop
Drop
Drop
01-80-C2-00-00-06
Reserved
Drop
Drop
Drop
01-80-C2-00-00-07
Reserved
Drop
Drop
Drop
01-80-C2-00-00-08
Drop
Drop
Peer
01-80-C2-00-00-09
Drop
Drop
Drop
01-80-C2-00-00-0A
Drop
Drop
Drop
01-80-C2-00-00-0B
Drop
Data
Data
01-80-C2-00-00-0C
Drop
Data
Data
01-80-C2-00-00-0D
Drop
Data
Data
01-80-C2-00-00-0E
802.1ab-LLDP
May peer
Data
Data
01-80-C2-00-00-0F
Drop
Data
Data
01-80-C2-00-00-10
Snoop if
implemented.
Else drop
Data
Data
01-80-C2-00-00-20
GMRP
May peer
Data
Data
01-80-C2-00-00-21
GVRP
May peer
Data
Data
01-80-C2-00-00-22
2F
May peer
Data
Data
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-294
OL-16147-20
Chapter 4
Table 4-42
MAC Address
Protocol
C-UNI Action
S-UNI Action
NNI Action
01-00-0C-CC-CC-C
C
Peer
Data
Data
01-00-0C-CC-CC-C
D
Ciscos PVST
May peer
Data
Data
dot1q
customer
QinQ
Box A
QinQ
Box B
dot1ad
Box C
......00
......d0
......d0
......d0 NNI
UNI Sport
dot1ad
Box E
NNI
dot1ad
Box D
......d0
UNI Sport
dot1q
customer
......00
dot1ad
Box F
......d0
dot1q
customer
......00
I2protocol-tunnel stp
switchport access vlan 999
switchport mode dot1q-tunnel
NNI
......00
Configuring a Switchport
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-295
Chapter 4
Configuring a Switchport
A switchport can be configured as a UNI-C port, UNI-S port, or NNI port.
UNI-C Port
A UNI-C port can be configured as either a trunk port or an access port. Perform the following tasks to
configure a UNI-C port as an access port for 802.1ad.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
switchport
6.
7.
8.
end
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
type number
Configures an interface.
Example:
Router# interface gigabitethernet 2/1
Step 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-296
OL-16147-20
Chapter 4
Step 5
Command or Action
Purpose
switchport
Example:
Router(config-if)# switchport
Step 6
Example:
Router(config-if)# switchport mode access
Step 7
vlan-id
Example:
Router(config-if)# switchport access 1000
Step 8
end
Example:
Router(config-if)# end
Perform the following tasks to configure a UNI-C port as a trunk port for 802.1ad.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
switchport
6.
7.
8.
end
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
type number
Configures an interface.
Example:
Router# interface gigabitethernet 2/1
Step 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-297
Chapter 4
Step 5
Command or Action
Purpose
switchport
Example:
Router(config-if)# switchport
Step 6
Example:
Router(config-if)# switchport mode trunk
Step 7
vlan-list
Example:
Router(config-if)# switchport trunk allowed
vlan 1000, 2000
Step 8
end
Example:
Router(config-if)# end
UNI-S Port
On a UNI-S port, all the customer VLANs that enter are provided with the same service. The port allows
only access configuration. In this mode, the customers port is configured as a trunk port. Therefore, the
traffic entering the UNI-S port is tagged traffic.
Perform the following tasks to configure a UNI-S port as an access port for 802.1ad.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
switchport
5.
6.
7.
8.
end
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-298
OL-16147-20
Chapter 4
Command or Action
Step 3
interface
Purpose
type number
Configures an interface.
Example:
Router# interface gigabitethernet 2/1
Step 4
switchport
Example:
Router(config-if)# switchport
Step 5
Example:
Router(config-if)# switchport mode access
Step 6
Step 7
vlan-id
Example:
Router(config-if)# switchport access 999
Step 8
end
Example:
Router(config-if)# end
NNI Port
NNI port allows only trunk configuration. On an NNI port, the frames received on all the allowed
VLANs are bridged to the respective internal VLANs.
Perform the following tasks to configure an NNI port as a trunk port for 802.1ad.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
switchport
5.
6.
7.
8.
end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-299
Chapter 4
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
type number
Configures an interface.
Example:
Router# interface gigabitethernet 2/1
Step 4
switchport
Example:
Router(config-if)# switchport
Step 5
Example:
Router(config-if)# switchport mode trunk
Step 6
Step 7
vlan-list
Example:
Router(config-if)# switchport trunk allowed
vlan 999
Step 8
end
Example:
Router(config-if)# end
Examples
The following example shows how to configure a UNI-C port as an access port. In this example, all the
frames that are received are bridged to one internal VLAN 1000. The transmitted frames do not have the
access VLAN Dot1q tag.
Router# configure terminal
Router(config)# interface gig2/1
Router(config-if# ethernet dot1ad uni c-port
Router(config-if)# switchport
Router(config-if)# switchport mode access
Router(config-if)# switchport access vlan 1000
The following example shows how to configure a UNI-C port as a trunk port. In this example, all the
frames that are received on all allowed VLANs (1000 and 2000) are bridged to the respective internal
VLANs. The transmitted frames have the respective internal VLAN Dot1q tag.
Router# configure terminal
outer(config)# interface gig2/1
Router(config-if)# ethernet dot1ad uni c-port
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-300
OL-16147-20
Chapter 4
Router(config-if)# switchport
Router(config-if)# switchport mode trunk
Router(config-if)# switchport access vlan 1000, 2000
The following example shows how to configure a UNI-S port. In this example, all the frames that are
received are bridged to one internal VLAN (999). The transmitted frames do not have the access VLAN
Dot1q tag.
Router# configure terminal
Router(config)# interface gig2/1
Router(config-if)# switchport
Router(config-if)# switchport mode access
Router(config-if)# ethernet dot1ad uni s-port
Router(config-if)# switchport access vlan 999
The following example shows how to configure an NNI port. Only trunk configuration is allowed on an
NNI port. In this example, all the frames that are received on all the allowed VLANs (999) are bridged
to the respective internal VLANs. The transmitted frames have the respective internal VLAN Dot1q tag.
Router# configure terminal
Router(config)# interface gig2/1
Router(config-if)# switchport
Router(config-if)# switchport mode trunk
Router(config-if)# ethernet dot1ad nni
Router(config-if)# switchport trunk allowed vlan 999
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
7.
end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-301
Chapter 4
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
type number
Configures an interface.
Example:
Router(config)# interface gigabitethernet 3/0
Step 4
vlan-id
Example:
Router(config)# switchport access vlan 500
Step 5
Step 6
Step 7
end
Example:
Router(config-if)# end
Examples
The following example shows how to configure a Layer 2 protocol forward:
Router# configure terminal
Router(config)# interface gig3/0
Router(config-if)# switchport access vlan 500
Router(config-if)# ethernet dot1ad uni s-port
Router(config-if)# l2protocol forward vtp
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-302
OL-16147-20
Chapter 4
5.
6.
end
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
type number
Configures an interface.
Example:
Router# interface gigabitethernet 1/1
Step 4
Example:
Router(config-if)# switchport mode trunk
Step 5
vlan-list
Example:
Router(config-if)# switchport trunk allowed
vlan 1000
Step 6
end
Example:
Router(config-if)# end
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
switchport
6.
7.
8.
end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-303
Chapter 4
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
type number
Configures an interface.
Example:
Router# interface gigabitethernet 4/1
Step 4
Step 5
switchport
Example:
Router(config-if)# switchport
Step 6
Example:
Router(config-if)# switchport mode trunk
Step 7
vlan-list
Example:
Router(config-if)# switchport trunk allowed
vlan 999-1199
Step 8
end
Example:
Router(config-if)# end
Examples
The following example shows how to translate a QinQ port to 802.1ad. In this example, the peer router
to gig1/1 multiplexes various customer VLANs into VLAN 1000.
Router# configure terminal
Router(config)# interface gig1/1
Router(config-if)# switchport mode trunk
Router(config-if)# switchport trunk allowed vlan 1000
Router# configure terminal
Router(config)# interface gig4/0
Router(config-if)# ethernet dot1ad nni
Router(config-if)# switchport
Router(config-if)# switchport mode trunk
Router(config-if)# switchport trunk allowed vlan 1000,1199
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-304
OL-16147-20
Chapter 4
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
switchport
5.
6.
7.
8.
9.
end
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
type number
Configures an interface.
Example:
Router(config)# interface gigabitethernet 2/1
Step 4
switchport
Example:
Router(config-if)# switchport
Step 5
Step 6
Example:
Router(config-if)# no l2 protocol forward
Step 7
Example:
Router(config-if)# l2protocol-tunnel stp
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-305
Chapter 4
Step 8
Command or Action
Purpose
Example:
Router(config-if)# switchport mode trunk
Step 9
end
Example:
Router(config-if)# end
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
switchport
5.
6.
7.
end
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
type number
Configures an interface.
Example:
Router(config)# interface gigabitethernet 2/1
Step 4
switchport
Example:
Router(config-if)# switchport
Step 5
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-306
OL-16147-20
Chapter 4
Step 6
Command or Action
Purpose
Example:
Router(config-if)# switchport mode trunk
Step 7
end
Example:
Router(config-if)# end
Examples
The following example shows how to tunnel the STP packets from a customer on the Dot1ad network to
a customer on a QinQ network:
Router# configure terminal
Router(config)# interface gig1/0
Router(config-if)# switchport
Router(config-if)# ethernet dot1ad uni s-port
Router(config-if)# no l2protocol forward
Router(config-if)# l2protocol-tunnel stp
Router(config-if)# switchport mode access
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
7.
bridge-domain vlan-id
8.
9.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-307
Chapter 4
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
type number
Configures an interface.
Example:
Router(config)# interface gigabitethernet 2/1
Step 4
Step 5
service instance
id service-type
Example:
Router(config-if)# service instance 1 ethernet
Step 6
encapsulation dot1q
vlan-id} [native]
vlan-id
second-dot1q {any |
Example:
Router(config-if)# encapsulation dot1q 1-100
Step 7
bridge-domain
vlan-id
Example:
Router(config-if)# bridge-domain 1000
Step 8
service instance
id service-type
Example:
Router(config-if)# service instance 2 ethernet
Step 9
encapsulation dot1q
vlan-id} [native]
vlan-id
second-dot1q {any |
Example:
Router(config-if)# encapsulation dot1q 102-4094
Step 10
bridge-domain
vlan-id
Example:
Router(config-if)# bridge-domain 500
Step 11
end
Example:
Router(config-if)# end
SUMMARY STEPS
1.
enable
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-308
OL-16147-20
Chapter 4
2.
configure terminal
3.
4.
5.
6.
7.
8.
bridge-domain vlan-id
9.
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
type number
Configures an interface.
Example:
Router(config)# interface gigabitethernet 2/1
Step 4
Step 5
service instance
id service-type
Example:
Router(config-if)# service instance 1 ethernet
Step 6
encapsulation dot1q
vlan-id} [native]
vlan-id
second-dot1q {any |
Example:
Router(config-if)# encapsulation dot1q 1000
second-dot1q 1-100
Step 7
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-309
Chapter 4
Command or Action
Step 8
bridge-domain
Purpose
vlan-id
Example:
Router(config-if)# bridge-domain 1000
Step 9
service instance
id service-type
Example:
Router(config-if)# service instance 2 ethernet
Step 10
encapsulation dot1q
vlan-id} [native]
vlan-id
second-dot1q {any |
Example:
Router(config-if)# encapsulation dot1q 500
second-dot1q 102-4904
Step 11
Step 12
bridge-domain
vlan-id
Example:
Router(config-if)# bridge-domain 500
Step 13
end
Example:
Router(config-if)# end
Examples
The following example shows how to configure a customer-facing UNI port. In this example, a dot1q
frame coming on VLAN 50 matches service instance 1, and on the ingress port, the rewrite command
pushes the 1000 outer-vlan.
Router# configure terminal
Router(config)# interface gig1/1
Router(config-if)# ethernet dot1ad uni c-port
Router(config-if)# service instance 1 ethernet
Router(config-if)# encapsulation dot1q 1-100
Router(config-if)# bridge-domain 1000
Router(config-if)# service instance 2 ethernet
Router(config-if)# encapsulation dot1q 102-4904
Router(config-if)# bridge-domain 500
Router# configure terminal
Router(config)# interface gig4/1
Router(config-if)# ethernet dot1ad nni
Router(config-if)# service instance 1 ethernet
Router(config-if)# encapsulation dot1q 1000 second dot1q 1-100
Router(config-if)# rewrite ingress tag pop 1 symmetric
Router(config-if)# bridge-domain 1000
Router(config-if)# service instance 2ethernet
Router(config-if)# encapsulation dot1q 500 second dot1q 102-4904
Router(config-if)# rewrite ingress tag pop 1 symmetric
Router(config-if)# bridge-domain 500
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-310
OL-16147-20
Chapter 4
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
7.
bridge-domain vlan-id
8.
9.
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
type number
Configures an interface.
Example:
Router(config)# interface gigabitethernet 2/1
Step 4
Step 5
service instance
id service-type
Example:
Router(config-if)# service instance 1 ethernet
Step 6
encapsulation dot1q
vlan-id} [native]
vlan-id
second-dot1q {any |
Example:
Router(config-if)# encapsulation dot1q 1-100
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-311
Chapter 4
Command or Action
Step 7
bridge-domain
Purpose
vlan-id
Example:
Router(config-if)# bridge-domain 1000
Step 8
service instance
id service-type
Example:
Router(config-if)# service instance 2 ethernet
Step 9
encapsulation dot1q
vlan-id} [native]
vlan-id
second-dot1q {any |
Example:
Router(config-if)# encapsulation dot1q 102-4094
Step 10
bridge-domain
vlan-id
Example:
Router(config-if)# bridge-domain 500
Step 11
end
Example:
Router(config-if)# end
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
switchport
6.
7.
8.
end
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-312
OL-16147-20
Chapter 4
Command or Action
Step 3
interface
Purpose
type number
Configures an interface.
Example:
Router# interface gigabitethernet 4/1
Step 4
Step 5
switchport
Example:
Router(config-if)# switchport
Step 6
Example:
Router(config-if)# switchport mode trunk
Step 7
vlan-list
Example:
Router(config-if)# switchport trunk allowed
vlan 1000-500
Step 8
end
Example:
Router(config-if)# end
Examples
The following example shows how to configure a customer-facing UNI-C port and switchport on NNI
with EVC:
Router# configure terminal
Router(config)# interface gig1/1
Router(config-if)# ethernet dot1ad uni c-port
Router(config-if)# service instance 1 ethernet
Router(config-if)# encapsulation dot1q 1-100
Router(config-if)# bridge-domain 1000
Router(config-if)# service instance 2 ethernet
Router(config-if)# encapsulation dot1q 102-4904
Router(config-if)# bridge-domain 500
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-313
Chapter 4
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
encapsulation default
7.
bridge-domain vlan-id
8.
end
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
type number
Configures an interface.
Example:
Router(config)# interface gigabitethernet 2/1
Step 4
service instance
id service-type
Example:
Router(config-if)# service instance 1 ethernet
Step 5
Step 6
encapsulation default
Example:
Router(config-if)# encapsulation default
Step 7
bridge-domain
vlan-id
Example:
Router(config-if)# bridge-domain 1000
Step 8
end
Example:
Router(config-if)# end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-314
OL-16147-20
Chapter 4
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
7.
8.
bridge-domain vlan-id
9.
end
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface
type number
Configures an interface.
Example:
Router(config)# interface gigabitethernet 2/1
Step 4
service instance
id service-type
Example:
Router(config-if)# service instance 1 ethernet
Step 5
Step 6
encapsulation dot1q
vlan-id} [native]
vlan-id
second-dot1q {any |
Example:
Router(config-if)# encapsulation dot1q 1000
second-dot1q 1-100
Step 7
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-315
Chapter 4
Command or Action
Step 8
bridge-domain
vlan-id
Example:
Router(config-if)# bridge-domain 1000
Step 9
Purpose
Binds a service instance or a MAC tunnel to a bridge
domain.
Returns the CLI to privileged EXEC mode.
end
Example:
Router(config-if)# end
Examples
The following example shows how to configure an NNI port:
Router# configure terminal
Router(config)# interface gig1/1
Router(config-if)# service instance 1 ethernet
Router(config-if)# ethernet dot1ad nni
Router(config-if)# encapsulation dot1q 1000
Router(config-if)# rewrite ingress tag pop 1 symmetric
Router(config-if)# bridge-domain 1000
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
7.
8.
end
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-316
OL-16147-20
Chapter 4
Command or Action
Step 3
interface
Purpose
type number
Configures an interface.
Example:
Router(config)# interface gigabitethernet 3/0
Step 4
Step 5
interface
type number
Example:
Router(config)# interface gigabitethernet
3/0/.1
Step 6
encapsulation dot1q
vlan-id} [native]
vlan-id
second-dot1q {any |
Example:
Router(config-if)# encapsulation dot1q 10
second-dot1q 10
Step 7
ip address
Example:
Router(config-if)# ip address 1.2.3.4
255.255.0.0
Step 8
end
Example:
Router(config-if)# end
Examples
The following example shows how to configure a Layer 3 termination. Note that Layer 3 is supported
only on trunk interfaces.
Router# configure terminal
Router(config)# interface gig3/0
Router(config-if)# ethernet dot1ad nni
Router(config)# interface gig3/0/0.1
Router(config-if)# encapsulation dot1q 10 second dot1q 10
Router(config-if)# ip address 1.2.3.4 255.255.0.0
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-317
Chapter 4
Troubleshooting Dot1ad
The following section describes how to troubleshoot Dot1ad.
Note
The show commands in these examples should be run from a line card console.
How do I verify the Dot1ad configuration on a switchport on an X40G card?
Run the following command to verify the Dot1ad configuration:
XYZ-PE1-dfc1# show platform npc switchport interface gi 1/2
[GigabitEthernet1/2]
status [valid, -, applied, enabled]
src_index [0x1]
rpcb [0x178BB9C4]
xlif_id [4097]
xlif_handle [type:[3] hwidb:[0x20E97F08] if_number:[1121]]
ft_bits [0x2]
ing_ctrl_ft_bits [0x2]
egr_ctrl_ft_bits [0x2]
port vlan [1]
mode ingress [NORMAL] egress [NORMAL]
dot1q_tunnel [No]
native tagging [No]
PVLAN isolated or community [No] promiscuous [No]
ingress vlan-translation [No] BPDU [No]
egress vlan-translation [No] BPDU [No]
dot1ad [Yes] <<<<<<<<<<<<
ethertype [0x88A8] <<<<<<<<<<<
Ingress Stat ID: 778698
Egress Stat ID: 778700
VLAN List:
1
num of vlans [1]
XYZ-PE1-dfc1#
How do I verify the Dot1ad configuration on the ports with EVCs on an X40G card?
Run the following command to verify the Dot1ad configuration:
XYZ-PE1-dfc1# show platform npc xlif interface gi 1/2 efp 1
EFP XLIF(GigabitEthernet1/2, efp1)[np0] = 4136
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-318
OL-16147-20
Chapter 4
0x1
0x1
0x01
0x00
0x00
0x00
0x1
0x1
0x1
30
0
0
450980
0
0
0
0
0
0x00000000
0x00008064
0x00000008
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-319
Chapter 4
0x0002
0x0001
0x0000
0x0000
0x0000
0x0000
<<<<<<<<<
<<<<<<<<<
..............................................
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-320
OL-16147-20
Chapter 4
XX | Config
----------01 : DROP
05 : FRWD
09 : FRWD
0D : FRWD
XX | Config
----------02 : PEER
06 : FRWD
0A : FRWD
0E : FRWD
XX | Config
----------03 : PEER
07 : FRWD
0B : FRWD
0F : FRWD
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-321
Chapter 4
Figure 4-15
Subscriber
Equipment
1
Operator A NEs
2
Service Provider
4
Subscriber
Equipment
Operator B NEs
5
Subscriber ME
Test MEG
EVC ME
Operator A ME
NNI ME
UNI ME
246186
UNI ME
Operator B ME
Connectivity
Connectivity
The first step to performance monitoring is verifying the connectivity. Continuity Check Messages
(CCM) are best suited for connectivity verification, but is optimized for fault recovery operation. It is
usually not accepted as a component of an SLA due to the timescale difference between SLA and Fault
recovery. Hence, Connectivity Fault Management (CFM) and Continuity Check Database (CCDB) are
used to verify connectivity. For more information on CFM see IEEE 802.1ag-2007 Compliant CFM,
page 4-235.
One-way ETH-DM:
Each MEP transmits frames with one-way ETH-DM information to its peer MEP in a point-to-point
ME to facilitate one-way frame delay and/or one-way frame delay variation measurements at the
peer MEP. One way frame delay requires clock to be synchronized at both ends while frame delay
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-322
OL-16147-20
Chapter 4
variation doesn't require clock synchronization. It is measured using a single delay measurement
(1DM) or Delay Measurement Message (DMM) and Delay Measurement Reply (DMR) frame
combination.
Two-way ETH-DM:
Each MEP transmits frames with ETH-DM request information to its peer MEP and receives frames
with ETH-DM reply information from its peer MEP. Two way frame delay and frame delay variation
is measured using DMM and DMR frame.
receive-only session.
You must configure all the create sessions on the receiver's datapath. These are passive listener
sessions.
Note
On a Cisco 7600 router, clock synchronization is achieved using a 2-port gigabit synchronous ethernet
SPA. On an ES+ line card, the Real Time Clock (RTC) is synchronized to the 2-port gigabit synchronous
ethernet SPA time source using Precision Time Protocol (PTP) as the time source protocol. If the time
source selected is PTP, all the Y.1731 PM delay packets should have the 1588V2 timestamps.
For a 7600 router that does not have 2-Port Gigabit Synchronous Ethernet SPA, delay measurement is
done by using the timestamps with Network Time Protocol (NTP) as the time source protocol. This is
applicable only to One-way delay measurements.
To initiate Time of Day (ToD) synchronization on a line card, use the platform time-source command
in global configuration mode.
Single-ended ETH-LM: Each MEP transmits frames with the ETH-LM request information to its
peer MEP and receives frames with ETH-LM reply information from its peer MEP to carry out loss
measurements.
Dual-ended ETH-LM: Each MEP transmits periodic dual-ended frames with ETH-LM information
to its peer MEP in a point-to-point ME and facilitates frame loss measurements at the peer MEP. As
of now, the Cisco 7600 router does not support Dual-ended ETH-LM.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-323
Chapter 4
Supported Interfaces
Y.1731 PM supports these interfaces:
Note
PM is supported in the EVC and CFM configurations mentioned above, with both Dot1q and QinQ
encapsulations available on the EVC.
If the route processor CPU is busy with other processes and if software forwarding is used, the
performance monitoring statistics are not accurate.
Y.1731 PM is not SSO compliant. After switchover all sessions data is cleared and IPSLA restart is
required.
In case of one way session or two way session, when one way statistics are required, PTP needs to
be synchronized between peers and stable. You should delay starting of sessions in such situations.
On Cisco 7600 series router, only ES+Line Card is supported in non-switchport mode. PM is not
supported on Port MEPs.
Loss measurement on port-channel interfaces is supported only if all physical interfaces of the
port-channel are present on a single NPU. This restriction cannot be applied for delay
measurements.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-324
OL-16147-20
Chapter 4
Note
Before you begin the Y.1731 PM configurations, ensure that the cfm configurations are up and working.
For more information on cfm configurations, please see section IEEE 802.1ag-2007 Compliant CFM,
page 4-235
The command [no] ethernet cfm distribution enable disables the CFM distribution functionality. This
is necessary to avoid performance hits due to the distributing CFM functionality. This command is
disabled by default.
Note
Ensure that you first configure a receiver, schedule it to the pending state, and then configure a sender.
Summary Steps
1.
enable
2.
configure terminal
On the receiver:
3.
ip sla n
4.
ethernet y1731 delay receive 1DM domain domain {{vlan | evc} value}cos value {mpid |
mac-address} value
5.
6.
7.
8.
9.
clock sync
On the sender:
14. ip sla n
15. ethernet y1731 delay 1DM domain domain {{vlan | evc} value} {mpid | mac-address} value cos
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-325
Chapter 4
Detailed Steps
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
ip sla n
Example:
Router((config)# ip sla 2
Step 4
Step 5
Example:
Router(config-sla-y1731-delay)#
frame interval 100
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-326
OL-16147-20
Chapter 4
Step 6
Command
Purpose
Example:
Router(config-sla-y1731-delay)# history interval 5
Step 7
Example:
Router(config-sla-y1731-delay)# aggregate interval 5
Step 8
distribution {delay |
delay-variation} {one-way | two-way}
value
Example:
Router(config-sla-y1731-delay)#distribution delay-variation one-way 2
Step 9
clock sync
Example:
Router(config-sla-y1731-delay)#clock sync
Step 10
max-delay value
Example:
Router(config-sla-y1731-delay)#clock sync
Step 11
owner value
Example:
Router(config-sla-y1731-delay)#owner name
Step 12
exit
Exits the Y.1731 submode and enters the global configuration mode.
Example:
Router((config-sla-y1731-delay)#
exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-327
Chapter 4
Command
Step 13
Purpose
Schedules the one way delay measurement on receiver.
Example:
Router((config)# ip sla schedule 1
life 100 start-time pending
after
hh:mm
hh:mm:ss
now
pending
Note
Step 14
ip sla n
Example:
Router(config)# ip sla 1
Step 15
Step 16
Example:
Router(config-sla-y1731-delay)#
frame interval 100
Step 17
Example:
Router(config-sla-y1731-delay)# history interval 5
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-328
OL-16147-20
Chapter 4
Step 18
Command
Purpose
Example:
Router(config-sla-y1731-delay)# aggregate interval 5
Step 19
distribution {delay |
delay-variation} {one-way | two-way}
value
Example:
Router(config-sla-y1731-delay)#distribution delay-variation one-way 2
Step 20
clock sync
Example:
Router(config-sla-y1731-delay)#clock sync
Step 21
max-delay value
Example:
Router(config-sla-y1731-delay)#clock sync
Step 22
owner value
Example:
Router(config-sla-y1731-delay)#owner name
Step 23
exit
Exits the Y.1731 submode and enters the global configuration mode.
Example:
Router((config-sla-y1731-delay)#
exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-329
Chapter 4
Step 24
Command
Purpose
Example:
after
hh:mm
hh:mm:ss
now
pending
Step 25
exit
Example:
Router((config)# exit
Configuration Example
This example displays the configuration of one way frame delay measurement. Before you begin,
configure the receiver, schedule it to pending state, configure the sender and then start the session on it.
Router# enable
Router# configure terminal
On receiver
Router(config)#ip sla 1
Router(config-ip-sla)# ethernet y1731 delay receive 1DM domain r3 evc e3 cos 3 mpid 401
Router(config-sla-y1731-delay)#history interval 5
Router(config-sla-y1731-delay)#aggregate interval 60
Router(config)#exit
Router(config)#ip sla schedule 1 start-time pending
On Sender
Router(config)# ip sla 1
Router(config-ip-sla)# Router(config-ip-sla)# ethernet y1731 delay 1DM domain r3 evc e3
mpid 500 cos 3 source mpid 400
Router(config-sla-y1731-delay)# history interval 5
Router(config-sla-y1731-delay)# aggregate interval 60
Router(config)#exit
Router(config)#ip sla schedule 1 start-time after 00:00:30
Router# end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-330
OL-16147-20
Chapter 4
Summary Steps
1.
enable
2.
configure terminal
3.
ip sla n
4.
ethernet y1731 delay DMM domain domain {{vlan | evc} value} {mpid | mac-address} value cos
value source {mpid | mac-address} value
5.
6.
7.
8.
9.
clock sync
Detailed Steps
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
ip sla n
Example:
Router(config)# ip sla 1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-331
Chapter 4
Step 4
Command
Purpose
Example:
Router(config-ip-sla)# ethernet
y1731 delay DMM domain r3 evc e3
mpid 500 cos 3 source mpid 400
Step 5
Example:
Router(config-sla-y1731-delay)#
frame interval 100
Step 6
Example:
Router(config-sla-y1731-delay)# history interval 5
Step 7
Example:
Router(config-sla-y1731-delay)# aggregate interval 5
Step 8
distribution {delay |
delay-variation} {one-way | two-way}
value
Example:
Router(config-sla-y1731-delay)#distribution delay-variation one-way 2
Step 9
clock sync
Example:
Router(config-sla-y1731-delay)#clock sync
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-332
OL-16147-20
Chapter 4
Step 10
Command
Purpose
max-delay value
Example:
Router(config-sla-y1731-delay)#clock sync
Step 11
owner value
Example:
Router(config-sla-y1731-delay)#owner name
Step 12
exit
Exits the Y.1731 submode and enters the global configuration mode.
Example:
Router((config-sla-y1731-delay)#
exit
Step 13
Example:
Router((config)# ip sla schedule 1
life 100 start-time now
after
hh:mm
hh:mm:ss
now
pending
Step 14
exit
Example:
Router((config)# exit
Configuration Example
The following example configures a two way frame delay measurement
Router# enable
Router# configure terminal
Router(config)# ip sla 1
Router(config-ip-sla)# ethernet y1731 delay DMM domain ifm_400 evc e1 mpid 401 cos 4
source mpid 1
Router(config-sla-y1731-delay)# history interval 5
Router(config-sla-y1731-delay)# aggregate interval 60
Router(config-sla-y1731-delay)#exit
Router(config)#ip sla schedule 1 start-time after 00:00:30
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-333
Chapter 4
Router(config)#exit
Note
Before you begin, configure the command monitor loss counter [priority cos range] under the EVC
CFM sub-config mode for those interfaces that require loss monitoring.
Summary Steps
1.
enable
2.
configure terminal
3.
ip sla n
4.
ethernet y1731 loss LMM domain domain {{vlan | evc} value} {mpid | mac-address} value cos
value source {mpid | mac-address} value
5.
6.
7.
8.
clock sync
9.
max-delay value
Detailed Steps
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-334
OL-16147-20
Chapter 4
Step 3
Command
Purpose
ip sla n
Example:
Router(config)# ip sla 1
Step 4
Step 5
Example:
Router(config-sla-y1731-loss)# frame
interval 100
Step 6
Example:
Router(config-sla-y1731-loss)# history interval 5
Step 7
Example:
Router(config-sla-y1731-loss)# aggregate interval 5
Step 8
clock sync
Example:
Router(config-sla-y1731-loss)#clock
sync
Step 9
max-delay value
Example:
Router(config-sla-y1731-loss)#clock
sync
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-335
Chapter 4
Step 10
Command
Purpose
owner value
Example:
Router(config-sla-y1731-loss)#owner
name
Step 11
exit
Exits the Y.1731 submode and enters the global configuration mode.
Example:
Router((config-sla-y1731-loss)# exit
Step 12
Example:
Router((config)# ip sla schedule 1
life 100 start-time now
Step 13
exit
Example:
Router((config)# exit
Configuration Example
This example displays the configuration of single ended frame loss measurement:
Router# enable
Router# configure terminal
Router(config)# ip sla 1
Router(config-ip-sla)# ethernet y1731 loss LMM domain r3 vlan 200 mpid 10 cos 3 source
mpid 5
Router(config-sla-y1731-loss)# frame interval 5
Router(config-sla-y1731-loss)# aggregate interval 60
Router(config-sla-y1731-loss)# exit
Router(config)# ip sla schedule 1 life forever start-time now
Router(config)# exit
This example displays the configuration of the command monitor loss counter {priority value} under
the EVC CFM sub-config mode:
interface GigabitEthernet3/5
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-336
OL-16147-20
Chapter 4
no ip address
service instance 1 ethernet e3
encapsulation dot1q 200
bridge-domain 200
cfm mep domain r3 mpid 5
monitor loss counter priority 0-4
!
end
Note
Use the ip sla reaction-configuration [n] react command to configure the reaction configuration.
To verify and monitor the frame delay and frame delay variation measurement configuration, use
this command in privileged EXEC mode:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-337
Chapter 4
To verify and monitor the frame loss measurement configuration, use this command in privileged
EXEC mode:
To display all details of frame delay and frame delay variation measurements, use the show ip sla
statistics detail command.
Delay:
Max/Avg/Min TwoWay: 140116936/140116944/140116952
Timestamps TwoWay: Max - *00:00:00.000 PST Mon Jan 1 1900/Min - *00:00:00.000 PST Mon Jan
1 1900
Bucket forward:
Bucket Range: 0-4999 microsecond
Total observations: 0
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-338
OL-16147-20
Chapter 4
Bucket
Total
Bucket
Total
Bucket
Total
Bucket
Total
Bucket
Total
Bucket
Total
Bucket
Total
Bucket
Total
Bucket
Total
Bucket backward:
Bucket Range: 0-4999 microsecond
Total observations: 0
Bucket Range: 5000-9999 microsecond
Total observations: 0
Bucket Range: 10000-14999 microsecond
Total observations: 0
Bucket Range: 15000-19999 microsecond
Total observations: 0
Bucket Range: 20000-24999 microsecond
Total observations: 0
Bucket Range: 25000-29999 microsecond
Total observations: 0
Bucket Range: 30000-34999 microsecond
Total observations: 0
Bucket Range: 35000-39999 microsecond
Total observations: 0
Bucket Range: 40000-44999 microsecond
Total observations: 0
Bucket Range: 45000--2 microsecond
Total observations: 0
Bucket TwoWay:
Bucket Range: 0-0 microsecond
Total observations: 0
Bucket Range: 1-1 microsecond
Total observations: 0
Bucket Range: 2-2 microsecond
Total observations: 0
Bucket Range: 3-3 microsecond
Total observations: 0
Bucket Range: 4--2 microsecond
Total observations: 0
Delay Variance:
Max/Avg backward positive: 140116936/140116944
Timestamp backward positive: Max - *00:00:00.000 PST Mon Jan
Max/Avg backward negative: 140116936/140116944
Timestamp backward negative: Max - *00:00:00.000 PST Mon Jan
Max/Avg TwoWay positive: 140116936/140116944
Timestamp TwoWay positive: Max - *00:00:00.000 PST Mon Jan 1
Max/Avg TwoWay negative: 140116936/140116944
Timestamp TwoWay negative: Max - *00:00:00.000 PST Mon Jan 1
1 1900
1 1900
1900
1900
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-339
Chapter 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-340
OL-16147-20
Chapter 4
Total observations: 0
Bucket backward negative:
Bucket Range: 0-4999 microsecond
Total observations: 0
Bucket Range: 5000-9999 microsecond
Total observations: 0
Bucket Range: 10000-14999 microsecond
Total observations: 0
Bucket Range: 15000-19999 microsecond
Total observations: 0
Bucket Range: 20000-24999 microsecond
Total observations: 0
Bucket Range: 25000-29999 microsecond
Total observations: 0
Bucket Range: 30000-34999 microsecond
Total observations: 0
Bucket Range: 35000-39999 microsecond
Total observations: 0
Bucket Range: 40000-44999 microsecond
Total observations: 0
Bucket Range: 45000--2 microsecond
Total observations: 0
Bucket TwoWay positive:
Bucket Range: 0-4999 microsecond
Total observations: 0
Bucket Range: 5000-9999 microsecond
Total observations: 0
Bucket Range: 10000-14999 microsecond
Total observations: 0
Bucket Range: 15000-19999 microsecond
Total observations: 0
Bucket Range: 20000-24999 microsecond
Total observations: 0
Bucket Range: 25000-29999 microsecond
Total observations: 0
Bucket Range: 30000-34999 microsecond
Total observations: 0
Bucket Range: 35000-39999 microsecond
Total observations: 0
Bucket Range: 40000-44999 microsecond
Total observations: 0
Bucket Range: 45000--2 microsecond
Total observations: 0
To display the same outputs as the latest statistics detail command, use the show ip sla history
interval n command. The number displayed is the number of intervals configured.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-341
Chapter 4
Forward
Number of Observations 11999
Timestamps forward:
Max - *09:47:20.252 UTC Fri Nov 26 2010/
Tx frame count: 30000
Rx frame count: 20000
Available indicators: 11999
Unavailable indicators: 0
Max/Avg/Min - (FLR % ): 1:3/2.78%/0:0
Backward
Number of Observations 11999
Timestamps backward:
Max - *09:48:16.221 UTC Fri Nov 26 2010/
Tx frame count: 10000
Rx frame count: 10000
Available indicators: 11999
Unavailable indicators: 0
Max/Avg/Min - (FLR % ): 0:0/0.0%/0:0
Interval 1
Start time: 10:58:30.144 PDT Tue Jan 4 2011
End time: 10:59:05.140 PDT Tue Jan 4 2011
Number of measurements initiated: 33
Number of measurements completed: 34
Flag: OK
Delay:
Number of TwoWay observations: 34
Max/Avg/Min TwoWay: 113364/100499/100099 (microsec)
Time of occurrence TwoWay:
Max - 10:59:05.140 PDT Tue Jan 4 2011
Min - 10:58:40.076 PDT Tue Jan 4 2011
Bin TwoWay:
Bin Range (microsec)
0 - < 5000
5000 - < 10000
10000 - < 15000
15000 - < 20000
20000 - < 25000
25000 - < 30000
30000 - < 35000
35000 - < 40000
40000 - < 45000
45000 - < 4294967295
Total observations
0
0
0
0
0
0
0
0
0
34
Delay Variance:
Number of TwoWay positive observations: 19
Max/Avg TwoWay positive: 13256/706 (microsec)
Time of occurrence TwoWay positive:
Max - 10:59:05.140 PDT Tue Jan 4 2011
Number of TwoWay negative observations: 14
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-342
OL-16147-20
Chapter 4
Total observations
18
0
1
0
0
0
0
0
0
0
Total observations
14
0
0
0
0
0
0
0
0
0
To display the performance monitoring session summary, use the show ethernet cfm pm session
summary command.
Troubleshooting
These troubleshooting scenarios apply to the Y.1731 performance monitoring configurations:
Problem
Solution
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-343
Chapter 4
Note
ISG functionality support for IP and PPPoE sessions is deprecated and will be unavailable in a future
release.
IP sessions are hosted for the following connected subscriber devices:
Devices that are one hop far from SG are L2-connected sessions.
Devices that are multiple hops from the system where Service Gateway (SG) is not at the extreme
L3 edge are routed sessions.
Access interfaces
IP Address Assignment
DHCP Based IP address assignment: If DHCP is being used to assign IP addresses, and the IP
address that is assigned by DHCP is correct for the service domain, ISG does not have to be involved
in the assignment of an IP address for the subscriber. If the IP address that is assigned by DHCP is
not correct for the service domain, or if the domain changes because of a VRF transfer, ISG can be
configured to influence the DHCP IP address assignment.
Static IP address assignment: If the static IP address for a subscriber is configured correctly for the
service domain, ISG is not involved in the assignment of an IP address for the subscriber.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-344
OL-16147-20
Chapter 4
IP subnet: For IP subnet sessions, the IP subnet is specified in the user profile.
IP Interface Sessions
In an IP Interface session, all the traffic received on a particular physical or logical interface is collated.
However, dynamic VRF transfer is not supported in an IP interface session and, VRF transfer can only
be used with static VRF configuration. Irrespective of the subscriber logged in, a session is created by
default.
Note
IP Subnet sessions
IP Interface sessions
PPPoEoX sessions.
Port channel sub-interfaces of type access provide M:N LAG support if the Intelligent Services Gateway
(ISG) is not configured. In case the ISG is configured, only the 1:1 activestandby configuration is
supported for access type sub-interfaces.
PPPoE and IPoE Session Support on QinQ Subinterfaces with IEEE 802.1AH
Customer Ethertype
This feature enables you to implement PPPoE and IPoE session (ISG functions) on QinQ subinterfaces
that are configured with custom ethertype. The custom ethertype implemented on the main interface is
inherited by all the subinterfaces. To implement this feature, use dot1q tunnel ethertype command on
main interface for the respective QinQ subinterfaces.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-345
Chapter 4
If the outer VLAN tag on a PPPoE or IPoE session packet matches the custom ethertype VLAN settings
on the QinQ subinterface, the packets are accepted otherwise the packets are dropped. You can set the
outer VLAN tag to the following values:
0x9100
0x9200
0x8100
0x88a8
The PPPoE or IPoE session does not come up if there is ethertype mismatch between ISG and the client.
For example, if the outer VLAN tag on a packet is set to 0x9100 and the interface is configured using
custom ethertype to accept only packets with 0x88a8 VLAN tag, the packet will be dropped in the QinQ
subinterface.
You can configure QinQ on both the access and non-access sub-interfaces. The following code shows
how to define an interface with access sub-interface, create a VLAN QinQ subinterface, and enable
PPPoE session:
Router> enable
Router# configure terminal
Router(config)# interface gigabitethernet 1/0/0
Router(config-if)# dot1q tunneling ethertype 0x9100
Router(config-if)# interface gigabitethernet 1/0/0.100 access
Router(config-subif)# encapsulation dot1q 100 second-dot1q 200
Router(config-subif)# ip subscriber interface
IP and MAC address spoof Prevention is not supported on subinterfaces on a ES+ linecard unlike on
a SIP400 line card.
PPPoE sessions are supported on ambiguous VLAN interfaces and VLAN ranges.
There are no drop counters to identify the number of packets dropped due to custom ethertype
mismatch.
VLANs, Source MAC Address, and Ports are matched against session ids to extend security for
PPPoE sessions.
ES+ low queue cards do not support ISG (IP session and PPPoE session).
Follow these restrictions and usage guidelines when you configure 1:1 redundancy on a ES+ linecard:
Supports access interfaces in port channels to scale the number of port channel subinterfaces to
greater than 4k.
Link Aggregation Control Protocol (LACP) allows dynamic handling of member links in a GEC
bundle.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-346
OL-16147-20
Chapter 4
Member links in a single GEC bundle reside across NPs or the linecard.
Supports LAG across linecards and membership of the LAG does not change after new sessions are
initiated.
Supports per session load balancing across member links where all the traffic for a session is relayed
over a single port.
To reduce the downtime during member link addition or deletion, QOS queues are allocated for all
member links belonging to the port channel. Though the ingress and egress traffic could be on
different member links, the peer relays all the traffic for a session through a single member link.
LAG supports sessions on non access subinterfaces to support coexistence of multicast streams.
Verification
This section lists the commands to display configuration information.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-347
Chapter 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-348
OL-16147-20
Chapter 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-349
Chapter 4
Nov 19 16:08:48.235
Nov 19 16:08:48.235
Nov 19 16:08:48.235
Nov 19 16:08:48.235
Nov 19 16:08:48.243
Nov 19 16:08:48.243
Nov 19 16:08:48.243
Nov 19 16:08:48.243
Nov 19 16:08:48.243
Nov 19 16:08:48.243
Nov 19 16:08:48.243
Nov 19 16:08:48.243
Nov 19 16:08:48.243
Nov 19 16:08:48.243
Nov 19 16:08:48.243
LOCAL
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
0.0.0.0
Nov 19 16:08:48.247
0.0.0.0
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.247
Nov 19 16:08:48.251
Nov 19 16:08:48.251
Nov 19 16:08:48.251
Nov 19 16:08:48.251
Nov 19 16:08:48.251
Nov 19 16:08:48.251
Nov 19 16:08:48.251
Nov 19 16:08:48.255
Nov 19 16:08:48.255
Nov 19 16:08:48.255
Nov 19 16:08:48.255
Nov 19 16:08:48.255
Nov 19 16:08:48.255
Nov 19 16:08:48.255
Nov 19 16:08:48.255
Nov 19 16:08:48.255
182.0.0.1
Nov 19 16:08:48.255
Nov 19 16:08:48.255
182.0.0.1
Nov 19 16:08:48.255
Nov 19 16:08:48.255
IST:
IST:
IST:
IST:
IST:
IST:
IST:
IST:
IST:
IST:
IST:
IST:
IST:
IST:
IST:
ppp40 LCP:
MRU 1492 (0x010405D4)
ppp40 LCP:
AuthProto CHAP (0x0305C22305)
ppp40 LCP:
MagicNumber 0x0F501712 (0x05060F501712)
ppp40 LCP: Event[Receive ConfAck] State[ACKsent to Open]
ppp40 PPP: Phase is AUTHENTICATING, by this end
ppp40 CHAP: O CHALLENGE id 1 len 29 from "Router-DJ4"
ppp40 LCP: State is Open
ppp40 CHAP: I RESPONSE id 1 len 29 from "PPP_USER"
ppp40 PPP: Phase is FORWARDING, Attempting Forward
ppp40 PPP: Phase is AUTHENTICATING, Unauthenticated User
ppp40 IPCP: Authorizing CP
ppp40 IPCP: CP stalled on event[Authorize CP]
ppp40 IPCP: CP unstall
ppp40 PPP: Phase is FORWARDING, Attempting Forward
[40]PPPoE 40: State LCP_NEGOTIATION
Event SSS CONNECT
IST:
IST:
IST:
IST:
IST:
IST:
IST:
IST:
IST:
IST:
IST:
IST:
IST:
IST:
IST:
IST:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-350
OL-16147-20
Chapter 4
Nov 19 16:08:48.255
Nov 19 16:08:48.255
Nov 19 16:08:48.255
Nov 19 16:08:48.255
Nov 19 16:08:48.275
is up)
Nov 19 16:08:48.275
182.0.0.1
Nov 19 16:08:48.275
Router-DJ4#
IST:
IST:
IST:
IST:
IST:
Vi2.1
Vi2.1
Vi2.1
Vi2.1
Vi2.1
IPCP:
IPCP:
IPCP:
IPCP:
IPCP:
interface GigabitEthernet9/17.1
encapsulation dot1Q 2000
ip address 180.0.0.1 255.255.255.0
interface GigabitEthernet9/5.1
encapsulation dot1Q 2
ip address 192.0.0.1 255.255.255.0
pppoe enable group dj4_bba_group1
aaa
aaa
aaa
aaa
aaa
aaa
new-model
authentication login default group radius local
authentication ppp default local
authorization network default local
authorization subscriber-service default group radius
session-id common
TRANS
0
0
Uniq ID
VT
42
PPPoE
SID
42
RemMAC
LocMAC
bb00.1912.0001
000c.31c9.7000
Port
Gi9/5.1
VLAN:
2
VA
VA-st
Vi2.1
UP
State
Type
PTA
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-351
Chapter 4
SID
Pkts-In
42
12
Router-DJ4#
Pkts-Out
13
Bytes-In
184
Bytes-Out
190
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-352
OL-16147-20
Chapter 4
aaa new-model
!
aaa session-id common
!
interface GigabitEthernet2/9
no ip address
load-interval 30
!
interface GigabitEthernet2/9.1 access
encapsulation dot1Q 2 second-dot1q 2
ip address 182.0.0.1 255.255.255.0
ip subscriber routed
initiator unclassified ip-address
!
interface GigabitEthernet2/10
no ip address
load-interval 30
!
interface GigabitEthernet2/10.1
encapsulation dot1Q 2000 second-dot1q 2001
ip address 180.0.0.1 255.255.255.0
!
no ip http server
no ip http secure-server
!
arp 182.0.0.2 aa00.0000.0001 ARPA
arp 180.0.0.2 0000.0000.0001 ARPA
!
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-353
Chapter 4
Nov 19 16:02:46.087 IST: IPSUB: [uid:32] Added session to session table with access
session keys
Nov 19 16:02:46.087 IST: IPSUB: [uid:32] IP session(0x63000020) to be associated to
Gi2/9.1
Nov 19 16:02:46.087 IST: IPSUB: [uid:32] Inserted IP session(0x63000020) to
sessions-per-interface db with interface Gi2/9.1
Nov 19 16:02:46.087 IST: IPSUB_DP: [uid:0] Sent message to control plane for in-band
session creation
Nov 19 16:02:46.087 IST: IPSUB_DP: [uid:0] Event inband-session, state changed from
idle to intiated
Nov 19 16:02:46.091 IST: IPSUB: [uid:32] Recieved Message = connect local
Nov 19 16:02:46.091 IST: IPSUB: [uid:32] Connect Local event for session
Nov 19 16:02:46.091 IST: IPSUB: [uid:32] Event connect local, state changed from
requesting to waiting
Nov 19 16:02:46.091 IST: IPSUB: [uid:32] Inside processing IPSIP info
Nov 19 16:02:46.091 IST: IPSUB-ROUTE: [uid:32] Checking whether routes to be
inserted/removed
Nov 19 16:02:46.091 IST: IPSUB-ROUTE: [uid:32] Context not present, creating context
Nov 19 16:02:46.091 IST: IPSUB-ROUTE: [uid:32] Entered the sg subrte context alloc
Nov 19 16:02:46.091 IST: IPSUB-ROUTE: [uid:32] Returning the sg subrte context
0x1348DD20
Nov 19 16:02:46.091 IST: IPSUB-ROUTE: [uid:32] Added Fib Prefix [DFL]:
21.0.0.1/255.255.255.255
Nov 19 16:02:46.091 IST: IPSUB-ROUTE: [uid:32] Both IP addresses and VRF are same, no
need to add route
Nov 19 16:02:46.091 IST: IPSUB: [uid:32] Keys not changed, seg needn't be updated
Nov 19 16:02:46.091 IST: IPSUB: [uid:32] Key list to be created to update SM
Nov 19 16:02:46.091 IST: IPSUB: [uid:32] Created key list to update SM
Nov 19 16:02:46.091 IST: IPSUB: [uid:32] Session Keys Available event for session
Nov 19 16:02:46.091 IST: IPSUB: [uid:32] Event session keys available, state changed
from waiting to provisioning
Nov 19 16:02:46.091 IST: IPSUB: [uid:32] Access and service keys same, no need to add
session with service keys
Nov 19 16:02:46.091 IST: IPSUB: [uid:32] Data plane prov successful event for session
Nov 19 16:02:46.091 IST: IPSUB: [uid:32] Event dataplane prov successful, state
changed from provisioning to connected
Nov 19 16:02:46.091 IST: IPSUB: HA[uid:32]: Session up notification
Nov 19 16:02:46.091 IST: IPSUB: HA[uid:32]: Session ready to sync data (0xF1000020)
Nov 19 16:02:46.091 IST: IPSUB_DP: [uid:0] Setup event for session (session hdl
3858759691)
Nov 19 16:02:46.091 IST: IPSUB_DP: [uid:32] Added downstream entry into the classifier
Nov 19 16:02:46.091 IST: IPSUB_DP: [uid:32] VRF = DFL, IP = 21.0.0.1, MASK =
255.255.255.255
Nov 19 16:02:46.091 IST: IPSUB_DP: [uid:32] Session setup successful
Nov 19 16:02:46.091 IST: IPSUB_DP: [uid:32] Event setup-session, state changed from
intiated to established
Nov 19 16:02:46.091 IST: IPSUB_DP: [uid:32] Activate event for session
Nov 19 16:02:46.091 IST: IPSUB_DP: [uid:32] Event activate-session, state changed from
established to connected
State
Service
Status
-----up
Identifier
Up-time
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-354
OL-16147-20
Chapter 4
32
IP
unauthen
Local Term
21.0.0.1
00:02:40
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-355
Chapter 4
no ip address
load-interval 30
!
interface GigabitEthernet2/9.1 access
encapsulation dot1Q 2
ip unnumbered Loopback10
ip subscriber l2-connected
initiator dhcp class-aware
!
interface GigabitEthernet2/10
no ip address
load-interval 30
!
interface GigabitEthernet2/10.1
encapsulation dot1Q 2000
ip address 180.0.0.1 255.255.255.0
!
!
no ip http server
no ip http secure-server
ip route 7.0.0.0 255.0.0.0 7.38.0.1
ip route 202.153.0.0 255.255.0.0 7.38.0.1
!
!
ISG_NMB#
Nov 19 15:40:33.595 IST: IPSUB_DP: [Gi2/9.1:I:PROC:aa00.1314.0001] Packet classified,
results = 0x40
Nov 19 15:40:33.595 IST: IPSUB_DP: [Gi2/9.1:I:PROC:aa00.1314.0001] Rx driver allowing
IP routing
Nov 19 15:40:33.595 IST: DHCPD: Reload workspace interface GigabitEthernet2/9.1
tableid 0.
Nov 19 15:40:33.595 IST: DHCPD: tableid for 182.0.0.11 on GigabitEthernet2/9.1 is 0
Nov 19 15:40:33.595 IST: DHCPD: client's VPN is .
Nov 19 15:40:33.595 IST: DHCPD: Sending notification of DISCOVER:
Nov 19 15:40:33.595 IST:
DHCPD: htype 1 chaddr aa00.1314.0001
Nov 19 15:40:33.595 IST:
DHCPD: remote id 020a0000b600000b21010002
Nov 19 15:40:33.595 IST:
DHCPD: interface = GigabitEthernet2/9.1
Nov 19 15:40:33.595 IST:
DHCPD: class id 49786961
Nov 19 15:40:33.595 IST: IPSUB: Create session keys from SSS key list
Nov 19 15:40:33.595 IST: IPSUB: Mac_addr = aa00.1314.0001, Recvd Macaddr =
aa00.1314.0001
Nov 19 15:40:33.599 IST: IPSUB: Session input interface(0x13348754) =
GigabitEthernet2/9.1
Nov 19 15:40:33.599 IST: IPSUB: SHDB Handle = 5A00000B
Nov 19 15:40:33.599 IST: IPSUB: Remote_id = 020a0000b600000b21010002
Nov 19 15:40:33.599 IST: IPSUB: Vendor_Class_id = Ixia
Nov 19 15:40:33.599 IST: DHCPD: DHCPDISCOVER received from client 01aa.0013.1400.01 on
interface GigabitEthernet2/9.1.
Nov 19 15:40:33.599 IST: DHCPD: Sending notification of DISCOVER:
Nov 19 15:40:33.599 IST:
DHCPD: htype 1 chaddr aa00.1314.0001
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-356
OL-16147-20
Chapter 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-357
Chapter 4
Nov 19 15:40:33.599 IST: IPSUB-ROUTE: [uid:11] Route insert not required for DHCP
hosts with IP unnumbered config on: GigabitEthernet2/9.1
Nov 19 15:40:33.599 IST: IPSUB-ROUTE: [uid:11] Both IP addresses and VRF are same, no
need to add route
Nov 19 15:40:33.599 IST: IPSUB: [uid:11] Found that seg to be updated with new session
keys
Nov 19 15:40:33.599 IST: IPSUB: [uid:11] Key list to be created to update SM
Nov 19 15:40:33.599 IST: IPSUB: [uid:11]
Update IP-Address-VRF key: 182.0.0.1:0
Nov 19 15:40:33.599 IST: IPSUB: [uid:11] Created key list to update SM
Nov 19 15:40:33.599 IST: IPSUB: [uid:11] Found address change to be notified
Nov 19 15:40:33.599 IST: IPSUB: [uid:11] Session Keys Available event for session
Nov 19 15:40:33.603 IST: IPSUB: [uid:11] Added session 182.0.0.1 to L3 session table
Nov 19 15:40:33.603 IST: IPSUB: [uid:11] Added session to session table with service
session keys
Nov 19 15:40:33.603 IST: IPSUB: [uid:11] Recieved Message = update SIP config
Nov 19 15:40:33.603 IST: IPSUB: [uid:11] Config Update event for session
Nov 19 15:40:33.603 IST: IPSUB: [uid:11] Inside processing IPSIP info
Nov 19 15:40:33.603 IST: IPSUB-ROUTE: [uid:11] Checking whether routes to be
inserted/removed
Nov 19 15:40:33.603 IST: IPSUB-ROUTE: [uid:11] Ctx present, No config change, Nothing
to be done
Nov 19 15:40:33.603 IST: IPSUB-ROUTE: [uid:11] Both IP addresses and VRF are same, no
need to add route
Nov 19 15:40:33.603 IST: IPSUB: [uid:11] Keys not changed, seg needn't be updated
Nov 19 15:40:33.603 IST: IPSUB: [uid:11] Key list to be created to update SM
Nov 19 15:40:33.603 IST: IPSUB: [uid:11] Created key list to update SM
Nov 19 15:40:33.603 IST: IPSUB: [uid:11] Data plane prov successful event for session
Nov 19 15:40:33.603 IST: IPSUB: [uid:11] Notifying about address change: 182.0.0.1
Nov 19 15:40:33.603 IST: DHCPD: Callback for workspace (ID=0x8900000B)
Nov 19 15:40:33.603 IST: DHCPD: Callback: switching path now setup for client
01aa.0013.1400.01
Nov 19 15:40:33.603 IST: DHCPD: Reprocessing saved workspace (ID=0x8900000B)
Nov 19 15:40:33.603 IST: DHCPD: Sending notification of DISCOVER:
Nov 19 15:40:33.603 IST:
DHCPD: htype 1 chaddr aa00.1314.0001
Nov 19 15:40:33.603 IST:
DHCPD: remote id 020a0000b600000b21010002
Nov 19 15:40:33.603 IST:
DHCPD: interface = GigabitEthernet2/9.1
Nov 19 15:40:33.603 IST:
DHCPD: class id 49786961
Nov 19 15:40:33.603 IST: DHCPD: DHCPDISCOVER received from client 01aa.0013.1400.01 on
interface GigabitEthernet2/9.1.
Nov 19 15:40:33.603 IST: DHCPD: Found previous server binding
Nov 19 15:40:33.603 IST: DHCPD: Sending DHCPOFFER to client 01aa.0013.1400.01
(182.0.0.1).
Nov 19 15:40:33.603 IST: DHCPD: ARP entry exists (182.0.0.1, aa00.1314.0001).
Nov 19 15:40:33.603 IST: DHCPD: unicasting BOOTREPLY to client aa00.1314.0001
(182.0.0.1).
Nov 19 15:40:33.603 IST: DHCPD: unicast BOOTREPLY output i/f override
GigabitEthernet2/9.1
Nov 19 15:40:33.603 IST: IPSUB_DP: [Gi2/9.1:O:PROC:DFL:182.0.0.1] Packet classified,
results = 0x0
Nov 19 15:40:33.603 IST: DHCPD: removing ARP entry (182.0.0.1 vrf default).
Nov 19 15:40:33.603 IST: DHCPD: Freeing saved workspace (ID=0x8900000B)
Nov 19 15:40:33.603 IST: IPSUB_DP: [uid:0] Setup event for session (session hdl 0)
Nov 19 15:40:33.603 IST: IPSUB_DP: [uid:0] Insert new entry for mac aa00.1314.0001
Nov 19 15:40:33.603 IST: IPSUB_DP: [uid:11] Added upstream entry into the classifier
Nov 19 15:40:33.603 IST: IPSUB_DP: [uid:11] MAC = aa00.1314.0001
Nov 19 15:40:33.603 IST: IPSUB_DP: [uid:11] Added downstream entry into the classifier
Nov 19 15:40:33.603 IST: IPSUB_DP: [uid:11] VRF = DFL, IP = 182.0.0.1, MASK =
255.255.255.255
Nov 19 15:40:33.603 IST: IPSUB_DP: [uid:11] Session setup successful
Nov 19 15:40:33.603 IST: IPSUB_DP: [uid:11] Sent update msg to the control plane
Nov 19 15:40:33.603 IST: IPSUB_DP: [uid:11] Activate event for session
Nov 19 15:40:33.603 IST: IPSUB: [uid:11] Data plane prov successful event for session
Nov 19 15:40:33.603 IST: IPSUB_DP: [uid:0] Found mac entry aa00.1314.0001
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-358
OL-16147-20
Chapter 4
Type
Automatic
State
unauthen
Service
Local Term
Identifier
aa00.1314.0001
Up-time
00:00:58
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-359
Chapter 4
Identifier: aa00.1314.0001
SIP subscriber access type(s): IP
Current SIP options: Req Fwding/Req Fwded
Session Up-time: 00:01:07, Last Changed: 00:01:07
Policy information:
Context 133B2154: Handle 9000000B
AAA_id 00000017: Flow_handle 0
Authentication status: unauthen
Configuration sources associated with this session:
Interface: GigabitEthernet2/9.1, Active Time = 00:01:07
Troubleshooting
The following troubleshooting scenarios are applicable to the broadband technology area:
Problem
Solution
When a subinterface is configured for IP sessions Use the show and debug commands to confirm if
the ISG policymap configuration is correct.
and the ISG policy map has been configured to
perform some actions, the IP session does not
come up.
A subinterface is configured for IP sessions
initiator DHCP. ISG policymap applied on
subinterface is for Transparent Autologon (TAL).
The user profile downloaded has the classname
pointing to DHCP pool and the session is not
initiated.
10 ports on twov2 SPAs are connected to traffic Mark the preceding values in video class of
service to 6 or 7.
generator on access side. One 10 Gigabyte port
(6704 card) is connected to the TGEN on the core
side.Traffic for triple play (video, voice and data)
is being sent on egress. The line card is heavily
oversubscribed voice : 400 Mbps, Video : 3
Gbps, Data : 5 Gbps. Despite video and voice
being classified as priority, video traffic drops
while data traffic is stable.
An IP session is enabled on a subinterface where Check the adjacencies and use the ARP to locate
the problem.
the DHCP initiator is configured in a routed
mode.Traffic in the upstream and downstream
directions is enabled. The traffic generator
indicates that traffic is not received and is dropped
by router and the traffic generator on the access
side does not respond to the Address Resolution
Protocol (ARP).
A subinterface is configured for an IP session and
an ISG policymap configured with police,
default-drop actions is applied. Once the session
is enabled, it is automatically disabled within a
few seconds.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-360
OL-16147-20
Chapter 4
Problem
Solution
Problem
Solution
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-361
Chapter 4
CPU utilizationThe RP uses the 5-second average system variable that provides a cumulative
average of the CPU usage percentage over a period of one minute to determine the average CPU
usage percentage allowed on the system and compares that to the current CPU load. The CAC
accepts the call only if the current CPU load is below the system variable limit, else rejects the call.
CAC is supported on PPPoE and IP sessions. For PPPoE sessions, both CPU and session charge
based CAC is available. On IP sessions, only CPU based CAC is supported.
Implementing CAC
The CAC implementation impacts two queues - the First Sign of Life (FSOL) queue and the FSOL
control queue. The default values for the FSOL queue and FSOL control queue are given in Table 4-43.
Whenever the CAC starts, the configured queue values for the actual FSOL and FSOL control queues
are saved and the default values in Table 4-43 are installed on the line card. Whenever the CAC is
stopped, the configured values (the values that are saved when the CAC is started) are restored. You can
use the hw-module slot slot_num rate-limit fsol_rate rate command to configure the queue values. If
you execute the command and configure the queue values while CAC is on, the new values overwrite the
existing queue values that are saved and when the CAC is stopped, the new values are installed.
The CAC is implemented at the queue level even though the configuration accepts rate limit. The
configuration changes are applied on a per network processor (NP) basis.
Table 4-43
Queue Name
Queue Depth
CAC Status
Actual FSOL
100
40000
Off
FSOL control
900
360000
Off
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-362
OL-16147-20
Chapter 4
Queue Name
Queue Depth
CAC Status
Actual FSOL
100
4000
On
FSOL control
900
36000
On
Summary Steps
1.
enable
2.
configure terminal
3.
4.
or
5.
6.
7.
end
Detailed Steps
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# call admission
new-model
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-363
Chapter 4
Step 4
Command
Purpose
Example:
Note
or
Step 5
Example:
Step 6
Example:
Router(config)# call admission pppoe 10 1
Step 7
end
Configuration Example
The following example configures a charge of 10 per session and a call admission limit of 50, which
allows calls at a rate of 5 calls per second:
Router# enable
Router# configure terminal
Router(config)# call admission new-model
Router(config)# call admission limit 50
Router(config)# call admission pppoe 10 1
Router# end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-364
OL-16147-20
Chapter 4
Command
Purpose
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-365
Chapter 4
Note
To identify and disable the unidirectional links, devices at both ends must support UDLD.
If UDLD is enabled on an EVC port with service type connect or xconnect and encapsulation type
default or untagged, the port is disabled.
For more information on UDLD, see the Cisco 7600 Series Cisco IOS Software Configuration Guide,
12.2SR at the following URL:
http://www.cisco.com/en/US/docs/routers/7600/ios/12.2SR/configuration/guide/udld.html
A port on a bidirectional link with UDLD neighbor relationship does not receive UDLD packets.
To prevent spanning tree loops, ensure that you set the non aggressive UDLD value interval to 15
seconds. This disables the unidirectional link before blocking the port transitions in the forwarding state
(with default spanning tree parameters).
The benefits of enabling UDLD aggressive mode are:
One side of a link is enabled even if the other side of the link fails.
In the above scenario, UDLD aggressive mode disables the port that prevents traffic from being
discarded.
If UDLD...
Then the...
Is enabled on a port with an EVC bridge-domain, selected EVC is not shut down, and prevents the
and encapsulation value set to default or
port from being disabled.
untagged,
enable
2.
configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-366
OL-16147-20
Chapter 4
3.
4.
exit
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router# udld enable aggressive
Step 4
exit
SUMMARY STEPS
1.
2.
3.
4.
exit
DETAILED STEPS
Command
Step 1
interface
Purpose
type/ slot/ port
Example:
Router(config)# gigethernet 1/0/0
Step 2
Example:
Router(config-if)# udld port aggressive
Router(config-if)# no udld port
aggressive
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-367
Chapter 4
Command
Step 3
show udld
Purpose
type/ slot/ port
Example:
Router# show udld 1/0/0
Step 4
exit
2.
3.
4.
exit
DETAILED STEPS
Command
Step 1
interface
Purpose
type/ slot/ port}
Example:
Router(config)# gigethernet 1/0/0
Step 2
Example:
Router(config-if)# udld port disable
Router(config-if)# no udld port disable
Note
Step 3
show udld
Example:
Router# show udld 1/0/0
Step 4
exit
udld reset
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-368
OL-16147-20
Chapter 4
DETAILED STEPS
Step 1
Command
Purpose
udld reset
Example:
Router# udld reset
Example
This example displays the global configuration values at router 1:
Router(config)#udld enable
This example displays the configuration for a port that is part of a port channel:
Router(config)#interface Port-channel1
Router(config-if)#no ip address
Router(config-if)#service instance 1 ethernet
Router(config-if)#encapsulation untagged
Router(config-if)#bridge-domain 100
Router(config)#interface GigabitEthernet3/0/13
Router(config-if)#ip arp inspection limit none
Router(config-if)#no ip address
Router(config-if)#udld port aggressive
Router(config-if)#no mls qos trust
Router(config-if)#channel-group 1 mode on
Verification
Use the show udld and show udld interface commands to verify the UDLD configuration:
Router(config)show udld gi 3/0/13
Interface Gi1/3
---Port enable administrative configuration setting: Enabled / in aggressive mode
Port enable operational state: Enabled / in aggressive mode
Current bidirectional state: Bidirectional
Current operational state: Advertisement - Single neighbor detected
Message interval: 15
Time out interval: 5
Entry 1
--Expiration time: 37
Cache Device index: 1
Current neighbor state: Bidirectional
Device ID: 011932118C0
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-369
Chapter 4
Note
Ethernet accounting is limited by the network resources available on the line card.
Use the hw-module slot slot_num rate-limit fsol_rate rate command to configure the FSOL rate on
ES+ line cards. The default FSOL rate is 40000 bps. Both broadband and EFP FSOLs use the same FSOL
queue, hence FSOL rate limiter rate limits the total number of FSOLs it receives from both EFP and
broadband.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-370
OL-16147-20
Chapter 4
Summary Steps
1.
enable
2.
configure terminal
3.
4.
5.
6.
7.
8.
9.
Detailed Steps
Command
Purpose
Step 1
enable
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# policy-map type
control policy1
Step 4
Example:
Router(config-control-policy-map)#cl
ass type control always event
session-start
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-371
Chapter 4
Step 5
Command
Purpose
Router(config-control-policymap-clas
s-control)# 1 authorize identifier
stag-type [plus stag-vlan-id]
Step 6
Example:
Router(config)# interface gigabit
ethernet 4/1
Step 7
Example:
Step 8
Step 9
Example:
Router(config)# ethernet subscriber
session maximum limit 100
Step 10
Example:
Router(config)# initiator unclassified vlan
Step 11
Example:
Router(config-if-srv)#
service-policy type control policy1
Step 12
end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-372
OL-16147-20
Chapter 4
Summary Steps
1.
enable
2.
configure terminal
3.
4.
5.
6.
7.
no ip address
8.
9.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-373
Chapter 4
Detailed Steps
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# policy-map type
control policy2
Step 4
Example:
Router(config-control-policy-map)#
class type control always event
session-start
Step 5
Example:
Router(config-control-policymap-clas
s-control)# 1 service-policy type
service name policy-2
Step 6
Step 7
no ip address
Example:
Router(config-if)# no ip address
Step 8
Example:
Router(config-if)# service instance
2 ethernet
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-374
OL-16147-20
Chapter 4
Step 9
Command
Purpose
Example:
Step 10
Example:
Router(config-if-srv)# ethernet
subscriber static
Step 11
bridge-domain vlan-id
Example:
Router(config-if-srv)# bridge-domain 100
Step 12
Example:
Router(config-if-srv)#
service-policy type control policy2
Step 13
end
Configuration Example
This example shows how to create a service policy and configures DESA for a dynamic ethernet session.
Router# enable
Router# configure terminal
Router(config)# aaa authorization nextwork group default radius
Router(config)# aaa authorization subscriber-service default local group radius
Router(config)# radius-server host 172.29.39.46 key rad123
Router(config)# policy map type control policy1
Router(config-control-policymap)# control always event session start
Router(config-control-policymap-class-control)# 1 authorize identifier stag-type plus
stag-vlan-id
Router(config)# interface GigabitEthernet 1/1
Router(config-if)# service instance dynamic 4 ethernet
Router(config-if-srv)# encapsulation dot1q 100 second-dot1q 2001-4000
Router(config-if-srv)# ethernet subscriber session maximum limit 100
Router(config-if-srv)# initiator unclassified vlan
Router(config-if-srv)# service-policy type control policy1
Router(config-if-srv)# end
This example shows how to configure DESA for a static ethernet session.
Router# enable
Router# configure terminal
Router(config)# policy map type control policy2
Router(config-control-policymap)# control always event session start
Router(config-control-policymap-class-control)# 1 service-policy type service name policy2
Router(config)# interface GigabitEthernet 1/1
Router(config-if)# no ip address
Router(config-if)# service instance 2 ethernet
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-375
Chapter 4
Router(config-if-srv)#
Router(config-if-srv)#
Router(config-if-srv)#
Router(config-if-srv)#
Router(config-if-srv)#
Verifying DESA
To verify the DESA feature, use these commands in privileged EXEC mode.
Command
Purpose
Troubleshooting DESA
To troubleshoot the DESA feature, use these debug commands.
Command
Purpose
debug ethernet service instance dynamic errors Displays any error while bringing up the dynamic
session.
debug ethernet service instance dynamic events Displays all the events while bringing up the
dynamic session.
debug ethernet service instance dynamic ha
errors
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-376
OL-16147-20
Chapter 4
Only the protocols ARP, DHCP, Ethernet Operations Administration and Maintenance (EOAM) and
PPPoE support COPP.
The total number of interfaces with COPP on an ES+ line card is 16000.
If hardware assisted call admission control (CAC) is configured, COPP takes precedence over the
CAC for PPPoE and DHCP control packets including FSOL.
Summary Steps
1.
enable
2.
configure terminal
3.
4.
5.
6.
policy-map policy-map-name
7.
class class-name
8.
9.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-377
Chapter 4
Detailed Steps
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# class-map match-all
cmap
Step 4
Example:
Router(config-cmap)# match protocol
arp
Step 5
Example:
Router(config-cmap)# match subscriber access
Step 6
policy-map policy-map-name
Example:
Step 7
class class-name
Example:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-378
OL-16147-20
Chapter 4
Step 8
Command
Purpose
Example:
Step 9
Example:
Router(config)# control-plane
user-type access
Step 10
Example:
Router(config-cp-user)#
service-policy input pmap
Step 11
Example:
Router(config)# interface gigabit
ethernet 1/1.1
Step 12
Example:
Router(config-subif)# encapsulation
dot1q 400
Step 13
Example:
Router(config-subif)# ip-address
1.1.1.1 255.255.255.0
Step 14
ip subscriber l2-connected
Example:
Router(config-subif)# ip subscriber
l2-connected
Step 15
Step 16
initiator {dhcp|static|unclassified}
Router(config-subscriber)#
initiatior dhcp
end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-379
Chapter 4
Configuration Example
This example shows how to configure COPP on a non access sub interface. In the example, a class map
cmap is created to specify the matching criteria. Then a policy map pmap that describes the policing to
be applied, is created and the service policy is applied on the control plane user interface.
Router# enable
Router# configure terminal
Router(config)# class-map match-all cmap
Router(config-cmap)# match protocol dhcp
Router(config-cmap)# match subscriber access
Router(config-cmap)# policy-map pmap
Router(config-pmap)# class cmap
Router(config-pmap-c)# police cir 300000
Router(config)# control-plane user-type access
Router(config-cp-user)# service-policy input pmap
Router(config)# interface gigabit ethernet 1/2.1
Router(config-subif)# encapsulation dot1q 400
Router(config-subif)# ip subscriber l2-connected
Router(config-subscriber)# initiator dhcp
Router(config-subscriber)# end
Command
Purpose
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-380
OL-16147-20
Chapter 4
of CPU and IOS restrictions. Effective with Cisco IOS Release 15.1(2) S, apart from running a BFD
session on the RP, you can also offload a BFD session to the ES+ line card based on specific conditions
listed in the Restrictions for BFD Scale Improvement section on page 4-383.
Note
Effective with Cisco IOS Release 15.1(3)S2, BFD hardware offload is also supported for IPv6 addresses
along with the IPv4 addresses.
Note
If you are running IPv4 and IPv6 sessions on an interface, you can selectively enable or disable
offloading IPv4 or IPv6 sessions using the platform bfd disable-offload ipv4|ipv6 command.
Offloading a BFD session to an ES+ line card allows you to utilize the hardware resources and
capabilities of an ES+ line card, and also distribute the processing load between RP and ES+ line card.
It allows you to scale up to 2000 BFD sessions for each Cisco 7600 series router.
Note
You can scale up to 2000 sessions per chassis using static and OSPF routing protocol for IPv4 BFD
sessions only. For scale number values for IPv6 NFD sessions, see the Restrictions for BFD Scale
Improvement section on page 4-383 section.
Sessions
2 Gb
1 Gb
2 Gb
1 Gb
2 Gb
1 Gb
2 Gb
1200
2000
1200
2000
1200
2000
1200
2000
2000
2000
2000
2000
2000
2000
2000
2000
1. The scale numbers are valid only for the HW BFD sessions on the box and not software BFD session.
Note
The number of HW BFD sessions supported for IGPs is same as what the individual IGPs can scale upto.
Table 4-45 lists the number of software BFD sessions supported on the various RSP720 versions.
Table 4-45
Timer
50*3ms
128
999*3 ms
512
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-381
Chapter 4
1. These numbers are valid only for the software BFD session on the box and not hardware BFD session.
Table 4-46 lists the number of sessions supported for each type of line card:
Table 4-46
Line Card
Sessions
7600-ES+40G3C
1000
7600-ES+40G3CXL
1000
7600-ES+20G3C
500
7600-ES+20G3CXL
500
7600-ES+4TG3C
1000
7600-ES+4TGCXL
1000
7600-ES+2TG3C
500
7600-ES+2TGCXL
500
76-ES+XT-2TG3C
500
76-ES+XT-2TG3CXL
500
76-ES+XT-4TG3C
1000
76-ES+XT-4TG3CXL
1000
76-ES+T-20G3CXL
500
76-ES+T-2TG3CXL
500
76-ES+T-40G3CXL
1000
76-ES+T-4TG3CXL
1000
76-ES+XC-20G3C
500
76-ES+XC-20G3CXL
500
76-ES+XC-40G3C
1000
76-ES+XC-40G3CXL
1000
SSO Behavior
A BFD session supports Stateful Switchover (SSO) when offloaded to the ES+ line card. For a BFD
session running on the RP, the minimum supported transmit (Tx) and receive (Rx) timer value for SSO
is 500ms. When a session is offloaded to an ES+ line card, the minimum supported Tx and Rx timer
value for SSO is 50ms. Usually, a BFD session offloaded to an ES+ line card is not affected during an
SSO. However, these scenarios may be observed:
Session configuration changes from peer during SSO: The line card CPU does not detect the
changed bits in the BFD packets during SSO.
Network failure during SSO: This situation is not handled immediately. Once the SSO is over, the
BFD changes due to network failure are handled.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-382
OL-16147-20
Chapter 4
A BFD session is supported on only RSP 720 and Supervisor 720 (SUP720), it is not supported on
SUP32.
The BFD session can be offloaded only to an ES+ line card interface.
Ensure that the ES+ Line Card interface configured with the BFD session is on global routing table.
Effective from Cisco IOS Release 15.1(3)S and 15.1(2)S1, the interface with a BFD session can be
on any Virtual Routing and Forwarding (VRF).
Each network processor supports a total of 250 sessions distributed across its ports.
BFD hardware offload is supported for IPv4 sessions with non-echo mode only.
You can configure IPv4 and IPv6 sessions to co-exist on the router as well as the same interface.
Only the single hop BFD hardware offload is supported for both the IPv4 and IPv6 sessions. BFD
hardware offload supports either of these combinations for IPv4 and IPv6 sessions:
1000 IPv6 BFD sessions and no IPv4 sessions.
2000 IPv4 BFD sessions and no IPv6 sessions.
500 IPv4 BFD sessions and 500 IPv6 sessions.
Timer values for Tx and Rx should only be in multiples of 50 and should range between 50 and
950ms for both the local and remote BFD peer router.
You cannot swap a BFD session between ES+ line card and IOS by changing the parameters when
the BFD session is up and running. To swap a BFD session, you need to unconfigure and reconfigure
the BFD session with the changed parameters.
In case of prolonged network instability and BFD session flaps, the session state may get stuck in
the DOWN, INIT, or UP state. Unconfigure and reconfigure BFD to resolve this issue.
During line card OIR, the show bfd neighbor detail command may show discrepancy in the
statistics counter. The statistics counter provide information about Rx or Tx counts for a particular
session.
BFD supports 2000 sessions with OSPF as client on RSP. Example scenarios:
All subinterfaces are configured as point to point.
Four instances of OSPF are running with each instance supporting 500 BFD session.
Note
Configure the symmetric slow timers to less than or equal to five seconds on both the ends to bring
up the HW offloaded BFD sessions.
Effective with Cisco IOS Release 15.1 (3)S, BFD sessions are also supported on SUP720.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-383
Chapter 4
Note
If the local discriminator (LD) value is less than 8000, it signifies that the session is offloaded to
hardware.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-384
OL-16147-20
Chapter 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-385
Chapter 4
Table 4-47
Problem
Solution
Complete these steps and report the findings to the TAC team:
1.
Use the show bfd neighbor detail command to verify whether or not a session is
offloaded to IOS or hardware, and identify the local discriminator (LD) value.
2.
Use the show bfd summary command to check the total number of sessions in
both the up and down state.
3.
Use the show platform bfd session | include LD_no command to verify whether
or not the Route Processor Platform Dependent (RP PD) table contains the offloaded session.
4.
Use the attach linecard_no command to attach to the line card console.
5.
Use the show platform npc bfd LD_no command to verify the line card information for the offloaded sessions on the line card.
6.
Use the show bfd drops command on the RP to verify the number of session
drops. Use the command multiple times to check if the drop counter increments
in value.
For further debugging, enable the debug CLIs with the console logging function
disableds and use these commands on the RP:
debug platform bfd offload event command to display the events related to the
offloaded session.
debug platform bfd offload xdr command to display the XDR (communication
mechanism between RP/line card).
debug platform bfd offload error command to display the error messages
generated for the offloaded session.
debug platform npc bfd event command to display the line card PD events for
the offloaded session.
debug platform npc bfd error command to display the line card PD errors for
the offloaded session.
debug platform npc bfd xdr command to display the line card PD XDR events
for the offloaded session.
Note
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-386
OL-16147-20
Chapter 4
Table 4-47
Problem
Solution
Complete these steps to successfully offload an existing session to ES+ line card for
a OSPF router:
1.
2.
3.
1.
2.
Use the no network network_id wildcard_mask area area_id command to remove the routing configuration under the routing protocol.
3.
4.
Use the no bfd echo command to enable the BFD non-echo mode.
5.
Use the network network_id wildcard_mask area area_id command to reconfigure the routing configuration under the routing protocol.
Complete these steps to offload a static route BFD session from IOS to ES+ line card:
1.
2.
Use the no ip route command to remove the static route configuration. For example, use:
router (config)# no ip route static bfd interface-type interface-number gateway
or
router (config)# no ip route [vrf vrf-name] prefix mask {ip-address |
interface-type interface-number [ip-address]} [dhcp] [distance] [name
next-hop-name] [permanent | track number] [tag tag]
3.
4.
Use the no bfd echo command to enable the BFD no-echo mode.
5.
Use the ip route command to configure the static route configuration. For example, use:
router (config)# ip route static bfd interface-type interface-number
gateway
or
router (config)# ip route [vrf vrf-name] prefix mask {ip-address | interface-type interface-number [ip-address]} [dhcp] [distance] [name
next-hop-name] [permanent | track number] [tag tag]
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
4-387
Chapter 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
4-388
OL-16147-20
CH A P T E R
IGMP Snooping for VPLS Pseudowire on Cisco 7600 Series Ethernet Services Plus Line Cards,
page 5-1
For more information about the commands used in this chapter, see the Cisco IOS Release 12.2 SR
Command References at
http://www.cisco.com/en/US/products/ps6922/prod_command_reference_list.html.
Note
The information provided in this chapter is applicable to both the ES+ and ES+T line cards unless
specified otherwise.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
5-1
Chapter 5
IGMP Snooping for VPLS Pseudowire on Cisco 7600 Series Ethernet Services Plus Line Cards
IGMP snooping is enabled by default under the bridge-domain VLAN (use the no ip igmp snooping
command to disable the default behavior).
Globally enabling IGMP snooping enables IGMP snooping on all the existing VLAN interfaces.
Globally disabling IGMP snooping disables IGMP snooping on all the existing VLAN interfaces.
System support for 32,000 IGMP groups with no line card-specific limitation.
Supports MultiPoint Bridging over Ethernet on Cisco 7600 Series ES+ line cards.
Use the show ip igmp snooping privileged EXEC command to verify your IGMP settings.
IGMP snooping works only when no tunneling operation occurs (there should not be any VLAN tags
in the packet when it is put on the bridge-domain VLAN).
During snooping, all traffic for a particular group are dropped if there are no interested receivers for
that group.
MROUTER port information should be available to all devices in the snooping domain. You can find
out the MROUTER ports by:
Using the IP address and PIM on SVI.
Using the IGMP query messages heard on the segment.
Forcefully configuring a particular port on a switch as mrouter port using the ip igmp snooping
All routers acting as PE devices in a VPLS domain should have the IP address and PIM enabled on
the VPLS SVI.
1.
enable
2.
configure terminal
3.
4.
5.
ip igmp snooping
6.
7.
SUMMARY STEPS
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
5-2
OL-16147-20
Chapter 5
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface vlan 12
Step 4
Example:
Router(config)# no ip address
Step 5
ip igmp snooping
Example:
Router(config-if)# ip igmp snooping
Step 6
Example:
Step 7
Example:
Router(config-if)# xconnect vfi vfi16
Example
This is a VLAN configuration.
Router# enable
Router# configure terminal
Router(config)# interface Vlan700
Router(config)# no ip address
Router(config-if)# ip igmp snooping
Router(config-if)# ipv6 mld snooping
Router(config-if)# xconnect vfi vfi700
Verification
Use the show ip igmp interface vlan command to verify a configuration.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
5-3
Chapter 5
Multicast traffic streams towards the access node (downstream direction) co-exist on the interface
that is configured for Sessions (IP or PPPoEoX).
This is not for per session multicast but allows multicast stream to co-exist on the interfaces on
subscriber replication.
Additionally, QoS priority queueing-2 and policing for multicast traffic is supported.
Multicast traffic co-existence is required only for Ethernet main and subinterfaces.
All multicast traffic on a non-access subscriber interface will be treated as priority level2 packets.
When configured, all multicast traffic on non-access subscriber interface will be treated as priority
level 2 and policed at the configured percent of the individual ports bandwidth.
When not configured, multicast traffic is not treated as priority level2 traffic.
The IP and PPPoE Session Coexistence with Multicast feature is not supported on sub-interfaces
created with access keyword option.
Maximum number of IP and PPPoE subscriber sessions suported per port group is 4000.
Maximum number of IP and PPPoE subscriber sessions supported per line card is 16000.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
5-4
OL-16147-20
Chapter 5
enable
2.
configure terminal
3.
4.
5.
6.
7.
[no] ip address
8.
9.
ip subscriber routed
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Step 3
ip multicast-routing
Example:
Router# ip multicast-routing
Step 4
Example:
Router# ip pim rp-address 198.92.37.33
Step 5
Example:
Router(config)# interface
gigabitethernet 4/1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
5-5
Chapter 5
Step 6
Command
Purpose
Example:
Router(config-if-srv)# encapsulation
dot1q 100?
Step 7
[no] ip address
Example:
Router(config-if)# no ip address
Step 8
no ip pim {sparse-mode |
sparse-dense-mode | dense-mode
[proxy-register {list access-list |
route-map map-name}]}
Example:
Router(config-if)# ip pim sparse-mode
Step 9
ip subscriber routed
Example:
Router(config-if)# ip subscriber routed
Step 10
Example:
Router(config-if)# ip pim sparse-mode
Step 11
end
Example:
Router(config-if)# end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
5-6
OL-16147-20
Chapter 5
enable
2.
configure terminal
3.
4.
5.
[no] ip address
6.
load-interval seconds
7.
8.
end
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface
gigabitethernet 4/1
Example:
Router(config-if-srv)# encapsulation
dot1q 100?
Step 5
[no] ip address
Example:
Router(config-if)# no ip address
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
5-7
Chapter 5
Step 6
Command
Purpose
load-interval seconds
Example:
Router(config-if)# load-interval 30
Step 7
platform subscriber-multicast
priority-level2 police rate in kbps
Example:
Router(config-if)# platform
subscriber-multicast priority-level2
police 200
Step 8
end
Example:
Router(config-if)# end
Note
This command is applicable to multicast traffic being sent on the main or subinterfaces that are
configured with ip subscriber command or pppoe enable command. Multicast traffic on other
interfaces on the same port are not impacted by this command. In case of port-channel interfaces, the
command should be configured on the member interfaces of the port-channel.
Examples
This is an example of how to configure a nonaccess subinterface for multicast and ISG sessions:
ip multicast-routing
ip pim rp-address 192.10.10.1
interface GigabitEthernet4/13.200
encapsulation dot1Q 200
ip address 192.10.10.1 255.255.255.0
ip pim sparse-mode
ip subscriber routed
initiator unclassified ip-address
end
Verification
Use the following commands to verify operation.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
5-8
OL-16147-20
Chapter 5
Table 5-1
Command
Purpose
Troubleshooting
This section describes how to troubleshoot common Multicast issues.
Scenarios/Problems
Solution
How do I know the multicast groups with Use the show ip igmp groups command. This is a sample output of the command:
receivers that are directly connected to the Router# show ip igmp groups
router and that were learned through
IGMP Connected Group Membership
Group Address
Interface
Uptime
Expires
Last
IGMP?
Reporter
239.255.255.254
172.21.200.159
224.0.1.40
172.21.200.1
224.0.1.40
172.16.214.251
224.0.1.1
172.21.200.11
224.9.9.2
172.21.200.155
232.1.1.1
172.21.200.206
Ethernet3/1
1w0d
00:02:19
Ethernet3/1
1w0d
00:02:15
Ethernet3/3
1w0d
never
Ethernet3/1
1w0d
00:02:11
Ethernet3/1
1w0d
00:02:10
Ethernet3/1
5d21h
stopped
Use the show mac-address-table multicast command. This example shows how
to display information about the MAC address table for MLDv2 snooping:
Router# show mac-address-table multicast mld-snooping
vlan mac address type learn qos ports
-----+---------------+--------+-----+---+--------------------------------- 3333.0000.0001 static Yes - Switch,Stby-Switch
--- 3333.0000.000d static Yes - Fa2/1,Fa4/1,Router,Switch
--- 3333.0000.0016 static Yes - Switch,Stby-Switch
Use the show ip pim neighbor command. This is a sample output of the
command:
Router# show ip pim neighbor
PIM Neighbor Table
Mode: B - Bidir Capable, DR - Designated Router, N - Default
Priority,
S - State Refresh Capable
Neighbor
Interface
Uptime/Expires
Address
Prio/Mode
10.0.0.1
GigabitEthernet10/2
00:01:29/00:01:15
S
10.0.0.3
GigabitEthernet10/3
00:01:15/00:01:28
DR S P
DR
Ver
DR
v2
1 /
v2
1 /
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
5-9
Chapter 5
Scenarios/Problems
Solution
How do I check the PIM packets received, Use the debug ip pim command. This is a sample output of the command:
sent, and also the PIM-related events?
router# debug ip pim 224.2.0.1
PIM: Received Join/Prune on Ethernet1 from 172.16.37.33
PIM: Received Join/Prune on Ethernet1 from 172.16.37.33
PIM: Received Join/Prune on Tunnel0 from 10.3.84.1
PIM: Received Join/Prune on Ethernet1 from 172.16.37.33
PIM: Received Join/Prune on Ethernet1 from 172.16.37.33
PIM: Received RP-Reachable on Ethernet1 from 172.16.20.31
PIM: Update RP expiration timer for 224.2.0.1
PIM: Forward RP-reachability packet for 224.2.0.1 on Tunnel0
PIM: Received Join/Prune on Ethernet1 from 172.16.37.33
PIM: Prune-list (10.221.196.51/32, 224.2.0.1)
PIM: Set join delay timer to 2 seconds for (10.221.0.0/16, 224.2.0.1)
on Ethernet1
PIM: Received Join/Prune on Ethernet1 from 172.16.37.6
PIM: Received Join/Prune on Ethernet1 from 172.16.37.33
PIM: Received Join/Prune on Tunnel0 from 10.3.84.1
PIM: Join-list: (*, 224.2.0.1) RP 172.16.20.31
PIM: Add Tunnel0 to (*, 224.2.0.1), Forward state
PIM: Join-list: (10.0.0.0/8, 224.2.0.1)
PIM: Add Tunnel0 to (10.0.0.0/8, 224.2.0.1), Forward state
PIM: Join-list: (10.4.0.0/16, 224.2.0.1)
PIM: Prune-list (172.16.84.16/28, 224.2.0.1) RP-bit set RP
172.16.84.16
PIM: Send Prune on Ethernet1 to 172.16.37.6 for (172.16.84.16/28,
224.2.0.1), RP
PIM: For RP, Prune-list: 10.9.0.0/16
PIM: For RP, Prune-list: 10.16.0.0/16
PIM: For RP, Prune-list: 10.49.0.0/16
PIM: For RP, Prune-list: 10.84.0.0/16
PIM: For RP, Prune-list: 10.146.0.0/16
PIM: For 10.3.84.1, Join-list: 172.16.84.16/28
PIM: Send periodic Join/Prune to RP via 172.16.37.6 (Ethernet1)
Use the show ip pim snooping command. This example shows how to display the
information about the global status:
Router# show ip pim snooping
Global runtime mode: Enabled
Global admin mode : Enabled
Number of user enabled VLANs: 1
User enabled VLANs: 10
Identifies the MVR IP multicast streams and their associated IP multicast groups in the Layer 2
forwarding table.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
5-10
OL-16147-20
Chapter 5
Allows a subscriber on a port to subscribe and unsubscribe to a multicast stream on the multicast
VLAN.
Allows a single multicast VLAN to be shared in the network while subscribers remain in separate
VLANs.
Provides the ability to continuously send multicast streams in the multicast VLAN and isolate the
streams from the subscriber VLANs for bandwidth and security reasons.
Modifies the Layer 2 forwarding table to include or remove the subscriber as a receiver of the
multicast stream, even though the receivers might be in a different VLAN from the source. This
forwarding behavior selectively allows traffic to cross between different VLANs.
The router forwards multicast data for MVR IP multicast streams only to MVR ports on which hosts have
joined, either by IGMP reports or by MVR static configuration. The router forwards IGMP reports
received from MVR hosts only to the source (uplink) port. This eliminates using unnecessary bandwidth
on MVR data port links.
Note
Only layer 2 ports participate in MVR. You must configure ports as MVR receiver ports. Only one MVR
multicast VLAN per router is allowed.
During MVR, subscriber ports subscribe and unsubscribe multicast streams by sending out IGMP join
and leave messages. These messages can originate from an IGMP version-2-compatible host with an
Ethernet connection. Although MVR operates on the underlying mechanism of IGMP snooping, the two
features operate independent of each other. However, if IGMP snooping and MVR are both enabled,
MVR reacts only to join and leave messages from multicast groups configured under MVR. Join and
leave messages from all other multicast groups are managed by IGMP snooping.
DHCP assigns an IP address to the set-top box or the PC. When a subscriber selects a channel, the
set-top box or PC sends an IGMP report to Switch A to join the appropriate multicast. If the IGMP
report matches one of the configured IP multicast group addresses, the Source Port (SP) CPU
modifies the hardware address table to include this receiver port and VLAN as a forwarding
destination of the specified multicast stream when it is received from the multicast VLAN. Uplink
ports that send and receive multicast data to and from the multicast VLAN are called MVR source
ports.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
5-11
Chapter 5
Figure 5-1
Multicast VLAN
Cisco router
Multicast
server
SP
Switch B
SP
SP
SP
SP
SP
SP1
SP2
Multicast
data
Multicast
data
Switch A
RP1 RP2 RP3 RP4 RP5 RP6 RP7
Customer
premises
Hub
IGMP join
Set-top box
Set-top box
TV
data
TV
RP = Receiver Port
SP = Source Port
TV
101364
PC
When a subscriber changes channels or switches off the television, the set-top box sends an IGMP
leave message to the multicast stream. The SP CPU sends a MAC-based general query through the
receiver port VLAN. If there is another set-top box in the VLAN still subscribing to this group, that
set-top box must respond within the maximum response time specified in the query. If the CPU does
not receive a response, it eliminates the receiver port as a forwarding destination for this group.
Unless the Immediate Leave feature is enabled, when the router receives an IGMP leave message
from a subscriber on a receiver port, it sends out an IGMP query on that port and waits for IGMP
group membership reports. If no reports are received in a configured time period, the receiver port
is removed from multicast group membership. With the Immediate Leave feature enabled, an IGMP
query is not sent from the receiver port on which the IGMP leave was received. As soon as the leave
message is received, the receiver port is removed from multicast group membership, which speeds
up leave latency. Enable the Immediate Leave feature only on receiver ports to which a single
receiver device is connected.
MVR eliminates the need to duplicate television-channel multicast traffic for subscribers in each
VLAN. Multicast traffic for all channels is only sent around the VLAN trunk onceonly on the
multicast VLAN. The IGMP leave and join messages are in the VLAN to which the subscriber port
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
5-12
OL-16147-20
Chapter 5
is assigned. These messages dynamically register for streams of multicast traffic in the multicast
VLAN on the layer 3 device, Switch B. The access layer switch, Switch A, modifies the forwarding
behavior to allow the traffic to be forwarded from the multicast VLAN to the subscriber port in a
different VLAN, selectively allowing traffic to cross between two VLANs.
IGMP reports are sent to the same IP multicast group address as the multicast data. The Switch A
CPU must capture all IGMP join and leave messages from receiver ports and forward them to the
multicast VLAN of the source (uplink) port.
Configuring MVR
For information on configuring and troubleshooting the MVR, see:
http://www.cisco.com/en/US/docs/routers/7600/ios/15S/configuration/guide/snooigmp.html
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
5-13
Chapter 5
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
5-14
OL-16147-20
CH A P T E R
Note
The information provided in this chapter is applicable to both the ES+ and ES+T line cards unless
specified otherwise.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-1
Chapter 6
Scalable EoMPLS is supported with EVCs (ethernet virtual circuits). An EVC is an end-to-end
representation of a single instance of a Layer 2 service being offered by a provider to a customer.
Service Instances supported: 16, 000 per line card (32, 000 per Cisco 7600 series router)
For ingress policing, only the drop action and the accept action for the police command are
supported.
For QoS marking, mapping of the incoming VLAN dot1q p-bits to the outgoing MPLS EXP bits is
supported.
For QoS marking, mapping of the incoming MPLS EXP bits to the outgoing VLAN dot1q p-bits is
supported (if EVC rewrite is pop tag).
For QoS shaping, egress pseudowire shaping is supported. Matching is based on the MPLS EXP bits.
Because HWEoMPLS is not supported on the ES+ line card, the xconnect command with
encapsulation mpls is rejected on the Layer 3 interface and Layer 3 subinterface.
The HSPW feature is supported only with Scalable EoMPLS and an ES+ line card supports a
maximum of 16000 Scalable EoMPLS.
The HSPW feature supports only pseudowires configured on a ES+ line card within the Ethernet
EVC and supports around 6000 backup PWs.
1.
enable
2.
configure terminal
3.
4.
5.
SUMMARY STEPS
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-2
OL-16147-20
Chapter 6
6.
rewrite ingress tag {push {dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q
vlan-id} | pop {1 | 2} | translate {1-to-1 {dot1q vlan-id | dot1ad vlan-id}| 2-to-1 dot1q vlan-id | dot1ad
vlan-id}| 1-to-2 {dot1q vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id} | 2-to-2 {dot1q
vlan-id second-dot1q vlan-id | dot1ad vlan-id dot1q vlan-id}} symmetric
7.
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface gigabitethernet
4/1
Step 4
Example:
Router(config-if)# service instance 101
ethernet
Step 5
Example:
Router(config-if-srv)# encapsulation
dot1q 5
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-3
Chapter 6
Step 6
Command or Action
Purpose
Example:
Router(config-if-srv)# rewrite ingress
tag dot1q single symmetric
Step 7
Example:
Router(config-if-srv)# xconnect 10.0.0.1
123 encapsulation mpls
Examples
The following is an example of a basic configuration.
This is the customer-facing port at router 1.
Router# enable
Router# configure terminal
Router(config)# interface TenGigabitEthernet 1/1
Router(config-if)# service instance 100 ethernet
Router(config-if-srv)# encapsulation dot1q 100
Router(config-if-srv)# rrewrite ingress tag translate 1-to-2 dot1q 5 second-dot1q 5
symmetric
Router(config-if-srv)# xconnect 2.2.2.2 100 encapsulation mpls
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-4
OL-16147-20
Chapter 6
The following is an example of single tag VLAN configuration for tunneling a single VLAN service
instance.
This is the customer facing port.
Router# enable
Router# configure terminal
Router(config)# interface TenGigabitEthernet 2/2
Router(config-if)# service instance 100 ethernet
Router(config-if-srv)# encapsulation dot1q 100
Router(config-if-srv)# rewrite ingress tag translate 1-to-2 dot1q 5 second-dot1q 5
symmetric
Router(config-if-srv)# xconnect 1.1.1.1 100 encapsulation mpls
The following is an example of double tag VLAN configuration for tunneling double tag VLAN frames.
This is the customer facing port.
Router# enable
Router# configure terminal
Router(config)# interface TenGigabitEthernet 2/2
Router(config-if)# service instance 100 ethernet
Router(config-if-srv)# encapsulation dot1q 100 second-dot1q 200
Router(config-if-srv)# rewrite ingress tag translate 2-to-2 dot1q 5 second-dot1q 5
symmetric
Router(config-if-srv)# xconnect 1.1.1.1 100 encapsulation mpls
The following is an example of a port-based xconnect tunnel configuration that tunnels all incoming
packets to the remote peer.
!All tag and non-tag packets aggregation
Router# enable
Router# configure terminal
Router(config)# interface TenGigabitEthernet 2/2
Router(config-if)# service instance 100 ethernet
Router(config-if-srv)# encapsulation default
Router(config-if-srv)# xconnect 1.1.1.1 100 encapsulation mpls
!All non-tag packets aggregation
Router(config)# interface TenGigabitEthernet 2/2
Router(config-if)# service instance 100 ethernet
Router(config-if-srv)# encapsulation untagged
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-5
Chapter 6
Verification
Use the following commands to verify operation.
Command
Purpose
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-6
OL-16147-20
Chapter 6
The MPLS VPNL3VPN over GRE feature utilizes MPLS over generic routing encapsulation
(MPLSoGRE) to encapsulate MPLS packets inside IP tunnels thus creating virtual point-to-point links
across non-MPLS networks.
Label Distribution Protocol (LDP)for MPLS label distribution. See MPLS Label Distribution
Protocol Overview.
Multiprotocol Border Gateway Protocol (MP-BGP)for VPN route and label distribution. See
Configuring MPLS Layer 3 VPNs.
Quality of service (QoS) service policies configured on the tunnel interface; they are supported on
the physical or subinterface
IPv6 GRE
Advanced features such as Carrier Supporting Carrier (CSC) and Interautonomous System
(Inter-AS)
Effective with Release 15.2(1)S, you can configure more than one GRE tunnel on an ES+ line card using
the same source. The packets are hardware switched even when multiple tunnels share the same source.
All the GRE tunnels on a specified node can use a single source IP prefix instead of multiple prefixes.
The advantage is that you can minimize the prefixes required for infrastructure, and enables the network
to scale the number of tunnels. The following restrictions apply:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-7
Chapter 6
PE-to-PE Tunneling
The provider edge-to-provider edge (PE-to-PE) tunneling configuration provides a scalable way to
connect multiple customer networks across a non-MPLS network. With this configuration, traffic that is
destined to multiple customer networks is multiplexed through a single GRE tunnel.
Note
A similar nonscalable alternative is to connect each customer network through separate GRE tunnels (for
example, connecting one customer network for each GRE tunnel).
As shown in Figure 1, the PE routers assign VPN routing and forwarding (VRF) numbers to the customer
edge (CE) routers on each side of the non-MPLS network.
The PE routers use routing protocols such as Border Gateway Protocol (BGP), OSPF Open Shortest Path
First (OSPF), or Routing Information Protocol (RIP) to learn about the IP networks behind the CE
routers. The routes to the IP networks behind the CE routers are stored in the associated CE routers VRF
routing table.
The PE router on one side of the non-MPLS network uses the routing protocols (that are operating within
the non-MPLS network) to learn about the PE router on the other side of the non-MPLS network. The
learned routes that are established between the PE routers are then stored in the main or default routing
table.
The opposing PE router uses BGP to learn about the routes that are associated with the customer
networks behind the PE routers. These learned routes are not known to the non-MPLS network.
For this example, BGP defines a static route to the BGP neighbor (the opposing PE router) through the
GRE tunnel that spans the non-MPLS network. Because the routes that are learned by the BGP neighbor
include the GRE tunnel next hop, all customer network traffic is sent using the GRE tunnel.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-8
OL-16147-20
Chapter 6
PE-to-PE Tunneling
BGP
OSPF
RIP
BGP
OSPF
RIP
BGP
VPN1
VPN1
CE-11
No MPLS
PE-1
CE-21
PE-2
CE-12
CE-22
188951
Figure 1
P-to-PE Tunneling
As shown in Figure 2, the provider-to-provider edge (P-to-PE) tunneling configuration provides a way
to connect a PE router (P1) to an MPLS segment (PE-2) across a non-MPLS network. In this
configuration, MPLS traffic that is destined to the other side of the non-MPLS network is sent through
a single GRE tunnel.
Figure 2
P-to-PE Tunneling
MPLS/VPN
MPLS/GRE
PE-1
P1
No MPLS
188952
IPv4 cloud
GRE Tunnel
MPLS
PE-2
P-to-P Tunneling
As shown in Figure 3, the provider-to-provider (P-to-P) configuration provides a method of connecting
two MPLS segments (P1 to P2) across a non-MPLS network. In this configuration, MPLS traffic that is
destined to the other side of the non-MPLS network is sent through a single GRE tunnel.
Figure 3
P-to-P Tunneling
IPv4 cloud
GRE Tunnel
MPLS
PE-1
P1
No MPLS
MPLS
P2
PE-2
188953
MPLS/GRE
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-9
Chapter 6
Configuring the MPLS VPNL3VPN over GRE Tunnel Interface, page 6-10
Note
ACLs configured under the tunnel interface are not supported in hardware. Also, the ACLs configured
under tunnel physical interface are not applied to the tunneled traffic.
Prerequisites
Before configuring the MPLS VPNL3VPN over GRE feature, ensure that your MPLS VPN and the
appropriate routing protocols are configured and working properly. See the Prerequisites for MPLS
VPNL3VPN over GRE section on page 6-7.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
7.
mpls ip
8.
exit
9.
show ip route
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-10
OL-16147-20
Chapter 6
Step 3
Command or Action
Purpose
Example:
Router(config)# interface tunnel 1
Step 4
Example:
Router(config-if)# ip route 209.165.200.253
255.255.255.224 FastEthernet 0/0
Step 5
Example:
Router(config-if)# tunnel source
209.165.200.254
Step 6
Example:
Router(config-if)# tunnel destination
209.165.200.255
Step 7
mpls ip
Example:
Router(config-if)# mpls ip
Step 8
exit
Example:
Router(config-if)# exit
Step 9
show ip route
Example:
Router(config)# show ip route
Examples
The following example shows a GRE tunnel configuration that spans a non-MPLS network. This
example shows the tunnel configuration on the PE devices (PE1 and PE2) located at both ends of the
tunnel:
PE1 Configuration
Router# configure terminal
Router(config)# interface Tunnel 1
Router(config-if)# ip address 209.165.200.253 255.255.255.224
Router(config-if)# tunnel source 209.165.200.254
Router(config-if)# tunnel destination 209.165.200.255
Router(config-if)# mpls ip
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-11
Chapter 6
PE2 Configuration
Router# configure terminal
Router(config)# interface Tunnel 1
Router(config-if)# ip address 209.165.200.235 255.255.255.224
Router(config-if)# tunnel source 209.165.200.240
Router(config-if)# tunnel destination 209.165.200.245
Router(config-if)# mpls ip
Example: Configuring the MPLS VPNL3VPN over GRE Tunnel Interface, page 6-12
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-12
OL-16147-20
Chapter 6
PE2 Configuration
!
mpls ip
!
ip vrf vpn1
rd 100:1
route-target import 100:1
route-target export 100:1
!
interface loopback 0
ip address 209.165.200.240 255.255.255.224
!
interface GigabitEthernet 0/1/1
ip address 209.165.200.241 255.255.255.224
!
interface Tunnel 1
ip address 209.165.200.244 255.255.255.224
tunnel source 209.165.200.245
tunnel destination 209.165.200.247
mpls ip
!
interface GigabitEthernet 0/0/5
ip vrf forwarding vpn1
ip address 209.165.200.249 255.255.255.224
!
router bgp 100
neighbor 209.165.200.250 remote-as 100
neighbor 209.165.200.252 update-source loopback0
!
address-family vpnv4
neighbor 209.165.200.253 activate
neighbor 209.165.200.254 send community-extended
!
address-family ipv4 vrf vpn1
neighbor 209.165.200.254 remote-as 30
neighbor 209.165.200.255 activate
O
C
O
S
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-13
Chapter 6
S
O
C
Because CBTS offers dynamic routing over DS-TE tunnels and requires minimum configuration, it
greatly eases deployment of DS-TE in large-scale networks.
CBTS can distribute all CoS values on eight different tunnels or multiple COS value to multiple tunnels .
CBTS also allows the TE tunnels of a tunnel bundle to exit headend routers through different interfaces.
CBTS configuration involves performing the following tasks:
Creating multiple (DS-) TE tunnels with the same headend and tailend and indicating on each of
these tunnels which CoSs are to be transported on the tunnel.
Creating a master tunnel, attaching the member tunnels to it, and making the master tunnel visible
for routing.
MPLS Traffic Engineering Class-Based Tunnel Selection Restrictions and Usage Guidelines
When configuring MPLS Traffic Engineering Class-Based Tunnel Selection (CBTS), follow these
restrictions and usage guidelines:
mode
Either all CoS values are carried in tunnels or no values are carried in tunnels. In other words,
for a given destination, you cannot map some CoS values in a DS-TE tunnel and other CoS
values in a Shortest Path First (SPF) Label Distribution Protocol (LDP) or SPF IP path.
No LSP is established for the master tunnel and regular traffic engineering attributes
(bandwidth, path option, fast reroute) are irrelevant on a master tunnel. TE attributes
(bandwidth, bandwidth pool, preemption, priorities, path options, and so on) are configured
completely independently for each tunnel.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-14
OL-16147-20
Chapter 6
CBTS does not allow load-balancing of a given EXP value in multiple tunnels. If two or more
tunnels are configured to carry a given experimental (EXP) value, CBTS picks one of these
tunnels to carry this EXP value (which is calculated through pre-defined rules).
CBTS supports aggregate control of bumping (that is, it is possible to define default tunnels to
be used if other tunnels go down). However, CBTS does not allow control of bumping if the
default tunnel goes down. CBTS does not support finer-grain control of bumping. For example,
if the voice tunnel goes down, redirect voice to T2, but if video goes down, redirect to T3.
The operation of CBTS is not supported with Any Transport over MPLS (AToM), MPLS TE
Creating Multiple MPLS Member TE or DS-TE Tunnels with the Same Headend and the Same Tailend
Perform the following task to create multiple MPLS member TE or DS-TE tunnels with the same
headend and same tailend and to configure EXP values to be carried by each of these tunnels. The
procedure begins in global configuration mode.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
7.
8.
9.
exit
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface tunnel 7
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-15
Chapter 6
Step 4
Command
Purpose
Example:
Step 5
Example:
Router(config-if)# tunnel destination 10.5.5.5
Step 6
Example:
Router(config-if)# tunnel mode mpls traffic-eng
Step 7
Example:
Router(config-if)# tunnel mpls traffic-eng bandwidth
100
Note
Step 8
Example:
Router(config-if)# tunnel mpls traffic-eng exp 7
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-16
OL-16147-20
Chapter 6
Step 9
Command
Purpose
exit
Example:
Router(config-if)# exit
Repeat Step 1 through Step 7 on the same headend router to create additional tunnels from this headend to the same tailend.
Creating a Master Tunnel, Attaching Member Tunnels, and Making the Master Tunnel Visible
Perform the followings task to create a master tunnel, attach member tunnels to it, and make the master
tunnel visible for routing. The procedure begins in global configuration mode.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
7.
8.
9.
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface tunnel 7
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-17
Chapter 6
Step 4
Command
Purpose
Example:
Step 5
Example:
Router(config-if)# tunnel destination 10.5.5.5
Step 6
Example:
Router(config-if)# tunnel mode mpls traffic-eng
exp-bundle master
Step 7
Example:
Router(config-if)# tunnel mode mpls traffic-eng
exp-bundle member Tunnel20000
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-18
OL-16147-20
Chapter 6
Step 8
Command
Purpose
Example:
Router(config-if)# tunnel mpls traffic-eng autoroute
announce
Step 9
Example:
Router(config-if)# tunnel mpls traffic-eng autoroute
metric relative -1
Note
Note
Alternatively, static routing could be used instead of autoroute to make the TE or DS-TE tunnels visible
for routing.
Example
The following example shows how to configure Multiprotocol Label Switching (MPLS) Traffic
Engineering (TE) Class-Based Tunnel Selection (CBTS). Tunnel1, Tunnel2, and Tunnel3 are member
tunnels, and Tunnel4 is the master tunnel.
Router# enable
Router# configure terminal
Router(config)# interface Tunnel1
Router(config-if)# ip unnumbered loopback0
Router(config-if)# interface destination 24.1.1.1
Router(config-if)# tunnel mode mpls traffic-eng
Router(config-if)# tunnel mpls traffic-eng bandwidth sub-pool 30000
Router(config-if)# tunnel mpls traffic-eng exp 5
Router(config)# interface Tunnel2
Router(config-if)# ip unnumbered loopback0
Router(config-if)# interface destination 24.1.1.1
Router(config-if)# tunnel mode mpls traffic-eng
Router(config-if)# tunnel mpls traffic-eng bandwidth 50000
Router(config-if)# tunnel mpls traffic-eng exp 3 4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-19
Chapter 6
Purpose
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-20
OL-16147-20
Chapter 6
Command
Purpose
The show mpls traffic-eng topology command output displays the MPLS TE global topology:
Router# show mpls traffic-eng topology 10.0.0.1
IGP Id: 10.0.0.1, MPLS TE Id:10.0.0.1 Router Node (ospf 10 area 0) id 1
link[0]: Broadcast, DR: 180.0.1.2, nbr_node_id:6, gen:18
frag_id 0, Intf Address:180.0.1.1
TE metric:1, IGP metric:1, attribute_flags:0x0
SRLGs: None
physical_bw: 100000 (kbps), max_reservable_bw_global: 1000 (kbps)
max_reservable_bw_sub: 0 (kbps)
Global Pool
Sub Pool
Total Allocated
Reservable
Reservable
BW (kbps)
BW (kbps)
BW (kbps)
---------------------------------bw[0]:
0
1000
0
bw[1]:
0
1000
0
bw[2]:
0
1000
0
bw[3]:
0
1000
0
bw[4]:
0
1000
0
bw[5]:
0
1000
0
bw[6]:
0
1000
0
bw[7]:
100
900
0
link[1]: Broadcast, DR: 180.0.2.2, nbr_node_id:7, gen:19
frag_id 1, Intf Address:180.0.2.1
TE metric:1, IGP metric:1, attribute_flags:0x0
SRLGs: None
physical_bw: 100000 (kbps), max_reservable_bw_global: 1000 (kbps)
max_reservable_bw_sub: 0 (kbps)
Global Pool
Sub Pool
Total Allocated
Reservable
Reservable
BW (kbps)
BW (kbps)
BW (kbps)
---------------------------------bw[0]:
0
1000
0
bw[1]:
0
1000
0
bw[2]:
0
1000
0
bw[3]:
0
1000
0
bw[4]:
0
1000
0
bw[5]:
0
1000
0
bw[6]:
0
1000
0
bw[7]:
0
1000
0
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-21
Chapter 6
The show mpls traffic-eng exp command output displays EXP mapping information about a tunnel:
Router# show mpls traffic-eng exp
Destination: 10.0.0.9
Master:Tunnel10Status: IP
Members: StatusConf EXPActual EXP
Tunnel1UP/ACTIVE55
Tunnel2UP/ACTIVEdefault0 1 2 3 4 6 7
Tunnel3UP/INACTIVE(T)2
Tunnel4DOWN3
Tunnel5UP/ACTIVE(NE)
(T)=Tailend is different to master
(NE)=There is no exp value configured on this tunnel.
The show ip cef detail command output displays detailed FIB entry information for a tunnel:
Router# show ip cef tunnel1 detail
IP CEF with switching (Table Version 46), flags=0x0
31 routes, 0 reresolve, 0 unresolved (0 old, 0 new), peak 2
2 instant recursive resolutions, 0 used background process
8 load sharing elements, 8 references
6 in-place/0 aborted modifications
34696 bytes allocated to the FIB table data structures
universal per-destination load sharing algorithm, id 9EDD49E1
1(0) CEF resets
Resolution Timer: Exponential (currently 1s, peak 1s)
Tree summary:
8-8-8-8 stride pattern
short mask protection disabled
31 leaves, 23 nodes using 26428 bytes
Table epoch: 0 (31 entries at this epoch)
Adjacency Table has 13 adjacencies
10.0.0.9/32, version 45, epoch 0, per-destination sharing
0 packets, 0 bytes
tag information set, all rewrites inherited
local tag: tunnel head
via 0.0.0.0, Tunnel1, 0 dependencies
traffic share 1
next hop 0.0.0.0, Tunnel1
valid adjacency
tag rewrite with Tu1, point2point, tags imposed {12304}
0 packets, 0 bytes switched through the prefix
tmstats: external 0 packets, 0 bytes
internal 0 packets, 0 bytes
The show mpls forwarding-table detail command output displays detailed information from the MPLS
LFIB:
Router# show mpls forwarding 10.0.0.9 detail
Local Outgoing
Prefix
Bytes tag Outgoing
Next Hop
tag
tag or VC
or Tunnel Id
switched
interface
Tun hd Untagged
10.0.0.9/32
0
Tu1
point2point
MAC/Encaps=14/18, MRU=1500, Tag Stack{12304}, via Fa6/0
00027D884000000ED70178A88847 03010000
No output feature configured
Per-exp selection: 1
Untagged
10.0.0.9/32
0
Tu2
point2point
MAC/Encaps=14/18, MRU=1500, Tag Stack{12305}, via Fa6/1
00027D884001000ED70178A98847 03011000
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-22
OL-16147-20
Chapter 6
The show mpls traffic-eng autoroute command output displays tunnels that are announced to the
Interior Gateway Protocol (IGP).
Router# show mpls traffic-eng autoroute
MPLS TE autorouting enabled
destination 10.0.0.9, area ospf 10
Tunnel1
(load balancing metric
(flags: Announce)
Tunnel2
(load balancing metric
(flags: Announce)
Tunnel3
(load balancing metric
(flags: Announce)
Tunnel4
(load balancing metric
(flags: Announce)
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-23
Chapter 6
This section describes how to configure Virtual Private LAN Services (VPLS) on the Optical Services
Modules (OSMs) and covers the topics below:
VPLS Overview
Virtual Private LAN Services (VPLS) uses the provider core to join multiple attachment circuits together
to simulate a virtual bridge that connects the multiple attachment circuits together. From a customer
point of view, there is no topology for VPLS. All of the CE devices appear to connect to a logical bridge
emulated by the provider core. See Figure 6-4.
Figure 6-4
VPLS
VPLS A
VPLS A
SP Backbone
PE
PE
Access
Network
PE
Logical Bridge
VPLS B
VPLS A
132992
VPLS B
Full-mesh, hub and spoke, and Hierarchical VPLS (H-VPLS) with MPLS edge configurations are
available.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-24
OL-16147-20
Chapter 6
Split horizon is the default configuration to avoid broadcast packet looping and to isolate Layer 2
traffic. With split horizon, a packet coming from a WAN interface never goes back to another WAN
interface (it always get switched to a Layer 2 interface). Split horizon prevents packets received from
an emulated VC from being forwarded into another emulated VC. This technique is important for
creating loop-free paths in a full-meshed network.
The Cisco 7600 series routers support a maximum of 60 peer PEs and a maximum of 15,000 VCs.
For example, you can configure 15,000 VCs as 1,000 VFIs with 15 VPLS peers per VFI.
Note
The 60 peer PEs are distributed between the MPLS edge and the core; do not assume there
are 60 peer PEs on each side.
Load sharing and failover on redundant CE-PE links are not supported.
The addition or removal of MAC addresses with Label Distribution Protocol (LDP) is not supported.
On the Cisco 7600 series router, the virtual forwarding instance (VFI) is supported only with the
interface vlan command.
Switched Virtual Interface (SVI) Ethernet over MPLS (EoMPLS) does not support layer 3
etherchannel sub-interface.
Full-Mesh Configuration
The full-mesh configuration requires a full mesh of tunnel label switched paths (LSPs) between all the
PEs that participate in the VPLS. With full-mesh, signaling overhead and packet replication
requirements for each provisioned VC on a PE can be high.
You set up a VPLS by first creating a virtual forwarding instance (VFI) on each participating PE router.
The VFI specifies the VPN ID of a VPLS domain, the addresses of other PE routers in the domain, and
the type of tunnel signaling and encapsulation mechanism for each peer PE router.
The set of VFIs formed by the interconnection of the emulated VCs is called a VPLS instance; it is the
VPLS instance that forms the logic bridge over a packet switched network. The VPLS instance is
assigned a unique VPN ID.
The PE routers use the VFI to establish a full-mesh LSP of emulated VCs to all the other PE routers in
the VPLS instance. PE routers obtain the membership of a VPLS instance through static configuration
using the Cisco IOS CLI.
The full-mesh configuration allows the PE router to maintain a single broadcast domain. Thus, when the
PE router receives a broadcast, multicast, or unknown unicast packet on an attachment circuit, it sends
the packet out on all other attachment circuits and emulated circuits to all other CE devices participating
in that VPLS instance. The CE devices see the VPLS instance as an emulated LAN.
To avoid the problem of a packet looping in the provider core, the PE devices enforce a "split-horizon"
principle for the emulated VCs. That means if a packet is received on an emulated VC, it is not forwarded
on any other emulated VC.
After the VFI has been defined, it needs to be bound to an attachment circuit to the CE device.
The packet forwarding decision is made by looking up the Layer 2 virtual forwarding instance (VFI) of
a particular VPLS domain.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-25
Chapter 6
A VPLS instance on a particular PE router receives Ethernet frames that enter on specific physical or
logical ports and populates a MAC table similarly to how an Ethernet switch works. The PE router can
use the MAC address to switch those frames into the appropriate LSP for delivery to the another PE
router at a remote site.
If the MAC address is not in the MAC address table, the PE router replicates the Ethernet frame and
floods it to all logical ports associated with that VPLS instance, except the ingress port where it just
entered. The PE router updates the MAC table as it receives packets on specific ports and removes
addresses not used for specific periods.
Hierarchical Virtual Private LAN Service (H-VPLS) with MPLS to the Edge
In a flat or non-hierarchical VPLS configuration, a full mesh of pseudowires (PWs) is needed between
all PE nodes. A pseudowire defines a VLAN and its corresponding pseudoport.
Hierarchical Virtual Private LAN Service (H-VPLS) reduces both signaling and replication overhead by
using a combination of full-mesh and hub-and-spoke configurations. Hub-and-spoke configurations
operate with split horizon to allow packets to be switched between PWs, which effectively reduce the
number of PWs between PEs.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-26
OL-16147-20
Chapter 6
Figure 6-5
L2VPN
router
802.3
.1Q
CE1
PE-CLE
7600s
AToM
or
L2TPv3
PE-PoP
CE4
PSN
CE2a
MPLS network
400
CE2b
401
Data
401 EType SA
DA
100
158088
VPLS functioning
between
participating PEs
Customer applied
VLAN Tags for WG
isolation (CE-VLAN)
33
In the H-VPLS with MPLS to the edge architecture, Ethernet Access Islands (EAIs) work in combination
with a VPLS core network, with MPLS as the underlying transport mechanism. EAIs operate like
standard Ethernet networks. In Figure 6-5, devices CE1, CE2a, and CE2b reside in an EAI. Traffic from
any CE devices within the EAI is switched locally within the EAI by the user-facing provider edge (UPE)
device along the computed spanning-tree path. Each UPE device is connected to one or more
network-facing provider edge (NPE) devices using PWs. The traffic local to the UPE is not forwarded
to any network-facing provider edge (NPE) devices.
The Cisco 7600 Series ES+ line card supports up to 4096 (4K) VPLS domains per Cisco 7600 series
router.
The Cisco 7600 Series ES+ line card supports up to 110 VPLS peers per domain per Cisco 7600
series router.
The Cisco 7600 Series ES+ line card supports up to 32,000 pseudowires (except when the
core-facing interface is a port-channel interface), used in any combination of domains and peers up
to the 4096-domain or 110-peer maximums. For example, up to 4000 domains with 7 peers, up to
60 peers in 500 domains, or 110 peers in 273 domains.
When configuring VPLS on a Cisco 7600 Series ES+ line card, consider the following guidelines:
QinQ is supported in a VPLS instance using EVC, L3 MPLS, VPN and, EoMPLS.
H-VPLS with QinQ edgeRequires a Cisco 7600 Series ES+ line card in the uplink, and any
LAN port or Cisco 7600 Series ES+ line cards on the downlink.
H-VPLS with MPLS edge requires either an optical service module, Cisco 7600 SIP-600,
Cisco 7600 SIP-400, or Cisco 7600 Series ES+ line cards in both the downlink (facing UPE) and
uplink (MPLS core). The ES20 and ES40 cards support port-channel interfaces on the core side of
the router, for VPLS and H-VPLS.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-27
Chapter 6
The Cisco 7600 Series ES+ line cards provide Transparent LAN Services (TLS) and Ethernet Virtual
Connection Services (EVCS).
The Cisco 7600 Series ES+ line cards support the following VPLS features:
H-VPLS with MPLS edge
H-VPLS with QinQ edge
VPLS with point-to-multipoint EoMPLS and fully-meshed PE configuration
For information about configuring VPLS on the Cisco 7600 Series ES+ line cards, consider the
guidelines in this document and refer to
http://www.cisco.com/en/US/products/hw/routers/ps368/products_white_paper09186a00801df1df.sht
ml and
http://www.cisco.com/en/US/docs/interfaces_modules/shared_port_adapters/configuration/7600series/
76cfgeth.html
Note
Split horizon is the default configuration to avoid broadcast packet looping. To avoid looping when using
the no-split-horizon keyword, be very mindful of your network configuration.
Previously, VPLS was supported only on physical interfaces and subinterfaces. The H-VPLS with
Port-Channel Core Interface feature adds support for VPLS on port-channels in Cisco IOS Release
12.2(33)SRE.
Use this feature to:
Configure VPLS on the port-channel interfaces of the ES+ line card using a load balancing
mechanism.
Match the capabilities and requirements of the VPLS in a single link. Due to multiple links in a link
aggregation (LAG), the packets of a particular flow are always transmitted only to a single link.
Configure VPLS with port-channel interfaces as the core facing interface, where the member links
of the port-channel are from a ES20 or ES40 line card. The load-balancing is per-flow based, where
the traffic of a VPLS VC is load-balanced across member links based on the flow.
The ES+ linecard supports 32,000 pseudowires on a Cisco 7600 series router, except when the
core-facing interface is a PoCH interface.
VPLS over core-facing PoCH interfaces is supported in Cisco IOS Release 12.2(33)SRE.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-28
OL-16147-20
Chapter 6
When a fat pseudo-wire (FAT P/W) is configured, the core-facing interface should be from a ES20
or a ES40 line card.
A provider edge (PE) router should match the configuration of the FAT P/W load balance option, for
the respective VLAN.
PE router link aggregation groups (LAG) are supported on the ES40 line card, for VPLS imposition
or disposition functions.
A highly scaled VPLS or a highly scaled multicast configuration over VPLS on port-channel
interfaces can impact LACP fast switchover convergence.
On the Cisco 7600 series router, the virtual forwarding instance (VFI) is supported only with the
interface vlan command
1.
enable
2.
configure platform
3.
SUMMARY STEPS
or
port-channel load-balance src-dst-mixed-ip-port
or
[no] port-channel load-balance mpls
or
[no] platform mpls load-balance ingress-port
4.
exit
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-29
Chapter 6
Step 3
Command
Purpose
Example:
Router(config)# platform vfi
load-balance-label vlan 5
or
port-channel load-balance
src-dst-mixed-ip-port
Example:
Router(config)# port-channel
load-balance src-dst-mixed-ip-port
Example:
Router(config)# port-channel
load-balance mpls label
or
[no] platform mpls load-balance
ingress-port
Example:
Router(config)# platform mpls
load-balance ingress-port
Step 4
exit
Supported Features
FAT PW Load balancing
Fat pseudo-wire load balancing balances the VPLS VC traffic across the core network. An additional
load balance label is inserted along with the VPLS VC labels such as VC label and IGP label at the PE
side. The remote end PE removes the load-balance label on the packet. For a single VC, the load-balance
label is calculated based on flow information of a VC.
You can use the following load balance types to streamline the traffic between peer VCs:
ECMP load-balancing: In a core network, multiple ECMP paths are used to reach the remote PE.
Application of the load-balance label balances the traffic load across the multiple paths. This is
because the load-balance label is different for different flows of a VC and the hash algorithm using
the mpls label for load-balancing generates a different hash to distribute the traffic.
Port-channel load-balancing: In a core network, if the selected path is a port-channel, the member
links are load balanced due to modifications in the load balance label.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-30
OL-16147-20
Chapter 6
You can use the [no] platform vfi load-balance-label vlan [vlan|vlan-vlan] command to configure the
fat pseudo-wire load balancing per vlan on a PE router irrespective of the core facing interface being a
port-channel or a non port-channel.
You can use the [no] port-channel load-balance src-dst-mixed-ip-port and the [no] port-channel
load-balance mpls commands for port-channel load balancing.l
You can use the [no] platform mpls load-balance ingress-port command for ingress port-based P
router load balalncing.
Multipoint-to-Multipoint Support
Two or more devices are associated over the core network. No one device is designated as the Root node,
but all devices are treated as Root nodes. All frames can be exchanged directly between nodes.
Non-Transparent Operation
A virtual Ethernet connection (VEC) can be transparent or non-transparent with respect to Ethernet
PDUs (that is, BPDUs). The purpose of VEC non-transparency is to allow the end user to have a Frame
Relay-type service between Layer 3 devices.
Circuit Multiplexing
Circuit Multiplexing allows a node to participate in multiple services over a single Ethernet connection.
By participating in multiple services, the Ethernet connection is attached to multiple logical networks.
Some examples of possible service offerings are VPN services between sites, Internet services, and
third-party connectivity for intercompany communications.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-31
Chapter 6
VPLS Services
Transparent LAN Service (TLS) and Ethernet Virtual Connection Service (EVCS) are available for
service provider and enterprise use.
Transparent LAN Service (TLS)Use when you need transparency of bridging protocols (for
example, bridge protocol data units [BPDUs]) and VLAN values. Bridges see this service as an
Ethernet segment.
Note
You must enable Layer 2 protocol tunneling to run the Cisco Discovery Protocol (CDP), the
VLAN Trunking Protocol (VTP), and the Spanning-Tree Protocol (STP). See Chapter 18,
Configuring IEEE 802.1Q Tunneling in the Cisco 7600 Series Cisco IOS Software
Configuration Guide, 15.0SR.
Ethernet Virtual Connection Service (EVCS)Use when you need routers to reach multiple intranet
and extranet locations from a single physical port. Routers see subinterfaces through which they
access other routers.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-32
OL-16147-20
Chapter 6
To a local Ethernet interface or an emulated VC if the destination MAC address is found in the Layer
2 forwarding table.
To all other local Ethernet interfaces and emulated VCs belonging to the same VPLS domain if the
destination MAC address is a multicast or broadcast address or if the destination MAC address is
not found in the Layer 2 forwarding table.
Note
To a local Ethernet interface or to an emulated VC if the destination MAC address is found in the
Layer 2 forwarding table.
To all other local Ethernet interfaces and emulated VCs belonging to the same VPLS domain if the
destination MAC address is a multicast or broadcast address or if the destination MAC address is
not found in the Layer 2 forwarding table.
Because it has only local significance, the demultiplexing VLAN tag that identifies a VPLS domain is
removed before forwarding the packet to the outgoing Ethernet interfaces or emulated VCs.
Benefits of VPLS
VPLS (Virtual Private LAN Service) enables enterprises to link together their Ethernet-based LANs
from multiple sites via the infrastructure provided by their service provider. From the enterprise
perspective, the service provider's public network looks like one giant Ethernet LAN. For the service
provider, VPLS provides an opportunity to deploy another revenue-generating service on top of their
existing network without major capital expenditures. Operators can extend the operational life of
equipment in their network.
Configuring VPLS
This section explains how to perform a basic VPLS configuration.
Note
Provisioning a VPLS link involves provisioning the associated attachment circuit and the VFI on the PE.
Note
Prerequisites
Before you configure VPLS, ensure that the network is configured as follows:
Configure IP routing in the core so that the PE routers can reach each other via IP.
Configure MPLS in the core so that a label switched path (LSP) exists between the PE routers.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-33
Chapter 6
Configure a loopback interface for originating and terminating Layer 2 traffic. Make sure the PE
routers can access the other router's loopback interface. Note that the loopback interface is not
needed in all cases. For example, tunnel selection does not need a loopback interface when VPLS is
directly mapped to a TE tunnel.
Supported Modules
Customer facing interfaces are all Ethernet/ Fast Ethernet/ Gigabit Ethernet interfaces based on Layer 2
Catalyst LAN ports.
Associating the Attachment Circuit with the VSI at the PE, page 6-45
Note
It is important to define the trunk VLANs; use the switchport trunk allow vlan command as shown in
the first example below.
Note
1.
2.
3.
switchport
4.
5.
6.
When EVCS is configured, the PE router forwards all Ethernet packets with a particular VLAN tag to a
local Ethernet interface or emulated VC if the destination MAC address is found in Layer 2 forwarding
table.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-34
OL-16147-20
Chapter 6
DETAILED STEPS
Step 1
Command or Action
Purpose
Example:
Router(config)# interface fastethernet 2/4
Step 2
Example:
Router(config)# no ip address
Step 3
switchport
Example:
Router(config-if)# switchport
Step 4
Example:
Router(config-if)# switchport trunk
encapsulation dot1q
Step 5
Example:
Router(config-if)# switchport trunk allow vlan
501
Step 6
Example:
Router(config-if)# switchport mode trunk
This example shows how to use the show run interface command to verify the configuration.
Router# show run interface GigabitEthernet4/4
Building configuration...
Current configuration : 212 bytes
!
interface GigabitEthernet4/4
no ip address
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 501
switchport mode trunk
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-35
Chapter 6
end
SUMMARY STEPS
Option 2802.1Q Access Port for Untagged Traffic from CE
1.
2.
3.
4.
switchport
5.
6.
DETAILED STEPS
Step 1
Command or Action
Purpose
Example:
Router(config)# interface GigabitEthernet4/4
Step 2
Example:
Router(config)# no ip address
Step 3
Example:
Step 4
switchport
Example:
Router(config-if)# switchport
Step 5
Example:
Router(config-if)# switchport mode access
Step 6
Example:
Router(config-if)# switchport access vlan 501
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-36
OL-16147-20
Chapter 6
Router(config-if)# switchport
Router(config-if)# switchport mode access
Router(config-if)# switchport access vlan 501
This example shows how to use the show run interface command to verify the configuration.
Router# show run interface GigabitEthernet4/4
Building configuration...
Current configuration : 212 bytes
!
interface GigabitEthernet4/4
speed nonegotiate
switchport
switchport mode access
switchport access vlan 501
end
SUMMARY STEPS
Option 3Using Q-in-Q to Place All VLANs into a Single VPLS
Note
1.
2.
3.
4.
switchport
5.
6.
7.
When TLS is configured, the PE router forwards all Ethernet packets received from the CE device to all
local Ethernet interfaces and emulated VCs belonging to the same VPLS domain if the MAC address is
not found in the Layer 2 forwarding table.
DETAILED STEPS
Step 1
Command or Action
Purpose
Example:
Router(config)# interface GigabitEthernet4/4
Step 2
Example:
Router(config)# no ip address
Step 3
Example:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-37
Chapter 6
Step 4
switchport
Example:
Router(config-if)# switchport
Step 5
Example:
Router(config-if)# switchport access vlan 501
Step 6
Example:
Router(config-if)# switchport mode dot1q-tunnel
Step 7
Example:
Router(config-if)# l2protocol-tunnel cdp
This example shows how to use the show run interface command to verify the configuration.
Router# show run interface GigabitEthernet4/4
Building configuration...
Current configuration : 212 bytes
!
interface GigabitEthernet4/4
no ip address
speed nonegotiate
switchport
switchport access vlan 501
switchport mode dot1q-tunnel
l2protocol-tunnel cdp
end
Use the show spanning-tree vlan command to verify the port is not in a blocked state.
Router# show spanning-tree vlan 501
VLAN0501
Spanning tree enabled protocol ieee
Root ID
Priority
33269
Address
0001.6446.2300
This bridge is the root
Hello Time
2 sec Max Age 20 sec
Bridge ID
Priority
33269 (priority 32768 sys-id-ext 501)
Address
0001.6446.2300
Hello Time
2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 0
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-38
OL-16147-20
Chapter 6
Interface
Role Sts Cost
Prio.Nbr Type
---------------- ---- --- --------- --------------------------------------Gi4/4
Desg FWD 4
128.388 P2p
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-39
Chapter 6
Use the show vlan id command to verify that a specific port is configured to send and receive a specific
VLANs traffic.
Router# show vlan id 501
VLAN Name
Status
Ports
---- -------------------------------- --------501 VLAN0501
active
Gi4/4
VLAN Type SAID
MTU
Parent RingNo BridgeNo Stp BrdgMode Trans1
Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- -----501 enet 100501
1500 0
0
Remote SPAN VLAN
---------------Disabled
Primary Secondary Type
Ports
------- --------- -----------------
SUMMARY STEPS
1.
vlan vlan-id
2.
DETAILED STEPS
Step 1
Command or Action
Purpose
vlan vlan-id
Example:
Router(config)# vlan 809
Step 2
Example:
Router(config)# interface vlan 501
Use the show interfaces vlan command to verify the VLAN is in the up state (example not shown).
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-40
OL-16147-20
Chapter 6
Note
SUMMARY STEPS
1.
2.
3.
tag-switching ip
4.
| dscp | ip-precedence]
DETAILED STEPS
Step 1
Command or Action
Purpose
Example:
Router(config)# interface pos 2/4
Step 2
Example:
Router(config)# ip address 100.1.1.1
255.255.255.0
Step 3
tag-switching ip
Example:
Router(config-if)# tag-switching ip
Step 4
Example:
Router(config-if)# mls qos trust dscp
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-41
Chapter 6
Note
Before configuring MPLS, ensure that you have IP connectivity between all PEs by configuring Interior
Gateway Protocol (IGP) (Open Shortest Path First [OSPF] or Intermediate System to Intermediate
System [IS-IS]) between the PEs.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# mpls label protocol ldp
Step 4
Example:
Router(config)# mpls ldp logging
neighbor-changes
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-42
OL-16147-20
Chapter 6
Step 5
Example:
Router(config)# mpls ldp discovery hello
holdtime 5
Step 6
Configures MPLS.
Example:
Router(config)# mpls ldp router-id Loopback0
force
This example shows how to use the show ip cef command to verify that LDP label is assigned.
Router# show ip cef 192.168.17.7
192.168.17.7/32, version 272, epoch 0, cached adjacency to POS4/1
0 packets, 0 bytes
tag information set
local tag: 8149
fast tag rewrite with PO4/1, point2point, tags imposed: {4017}
via 11.3.1.4, POS4/1, 283 dependencies
next hop 11.3.1.4, POS4/1
valid cached adjacency
tag rewrite with PO4/1, point2point, tags imposed: {4017}
Note
SUMMARY STEPS
1.
2.
vpn id vpn-id
3.
4.
shutdown
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-43
Chapter 6
DETAILED STEPS
Step 1
Command or Action
Purpose
Example:
Router(config)# l2 vfi vfi17 manual
Step 2
vpn id vpn-id
Example:
Router(config-vfi)# vpn id 17
Step 3
Example:
Note
Step 4
shutdown
Example:
Router(config-vfi)# shutdown
Note
The following example shows a VFI configuration for hub and spoke.
Router(config)# l2 vfi VPLSA manual
Router(config-vfi)# vpn id 100
Router(config-vfi)# neighbor 9.9.9.9 2001 encapsulation mpls
Router(config-vfi)# neighbor 12.12.12.12 2002 encapsulation mpls
Router(config-vfi)# neighbor 33.33.33.33 2003 encapsulation mpls no-split-horizon
The show mpls 12transport vc command displays various information related to PE1.
Note
The show mpls l2transport vc detail command is also available to show detailed information about the
VCs on a PE router as in the following example. (This example is not based on the previous VFI
configurations.)
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-44
OL-16147-20
Chapter 6
Note
Local circuit
-------------------VFI
VFI
VFI
Dest address
--------------153.1.0.1
153.3.0.1
153.4.0.1
VC ID
---------201
201
201
Status
---------UP
UP
UP
The VC ID in the output represents the VPN ID; the VC is identified by the combination of the
destination address and the VC ID as in the example below. (This example is not based on the previous
VFI configurations.)
The show vfi vfi name command shows VFI status.
nPE-3# show vfi VPLS-2
VFI name: VPLS-2, state: up
VPN ID: 100
Local attachment circuits:
Vlan2
Neighbors connected via pseudowires:
Peer Address
VC ID
Split-horizon
1.1.1.1
2
Y
1.1.1.2
2
Y
2.2.2.3
2
N
SUMMARY STEPS
1.
2.
no ip address (Configuring an IP address causes Layer 3 interface to be created for the VLAN.)
3.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-45
Chapter 6
DETAILED STEPS
Step 1
Command or Action
Purpose
Example:
Router(config-if)# interface vlan 100
Step 2
no ip address
Example:
Router(config-if)# no ip address
Step 3
Example:
Router(config-if)# xconnect vfi vfi16
This is an example of how to use the show vfi command for VFI status.
Router# show vfi VPLS_501
VFI name: VPLS_501, state: up
VPN ID: 100
Local attachment circuits:
vlan 100
Neighbors connected via pseudowires:
192.168.11.1 192.168.12.2 192.168.13.3
192.168.17.7
192.168.16.6
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
vpn id id-number
5.
6.
7.
end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-46
OL-16147-20
Chapter 6
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
l2 vfi
name
manual
Example:
Router(config)# l2 vfi vfi10 manual
Step 4
vpn id
id-number
Example:
Router(config-vfi)# vpn id 110
Step 5
Example:
Router(config-vfi)# forward permit l2protocol
all
Step 6
[no-split-horizon]
Example:
Router(config-vfi)# neighbor 10.10.10.2
encapsulation mpls
Step 7
end
Example:
Router(config-vfi)# end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-47
Chapter 6
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
ip address ip-address
5.
mpls ip
6.
7.
end
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface port-channel
channel-number
Example:
Router(config)# interface Port-channel 1
Step 4
channel-group
port-channel-number
mode on
Example:
Step 5
ip address
ip-address subnet-mask
Example:
Router(config-if)# ip address 100.0.0.1
255.255.255.0
Step 6
mpls ip
Example:
Router(config-if)# mpls ip
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-48
OL-16147-20
Chapter 6
Step 7
Example:
Step 8
end
Example:
Router(config-if)# end
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
no ip address
5.
6.
end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-49
Chapter 6
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config-if)# interface vlan 1
Step 4
no ip address
Example:
Router(config-if)# no ip address
Step 5
Example:
Router(config-if)# xconnect vfi vfi10
This example shows how to use the show vfi command for VFI status:
Router# show vfi vfi10
VFI name: vfi10, state: up
VPN ID: 100
Local attachment circuits:
vlan 1
Neighbors connected via pseudowires:
100.0.0.1 100.0.1.1 100.0.2.2 100.0.4.4 100.0.7.7
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-50
OL-16147-20
Chapter 6
Troubleshooting
This section describes how to troubleshoot BPDU PW issues.
Scenarios/Problems
Solution
How to verify whether or not Use the show mpls l2transport vc command:
the BPDU PW status is in the Router# show mpls l2transport vc 210
UP.
Local intf
Local circuit
------------VFI 210
Dest address
VC ID
Status
-------------------------- --------------- ---------- ---------VFI
10.144.144.144 210
UP
How to verify whether or not Use the show spanning-tree mst command:
a port-channel BPDU PW
Router# show spanning-tree mst
pseudoport is added to the
##### MST0
vlans mapped:
1-4094
MST tree.
Bridge
Root
0)
1)
6
20
FWD
FWD
FWD
BLK
FWD
FWD
FWD
20000
20000
200000
200000
20000
20000
20000
128.19
128.20
128.1027
128.1283
128.1796
128.1798
128.1800
P2p
P2p
P2p Bound(STP)
P2p Bound(STP)
P2p
P2p Bound(STP)
P2p
0)
1)
6
20
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-51
Chapter 6
1.1.1.1
SP Backbone
3.3.3.3
FE0/0
VPLS-A
FE0/1
PE3
2.2.2.2
PE1
VPLS-A
104752
PE2 FE0/0
VPLS-A
Configuration on PE 1
This shows the creation of the virtual switch instances (VSIs) and associated VCs.
l2 vfi PE1-VPLS-A manual
vpn id 100
neighbor 2.2.2.2 encapsulation mpls
neighbor 3.3.3.3 encapsulation mpls
!
interface Loopback 0
ip address 1.1.1.1 255.255.255.255
This configures the CE device interface (there can be multiple Layer 2 interfaces in a VLAN).
interface FastEthernet0/0
switchport
switchport mode dot1qtunnel
switchport access vlan 100
!
Configuration on PE 2
This shows the creation of the virtual switch instances (VSIs) and associated VCs.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-52
OL-16147-20
Chapter 6
This configures the CE device interface (there can be multiple Layer 2 interfaces in a VLAN).
interface FastEthernet0/0
switchport
switchport mode dot1qtunnel
switchport access vlan 100
!
Configuration on PE 3
This shows the creation of the virtual switch instances (VSIs) and associated VCs.
l2 vfi PE3-VPLS-A manual
vpn id 100
neighbor 1.1.1.1 encapsulation mpls
neighbor 2.2.2.2 encapsulation mpls
!
interface Loopback 0
ip address 3.3.3.3 255.255.255.255
This configures the CE device interface (there can be multiple Layer 2 interfaces in a VLAN).
interface FastEthernet0/1
switchport
switchport mode dot1qtunnel
switchport access vlan 100
!
The show mpls l2 vc command provides information on the status of the VC.
VPLS1# show mpls l2 vc
Local intf
-------------
Local circuit
Dest address
VC ID
Status
-------------------- --------------- ---------- ----------
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-53
Chapter 6
Vi1
Vi1
Vi1
Vi1
Vi1
VFI
VFI
VFI
VFI
VFI
22.22.22.22
22.22.22.22
33.33.33.33
44.44.44.44
44.44.44.44
100
200
100
100
200
DOWN
UP
UP
UP
UP
The show mpls 12transport vc command provides information about the virtual circuits.
osr12# show mpls l2 vc detail
Local interface: VFI vfi17 up
Destination address: 1.3.1.1, VC ID: 17, VC status: up
Output interface: PO3/4, imposed label stack {18}
Create time: 3d15h, last status change time: 1d03h
Signaling protocol: LDP, peer 1.3.1.1:0 up
MPLS VC labels: local 18, remote 18
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled
VC statistics:
packet totals: receive 0, send 0
byte totals:
receive 0, send 0
packet drops: receive 0, send 0
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-54
OL-16147-20
Chapter 6
Figure 6-7
CE6
H-VPLS Configuration
20.0.0.1
SP Backbone
120.0.0.3
PE3
PE1
CE3
SP/MPLS
CE4
CE1
162.0.0.2
PE2
30.0.0.1
uPE
CE2
132864
CE5
Configuration on PE1
This shows the creation of the virtual switch instances (VSIs) and associated VCs. Note that the VCs in
green require the no-split-horizon keyword. The no-split-horizon command disables the default Layer
2 split horizon in the data path.
l2 vfi Internet manual
vpn id 100
neighbor 120.0.0.3 encapsulation mpls no-split-horizon
neighbor 162.0.0.2 encapsulation mpls no-split-horizon
l2 vfi PE1-VPLS-A manual
vpn id 200
neighbor 120.0.0.3 encapsulation mpls
neighbor 162.0.0.2 encapsulation mpls
interface Loopback 0
ip address 20.0.0.1 255.255.255.255
This configures the CE device interface (there can be multiple Layer 2 interfaces in a VLAN).
interface GigEthernet1/1
switchport
switchport mode trunk
switchport trunk encap dot1q
switchport trunk allow vlan 1001,1002-1005
Configuration on PE2
This shows the creation of the VFIs and associated VCs.
l2 vfi Internet manual
vpn id 100
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-55
Chapter 6
This configures the CE device interface (there can be multiple Layer 2 interfaces in a VLAN).
interface GigEthernet2/1
switchport
switchport mode trunk
switchport trunk encap dot1q
switchport trunk allow vlan 211,1001,1002-1005
Configuration on PE3
This shows the creation of the VFIs and associated VCs.
l2 vfi Internet manual
vpn id 100
neighbor 20.0.0.1 encapsulation mpls
neighbor 162.0.0.2 encapsulation mpls
neighbor 30.0.0.1 encapsulation mpls no-split horizon
l2 vfi PE3-VPLS-A manual
vpn id 200
neighbor 162.0.0.2 encapsulation mpls
neighbor 20.0.0.1 encapsulation mpls
neighbor 30.0.0.1 200 encapsulation mpls no-split horizon
interface Loopback 0
ip address 120.0.0.3 255.255.255.255
Usually EoMPLS is configured on the uPE device. You can use port-based or VLAN-based EoMPLS.
This configures port-based EoMPLS on the uPE (the uPE connects to CE4).
interface GigEthernet 1/1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-56
OL-16147-20
Chapter 6
This configures VLAN-based EoMPLS on the uPE. (the uPE connects to CE4).
interface GigEthernet 1/1.1
encapsulation dot1Q 100
xconnect 120.0.0.3 100 encapsulation mpls
Load Balancing
Load balancing describes a functionality in a router that distributes packets across multiple links. For
information on load balancing, see
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094820.shtml.
Restrictions
The following restrictions apply to the Dot1q Transparency for EoMPLS feature:
Global configuration applies to all virtual forwarding instance (VFI) and switched virtual interface
(SVI) EoMPLS VCs configured on the Cisco 7600 series routers.
Interoperability requires applying the Dot1q Transparency for EoMPLS feature to all participating
PE routers.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-57
Chapter 6
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
interface vlan
5.
no ip address
6.
7.
service-policy output
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Sets the EXP value in the remote VC label with the DBUS CoS
value.
Example:
Router(config)# platform vfi
dot1q-transparency
Step 4
Example:
Router(config)# interface vlan 566
Step 5
Disables IP processing.
Example:
Router(config)# no ip address
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-58
OL-16147-20
Chapter 6
Step 6
Command or Action
Purpose
Example:
Router(config-subif)# xconnect 10.0.0.1
123 encapsulation mpls
Step 7
Example:
Router(config-if)# service-policy output
policy-name ip
Use the show cwan vfi dot1q-transparent command to verify the VLAN is in the up state.
Router# show cwan vfi dot1q-transparency
VFI dot1q transparency is enabled
Router#
Verification
You can use the following command on the RP or on the line card. Use the | output modifier to find the
interface you are interested in:
PE1#show mpls l2 vc 29999 det
Local interface: VFI 300 VFI up
Interworking type is Ethernet
Destination address: 13.13.13.13, VC ID: 29999, VC status: up Output interface: Tu0,
imposed label stack {26 17} Preferred path: Tunnel0, active Default path: ready Next hop:
point2point Create time: 05:43:17, last status change time: 04:18:37 Signaling protocol:
LDP, peer 13.13.13.13:0 up Targeted Hello: 10.10.10.10(LDP Id) -> 13.13.13.13, LDP is UP
Status TLV support (local/remote) : enabled/supported LDP route watch : enabled
Label/status state machine : established, LruRru Last local dataplane status rcvd: No
fault Last local SSS circuit status rcvd: No fault Last local SSS circuit status sent:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-59
Chapter 6
No fault Last local LDP TLV status sent: No fault Last remote LDP TLV status rcvd: No
fault Last remote LDP ADJ status rcvd: No fault MPLS VC labels: local 17, remote 17 Group
ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled Control Word: On (configured: autosense) VC
statistics:
transit packet totals: receive 100668489, send 774258179 transit byte totals: receive
6845457798, send 55718191727 transit packet drops: receive 0, seq error 0, send 0
You can use the following show command to check adjacencies on an ES+ linecard from the RP.
PE1-dfc7#show plat atom ether-vc vlan 300 AToM Ether VC Index(3): segtype(25)
seghandle(0x27BC5354)
Disposition : flags(17) vlanid(300) local_vc_label(17)
ForwardingTable: oper(6) flags(0x0) vlan(300) dest_index(0xB83)
Imposition: flags(0x71) egress_idx(0x5) ifnum(74)
tx_tvc(0x4B04) rvclbl[0](17) rigplbl[1](285) label[2](0)
label[3](0) ltl(0xB83) mac(0008.7c62.a800) qos_info(0x0)
Current Destination Index (0xB83)
Platform Data:
loc_lbl acif_num fw_idx cword
eg_ifnum ckt_idx vlan ac_hdl
vc_hash
17
0
0x5
0x3
74
0x4
300 0x27BC5354 0x3
Platform Index(0x2D19ABC0) is_sw(1) is_vfi(1) vlan(300) pseudo_port_offset(4)
tx_tvc(0x4B04)
Statistics : Packets
Bytes
Drop Pkts Drop Bytes ID
Disposition: 15440
1049920
0
0
0
Imposition : 355628
25605216
0
0
0
Egress Vlan LTL Table vlan(300) ltl(0xE) ppe(3)
feature_cmn_enable(Yes) ft_enable(Yes) ft_bits(VPLS) split_horizon(1), num_labels(1)
tunnel_vc(Yes) same_npu(No) control_word(Yes) vc_type4(No) routed_mode_iw(No)
PolicyId(0x0) Flow_id(0x0) stat_id(0x9E1B4) fat_pw:(No)
XlifID(0xFFFF) tunnel_index(2) Tunnel(5)
Label1(0x11) exp3(0) exp2(0) exp1(0) exp0(0)
Label2(0x0) exp7(0) exp6(0) exp5(0) exp4(0)
Label3(0x0) poe_mask(0x0) poch_enabled(Yes)
mac_hi(0x87C62) mac_low(0xA800)
poch_slot(0xE), poch_number(0x1)
----------------------------------------TE Label Table for tunnel:(2):
num_lbls:(4) label1:(33) ttl1:(255), eos1:(0)
label2:(26) ttl2:(255), eos2:(0)
slot:(13), ltl_base:(502), mac:0015.2b19.a540
------------------------------------------ Tunnel State -same_slot(Yes) same_npu(Yes) prot_slot(Yes)
bkup_slot(Yes) backup_active(No) local(Yes)
ifnum(74) ppe(3) bkup_ifnum(37), bkup_ppe(3) prot_ifnum(74) prot_ppe(3)
-----------------------------Disposition MPLS Table at Label:(17):
vlan:(300) vc_type4:(0), control_word:(1), l2_fwd_permit(0)
imp_ltl_base:(0x75) imp_ltl_slot:(14) imp_ltl_off:(14)
routed_mode_iw:(0) dmac: 0000.0000.0000 fat_pw_enabled:(No)
tunnel_index:(2) stat_id:(647603) split_horizon:(0x1)
fat-pw:(0) fat-pw-internal:(0)
----------------------------------------Egress Vlan LTL Table vlan(300) ltl(0xE) ppe(3)
feature_cmn_enable(Yes) ft_enable(Yes) ft_bits(VPLS) split_horizon(1), num_labels(1)
tunnel_vc(Yes) same_npu(No) control_word(Yes) vc_type4(No) routed_mode_iw(No)
PolicyId(0x0) Flow_id(0x0) stat_id(0x9E1B4) fat_pw:(No)
XlifID(0xFFFF) tunnel_index(2) Tunnel(5)
Label1(0x11) exp3(0) exp2(0) exp1(0) exp0(0)
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-60
OL-16147-20
Chapter 6
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-61
Chapter 6
You can use the following show command from a DFC card to see the TTFIB entry (if present).
Router-dfc2# show platform npc vpls disp-table np 0 label 18
Disposition MPLS Table at Label:(18):
vlan:(0) vc_type4:(0), control_word:(0), l2_fwd_permit(0)
imp_ltl_base:(0x0) imp_ltl_slot:(0) imp_ltl_off:(0)
routed_mode_iw:(0) dmac: 0000.0000.0000 fat_pw_enabled:(No)
tunnel_index:(0) stat_id:(0) split_horizon:(0x0)
fat-pw:(0) fat-pw-internal:(1)
----------------------------------------Router-dfc2#
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-62
OL-16147-20
Chapter 6
Troubleshooting
This section describes how to troubleshoot common EoMPLS and AToMPLS issues.
Scenarios/Problems
Solution
Use the show mpls l2transport vc command. This example shows the information that is
provided when an AToM static pseudowire is provisioned and the show mpls l2transport vc
detail command is used to check the configuration. The Signaling protocol field specifies
Manual because a directed control protocol such as Label Distribution Protocol (LDP) cannot
be used to exchange parameters on static pseudowires. The remote interface description field
seen for nonstatic pseudowire configurations is not displayed because remote information is
exchanged using signaling between the PE routers and this is not done on static pseudowires:
Router# show mpls l2transport vc detail
Local interface: Et1/0 up, line protocol up, Ethernet up
Destination address: 10.1.1.2, VC ID: 100, VC status: up
Output interface: Et2/0, imposed label stack {10003 150}
Preferred path: not configured
Default path: active
Next hop: 10.0.0.2
Create time: 00:18:57, last status change time: 00:16:10
Signaling protocol: Manual
MPLS VC labels: local 100, remote 150
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled
VC statistics:
packet totals: receive 219, send 220
byte totals:
receive 20896, send 26694
packet drops: receive 0, send 0
How do I display the contents Use the show mpls forwarding-table command. This is a sample output of the command:
of the MPLS LFIB?
Router# show mpls forwarding-table
Local
Label
26
28
29
30
34
35
36
[T]
Outgoing
Prefix
Bytes label Outgoing
Next Hop
Label or VC
or Tunnel Id
switched interface
No Label
10.253.0.0/16
0
Et4/0/0
10.27.32.4
1/33
10.15.0.0/16
0
AT0/0.1
point2point
Pop Label
10.91.0.0/16
0
Hs5/0
point2point
1/36
10.91.0.0/16
0
AT0/0.1
point2point
32
10.250.0.97/32
0
Et4/0/2
10.92.0.7
32
10.250.0.97/32
0
Hs5/0
point2point
26
10.77.0.0/24
0
Et4/0/2
10.92.0.7
26
10.77.0.0/24
0
Hs5/0
point2point
No Label[T]
10.100.100.101/32 0
Tu301
point2point
Pop Label
10.1.0.0/16
0
Hs5/0
point2point
1/37
10.1.0.0/16
0
AT0/0.1
point2point
Forwarding through a TSP tunnel.
View additional labeling info with the 'detail' option
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-63
Chapter 6
Troubleshooting
Scenarios/Problems
Solution
This is a sample output of the show mpls forwarding-table command when the IPv6 Provider
Edge Router over MPLS feature is configured to allow IPv6 traffic to be transported across an
IPv4 MPLS backbone. The labels are aggregated because there are several prefixes for one
local label, and the prefix column contains "IPv6" instead of a target prefix.
Router# show mpls forwarding-table
Local Outgoing
Prefix
Label Label or VC
or Tunnel Id
16
Aggregate
IPv6
17
Aggregate
IPv6
18
Aggregate
IPv6
19
Pop Label
192.168.99.64/30
20
Pop Label
192.168.99.70/32
21
Pop Label
192.168.99.200/32
22
Aggregate
IPv6
23
Aggregate
IPv6
24
Aggregate
IPv6
Next Hop
point2point
point2point
point2point
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-64
OL-16147-20
Chapter 6
Scenarios/Problems
Solution
This is a sample output of the show mpls forwarding-table command when you specify the
detail keyword. If the MPLS EXP level is used as a selection criterion for packet forwarding,
a bundle adjacency exp (vcd) field is included in the display. This field includes the EXP value
and the corresponding virtual circuit descriptor (VCD) in parentheses. The line in the output
that reads "No output feature configured" indicates that the MPLS egress NetFlow accounting
feature is not enabled on the outgoing interface for this prefix.
Router# show mpls forwarding-table detail
Local Outgoing
Prefix
Bytes label Outgoing
Next Hop
label
label or VC
or Tunnel Id
switched interface
16
Pop label
10.0.0.6/32
0
AT1/0.1
point2point
Bundle adjacency exp(vcd)
0(1) 1(1) 2(1) 3(1) 4(1) 5(1) 6(1) 7(1)
MAC/Encaps=12/12, MTU=4474, label Stack{}
00010000AAAA030000008847
No output feature configured
17
18
10.0.0.9/32
0
AT1/0.1
point2point
Bundle adjacency exp(vcd)
0(1) 1(1) 2(1) 3(1) 4(1) 5(1) 6(1) 7(1)
MAC/Encaps=12/16, MTU=4470, label Stack{18}
00010000AAAA030000008847 00012000
No output feature configured
18
19
10.0.0.10/32
0
AT1/0.1
point2point
Bundle adjacency exp(vcd)
0(1) 1(1) 2(1) 3(1) 4(1) 5(1) 6(1) 7(1)
MAC/Encaps=12/16, MTU=4470, label Stack{19}
00010000AAAA030000008847 00013000
No output feature configured
19
17
10.0.0.0/8
0
AT1/0.1
point2point
Bundle adjacency exp(vcd)
0(1) 1(1) 2(1) 3(1) 4(1) 5(1) 6(1) 7(1)
MAC/Encaps=12/16, MTU=4470, label Stack{17}
00010000AAAA030000008847 00011000
No output feature configured
20
20
10.0.0.0/8
0
AT1/0.1
point2point
Bundle adjacency exp(vcd)
0(1) 1(1) 2(1) 3(1) 4(1) 5(1) 6(1) 7(1)
MAC/Encaps=12/16, MTU=4470, label Stack{20}
00010000AAAA030000008847 00014000
No output feature configured
21
Pop label
10.0.0.0/24
0
AT1/0.1
point2point
Bundle adjacency exp(vcd)
0(1) 1(1) 2(1) 3(1) 4(1) 5(1) 6(1) 7(1)
MAC/Encaps=12/12, MTU=4474, label Stack{}
00010000AAAA030000008847
No output feature configured
22
Pop label
10.0.0.4/32
0
Et2/3
10.0.0.4
MAC/Encaps=14/14, MTU=1504, label Stack{}
000427AD10430005DDFE043B8847
No output feature configured
Use the show mls cef mpls command. This is a sample output of the command when you
How do I check the MPLS
entries in the MLS-hardware specify the label keyword:
Layer 3 switching table for a PE1-sp#show mls cef mpls labels 60
specific label?
Codes: + - Push label, - - Pop Label
* - Swap Label, E - exp1
Index
224
Local
Label
60
Label
Op
20
Out i/f
PO9/2/0
, 0000.0950.ffff
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-65
Chapter 6
Troubleshooting
Scenarios/Problems
Solution
Use the show mls cef adjacency entry command. This is a sample output of the command:
Use the show ssm switch command. This is a sample output of the command:
Use the show xconnect interface command. This is a sample output of the command:
PE1#show xconnect interface GigabitEthernet8/1/0.131
Legend:
XC ST=Xconnect State S1=Segment1 State S2=Segment2 State
UP=Up
DN=Down
AD=Admin Down
IA=Inactive
SB=Standby RV=Recovering
NH=No Hardware
XC ST Segment 1
S1 Segment 2
------------------------{}-----------------------UP
ac
Gi8/1/0.131:131(Eth VLAN)
UP mpls 12.205.2.2:131
S2
UP
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-66
OL-16147-20
Chapter 6
Scenarios/Problems
Solution
Use the debug xconnect command. This example shows output from the debug xconnect
command for an xconnect session on an Ethernet interface:
Router# debug xconnect
00:01:16: XC AUTH [Et2/1, 5]: Event: start xconnect authorization, state changed
from IDLE
to AUTHORIZING
00:01:16: XC AUTH [Et2/1, 5]: Event: found xconnect authorization, state changed
from
AUTHORIZING to DONE
00:01:16: XC AUTH [Et2/1, 5]: Event: free xconnect authorization request, state
changed
from DONE to END
How do I debug the Segment Use the debug ssm cm command. This example shows the events that occur on the CM and
SM when an AToM VC is provisioned and then unprovisioned:
Switching Manager (SSM)
for switched Layer 2
Router# debug ssm cm events
segments?
SSM Connection Manager events debugging is on
Router# debug ssm sm events
SSM Segment Manager events debugging is on
Router# configure terminal
Router(config)# interface ethernet1/0
Router(config-if)# xconnect 10.55.55.2 101 pw-class mpls
16:57:34: SSM CM: provision switch event, switch id 86040
16:57:34: SSM CM: [Ethernet] provision first segment, id 12313
16:57:34: SSM CM: CM FSM: state Idle - event Provision segment
16:57:34: SSM CM: [SSS:Ethernet:12313] provision segment 1
16:57:34: SSM SM: [SSS:Ethernet:12313] event Provison segment
16:57:34: SSM CM: [SSS:Ethernet] shQ request send ready event
16:57:34: SSM CM: SM msg event send ready event
16:57:34: SSM SM: [SSS:Ethernet:12313] segment ready
16:57:34: SSM SM: [SSS:Ethernet:12313] event Found segment data
16:57:34: SSM CM: Query AToM to Ethernet switching, enabled
16:57:34: SSM CM: [AToM] provision second segment, id 16410
16:57:34: SSM CM: CM FSM: state Down - event Provision segment
16:57:34: SSM CM: [SSS:AToM:16410] provision segment 2
16:57:34: SSM SM: [SSS:AToM:16410] event Provison segment
16:57:34: SSM CM: [AToM] send client event 6, id 16410
16:57:34: label_oce_get_label_bundle: flags 14 label 19
16:57:34: SSM CM: [SSS:AToM] shQ request send ready event
16:57:34: SSM CM: SM msg event send ready event
16:57:34: SSM SM: [SSS:AToM:16410] segment ready
16:57:34: SSM SM: [SSS:AToM:16410] event Found segment data
16:57:34: SSM SM: [SSS:AToM:16410] event Bind segment
16:57:34: SSM SM: [SSS:Ethernet:12313] event Bind segment
16:57:34: SSM CM: [AToM] send client event 3, id 16410
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-67
Chapter 6
Troubleshooting
Scenarios/Problems
Solution
Router# configure terminal
Router(config)# interface e1/0
Router(config-if)# no xconnect
16:57:26: SSM CM: [Ethernet] unprovision segment, id 16387
16:57:26: SSM CM: CM FSM: state Open - event Free segment
16:57:26: SSM CM: [SSS:Ethernet:16387] unprovision segment 1
16:57:26: SSM SM: [SSS:Ethernet:16387] event Unprovison segment
16:57:26: SSM CM: [SSS:Ethernet] shQ request send unprovision complete event
16:57:26: SSM CM: [SSS:AToM:86036] unbind segment 2
16:57:26: SSM SM: [SSS:AToM:86036] event Unbind segment
16:57:26: SSM CM: SM msg event send unprovision complete event
16:57:26: SSM SM: [SSS:Ethernet:16387] free segment class
16:57:26: SSM SM: [SSS:Ethernet:16387] free segment
16:57:26: SSM SM: [SSS:Ethernet:16387] event Free segment
16:57:26: SSM SM: last segment class freed
16:57:26: SSM CM: unprovision switch event, switch id 12290
16:57:26: SSM CM: [SSS:AToM] shQ request send unready event
16:57:26: SSM CM: SM msg event send unready event
16:57:26: SSM SM: [SSS:AToM:86036] event Unbind segment
16:57:26: SSM CM: [AToM] unprovision segment, id 86036
16:57:26: SSM CM: CM FSM: state Down - event Free segment
16:57:26: SSM CM: [SSS:AToM:86036] unprovision segment 2
16:57:26: SSM SM: [SSS:AToM:86036] event Unprovison segment
16:57:26: SSM CM: [SSS:AToM] shQ request send unprovision complete event
16:57:26: SSM CM: SM msg event send unprovision complete event
16:57:26: SSM SM: [SSS:AToM:86036] free segment class
16:57:26: SSM SM: [SSS:AToM:86036] free segment
16:57:26: SSM SM: [SSS:AToM:86036] event Free segment
16:57:26: SSM SM: last segment class freed
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-68
OL-16147-20
Chapter 6
Scenarios/Problems
Solution
How do I display information Use the debug mpls l2transport command. This is a sample output of MPLS Pseudowire
about the status of the AToM Status Signaling messages from the debug mpls l2transport vc status event and debug mpls
virtual circuits (VCs)?
l2transport vc status fsm commands:
Router#
Router#
*Feb 26
*Feb 26
*Feb 26
*Feb 26
*Feb 26
*Feb 26
*Feb 26
*Feb 26
*Feb 26
*Feb 26
*Feb 26
*Feb 26
*Feb 26
LruRru
*Feb 26
LruRru
*Feb 26
LruRru
vc status event
vc status fsm
[10.9.9.9, 100]:
[10.9.9.9, 100]:
[10.9.9.9, 100]:
[10.9.9.9, 100]:
[10.9.9.9, 100]:
[10.9.9.9, 100]:
[10.9.9.9, 100]:
[10.9.9.9, 100]:
[10.9.9.9, 100]:
[10.9.9.9, 100]:
[10.9.9.9, 100]:
[10.9.9.9, 100]:
[10.9.9.9, 100]:
The status codes in the messages, such as S: and LruRru, indicate the status of the local and
remote routers. The following list translates the status codes:
Llocal router
Rremote router
r or nready (r) or not ready (n)
u or d up (u) or down (d) status
The output also includes these values:
DDataplane
SLocal shutdown
When I ping from CE1 to
CE2, it is failing with MTU
1200 or above.
Run show interface command in CE1, CE2, PE1, and PE2 to check where the packets are
dropping.
Run show mpls l2transport vc vcid detail command to check the imposition and
disposition packet count in PE1 and PE2.
Assuming packets are dropping in PE1 imposition direction, check the MTU negotiated
between the peers (PE1 and PE2) by running show mpls l2transport vc vcid detail
command.
If MTU negotiated is 1200, it is the problem. Otherwise, check the core-facing interface
MTU. If core-facing interface MTU is around 1200, the packets from CE cannot be sent
towards the core, and line card drops the packets.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-69
Chapter 6
The MPLS-TP feature provides standards-based transport technologies. Service providers can use a
single unified interface for point-and-click provisioning of wavelengths and MPLS-TP label switch
paths.
Note
Policy Feature Card (PFC) based EoMPLS and SVI based EoMPLS (xConnect under VLAN) are
not supported for MPLS-TP.
MPLS-TP with dynamic pseudowire (PW) is not supported; only the static PWs are supported.
A maximum of 2000 PW OAM packets are supported at an instance of time for MPLS-TP feature.
Different BFD timers for active and standby Label Switched Paths (LSPs) is not supported.
The maximum sessions supported with different timer profile combination is 255 per ES+ line card.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-70
OL-16147-20
Chapter 6
Table 6-1 lists the MPLS-TP BFD Session profile per Network Processor.
Table 6-1
Note
10
100
50
50
250
125
Restrictions for BFD Over VCCV Control Channel on ES+ Line Card
Following restrictions apply for BFD over VCCV feature.
Only BFD over VCCV Type-1 without Internet Protocol (IP) / User Datagram Protocol (UDP) is
supported. In VCCV Type-1, traffic follows the same path as pseudowire data traffic and VCCV
Type-1 can be used only for MPLS pseudowires with the control word.
BFD over VCCV feature should be configured only if the core facing interface is the ES+ line card.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-71
Chapter 6
When BFD over VCCV is enabled on the pseudowire, switched virtual interface (SVI) based
ethernet over multi protocol label switching (EoMPLS) is not supported.
BFD over VCCV sessions are supported only on single-segment pseudowires between provider edge
routers (PEs).
BFD over VCCV sessions between terminating PE routers (T-PEs) and switching PE routers (S-PEs)
are not supported.
BFD over VCCV sessions are supported only on multi-segment pseudowires between terminating
PE routers (T-PEs).
Configuration Steps
Complete the follosing steps to configure BFD over VCCV for static and dynamic pseudowires.
SUMMARY STEPS
Step 1
enable
Step 2
configure terminal
Step 3
Step 4
Step 5
exit
Step 6
pseudowire-class pseudowire-class-name
Step 7
encapsulation mpls
Step 8
protocol none
Step 9
Step 10
exit
Step 11
Step 12
Step 13
Step 14
Step 15
mpls control-word
Step 16
Step 17
exit
Step 18
pseudowire-class pseudowire-class-name
Step 19
Step 20
Step 21
exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-72
OL-16147-20
Chapter 6
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
bfd-template single-hop
bfd-template-name
Example:
Router(config)#bfd-template
single-hop bfd_name
Step 4
Example:
Router(config-bfd)#interval min-tx 500
min-rx 500 multiplier 3
Step 5
exit
Example:
Router(config-bfd)#exit
Step 6
pseudowire-class
pseudowire-class-name
Example:
Router(config)#pseudowire-class BFD
Step 7
encapsulation mpls
Example:
Router(config-pw-class)#encapsulation
mpls
Step 8
protocol none
Example:
Router(config-pw-class)#protocol none
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-73
Chapter 6
Step 9
Command
Purpose
Example:
Router(config-pw-class)#
preferred-path interface tunnel 1
disable-fallback
Step 10
exit
Example:
Router(config-pw-class)#exit
Step 11
Example:
Router(config)#interface
gigabitethernet 4/1
Step 12
Example:
Router(config-if)#service instance 9
ethernet
Step 13
Example:
Router(config-if-srv)#encapsulation
dot1q 9
Step 14
Example:
Router(config-if-srv)#xconnect
1.1.1.1 9 encapsulation mpls manual
pw-class tp-pw
Step 15
mpls control-word
Example:
Router(config-if-srv)#mpls
control-word
Step 16
Example:
Router(config-if-srv)#mpls label 100
150
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-74
OL-16147-20
Chapter 6
Step 17
Command
Purpose
exit
Example:
Router(config-if-srv)#exit
Step 18
pseudowire-class
pseudowire-class-name
Example:
Router(config)#pseudowire-class BFD
Step 19
Example:
Router(config-pw-class)#vccv bfd
template bfd_temp_name
Step 20
Example:
Router(config-pw-class)#vccv bfd
status signaling
Step 21
exit
Example:
Router(config-if-srv)#exit
Note
If you apply or remove a QoS service policy on the ATM PVC, the configured BFD VCCV sessions are
also renegotiated and a minimal drop in data traffic occurs.
Example
This example shows how to configure BFD over VCCV:
Router>enable
Router#configure terminal
Router(config)#bfd-template single-hop bfd_name
Router(config-bfd)#interval min-tx 500 min-rx 500 multiplier 3
Router(config-bfd)#exit
Router(config)#pseudowire-class BFD
Router(config-pw-class)#encapsulation mpls
Router(config-pw-class)#protocol none
Router(config-pw-class)#preferred-path interface tunnel 1 disable-fallback
Router(config-pw-class)#exit
Router(config)#interface gigabitethernet 4/1
Router(config-if)#service instance 9 ethernet
Router(config-if-srv)#encapsulation dot1q 9
Router(config-if-srv)#xconnect 1.1.1.1 9 encapsulation mpls manual pw-class tp-pw
Router(config-if-srv)#mpls control-word
Router(config-if-srv)#mpls label 100 150
Router(config-if-srv)#exit
Router(config)#pseudowire-class BFD
Router(config-pw-class)#vccv bfd template bfd_temp_name
Router(config-pw-class)#vccv bfd status signaling
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-75
Chapter 6
Router(config-pw-class)#exit
Alternatively, you could also use the show bfd neighbors command from the destination router to verify
the configuration.
RouterB# show bfd neighbors
NeighAddr
22.1.1.1
:1
Session state is UP and not
OurAddr: 0.0.0.0
Local Diag: 0, Demand mode:
MinTxInt: 500000, MinRxInt:
Int
N/A
0, Poll bit: 0
500000, Multiplier: 3
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-76
OL-16147-20
Chapter 6
Poll bit: 0
Multiplier: 3
My Discr.: 1
Min tx interval: 500000
Min Echo interval: 0
Final bit: 1
Length: 24
Your Discr.: 1
Min rx interval: 500000
Purpose
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
6-77
Chapter 6
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
6-78
OL-16147-20
CH A P T E R
Configuring QoS
This chapter provides information about configuring Quality of Service (QoS) on the Cisco 7600 Series
Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) line card on the Cisco 7600 series
router.
Note
QoS on the Cisco 7600 Series Ethernet Services Plus line cards uses Layer 2 frame size.
Note
With QoS enabled globally, cross bundling is not allowed between 6xxx cards and ES20 line cards,
between 6xxx cards and ES+ line cards, and between ES20 and ES+ line cards.
When mls qos channel-consistency command is disabled, you can configure ports from cards belonging
different family, as member-links of the same port-channel if QoS is not applied on service instances,
sub-interfaces, service-groups, sessions, and main-interfaces of the port-channel or the member-links of
the port-channel.
For more information about the commands in this chapter, see the Cisco IOS Release 12.2 SR Command
References at http://www.cisco.com/en/US/products/ps6922/prod_command_reference_list.html.
Before referring to any other QoS documentation for the platform or in the Cisco IOS software, use this
chapter to determine Cisco 7600 Series ES+ line card specific QoS feature support and configuration
guidelines.
Note
The information provided in this chapter is applicable to both the ES+ and ES+T line cards unless
specified otherwise.
For additional details about QoS concepts and features in Cisco IOS Release 12.2, you can refer to the
Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.2SR, at
https://www.cisco.com/en/US/docs/ios/qos/configuration/guide/12_2sr/qos_12_2sr_book.html.
This chapter includes the following sections:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-1
Chapter 7
Configuring QoS
Configuring QoS: L2 Overhead Specification for Shaping Parameters for Ethernet, page 7-30
Configuring PFC QoS on a Cisco 7600 Series Ethernet Services Plus Line Card, page 7-47
Service Group QoS Support on the Cisco 7600 Series Router, page 7-75
Configuring Flexible Service Mapping Based on CoS and Ethertype, page 7-82
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-2
OL-16147-20
Chapter 7
Configuring QoS
Supported Interfaces
Supported Interfaces
The Cisco 7600 Series ES+ line cards support QoS on the following interfaces:
Note
Note
Layer 3 subinterface
Switchport interfaces
SVI interfaces
Service instances
Starting with Cisco IOS Release 12.2(33)SRD1, these interfaces support QoS:
Starting with Cisco IOS Release 15.1 (01)S, these interfaces support QoS:
Specifications
Port/Bay Information
1-10 NP0
1 GIG: 40 Ports
11-20 NP1
21-30 NP2
31-40 NP3
1 mapped to NP0
2 mapped to NP1
3 mapped to NP2
4 mapped to NP3
There are other flavours with 20 Ports as well. In all these cases, least number of NP is mapped to the
least number ports. For example, 1gig or 10 gig with each NP is mapped to 10 - 1 GIG or 1 - 10 GIG
ports.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-3
Chapter 7
Configuring QoS
QoS Functions
Table 7-2
Specifications
Port/Bay Information
1 - 10 G port mapped to NP 2
11- 20 G Port mapped to NP 1
21 TG port mapped to NP0
22 TG port mapped to NP3
QoS Functions
The following sections describe ingress and egress QoS functions.
Ingress Trust
Trust is a port assignment instructing the port to trust (leave) existing priorities as they are on incoming
frames or to rewrite the priorities back to zero.
A packet can arrive at an interface with a priority value already present in the packets header. The router
needs to determine if the priority setting was set by a valid application or network device according to
pre defined rules or if it was set by a user hoping to get better service.
The router has to decide whether to honor the priority value or change it to another value. How the router
makes this determination is by using the port trust setting.
Note
Starting with Cisco IOS Release 12.2(33)SRE4, for switchport and SVI interfaces, the default port
behavior is trust dscp. The cos value is derived from the dscp value.
The main Layer 3 interface and the Layer 3 subinterface always trust Differentiated Services Code Point
(DSCP) by default.
To change the ingress type of service (ToS), use marking. For information on marking, see the
Configuring Marking section on page 7-22.
Note
The ES+ line card marks a packet as trust cos when ingress marking for CoS is configured for a routed
interface. Hence, the CoS value configured using the set cos value command is retained on the outgoing
packet. This cos value is not overwritten by earl or derived from dscp.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-4
OL-16147-20
Chapter 7
Configuring QoS
QoS Functions
Ingress Classification
Classification entails using a traffic descriptor to categorize a packet within a specific group to define
that packet and make it accessible for QoS handling on the network. Using packet classification, you can
partition network traffic into multiple priority levels or classes of service.
Traffic is classified to determine whether it should be:
The Cisco 7600 Series ES+ line card supports ingress classification. For information on configuring
classification, see the Configuring Classification section on page 7-8.
Ingress Policing
Policing provides a means to limit the amount of bandwidth that traffic traveling through a given port,
or a collection of ports in a VLAN, can use. Policing works by defining an amount of data that the router
is willing to send or receive in kilobytes per second.
When policing is configured, it limits the flow of data through the router by dropping or marking down
the QoS value. Policing allows the router to limit the rate of specific types to a level lower than what
they might get otherwise based only the interface bandwidth.
The Cisco 7600 Series ES+ line card supports ingress policing. For information on configuring policing,
see the Configuring Policing section on page 7-13.
Ingress Marking
After it has been classified, traffic can be marked. Marking is a way to selectively modify the
classification bits in a packet to identify traffic within the network. Other interfaces can then match
traffic based on the markings.
The Cisco 7600 Series ES+ line card supports ingress marking. For information on configuring marking,
see the Configuring Marking section on page 7-22.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-5
Chapter 7
Configuring QoS
QoS Functions
Ingress Shaping
The Cisco 7600 Series ES+ line card supports ingress shaping. The shape average command is supported
in flat/H-QoS policy-maps in ingress on main Layer 3 interface, Layer 3 subinterface, and service
instances. For more information, see the Configuring Shaping section on page 7-26
Note
Ingress queueing commands are not supported on port channel service instances.
Each port on an ES+ card has a special Tx queue where all traffic originating from RP or SP will be
sent, if the packets have DBUS CoS 6 or CoS 7 or BPDU bit set. Packets sent to this egress special
queue will not be subject to the interface egress QoS and egress ACL.
Egress Classification
Classification entails using a traffic descriptor to categorize a packet within a specific group to define
that packet and make it accessible for QoS handling on the network. Using packet classification, you can
partition network traffic into multiple priority levels or classes of service.
Traffic is classified to determine whether it should be:
The Cisco 7600 Series ES+ line card supports egress classification. For information on configuring
classification, see the Configuring Classification section on page 7-8.
Egress Policing
The Cisco 7600 Series ES+ line card supports egress port policing.
Egress Marking
After traffic has been classified, the router can mark it. You use marking to selectively modify the
classification bits in the packet to differentiate packets based on the designated markings.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-6
OL-16147-20
Chapter 7
Configuring QoS
Configuring QoS Features Using MQC
The Cisco 7600 Series ES+ line card supports egress port marking. For information on configuring
marking, see the Configuring Marking section on page 7-22.
Egress Shaping
Traffic shaping allows you to control the traffic going out an interface in order to match its flow to the
speed of the remote target interface and to ensure that the traffic conforms to policies contracted for it.
You can use shaping to meet downstream requirements, thereby eliminating bottlenecks in topologies
with data-rate mismatches.
The Cisco 7600 Series ES+ line card supports shaping on egress port, subinterfaces, and service
instances. For information on configuring shaping, see the Configuring Shaping section on page 7-26.
Step 2
Create a traffic policy by associating the traffic class with one or more QoS features (using the
policy-map command).
Step 3
Attach the traffic policy to the interface using the service-policy command.
For a complete discussion about MQC, refer to the Modular Quality of Service Command-Line
Interface Overview section of the Cisco IOS Quality of Service Solutions Configuration Guide, Release
12.3 publication at:
http://www.cisco.com/en/US/docs/ios/12_3/featlist/qos_vcg.html
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-7
Chapter 7
Configuring QoS
Configuring Classification
Configuring Classification
Use the QoS classification features to select your network traffic and categorize it into classes for further
QoS processing based on matching certain criteria. The default class, named class-default, is the class
to which any traffic that does not match any of the selection criteria in the configured class maps is
directed.
Only classified based on source MAC address using Layer 2 ACL is supported.
Cisco 7600 Series ES+ line cards support classification on SVI only for EoMPLS and VPLS.
Table 7-3 provides information about which QoS classification features are supported for the Cisco 7600
Series ES+ line card on the Cisco 7600 series router. For more information about most of the commands
documented in this table, refer to the Cisco IOS Quality of Service Solutions Command Reference.
Table 7-3
Supported Interfaces
Layer 3 subinterface
Switchport interfaces1
Service instances1
Port-channel subinterface
Note
Match on Class of Service (CoS) (match cos command) Input and output for the following interfaces:
Layer 3 subinterface
Switchport interfaces
SVI interfaces3
Service instances
Port-channel subinterface
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-8
OL-16147-20
Chapter 7
Configuring QoS
Configuring Classification
Table 7-3
Supported Interfaces
Service instances
Note
Main Layer 3
Used with non-intelligent line card in the input
side and a Cisco 7600 Series ES+ line card on the
output side. The service policy is applied on the
output side to match the VLAN from the input
side.
Layer 3 subinterface
Switchport interfaces
Service instances
Port-channel subinterface
Layer 3 subinterface
Switchport interfaces
Service instances
Port-channel subinterface
Layer 3 subinterface
Switchport interfaces
Port-channel subinterface
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-9
Chapter 7
Configuring QoS
Configuring Classification
Table 7-3
Supported Interfaces
Match on VLAN
Layer 3 subinterface
Switchport interfaces
Service instances
Layer 3 subinterface
Service instances
Switchport interfaces
Service instances
Note
Note
Starting with Cisco IOS Release 12.2(33)SRD1, these interfaces support QoS:
Starting with Cisco IOS Release 15.1 (01)S, these interfaces support QoS:
1.
enable
2.
configure terminal
SUMMARY STEPS
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-10
OL-16147-20
Chapter 7
Configuring QoS
Configuring Classification
3.
4.
match type
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Note
Step 4
match type
Example:
Router(config-cmap)# match ip
precedence 5
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-11
Chapter 7
Configuring QoS
Configuring Classification
Examples
This example shows how to configure a class map named ipp5, and enter a match statement for IP
precedence 5:
Router# enable
Router# configure terminal
Router(config)# class-map ipp5
Router(config-cmap)# match ip precedence 5
Router(config-cmap)#
This example shows a logical AND operation in a child policy with match vlan and class-default in a
parent.
Router# enable
Router# configure terminal
Router(config)# class-map match-all childAND
Router(config-cmap)# match vlan inner 2-3
Router(config-cmap)# match cos inner 5 6
Router(config)# policy-map testchildAND
Router(config-pmap)# class childAND
Router(config-pmap-c)# shape average 100000000
Router(config)# policy-map parentAND
Router(config-pmap)# class vlan12
Router(config-pmap-c)# shape average 500000000
Router(config-pmap-c)# service-policy testchildAND
This example shows how to display class-map information for a specific class map using the show
class-map command:
Router# show class-map ipp5
Class Map match-all ipp5 (id 1)
Match ip precedence 5
This example shows how to display class map information matching on extended ACLs using the show
class-map command.
Router# show class-map acl5
Class Map match-all acl5 (id 1042)
Match access-group 102
This example shows how to verify classification on a VLAN in the parent class of a H-QoS policy.
head# show policy-map match
Policy Map match
Class vlan11
shape average 2000000 8000 8000
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-12
OL-16147-20
Chapter 7
Configuring QoS
Configuring Policing
service-policy match4
Class vlan12
shape average 2000000 8000 8000
service-policy match4
Class vlans
shape average 500000000 2000000 2000000
service-policy match2
Configuring Policing
The Cisco 7600 Series ES+ line cards support the following features:
Individual Actions
Multiple Actions
Micro-flow policing
Policing is supported at the input and output for the following interfaces:
Layer 3 subinterface
Switchport interfaces
Service instances
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-13
Chapter 7
Configuring QoS
Configuring Policing
The Cisco 7600 Series ES+ line card supports maximum of 1k unique global policy-maps per line
card.
The Cisco 7600 Series ES+ line card supports 16K EVCs. 16K ingress service policies and 16K
egress service policies are supported per line card.
Policer CIR and PIR can be any value between 64,000 bps to 10 Gb/s.
If a service policy configures both class-based marking and marking as part of a policing action,
then the marking using policing takes precedence over any class-based marking.
violate action must be dropped. The conform action can be any action.
If no other bandwidth class is configured, then conform, exceed, and violate can be any action.
Up to 48,000 policers per NP are supported for one rate 2 color or two rate 3 color policers.
supported with other QoS features (that is, with marking, policing, or queueing).
Micro-flow policing is PFC action. Other QoS features (that is, marking, policing, or queueing)
Effective from Cisco IOS Release15.1(2)S, ISG Control Plane Policing(CoPP) is supported on
regular subinterfaces.
Any modification to the micro-flow policing policy that shifts the policy implementation from NPE to
the PFC or from the PFC to the NPE is not supported. All such modifications would require the policy
to be first removed from the attached ES40 interfaces, modified, and then reattached to ES40 interfaces.
Table 7-4 provides information about which policing features are supported for the Cisco 7600 Series
ES+ line card on the Cisco 7600 series routers.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-14
OL-16147-20
Chapter 7
Configuring QoS
Configuring Policing
Table 7-4
Policing Command
police bps value conform-action action
exceed-action action
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-15
Chapter 7
Configuring QoS
Configuring Policing
Table 7-4
Policing Command
police cir bps value pir bps value conform-action
action exceed-action action violate-action action
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
policy-map policy-map-name
4.
5.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-16
OL-16147-20
Chapter 7
Configuring QoS
Configuring Policing
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
policy-map policy-map-name
Example:
Router(config)# policy-map
policy-map-test
Step 4
Example:
Router (config-pmap)# class acgroup2
Step 5
Example:
Router(config-pmap-c)# police 5000000
conform-action drop exceed-action
set-dscp-transmit
Or
police cir percent % conform-action
action exceed-action action
Example:
Router(config-pmap-c)# police cir
percent 20 conform-action transmit
exceed-action set-prec-transmit 1
Or
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-17
Chapter 7
Configuring QoS
Configuring Policing
Command
Purpose
Example:
Router(config-pmap-c)# police cir
1000000 pir 2000000 conform-action
set-cos-transmit 3 exceed-action
set-cos-transmit 1 violate-action drop
Or
police cir percent % pir percent %
conform-action action exceed-action
action violate-action action
Example:
Router(config-pmap-c)# police cir
percent 20 pir percent 40 conform-action
transmit exceed-action set-prec-transmit
1 violate-action drop
Examples
In the following example, all actions are configured in separate lines.
Router# (config)# policy-map ABC
Router(config-pmap)# class class-default
Router(config-pmap-c)# police 10000000 8000 8000
Router(config-pmap-c-police)# conform-action set-cos-transmit 2
Router(config-pmap-c-police)# exceed-action set-cos-transmit 1
Router(config-pmap-c-police)# end
Router#
Router# show policy-map ABC
Policy Map ABC
Class class-default
police cir 10000000 bc 8000 be 8000
conform-action set-cos-transmit 2
exceed-action set-cos-transmit 1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-18
OL-16147-20
Chapter 7
Configuring QoS
Configuring Policing
Router#
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-19
Chapter 7
Configuring QoS
Configuring Policing
This example configures a single rate two color policer in class-default with a CIR of 64 Kbps, a conform
action of transmit and an exceed action of drop with as small a Bc as possible:
Router# enable
Router# configure terminal
Router(config)# policy-map police
Router(config-pmap)# class test8
Router(config-pmap-c)# police 64000 2000
This example configures a single rate two color policer in class-default and a child policy with policing:
Router# enable
Router# configure terminal
Router(config)# policy-map police5
Router(config-pmap)# class test18
Router(config-pmap-c)# service policy child-level
Router(config-pmap-c)# police cir 64000 50
The following example configures a dual rate three color policer in class-default with a CIR of 64 Kbps,
and PIR doubled the CIR rate, a conform action of transmit, and an exceed action mark dscp af11 and
violate mark dscp cs1 with default setting on Bc.
Router# enable
Router# configure terminal
Router(config)# policy-Map qos_test
Router(config-pmap)# class class-default
Router(config-pmap-c)# police cir 64000 bc 2000 pir 128000 be 2000 conform-action transmit
exceed-action set-dscp-transmit af11 violate-action set-dscp-transmit cs1
The following example configures a dual rate three color policer in class-default.
Router# enable
Router# configure terminal
Router(config)# policy-map test
Router(config-pmap)# class class-default
Router(config-pmap-c)# police cir percent 20 pir percent 40 conform-action transmit
exceed-action set-prec-transmit 1 violate-action drop
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-20
OL-16147-20
Chapter 7
Configuring QoS
Configuring Policing
Verification
Use the following commands to verify policing:
Command
Purpose
This example shows how to display policing statistics using the show policy-map interface command
in the EXEC mode.
Router# show policy-map interface
TenGigabitEthernet3/1
service-policy output: x
class-map: a (match-all)
0 packets, 0 bytes
5 minute rate 0 bps
match: ip precedence 0
police:
1000000 bps, 10000 limit, 10000 extended limit
conformed 0 packets, 0 bytes; action: transmit
exceeded 0 packets, 0 bytes; action: drop
conformed 0 bps, exceed 0 bps, violate 0 bps
This is another example of displaying policing statistics using the show policy-map interface
command; in this case the statistics are for a one rate 2 color per EVC policer.
Router# show policy-map interface ten 4/1 service instance 1
TenGigabitEthernet4/1: EFP 1
Service-policy input: evc_ingress
Counters last updated 00:00:00 ago
Class-map: class-default (match-any)
72077 packets, 36903424 bytes
5 minute offered rate 981000 bps, drop rate 440000 bps
Match: any
police:
cir 10000000 bps, bc 8000 bytes
conformed 87426 packets, 44762112 bytes; actions:
transmit
exceeded 85974 packets, 44018688 bytes; actions:
drop
conformed 556000 bps, exceed 448000 bps
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-21
Chapter 7
Configuring QoS
Configuring Marking
Traffic policies can be applied for traffic coming into an interface (input), and for traffic leaving that
interface (output).
Purpose
Purpose
Configuring Marking
After you have created your traffic classes, you can configure traffic policies to configure marking
features to apply certain actions to the selected traffic in those classes.
In most cases, the purpose of a packet mark is identification. After a packet is marked, downstream
devices identify traffic based on the marking and categorize the traffic according to network needs. This
categorization occurs when the match commands in the traffic class are configured to identify the
packets by the mark (for example, match ip precedence, match ip dscp, match cos, and so on). The
traffic policy using this traffic class can then set the appropriate QoS features for the marked traffic.
In some cases, the markings can be used for purposes besides identification. Distributed WRED, for
instance, can use the IP precedence, IP DSCP, or MPLS EXP values to detect and drop packets.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-22
OL-16147-20
Chapter 7
Configuring QoS
Configuring Marking
Marking statistics are not provided in show policy-map interface command output. You can refer
to classification statistics in place of marking statistics.
Table 7-5 provides information about which QoS class-based marking features are supported for the
Cisco 7600 Series ES+ line card on the Cisco 7600 series router.
Table 7-5
Supported Interfaces
Set IP DSCP
Set IP precedence
(set ip precedence commandMarks the precedence
value in the IP header with a value from 0 to 7.)
Layer 3 subinterface
Service instances
Port-channel subinterface
Layer 3 subinterface
Service instances
Port-channel subinterface
Layer 3 subinterface
Switchport interfaces
Port-channel subinterface
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-23
Chapter 7
Configuring QoS
Configuring Marking
Table 7-5
Supported Interfaces
Layer 3 subinterface
Service instances
Layer 3 subinterface
Service instances
Layer 3 subinterface
Service instances
Layer 3 subinterface
Layer 3 subinterface
Note
Note
Starting with Cisco IOS Release 12.2(33)SRD1, these interfaces support QoS:
Starting with Cisco IOS Release 15.1 (01)S, these interfaces support QoS:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-24
OL-16147-20
Chapter 7
Configuring QoS
Configuring Marking
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
policy-map policy-map-name
4.
5.
set type
DETAILED STEPS:
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
policy-map policy-map-name
Example:
Router(config)# policy-map policymap3
Step 4
Example:
Router(config-pmap)# class class1
Step 5
set type
Example:
Router(config-pmap-c)# set ip
precedence2
Examples
This example shows the creation of a service policy called policy1. This service policy is associated to
a previously defined classification policy through the use of the class command. This example assumes
that a classification policy called class1 was previously configured.
Router# enable
Router# configure terminal
Router(config)# policy-map policy1
Router(config-pmap)# class class1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-25
Chapter 7
Configuring QoS
Configuring Shaping
This example configures marking to set the imposed MPLS EXP bits to 1:
Router# enable
Router# configure terminal
Router(config)# policy-map test
Router(config-pmap)# class test
Router(config-pmap-c)# set mpls experimental imposition 1
This example configures marking to set the imposed MPLS EXP bits to 1:
Router# enable
Router# configure terminal
Router(config)# policy-map test
Router(config-pmap)# class test
Router(config-pmap-c)# set mpls experimental topmost 1
Verification
Use the following commands to verify marking:
Command
Purpose
For more detailed information about configuring class-based marking features, refer to the Class-Based
Marking document located at the following URL:
http://www.cisco.com/en/US/docs/ios/12_1t/12_1t5/feature/guide/cbpmark2.html
Configuring Shaping
This section describes information for configuring QoS traffic policies for shaping traffic. Shaping is the
process of delaying packets in queues to make them conform to a specified profile.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-26
OL-16147-20
Chapter 7
Configuring QoS
Configuring Shaping
Up to 256 shaping profiles are supported at the parent level and 64 at the child level and flat policy.
Service instance, port channel service instance, and Layer 3 subinterface support two-level
policy-map: parent class-default and child policy.
Main interface supports three-level policy-map: grand-parent class-default, parent user defined
classes, and child user defined classes.
For more detailed information about configuring congestion management features, refer to the Cisco IOS
Quality of Service Solutions Configuration Guide document corresponding to your Cisco IOS software
release.
Table 7-6 provides information about which QoS traffic shaping features are supported for the Cisco
7600 Series ES+ line card on the Cisco 7600 series router.
Table 7-6
Class-based shaping
Layer 3 subinterface
Switchport interfaces
where:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-27
Chapter 7
Configuring QoS
Configuring Shaping
Tc - Time interval over which the committed burst (Bc) can be sent
Bc - Committed burst size, represents the amount of traffic that can be sent over Tc interval.
1.
enable
2.
configure terminal
3.
4.
5.
policy-map policy-name
6.
class class-name
7.
SUMMARY STEPS
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# class-map
class-interface-all
Step 4
Example:
Router(config-cmap)# match ip
precedence 2
Step 5
policy-map policy-name
Example:
Router(config)# policy-map test2
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-28
OL-16147-20
Chapter 7
Configuring QoS
Configuring Shaping
Step 6
Command
Purpose
class class-name
Example:
Router(config-pmap)# class classtest
Step 7
Example:
Router(config-pmap-c)# shape average
10000000
Examples
This example shows traffic shaping on a main interface; traffic leaving interface gi1/1 is shaped at the
rate of 10 Mb/s:
Router# enable
Router# configure terminal
Router(config)# class-map class-interface-all
Router(config-cmap)# match ip precedence 2
Router(config-cmap)# exit
Router(config)# policy-map dts-interface-all-action
Router(config-pmap)# class class-interface-all
Router(config-pmap-c)# shape average 10000000
Router(config-pmap-c)# exit
Router(config)# interface gi1/1
Router(config-if)# service-policy output dts-interface-all-action
This is an example of an output shaping policy on a switchport interface that matches on a CoS value
queuing defined in the classes.
Router# enable
Router# configure terminal
Router(config)# policy-map switchport-cos-policy
Router(config-pmap)# class cos1
Router(config-pmap-c)# shape ave 100000000
Now the policy is applied in the egress direction on the main switchport.
Router# enable
Router# configure terminal
Router(config)# interface TenGigabitEthernet9/1
Router(config-if)# switchport
Router(config-if)# switchport access vlan 2000
Router(config-if)# switchport mode access
Router(config-if)# service-policy output switchport-cos-policy
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-29
Chapter 7
Configuring QoS
Verification
Use the following commands to verify traffic shaping:
Command
Purpose
Restrictions
This command is not applicable for the policing QOS feature and also for the LLQ classes.
SUMMARY STEPS
Step 1
enable
Step 2
configure terminal
Step 3
Step 4
exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-30
OL-16147-20
Chapter 7
Configuring QoS
Configuring QoS Queue Scheduling
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Note
Example:
Router(config)# hw-module
slot 1 account np 0 out 4
Step 4
end
Example:
Router(config-if)# end
Configuration Examples
This example describes how to configure shaping and policing QoS features:
Router> enable
Router# configure terminal
Router(config)# hw-module slot 1 account np 0 out 4
Router(config-if)# end
The number of data queues configurable per policy-map at child level depends on the priority queue
configuration:
If there are no priority queue configured, each subscriber can have up to 8 normal queues.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-31
Chapter 7
Configuring QoS
If there is any priority queue of any priority level configured, each subscriber can have 2 priority
4k parent queues for ingress and 8k parent queues for egress per NPE (nonconfigurable).
32K child queues on ingress and 64k child queues for egress per NPE (nonconfigurable).
Parent user-defined classmap is supported on main Layer 3 interface, and port-channel Layer 3
member link (output only).
For more detailed information about configuring congestion management features, refer to the Cisco IOS
Quality of Service Solutions Configuration Guide document corresponding to your Cisco IOS software
release.
Configuring WRED
Weighted RED (WRED) generally drops packets selectively based on IP precedence. Packets with a
higher IP precedence are less likely to be dropped than packets with a lower precedence. WRED is
supported on the output of the following interfaces:
Layer 3 subinterface
Switchport interfaces
Service instances
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-32
OL-16147-20
Chapter 7
Configuring QoS
Configuring QoS Queue Scheduling
WRED support is precedence-based, dscp-based, and cos-based. The default with the
random-detect command is precedence-based WRED.
dscp-based is supported only in aggregate mode, as dscp takes 64 possible values, and maps
multiple DSCP values to each of the 8 WRED curves. Example: DSCP 30, 50, 60 takes WRED
Curve1, DSCP 10, 40 takes WRED Curve2.
CoS is supported only in non-aggregate mode, as CoS takes eight possible values, and maps
cos-based.
For subinterfaces, WRED supports dscp and prec based only.
Queue limit is not supported with WRED command.
Cisco 7600 Series ES+ line cards do not support discard-class-based WRED and ECN with WRED.
The ES+ line card does not modify ECN bits for traffic passing through it.
The show policymap interface command for WRED does not display transmitted packet and tail
drop counts. Only random drops are displayed.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-33
Chapter 7
Configuring QoS
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
policy-map policy-name
4.
class class-name
5.
6.
random-detect
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
policy-map policy-name
Example:
Router(config)# policy-map wred
Step 4
class class-name
Example:
Router(config-pmap)# class IPP1
Step 5
Example:
Router(config-pmap-c)# shape average
200000000
Step 6
random-detect
Enables WRED.
Example:
Router(config-pmap-c)# random-detect
dscp-based aggregate
Examples
This is an example of a WRED configuration.
Router# enable
Router# configure terminal
Router(config)# policy-map wredtest
Router(config-pmap)# class cos5
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-34
OL-16147-20
Chapter 7
Configuring QoS
Configuring QoS Queue Scheduling
Router(config-pmap-c)#
Router(config-pmap-c)#
Router(config-pmap-c)#
Router(config-pmap-c)#
Router(config-pmap-c)#
shape average
random-detect
random-detect
random-detect
random-detect
200000000
dscp-based aggregate
dscp values 0 min 100 max 200 mark-prob 1
dscp values 1 min 300 max 500 mark-prob 1
dscp values 2 min 600 max 900 mark-prob 1
The following example configures a class-map which matches IPP=1, 3, 5 and 7, and configures a
WRED policy that is applied to the egress interface:
Router# enable
Router# configure terminal
Router(config)# policy-map wred
Router(config-pmap)# class IPP1
Router(config-pmap-c)# shape average 100000000
Router(config-pmap-c)# random-detect precedence-based
Router(config-pmap)# class IPP3
Router(config-pmap-c)# shape average 100000000
Router(config-pmap-c)# random-detect precedence-based
Router(config-pmap)# class IPP5
Router(config-pmap-c)# shape average 100000000
Router(config-pmap-c)# random-detect precedence-based
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 100000000
Router(config-pmap-c)# random-detect precedence-based
The following example show the output of the show policy-map interface command (transmit packets
are not displayed).
Router# enable
Router# configure terminal
Router# show policy-map int gig 11/1 service instance 1
GigabitEthernet11/1: EFP 1
Service-policy output: temp_parent
Counters last updated 00:00:00 ago
Class-map: class-default (match-any)
139358 packets, 71351296 bytes
5 minute offered rate 1745000 bps, drop rate 283000 bps
Match: any
Queueing
queue limit 2048 packets
(queue depth/total drops/no-buffer drops) 0/104062/0
(pkts output/bytes output) 35296/18071552
shape (average) cir 10000000, bc 40000, be 40000
target shape rate 10000000
Service-policy : temp
Counters last updated 00:00:00 ago
Class-map: class-default (match-any)
139358 packets, 71351296 bytes
5 minute offered rate 1745000 bps, drop rate 1304000 bps
Match: any
queue limit 2048 packets
(queue depth/total drops/no-buffer drops) 0/104062/0
(pkts output/bytes output) 35296/18071552
Exp-weight-constant: 9 (1/512)
Mean queue depth: 0 packets
class Random drop Tail drop Minimum Maximum Mark
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-35
Chapter 7
Configuring QoS
Layer 3 subinterface
Switchport interfaces
Service instances
Note
At layer 4 level, if no truncation error appears for (Bandwidth of class) x 100 / (Parent bandwidth), for
all child-classes, then the maximum weight used for calculation would be 100 instead of 1020.
Use the following formula to calculate weight for bandwidth percent:
Commit weight = (Bandwidth percent of class) x (Maximum weight allowed at the level).
Commit weight is then rounded to integer value based on optimizations as allowed by hardware.
Excess weight = Commit weight (at layer 4 level).
Note
At layer 4 level, if no truncation error appears for (Bandwidth of class) x 100 / (Parent bandwidth), for
all child-classes, then the maximum weight used for calculation would be 100 instead of 1020.
Use the following formula to calculate weight for remaining bandwidth percent:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-36
OL-16147-20
Chapter 7
Configuring QoS
Configuring QoS Queue Scheduling
Calculate weights for the remaining bandwidth percent by first calculating the remaining bandwidth
under a policy-map and then allotting this bandwidth for each class based on its remaining bandwidth
percent. Once this remaining bandwidth for a class is known, the excess weight is calculated as:
Excess weight = (Bandwidth remaining allotted to the class) x (Maximum weight allowed at the level) /
(Parent bandwidth).
Excess weight is then rounded to integer value based on optimizations as allowed by hardware.
Commit weight = Excess weight (at layer 4 level).
Note
At layer 4 level, if no truncation error appears for (Bandwidth of class) x 100 / (Parent bandwidth), for
all child-classes, then the maximum weight used for calculation would be 100 instead of 1020.
Use the following formula to calculate weight for Bandwidth Remaining Ratio(BRR):
Excess weight = (BRR of class) subject to maximum weight at the level.
Excess weight is then rounded to integer value based as allowed by hardware.
Commit weight = Excess weight (at layer 4 level).
Table 7-7 lists the maximum and allowed weights at various levels:
Table 7-7
TM Entity Level
Maximum Weight
Allowed Weights
L4
1020
L3
1020
L2
255
1.. 255
L1
255
1.. 255
On ingress, the bandwidth kbps, bandwidth remaining ratio, bandwidth remaining percent, and
bandwidth percent x% commands are supported on the main Layer 3 interface, the Layer 3
subinterface, and on service instances.
The bandwidth remaining percent command is supported at the child level. The bandwidth
remaining ratio command is supported at the parent and child level.
Excluding port channel service instances, bandwidth is supported on the input for H-QoS only.
Ingress queueing is not supported for port channel service instances.
The bandwidth command used within a QoS policy-map must be consistent across classes.For
example, class1 with bandwidth kbps and class2 with bandwidth remaining ratio in the same
policy-map is not supported.
The total unique bandwidth profiles used across layer 3 and layer 4 cannot exceed 64.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-37
Chapter 7
Configuring QoS
Note
The consistency need not be maintained between parent and child policy-maps. For
example, parent with bandwidth remaining ratio and child with bandwidth kbps is
supported.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
policy-map policy-name
4.
5.
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
policy-map policy-map-name
Example:
Router(config)# policy-map policy1
Step 4
Example:
Router(config)# class c3
Step 5
Example:
Router(config-pmap-c)# bandwidth
20000
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-38
OL-16147-20
Chapter 7
Configuring QoS
Configuring QoS Queue Scheduling
Examples
This example shows a service policy called policy1 that specifies the amount of bandwidth to allocate
for traffic classes 1 and 2:
Router# enable
Router# configure terminal
Router(config)# class-map class1
Router(config-cmap)# match ip dscp 30
Router(config-cmap)# exit
Router(config)# class-map class2
Router(config-cmap)# match ip dscp 10
Router(config-cmap)# exit
Router(config)# policy-map policy1
Router(config-pmap)# class class1
Router(config-pmap-c)# bandwidth 30000
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config-pmap)# class class2
Router(config-pmap-c)# bandwidth 20000
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)#
Router(config)# interface gigabit ethernet 2/1
Router(config-if)# service-policy output policy1
Router(config-if)# exit
The following example configures a QoS policy with multiple user class with rate guarantee setting
using the bandwidth command.
Router(config)# policy-map policy1
Router(config)# Class c1
Router(config-pmap-c)# Bandwidth percent 1%
Router(config-pmap)# Class c2
Router(config-pmap-c)# Bandwidth percent 10%
Router(config-pmap)# Class c3
Router(config-pmap-c)# Bandwidth percent 88%
Router(config-pmap)# Class class-default
Router(config-pmap-c)# Bandwidth 1%
The following example configures a QoS policy with multiple user class with rate guarantee setting:
Router# enable
Router# configure terminal
Router(config)# Policy Map parent_policy
Router(config-pmap)# class-default
Router(config-pmap-c)# shape average 20000000
Router(config-pmap-c)# bandwidth remaining ratio 5
Router(config-pmap-c)# service-policy child_policy
Router(config)# policy-map child_policy
Router(config-pmap)# class video
Router(config-pmap-c)# priority
Router(config-pmap-c)# police 10000000
Router(config-pmap)# class critical
Router(config-pmap-c)# bandwidth remaining percent 80
Router(config-pmap)# class class-default
Router(config-pmap-c)# bandwidth remaining percent 20
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-39
Chapter 7
Configuring QoS
Purpose
Configuring LLQ
Low-Latency Queuing (LLQ) uses the priority command to allocate bandwidth to the class maps in the
policy-map.
LLQ is supported on the output of the following interfaces:
Layer 3 subinterface
Switchport interfaces
Service instances
Ingress LLQ
Dual Priority Queues (High, Medium and Data)
LLQ configuration is allowed at the child policy.
The priority and priority level commands are supported but you cannot use both in the same
policy-map.
Basic Priority/Low Latency Queue with bit rates is not supported.
Basic Low Latency Queue with percent is not supported.
Priority queue with bit rates is not supported.
Flat policy map with LLQ is not supported.
Egress LLQ
Dual Priority Queues
LLQ configuration is allowed at the child policy.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-40
OL-16147-20
Chapter 7
Configuring QoS
Configuring QoS Queue Scheduling
The priority and priority level commands are supported but you cannot use both in the same
policy-map.
Basic Priority/Low Latency Queue with bit rates is not supported.
Basic Low Latency Queue with percent is not supported.
Priority queue with bit rates is not supported.
Egress LLQ
Dual Priority Queues (High, Medium and Data)
LLQ configuration is allowed only at the leaf policy-map.
The priority and priority level commands are supported but you cannot use both in the same
policy-map.
Basic Priority/Low Latency Queue with bit rates is not supported.
Basic Low Latency Queue with percent is not supported.
Priority queue with bit rates is not supported.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
policy-map policy-name
4.
5.
6.
priority
or
priority level
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-41
Chapter 7
Configuring QoS
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
policy-map policy-name
Example:
Router(config)# policy-map silver
Step 4
Example:
Router(config-pmap)# class classcos0
Step 5
Example:
Router(config-pmap-c)# police 5000000 conform-action
set-dscp-transmit 0 exceed-action drop
Or
Configures traffic policing on the basis of a
percentage of bandwidth available on an interface,
where:
Example:
Router(config-pmap-c)# police cir percent 20
conform-action transmit exceed-action
set-prec-transmit 1
Or
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-42
OL-16147-20
Chapter 7
Configuring QoS
Configuring QoS Queue Scheduling
Command
Purpose
Example:
Router(config-pmap-c)# police cir 1000000 pir
2000000 conform-action set-cos-transmit 3
exceed-action set-cos-transmit 1 violate-action drop
Or
police cir percent % pir percent % conform-action
action exceed-action action violate-action action
Example:
Router(config-pmap-c)# police cir percent 20 pir
percent 40 conform-action transmit exceed-action
set-prec-transmit 1 violate-action drop
Step 6
priority
Example:
Router(config-pmap-c)# priority
Or
priority level
Example:
Router(config-pmap-c)# priority level 1
Examples
The following example configures an output LLQ policy on a switchport interface that matches on a CoS
value queuing defined in the classes.
Router# enable
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-43
Chapter 7
Configuring QoS
The following example configures a simple LLQ QoS policy on a class c1 with strict priority setting.
Router# enable
Router# configure terminal
Router(config)# Policy Map qos_llq
Router(config-pmap)# Class c1
Router(config-pmap-c)# police 500000000
Router(config-pmap-c)# priority
The following example configures an LLQ policy with multiple priority classes with a smallest percent
value and default burst value for testing:
Router# enable
Router# configure terminal
Router(config-pmap)# Class-map Voice
Router(config-pmap-c)# police cir percent 10
Router(config-pmap-c)# Priority
Router(config-pmap)# Class-map Video
Router(config-pmap-c)# Police cir percent 20
Router(config-pmap-c)# Priority
Router(config-pmap)# Class-default
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-44
OL-16147-20
Chapter 7
Configuring QoS
Configuring QoS Queue Scheduling
You can configure Bandwidth Remaining Ratio as an action in the policy-map of a parent or a child
class. BRR can be configured to a minimum ratio of 1 and maximum of 1000 on a logical interface.
Because there is no support for an implicit BRR of 1, you must explicitly configure a BRR of 1 on
policies. This does not mean that a BRR of 1 is required in an LLQ class (LLQ and CBWFQ
configurations in the same class will be rejected by the CLI). A child level BRR automatically
excludes LLQ classes from participating in bandwidth sharing because LLQ classes have bandwidth
guarantees.
Use the bandwidth remaining ratio number command to configure BRR. The larger the number,
the more bandwidth the logical interface that the QoS policy-map is applied to receives when the
link is congested.
BRR at the parent level of an HQoS policy-map will functions if the port is congested with traffic.
If the total traffic on the port is lower than the link bandwidth, then all the traffic that comes in has
sufficient bandwidth to go out, and there is no necessity for BRR.
For BRR on the ES+ line cards, the bandwidth sharing calculation is dynamic. BRR calculations are
updated regularly so that as the traffic profile changes, the bandwidth sharing changes.
BRR configurations for a child policy-map and a parent polysemy are similar. However, at the child
level the congestion level that initiates BRR calculations are shifted from the physical port level to
the parent shaper level.
At parent level, you must configure the shaper along with BRR for BRR to work.
BRR is supported on port channel service instances and port-channel member links ( Layer 3). The
ratios are maintained between all service instances load balanced on a member link. For example, if
service instances 1, 2, and 3 were load balanced to link Gi1/1 and service instances 4 and 5 to link
Gi1/2, then BRR ratios would be maintained between service instances 1, 2, and 3 on Gi1/1 and
between 4 and 5 on link Gi1/2.
The ES+ line card supports service propagation. When a port is congested in egress, service
propagation splits the bandwidth remaining on the link between users in the configured ratio after
all LLQ traffic has been serviced.
Service propagation is always on.
Service propagation is turned on automatically when there is no bandwidth guarantee in the
parent.
In order to avoid running out of buffer space on an ES+ line card, it is strongly recommended that
the queue-limit num of pkts command is configured for each child class queue, where num of pkts
is a number reasonable for the queue. Failure to configure the queue-limit command can result in
distorted BRR ratios on sending traffic.
1.
enable
2.
configure terminal
3.
policy-map policy-name
4.
SUMMARY STEPS
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-45
Chapter 7
Configuring QoS
5.
6.
7.
service-policy policy-map
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
policy-map policy-name
Example:
Router(config)# policy-map silver
Step 4
Example:
Router(config-pmap)# class classcos0
Step 5
Example:
Router(config-pmap-c)# shape average 10000000
Step 6
Example:
Router(config-pmap-c)# bandwidth remaining ratio 2
Step 7
service-policy policy-map
Example:
Router(config-pmap-c)# service-policy cust2-classes
Examples
In the following configuration, three policy-maps are applied in egress on three service instances. If
gold, silver, and bronze service instances send their full quota of 300, 300, and 100 Mb/s of priority
traffic, then because PRP/service propagation is ON, the remaining (1 Gb/s - 700 Mb/s) 300 Mb/s of link
bandwidth is shared between users in the ratio 1 : 2 : 3 where:
User A gets : 1 / (1+2+3) * 300 Mb/s = 50 Mb/s of non-LLQ traffic
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-46
OL-16147-20
Chapter 7
Configuring QoS
Configuring PFC QoS on a Cisco 7600 Series Ethernet Services Plus Line Card
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-47
Chapter 7
Configuring QoS
http://www.cisco.com/en/US/docs/routers/7600/ios/15S/configuration/guide/qos.html
PFC QoS on a Cisco 7600 Series Ethernet Services Plus Line Card Configuration
Guidelines
The Cisco 7600 Series ES+ line card supports Policy Feature Card (PFC) QoS for SVI interfaces only
in the case of ingress cos-to-exp marking and micro flow policing. For supported interfaces, see
Supported Interfaces section on page 7-3.
Four-level H-QoS (A policy-map with two levels has three levels of hierarchy when attached on the
main interface, and four levels of hierarchy when attached on a subinterface.)
Color blind policing 2-rate, 3-color policers and 1-rate, 2-color policers
Note
Hierarchical policing
Input shaping
first five ports on the NPE support a maximum of 4,000 H-QoS policy-map applications.
Similarly, the next 5 ports on the NPE also support a maximum of 4000 H-QoS policy-map
applications, giving a total of 4000 + 4000 = 8000 H-QoS policy-maps per NPE in egress). In
ingress, a maximum of 3904 HQoS policy-maps can be applied across the 10 ports of the NPE.
Note that unlike egress, there is no limit in ingress on a per-5-port basis.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-48
OL-16147-20
Chapter 7
Configuring QoS
Configuring Hierarchical QoS
Follow these restrictions while configuring Hierarchical QoS for the Cisco 7600 series ES+ line cards:
The Cisco 7600 series ES+ line cards support up to128,000 queues.
Support up to 8,000 H-QoS policy-maps per NP in egress and 3904 policy-maps per NP in ingress.
Follow these restrictions and usage guidelines while configuring Hierarchical QoS for the Cisco 7600
series ES+T line cards:
The Cisco 7600 series ES+ T line cards support up to 16 queues for each port.
The Cisco 7600 series ES+ T line cards support up to 16 queues per port channel.
Cisco 76-ES+T-4TG3CXL and Cisco 76-ES+T-40G3CXL line cards support up to 48000 policers
per line card.
Supports up to 8,000 H-QoS policy maps per NP in egress and 3904 H-QoS policy-maps per NP in
ingress.
If QoS is configured on a port channel and also on the member links of the port channel, then the
sum of queues on the port channel and the largest value of queues among all member links of that
port channel should not exceed 16.
If a child policy is applied with a QoS queuing feature, only the child classes with queuing feature
is considered for the queue restriction per port. The parent class is not considered.
If a child policy is not applied with a QoS queuing feature, then parent class is considered for queue
restriction per port.
In IOS hierarchical levels are represented as follows and current support is up to five levels:
Grandparent class
Parent class
Child class
A policy-map with two levels has three levels of hierarchy when attached on the main interface, and four
levels of hierarchy when attached on a subinterface.
A policy-map with three levels has four levels of hierarchy when attached on the main interface, and five
levels of hierarchy when attached on a subinterface.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-49
Chapter 7
Configuring QoS
Policing
Shaping
Bandwidth
Priority and
Priority
Percent
Yes
Yes
Yes
No
Yes
Yes
Layer 3
subinterface
CoS,
prec/dscp,
EXP
Yes
Yes
Yes
No
Yes
Yes
Service
instances
outer CoS,
prec/dscp,
inner CoS
Yes
Yes
Yes
No
Yes
Yes
No1
No
No
No
No
No
Switchport
interfaces
Outer CoS
Yes
Yes
Yes
No
Yes
Yes
Port-channel
service
instances
outer CoS,
inner CoS
Yes
Yes
Yes
No
Yes
Yes
Port-channel
Layer 3
member link
CoS,
prec/dscp,
EXP
Yes
Yes
Yes
No
Yes
Yes
Interface
Type
Marking
Priority and
Policing
WRED
Examples
This example configures the child policy to allocate different percentages of bandwidth by class:
!
Router# enable
Router# configure terminal
Router(config)# policy-map child
Router(config-pmap)# class User-A
Router(config-pmap-c)# bandwidth percent 40
Router(config-pmap-c)# exit
Router(config-pmap)# class User-B
Router(config-pmap-c)# bandwidth percent 60
Router(config-pmap-c)# exit
Router(config-pmap)# exit
!
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-50
OL-16147-20
Chapter 7
Configuring QoS
Configuring Hierarchical QoS
This example shows how to configure a 2 level H-QoS policy on a main interface:
Router(config)# policy-map child_1
Router(config-pmap)# class prec1
Router(config-pmap-c)# priority level 1
Router(config-pmap)# class prec2
Router(config-pmap-c)# priority level 12
Router(config-pmap)# class class-default
Router(config-pmap-c)# Police 100kbps
!
Router(config)# policy-map HQoS_parent
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 100000000
Router(config-pmap-c)# service-policy child_1
This example shows how to configure a 2 level H-QoS policy on an EVC interface:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-51
Chapter 7
Configuring QoS
For information on how to configure EVC QoS, refer to the following sections to see how service
instances and port channel service instances are handled:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-52
OL-16147-20
Chapter 7
Configuring QoS
EVCS QoS Support
For egress QoS, both hierarchical and flat policy-maps are supported.
Before creating a service instance, remove any policy-maps on the main interface.
When QoS is applied on a port channel service instances with member links, the router verifies QoS
compatibility with the ES+ line card. However, if the QoS policy-map is applied when the port
channel service instances does not have member links, the router assumes ES+ line card capability
and allows the policy-map to be attached.
same type. For example, you cannot have an ESM20 and an ES+ member link in the same port
channel.
Ingress QoS is limited to marking and policing.
Ingress queuing is not supported.
The bandwidth percent and police percent commands are not supported in flat policy-maps
in rates).
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-53
Chapter 7
Configuring QoS
In this example of a single tag VLAN configuration, because the encapsulation dot1q 10 is already
classified, only the inner VLAN and CoS values are configured.
Router# enable
Router# configure terminal
Router(config)# interface GE 1/2
Router(config-if)# service instance 1
Router(config-if-srv)# encapsulation dot1q 10 second-dot1q any
Router(config-if-srv)# rewrite ingress tag pop 1 symmetric
Router(config-if-srv)# bridge domain 200
Router(config-pmap-c)# service-policy input mark-it-in
Router(config)# policy-map mark-it-in
Router(config-pmap)# class innervlan20
Router(config-pmap-c)# police 100000000
Router(config-pmap-c)# set cos 0
Router(config-pmap-c)# set cos-inner 0
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-54
OL-16147-20
Chapter 7
Configuring QoS
QoS on Port-Channel Member-Link
required class
<-- required queuing action
required class
<-- required queuing action
For a policy-map attached to a port-channel main interface, ingress or egress traffic coming from any
member link is subjected to policy-map configured on port-channel main interface. If no policy-map is
configured on port-channel main interface, ingress or egress traffic from member-link is subject to the::
Policy-map attached to the EVC or subinterface through which the traffic is flowing.
Note
Starting with Cisco IOS Release 12.2(33)SRD1, these interfaces support QoS:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-55
Chapter 7
Configuring QoS
Note
Starting with Cisco IOS Release 15.1 (01)S, these interfaces support QoS:
QoS Configurations
Policy-map attached to layer 3 port-channel interface (input
and output)
Comments
Classification is supported .
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-56
OL-16147-20
Chapter 7
Configuring QoS
QoS on Port-Channel Member-Link
Table 7-9
QoS Configurations
Comments
Note
If a policy-map is not applied on an EVC or subinterface, the trafffic from such subinterfaces and EVCs
is subjected to the member QoS policy. For the traffic flowing through a subinterface or EVC with
policy-map, corresponding policy-map is applied on the traffic.
Any traffic that belongs to a port-channel subinterface or port-channel service instance will go
through the member link policy only if there is no policy directly attached on that port-channel
subinterface or port-channel service instance.
If the port-channel subinterface or port-channel service instance has its own policy, traffic is
subjected to the policy applied on that port-channel subinterface or port-channel service instance.
It is not recommended to configure member link policy on the ingress if there is a micro-flow
policing policy configured on the port-channel main interface or port-channel subinterface. If a
member link policy and a micro-flow policing policy exist together, traffic is subjected to both
policies, first by the member link policy on the NP and then the micro-flow policing policy on the
PFC.
Having Layer 3 port-channel member links with user defined classes in the parent introduces an
additional queuing hierarchy. The interface bandwidth is shared equally between all the user defined
classes.
To protect and guarantee the port channel service instance bandwidth, the member link policy should
have a grand-parent class-default with shape configured to restrict the maximum interface
bandwidth given to non port-channel service instance traffic (if there is more than one class at the
parent level in the member link policy).
Police percent on flat policy-map is not supported on port-channel main and subinterfaces.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-57
Chapter 7
Configuring QoS
Egress microflow policing is not supported on member links, port-channel, and port-channel
subinterface.
If there is a policy-map attached to the main interface, you cannot attach a policy-map the EVC or
sub-interface of the main interface.
The following example illustrates how to configure the service-policy under a router port-channel Layer
3 member link.
Router# enable
Router# configure terminal
Router(config)# interface Port-channel 1
Router(config-if)# ip address
Router(config-if)# mpls ip
Router(config)# interface gi1/0
Router(config-if)# channel-group 1
Router(config-if)# service-policy output port-qos
Router(config)# interface gi1/1
Router(config-if)# channel-group 1
Router(config-if)# service-policy output port-qos
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-58
OL-16147-20
Chapter 7
Configuring QoS
QoS on Port-Channel Member-Link
Router# enable
Router# configure terminal
Router(config)# policy-map port-qos
Router(config-pmap)# class cos0 >>>match on cos 0
Router(config-pmap-c)# police cir 100000000
Router(config-pmap-c)# priority
Router(config-pmap)# class cos1
Router(config-pmap-c)# bandwidth remaining ratio 2
Router(config-pmap)# class class-default
Router(config-pmap-c)# bandwidth remaining ratio 1
prec 1
:
Router# enable
Router# configure terminal
Router(config)# policy-map port-qos
Router(config-pmap)# class exp1 >>>match on exp 1
Router(config-pmap-c)# police cir 100000000
Router(config-pmap-c)# priority
Router(config-pmap)# class exp2
Router(config-pmap-c)# bandwidth 100000
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 100000000
Router# enable
Router# configure terminal
Router(config)# policy-map port-qos
Router(config-pmap)# class ip-exp1 >>>match on ip prec1, or exp 1
Router(config-pmap-c)# police cir 100000000
Router(config-pmap-c)# priority
Router(config-pmap)# class ip-exp22
Router(config-pmap-c)# bandwidth 100000
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 100000000
Router# enable
Router# configure terminal
Router(config)# policy-map port-qos
Router(config-pmap)# class exp1 >>>match on exp 1
Router(config-pmap-c)# police cir 100000000
Router(config-pmap-c)# priority
Router(config-pmap)# class exp2
Router(config-pmap-c)# bandwidth remaining ratio 5
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-59
Chapter 7
Configuring QoS
The following example shows the flat service-policies that can be configured under member-links:
Router# enable
Router# configure terminal
Router(config)# policy-map port-qos
Router(config-pmap)# class vlan11 >>>match on vlan 11
Router(config-pmap-c)# police cir 100000000
Router(config-pmap-c)# priority
Router(config-pmap)# class vlan12
Router(config-pmap-c)# bandwidth 100000
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 100000000
.
The following examples shows the H-QoS policy that can be configured under member-links:
Router# enable
Router# configure terminal
Router(config)# policy-map child
Router(config-pmap)# class prec0 >>>match on prec 0
Router(config-pmap-c)# police cir 100000000
Router(config-pmap-c)# priority
Router(config-pmap)# class prec1
Router(config-pmap-c)# bandwidth 100000
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 100000000
Router# enable
Router# configure terminal
Router(config)# policy-map child
Router(config-pmap)# class cos0 >>>match on cos 0
Router(config-pmap-c)# police cir 100000000
Router(config-pmap-c)# priority
Router(config-pmap)# class cos1
Router(config-pmap-c)# bandwidth 100000
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 100000000
Router(config)# policy-map parent
Router(config-pmap)# class vlan11
Router(config-pmap-c)# shape average 300000000
Router(config-if)# service-policy child
Router(config-pmap)# class vlan12
Router(config-pmap-c)# shape average 300000000
Router(config-if)# service-policy child
Router(config-pmap)# class class-default
The following example shows how to configure QoS on port-channel subinterface in egress:
Router# enable
Router# configure terminal
Router(config)# interface Port-channel 1.1
Router(config-if-srv)# encapsulation dot1q 1001
Router(config-if)# service-policy input subint-engress
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-60
OL-16147-20
Chapter 7
Configuring QoS
QoS on Port-Channel Member-Link
In the next example, an egress service-policy is attached to a port-channel member-link. An egress and
an ingress service-policy are applied on the port-channel service instance.
Router# enable
Router# configure terminal
Router(config)# interface Port-channel 1
Router(config-if)# ip address
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# encapsulation dot1q 100
Router(config-if-srv)# bridge-domain 200
Router(config-if)# service-policy output evc-egress
Router(config-if)# service-policy input evc-ingress
Router(config-if)# service instance 2 ethernet
Router(config-if-srv)# encapsulation dot1q 101
Router(config-if-srv)# bridge-domain 200
Router(config-if)# service-policy output evc-egress
Router(config-if)# service-policy input evc-ingress
Router(config)# interface gi1/0
Router(config-if)# channel-group 1
Router(config-if)# service-policy output port-qos
Router(config)# interface gi1/1
Router(config-if)# channel-group 1
Router(config-if)# service-policy output port-qos
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-61
Chapter 7
Configuring QoS
The following example shows how to configure QoS on member-link for Ingress
Router# enable
Router# configure terminal
Router(config)# interface gi1/1
Router(config-if)# channel-group 1
Router(config-if)# service-policy input memlink-Parent_ingress
The following examples shows the policy that can be configured under Port channel main interface:
Router# enable
Router# configure terminal
Router(config)# policy-map port-channel-egress_qos
Router(config-pmap)# class dscp0
Router(config-pmap-c)# police cir 100000000
Router(config-pmap)# set ip precedece 3
Router# enable
Router# configure terminal
Router(config)# policy-map port-channel-ingress_qos
Router(config-pmap-c)# class cos1
Router(config-pmap-c)#police cir 80000 pir 160000 conform-action set-dscp-transmit 5
exceed-action set-dscp-transmit 6 violate-action drop
Router#enable
Router# configure terminal
Router(config)# interface Port-channel 1
Router(config-if)# service-policy output port-channel-egress-qos
Router(config-if)# service-policy input port-channel-ingress-qos
The following examples shows how to confiure QoS on port-channel main interface:
Router# enable
Router# configure terminal
Router(config)# policy-map port-channel-ingress_qos
Router(config-pmap-c)# class cos1 >>>match on cos 1
Router(config-pmap-c)#police cir 80000 pir 160000 conform-action set-dscp-transmit 5
exceed-action set-dscp-transmit 6 violate-action drop
Router#enable
Router# configure terminal
Router(config)# interface Port-channel 1
Router(config-if)# service-policy output port-channel-egress-qos
Router(config-if)# service-policy input port-channel-ingress-qos
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-62
OL-16147-20
Chapter 7
Configuring QoS
QoS on Port-Channel Member-Link
The show policy-map interface intf-name command shows service policy in suspended mode.
An example output:
PE2#sh policy-map int port-ch 51
Port-channel51
Service-policy output: abc
Service policy abc is in suspended mode
A policy is suspended when there are no member-links attached to it. Use the show etherchannel
summary command to check the member-links attached to a policy and the corresponding status.
The following example shows the output of the show etherchannel summary command:
PE2#show etherchannel summary
Flags: D - down
P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3
S - Layer2
U - in use
f - failed to allocate aggregator
M - not in use, minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
Number of channel-groups in use: 4
Number of aggregators:
4
Group Port-channel Protocol
Ports
------+-------------+-----------+----------------------------------------------1
Po1(RU)
Gi2/12(P)
2
Po2(SD)
3
Po3(SD)
4
Po4(RU)
Gi2/1(P)
Gi2/2(P)
Gi2/22(P)
port-channel main interface, subinterface, and EVC interfaces. The following example shows
an output of the show platform command:
PE2-dfc2#
Port-Channel 3 : No policies attached
Port-Channel 4 :
np port
dir
pc-type
count
--------------------------------------0
0
Input
PC-L3
2
0
0
Output
PC-L3
2
0
0
Input
PC-EVC
1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-63
Chapter 7
Configuring QoS
0
1
Input
PC-L3
0
1
Output
PC-L3
0
1
Input
PC-EVC
0
1
Output
PC-EVC
2
1
Input
PC-L3
2
1
Output
PC-L3
2
1
Input
PC-EVC
--------------------------------
2
2
1
1
2
2
1
show platform npc qos sp np all count command to check the number of policies applied on
show platform npc xlif interface interface efp evc-id command to verify whether a QoS policy
is configured on QoS or not. If QoS policy-id is zero, the policy is not configured on the
interface.
show platform np qos action np np_number interface if_number classmap command to view
Note
To check the policy-map statistics on EVC and SG targets under a port-channel, run these commands:
show policy-map interface intf service instance efp
show policy-map interface intf service group group.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-64
OL-16147-20
Chapter 7
Configuring QoS
IPv6 - Hop by Hop Rate Limiter
Setting the police rate to 0 drops all the IPv6 HBH packets.
After setting the police rate, the setting will remain on the line card even if the line card is moved
to another chassis running Cisco IOS Release 12.2(33)SRD1 or later.
IPv6 packets with HBH and EH will bypass other QoS configured on the Cisco 7600 Series ES+ line
card.
SUMMARY STEPS
1.
attach module-number
2.
enable
3.
4.
5.
DETAILED STEPS
Step 1
Command
Purpose
attach module-number
Example:
Router# attach 9
Step 1
enable
Example:
Router-dfc3# enable
Step 2
Example:
Router-dfc3# test platform police ipv6 set 1234
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-65
Chapter 7
Configuring QoS
Step 3
Command
Purpose
Example:
Router-dfc3# test platform police ipv6 get
Step 4
Example:
Example
This example shows how to set the rate.
Console# attach 3
Trying Switch ...
Entering CONSOLE for Switch
Type "^C^C^C" to end this session
osr3-dfc3#
Router-dfc3# enable
Router-dfc3# test platform police ipv6 set 1234
You can obtain IPv6 internal police rate by using the test platform police get command in privileged
EXEC mode from the line card console:
Router-dfc3# test platform police ipv6 get
IPv6 with HBH header is policed at 100000 kbps
You can disable the IPv6 internal police rate by using the test platform police ipv6 get command in
privileged EXEC mode from the line card console:
Router-dfc3# test platform police ipv6 disable
Router-dfc3# test platform police ipv6 get
IPv6 with HBH header is not policed.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-66
OL-16147-20
Chapter 7
Configuring QoS
Port Level Shaping Concurrent with 4HQoS on ES+
To allow coexistence, apply policy-map on the main interface before applying the policy-map on the
sub targets.
You can remove the policy-map on the main interface only after removing policy-maps from all the
corresponding sub targets.
Note
For co-existence with sub target QoS, only a flat policy-map with no user defined classes is allowed
and only the shape action is allowed.
Sub target QoS is not allowed for user defined classes on the main interface policy-map, or if there
is a HQoS policy-map on the main interface.
A change in the installed policy-map on the main interface resulting in unsupported configuration
is rejected.
Port level shaping is supported in the egress direction on the main interface and the port-channel
main interface.
The coexistence of port level shaping with sub target QoS is not supported in ingress direction.
On ES+ LowQ interfaces, co-existence of port-shaper with queuing on subtargets like subinterface,
EVC, and service-groups are not supported.
Use the hw-module slot slotnum allow-coexist np npnum command to configure port level shaping on
a 10G interface, else the port level shaper installation fails on the line card.
1.
enable
2.
configure terminal
3.
policy-map policy-map-name
Summary Steps
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-67
Chapter 7
Configuring QoS
4.
5.
6.
7.
8.
end
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Policy-map policy-map-name
Example:
Router(config)# Policy-map subrate
Step 4
Example:
Router(config-pmap)# Class
class-default
Step 5
Example:
Router(config-pmap-c)# Shape average
100000000
Step 6
or
interface port-channel number
Example:
Router(config-pmap-c)# interface
gigabitethernet 1/1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-68
OL-16147-20
Chapter 7
Configuring QoS
Port Level Shaping Concurrent with 4HQoS on ES+
Step 7
Command
Purpose
Example:
Router(config-if)# service-policy
output subrate
Step 8
end
Example:
Router(config-if)# end
Example
This example displays port level shaping configuration on ES+ line card.
Router# enable
Router# conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# policy-map subrate
Router(config-pmap)# class class-default
Router(config-pmap-c)# Shape average 1000000
Router(config-pmap-c)# interface gigabitethernet 3/1
Router(config-if)# Service-policy out subrate
Router(config-if)# end
Verification
Use these commands to verify port level shaping configuration on ES+ line card:
Command
Purpose
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-69
Chapter 7
Configuring QoS
Command
Purpose
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-70
OL-16147-20
Chapter 7
Configuring QoS
Minimum Bandwidth Guarantee Plus Multiple Policy
Note
You can configure the minimum bandwidth guarantee feature in terms of: bandwidth rate (Kb/s) or
bandwidth percent. You can configure this feature on the class-default in the flat policy-map or the
class-default in the parent of a Hierarchical QoS (HQoS) policy-map and apply it to a service group.
Furthermore, this feature allows you to allocate a bandwidth share for these targets:
Note
Targets with service groups where the service group is not configured explicitly for the bandwidth.
You can configure bandwidth as bandwidth kbps or bandwidth percent on the class-default of flat
policy-map or HQoS parent policy-map.
Minimum bandwidth guarantee feature is not supported on user defined classes at any level.
For a service group on a port-channel, the service group bandwidth is replicated to all the active
member links if the port-channel is configured with flow-based load balancing. Else, the specified
service group is installed on one of the active member links and the QoS is configured on the same
member link.
If the port-channel has flow-based load balancing mechanism, limit the interface bandwidth on the
port-channel equivalent to the bandwidth of a single member link using the bandwidth command.
If Bandwidth Remaining Ratio (BRR) is configured on HQoS service groups, the sum of excess
weights of all the HQoS service groups is computed and allocated to the new default service group
HQoS node. However, the maximum weight that can be configured at the Layer 2 level is 255.
You can configure each HQoS service group with a maximum weight of 255. The sum of all the
HQoS service groups is applied on the Layer 2 node. If the sum is greater than 255, it is rounded off
to 255 and applied on the Layer 2 node and the bandwidth allocated is shared between all the HQoS
service groups on the port.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-71
Chapter 7
Configuring QoS
1.
enable
2.
configure terminal
3.
policy-map policy-map-name
4.
5.
6.
exit
7.
exit
8.
service-group id_number
9.
Summary Steps
port-channel number
11. service instance id {Ethernet [service-name]}
12. encapsulation dot1q id
13. group id_number
14. end
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
policy-map policy-map-name
Example:
Router(config)# Policy-map subrate
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-72
OL-16147-20
Chapter 7
Configuring QoS
Minimum Bandwidth Guarantee Plus Multiple Policy
Step 4
Command
Purpose
Example:
Router(config-pmap)# class
class-default
Step 5
Note
Example:
Router(config-pmap-c)# bandwidth 100000
Router(config-if)# bandwidth 30
Step 6
exit
Example:
Router(config-pmap-c)# exit
Step 7
exit
Example:
Router(config-pmap)# exit
Step 8
service-group id-number
Example:
Router(config)# service group 1
Step 9
Example:
Router(config-service-group)#
service-policy output flat-sg-policy
Step 10
or
interface port-channel number
Example:
Router(config-service-group)# interface
gigabitethernet 1/1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-73
Chapter 7
Configuring QoS
Step 11
Command
Purpose
Example:
Router(config-if)# service instance 100
ethernet
Step 12
ecapsulation dot1q id
Example:
Router(config-if-srv)# encapsulation
dot 200
Step 13
group id_number
Example:
Router(config-if-srv)# group 1
Step 14
end
Example:
Router(config-if-srv)# end
Example
This example displays minimum bandwidth guarantee configuration by bandwidth rate:
Router> enable
Router# conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# policy-map 4g-bandwidth-policy
Router(config-pmap)# class class-default
Router(config-pmap-c)# bandwidth 4000000
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# service-group 100
Router(config-service-group)# service-policy output 4g-bandwidth-policy
Router(config-service-group)# int teng2/1
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# encap dot1q 200
Router(config-if-srv)# group 100
Router(config-if-srv)# end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-74
OL-16147-20
Chapter 7
Configuring QoS
Service Group QoS Support on the Cisco 7600 Series Router
Verification
Use these commands to verify minimum bandwidth guarantee on service groups configuration:
Command
Purpose
show policy-map
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-75
Chapter 7
Configuring QoS
An interface type can have a hierarchical policy, but the corresponding group can have only a policy
with class-default.
A service group with HQoS policy can have a hierarchical policy, but the members of the service
group cannot have any QoS policies.
In a service group only shape, BRR, bandwidth, and policing features are supported at the parent
level.
On service groups with HQoS policy, WRED and queue limit features are also supported on child
classes.
On service groups with flat policy, WRED and queue limit features are not supported.
A service group number is global and you cannot assign a service group number that is already
assigned to an interface to another interface.
QoS on a service group or member and QoS on main interface cannot co-exist except for the
port-level shaper.
QoS on both sessions and sub interfaces of those sessions is not supported.
Service groups only support sessions on sub-interfaces, and not sessions on the main interfaces.
Grouping of main interfaces is not supported. Only grouping of sub interfaces or EVCs on a main
interface is supported.
In ingress direction, HQoS queuing policies on service groups, EVCs, sub interfaces or sessions are
not supported on a port channel.
In ingress direction, flat queuing policy on service group and HQoS policy on EVC, sub interface
or session is not supported on a port channel.
When multiple interface types are part of a service group on a port-channel interface, all interface
types of that group on the port channel should be configured for a common load balancing scheme.
If sub interfaces and EVCs are part of the same service group, then the port channel should have
only flow based load balancing scheme. Only a single type of load balancing scheme is supported
at a time for flow based load balancing.
An access sub interface or sessions supports only 1:1 active or standby redundancy load balancing
scheme. Normal subinterfaces (non-access) support only flow based or 1:1 active or standby
redundancy load balancing schemes.
When a load balancing scheme on a port channel is flow based, QoS on the service groups as well
as QoS on members is replicated on all the member links of the port channel.
When a load balancing scheme on a port channel is service based (manual, automatic, weighted or
1:1 model), QoS on the service group as well as member link is configured only on one member link
based on the specific load balancing scheme.
On a port channel when access subinterface or sessions are part of a service group, flow based,
manual, weighted, or automatic load balancing schemes are not supported.
On a port channel when normal subinterfaces are part of a service group, manual, weighted, or
automatic load balancing schemes are not supported.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-76
OL-16147-20
Chapter 7
Configuring QoS
Service Group QoS Support on the Cisco 7600 Series Router
Note
If you receive an error message while configuring QoS or QoS service groups on an interface, sub
interface, service instance, or session on an ES+ line card, use the show platform npc qos sp np al
hw_qos command to troubleshoot.
Summary Steps
1.
enable
2.
configure terminal
3.
4.
5.
6.
service-group id
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-77
Chapter 7
Configuring QoS
7.
8.
9.
10. group id
11. end
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
policy-map policy-name
Example:
Router(config)# policy-map qos-service
group-in
Step 4
Example:
Router(config-pmap)# class cos
Step 5
Example:
Router(config-pmap-c)# shape average
10000000
Step 6
service-group id number
Example:
Router(config)# service-group 1
Step 7
Example:
Router(config-service-group)#
service-policy in qos-group-in
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-78
OL-16147-20
Chapter 7
Configuring QoS
Service Group QoS Support on the Cisco 7600 Series Router
Step 8
Command
Purpose
interface gigabitethernet
slot/port[.subinterface]
[access]
or
interface tengigabitethernet
slot/port[.subinterface]
[access]
or
interface port-channel
number[.subinterface]
[access]
Example:
Router(config)#
gigabitethernet
or
Router(config)#
gigabitethernet
Step 9
interface
4/1
interface
4/1.1 access
Example:
Step 10
group id
Example:
Router(config-if-subif)# group 1000
or
Router(config-if-srv)# group 1000
Step 11
end
Example:
Router(config-if-subif)# end
Examples
This example shows how to configure a service group with output service policy and attach a service
instance to the service group.
Router# enable
Router# configure terminal
Router# policy-map p1
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 100000000
Router(config)# service-group 1
Router(config-service-group)# service-policy output p1
Router(config)# interface gigabitethernet 1/1
Router(config-if)# service instance 101 ethernet
Router(config-if-srv)# group 1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-79
Chapter 7
Configuring QoS
This example shows how to configure a service policy in egress direction and attach the access sub
interface to the service group.
Router# enable
Router# configure terminal
Router# policy-map p2
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 100000000
Router(config)# service-group 2
Router(config-service-group)# service-policy output p2
Router(config)# interface gigabitethernet 1/1.1 access
Router(config-subif)# group 2
Router(config-subif)# exit
This example shows how to apply a QoS policy to sessions and attach the service group to a sub interface
where sessions are brought up.
Router# enable
Router# configure terminal
Router(config)# policy-map p3
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 100000000
Router(config)# service-group 3
Router(config-service-group)# service-policy output p3
Router(config)# policy-map p4
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 100000000
Router(config)# policy-map type service hqos_dynamic
Router(config-service-policy-map)# service-policy output p4
Router(config)# policy-map type control hqos_dynamic_control
Router(config-control-policy-map)# class type control always event session-start
Router(config-control-policy-map-class-control)# 1 service-policy type service name
hqos_dynamic
Router(config)# interface gigabit ethernet 1/1.1 access
Router(config-subif)# service-policy type control hqos_dynamic_control
Router(config-subif)# group 3
Router(config-subif)# ip subscriber routed
Router(config-subscriber)# initiator unclassified ip-address
This example shows how to configures a service group with an output service policy and attaches the
service group to a port-channel EVC interface:
Router# enable
Router# configure terminal
Router# policy-map p5
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 100000000
Router(config)#service-group 5
Router(config-service-group)# service-policy output p5
Router(config)# interface Port-channel 1
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# group 5
Router(config-if-srv)#exit
This example shows how to apply a QoS policy to sessions and attach the service group to a port-channel
access sub interface where sessions are brought up.
Router# enable
Router# configure terminal
Router(config)# policy-map p3
Router(config-pmap)# class class-default
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-80
OL-16147-20
Chapter 7
Configuring QoS
Service Group QoS Support on the Cisco 7600 Series Router
Verification
Use these commands to verify the configuration.
Command
Purpose
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-81
Chapter 7
Configuring QoS
For QinQ, match on a single CoS value (either inner CoS or outer CoS, but not both simultaneously)
Match on a range or list of CoS values when a single VLAN or QinQ is specified in the match criteria
Match support for a single CoS value for a range or list of VLANs
In the case of QinQ, inner VLAN can have a range when the outer VLAN is a single VLAN.
Match on range or list of CoS values when both outer and inner VLANs are single.
The pppoe-all CLI option is supported (matches both 0x8863 and 0x8864). The pppoe-session CLI
option is not supported.
Egress behavior implemented for mismatched CoS and Ethertype forwards the packet without
re-write and there is no filtering on egress based on the CoS or Layer 3 Ethertype. (Even if CoS or
Ethertype mismatches, if egress VLAN information matches, then the frames are forwarded.)
Matching on both Ethertype and CoS for the same service instance is not allowed.
OuterCoS or inner CoS can be specified under the same service instance, but not at the same time.
Specifying a range or list of outer VLANs in double tag cases is not supported.
MAC learning occurs with bridge-domain, but does not occur with xconnect and connect.
Egress checking of VLAN matching does not occur with xconnect and local connect.
1.
enable
Summary Steps
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-82
OL-16147-20
Chapter 7
Configuring QoS
Configuring Flexible Service Mapping Based on CoS and Ethertype
2.
configure terminal
3.
4.
[no] shut
5.
6.
encapsulation dot1q vlan-id {cos | comma| hyphen| etype} or encapsulation dot1q vlan-id
second-dot1q {any | vlan-id[,vlan-id[-vlan-id]]} or encapsulation dot1q vlan-id cos [0-7] or
encapsulation dot1q vlan-id etype [IPv4|IPv6|pppoe-all]
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
or
interface port-channel number
Example:
Router(config)# interface
gigabitethernet 4/1
Step 4
[no] shut
Example:
Router(config-if)# no shut
Step 5
Example:
Router(config-if)# service instance 1
ethernet
Note
The commands that follow are used for Dot1q or QinQ configurations. Read the purpose of each command
to determine which to use.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-83
Chapter 7
Configuring QoS
Step 6
Command
Purpose
Example:
Router(config-if-srv)# encapsulation
dot1q 100?
or
encapsulation dot1q vlan-id
second-dot1q {any |
vlan-id[,vlan-id[-vlan-id]]}
Example:
Router(config-if-srv)# encapsulation
dot1q second-dot1q 20
or
encapsulation dot1q vlan-id cos [0-7 ]
Example:
Router(config-if-srv)# encapsulation
dot1q 100 cos 5-6
or
encapsulation dot1q vlan-id etype
[IPv4|IPv6|pppoe-all]
Example:
Router(config-if-srv)# encapsulation
dot1q 100 etype ipv4
Example:
encapsulation dot1q 100 cos 5-7
second-dot1q 500
Supported Configurations
The following are the supported Ethertype and CoS configurations:
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-84
OL-16147-20
Chapter 7
Configuring QoS
Configuring Flexible Service Mapping Based on CoS and Ethertype
Supported payload Ethertype configurations for single tag with single VLAN:
Router(config)# interface gigabitethernet 1/1
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# encapsulation dot1q 10 etype ipv4
Router(config-if-srv)# exit
Router(config-if)# service instance 2 ethernet
Router(config-if-srv)# encapsulation dot1q 10 etype ipv6
Router(config-if-srv)# exit
Router(config-if)# service instance 3 ethernet
Router(config-if-srv)# encapsulation dot1q 10 etype pppoe-all
Supported payload Ethertype configurations for single tag with range of VLANs:
Router(config)# interface gigabitethernet 1/1
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# encapsulation dot1q 11-15 etype ipv4
Router(config-if-srv)# exit
Router(config-if)# service instance 2 ethernet
Router(config-if-srv)# encapsulation dot1q 11-15 etype ipv6
Router(config-if-srv)# exit
Router(config-if)# service instance 3 ethernet
Router(config-if-srv)# encapsulation dot1q 11-15 etype pppoe-all
Supported payload Ethertype configurations for double tag with range on inner VLANs:
Router(config)# interface gigabitethernet 1/1
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# encapsulation dot1q 10 second-dot1q 11-15 etype ipv4
Router(config-if-srv)# exit
Router(config-if-srv)# encapsulation dot1q 10 second-dot1q 11-15 etype ipv6
Router(config-if-srv)# exit
Router(config-if-srv)# encapsulation dot1q 10 second-dot1q 11-15 etype pppoe-all
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-85
Chapter 7
Configuring QoS
Examples
The following example displays EVCs with encap dot1q and CoS under bridge-domain.
Router# conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# interface gigabitethernet 3/1
Router(config-if)# no shut
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# encapsulation dot1q 100 cos 5
Router(config-if-srv)# bridge-domain 202
Router(config-if-srv)# interface gigabitethernet 3/2
Router(config-if)# no shut
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# encapsulation dot1q 100 cos 5
Router(config-if-srv)# bridge-domain 202
Router(config-if-srv)# end
Router#
Router#
Router# show bridge-domain 202
Bridge-domain 202 (2 ports in all)
State: UP
Mac learning: Enabled
GigabitEthernet3/1 service instance 1
GigabitEthernet3/2 service instance 1
The following example shows EVC with encap dot1q and ethertype ipv4 with bridge-domain.
Router(config)# interface gigabitethernet 3/1
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# encapsulation dot1q 100 etype ipv4
Router(config-if-srv)# bridge-domain 202
Router(config-if-srv)# interface gigabitethernet 3/2
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# encapsulation dot1q 100 etype ipv4
Router(config-if-srv)# bridge-domain 202
Router(config-if-srv)#
Router(config-if-srv)# end
Router#
Router#
Router# show bridge-domain 202
Bridge-domain 202 (2 ports in all)
State: UP
Mac learning: Enabled
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-86
OL-16147-20
Chapter 7
Configuring QoS
Configuring Flexible Service Mapping Based on CoS and Ethertype
Verification
Use the following commands to verify operation.
Command
Purpose
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-87
Chapter 7
Configuring QoS
Minimum bandwidth guarantee is not supported for EVCs and sessions at the parent level of an
HQoS policy map.
If the port channel subinterface is a member of a service group, the minimum bandwidth guarantee
can be configured at the service group level, even though the port channel subinterface does not
support absolute bandwidth at the parent level.
WRED and queue limit are supported only at the child level in a policy map.
QoS service policy cannot be simultaneously configured on a port channel main interface and
subinterface except for the port sub-rate shaper.
QoS service policy can be configured simultaneously on port channel main interface and member
link or port channel subinterface and member link. But, port channel member link QoS will be
effective only when main interface or sub interface QoS is removed.
By default a port channel main interface or subinterface follows the flow based load balancing
model .
A 3-level HQoS policy with queuing can be applied only on the port channel interface and not on
the subinterface.When a port channel is configured as a layer 2 interface, the 2-level or 3-level
queuing policies can be applied in the same way as on a normal layer 3 port-channel main interface.
Load balancing on a port channel with an access subinterface or sessions is limited to the1:1 active
standby redundancy model. This applies to the QoS on this port channel as well.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-88
OL-16147-20
Chapter 7
Configuring QoS
Egress QoS Scheduling on Port Channel Interfaces
Summary Steps
1.
enable
2.
configure terminal
3.
4.
5.
6.
7.
8.
9.
10. end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-89
Chapter 7
Configuring QoS
Detailed Steps
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
policy-map policy-map-name
Example:
Router(config)# policy-map policy1
Step 4
Example:
Router(config-pmap)# class
class-default
Step 5
Example:
Router(config-pmap-c)# shape average
100000000
Step 6
Example:
Router(config)# interface port-channel
1
Step 7
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-90
OL-16147-20
Chapter 7
Configuring QoS
Egress QoS Scheduling on Port Channel Interfaces
Step 8
Command
Purpose
Example:
Router(config-if)# ip address
100.1.1.1 255.0.0.0
Step 9
Example:
Router(config-if)# service-policy
output p1
Step 10
end
Example:
Router(config-if)# end
Examples
This example shows how to configure egress QoS scheduling on a port channel main interface.
Router# enable
Router# configure terminal
Router# policy-map p1
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 100000000
Router(config)# interface Port-channel 1
Router(config-if)# no ip address
Router(config-if)# service-policy output p1
Router(config)# exit
This example shows how to configure egress QoS scheduling on a port channel subinterface.
Router# enable
Router# configure terminal
Router# policy-map p2
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 100000000
Router(config)# interface Port-channel 200.1
Router(config-subif)# encapsulation dot1q 200
Router(config-subif)# ip address 100.1.1.1 255.0.0.0
Router(config-if)# service-policy output p2
Router(config)# exit
This example shows how to configure egress QoS scheduling on a port channel access subinterface.
Router# enable
Router# configure terminal
Router# policy-map p3
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 100000000
Router(config)# interface Port-channel 200.1 access
Router(config-subif)# encapsulation dot1q 200
Router(config-subif)# ip address 100.1.1.1 255.0.0.0
Router(config-if)# service-policy output p3
Router(config)# exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-91
Chapter 7
Configuring QoS
This example shows how to configure egress QoS scheduling on a port channel subinterface with service
group.
Router# enable
Router# configure terminal
Router# policy-map p4
Router(config-pmap)# class class-default
Router(config-pmap-c)# shape average 100000000
Router(config)# service-group 2
Router(config-service-group)# service-policy output p4
Router(config)# interface Port-channel 200.1
Router(config-subif)# encapsulation dot1q 200
Router(config-subif)# ip address 100.1.1.1 255.0.0.0
Router(config-subif)# group 2
Router(config)# exit
Verification
Use these commands to verify the egress QoS scheduling on a port channel interface.
Command
Purpose
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-92
OL-16147-20
Chapter 7
Configuring QoS
Layer 2 and Layer 3 QoS ACL Classification for EVC
Layer 2 ACL QoS classification is supported in both input and output direction on the switchport
and EVCs of the main and port channel interfaces that include
ACL matching destination MAC address with address mask.
ACL matching source or destination MAC address and COS value.
ACL matching source or destination MAC address and VLAN ID.
If both source and destination MAC addresses are configured in an ACE, the destination address is
ignored.
Neither source nor destination MAC ACL classification is not supported in the same policy.
COS inner and VLAN inner ACL classifications are not supported.
Layer 3 QoS ACL classification support under EVCs on physical and port channel interface
includes:
ACL matching an IP source address and an IP protocol
ACL matching an IP source and destination address with wild cards
ACL matching an IP source address and an IP protocol
ACL matching an IP source address and a TCP source port
ACL matching an IP source address and a TCP destination port
ACL matching an IP source address and the TCP FIN bit
ACL matching an IP source address and the TCP SYN bit
ACL matching an IP source address and the TCP URG bit
ACL matching an IP source address and a UDP source port
ACL options such as time range, dynamic range and log is not supported.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-93
Chapter 7
Configuring QoS
Summary Steps
1.
enable
2.
configure terminal
3.
class-map class-map-name
4.
5.
policy-map policy-map-name
6.
class class-name
7.
8.
no ip address
9.
Detailed Steps
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
class-map class-map-name
Router# class-map l3_l4acl
Step 4
Step 5
policy-map policy-map-name
Example:
Router(config)# policy-map policy1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-94
OL-16147-20
Chapter 7
Configuring QoS
Layer 2 and Layer 3 QoS ACL Classification for EVC
Step 6
Command
Purpose
Example:
Router(config-pmap)# class
class-default
Step 7
Example:
Router(config)# interface port-channel
1
Step 8
no ip address
Example:
Router(config-if)# no ip address
Step 9
Step 10
service-policy {input|output}
policy-map-name
Example:
Router(config-if)# service-policy
output p1
Step 11
end
Example:
Router(config-if)# end
Examples
This example shows how to configure the layer 2 and layer 3 QoS ACL classification on a gigabit
ethernet interface using a named layer 3 or 4 access control list.
Router# enable
Router# configure terminal
Router(config)# ip access-list extended l3_l4acl
Router(config-ext-nl3-l4acl)# 10 permit ip 0.0.0.1 255.255.0.0 any dscp 32
Router# class-map l3_l4acl
Router(config-cmap)# match access-group name l3_l4acl
Router# policy-map p1
Router(config-pmap)# class class-default
Router(config)# interface gigabitethernet 1/2
Router(config-if)# no ip address
Router(config-if)# service-instance 1 ethernet
Router(config-if-srv)# service-policy output p1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-95
Chapter 7
Configuring QoS
Router(config)# exit
This example shows how to configure layer 2 and layer 3 QoS ACL classification using a numbered layer
3 or 4 access control list.
Router# enable
Router# configure terminal
Router(config)# ip access-list extended 121
Router(config-ext-nacl)# 10 permit ip 0.0.0.1 255.255.0.0 any dscp 32
Router# class-map 121
Routeer(config-cmap)# match access-group 121
Router# policy-map p2
Router(config-pmap)# class class-default
Router(config)# interface gigabitethernet 1/3
Router(config-if)# no ip address
Router(config-if)# service-instance 1 ethernet
Router(config-if-srv)# service-policy output p2
Router(config)# exit
This example shows how to configure layer 2 and layer 3 QoS ACL classification using a named layer
2 access control list.
Router# enable
Router# configure terminal
Router(config)# MAC access-list extended l2acl
Router(config-ext-nacl)# permit 2222.33ef.0000.0000.ffff any cos 2
Router# class-map l2acl
Router(config-cmap)# match access-group l2acl
Router# policy-map p3
Router(config-pmap)# class class-default
Router(config)# interface gigabitethernet 1/2
Router(config-if)# no ip address
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# service-policy output p3
Router(config)# exit
Verification
Use these commands to verify the layer 2 and layer 3 QoS ACL classification feature.
Command
Purpose
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-96
OL-16147-20
Chapter 7
Configuring QoS
Deny ACL QoS Classification
You can configure a QoS policy map with deny ACLs for classification on ES+ main interface, subinterfaces, EVCs, service groups, and sessions.
Deny ACL configuration in the parent policy is supported only on the main interface.
Summary Steps
1.
enable
2.
configure terminal
3.
4.
5.
class-map class-map-name
6.
7.
policy-map policy-map-name
8.
class class-name
9.
10. no ip address
11. service instance id ethernet
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-97
Chapter 7
Configuring QoS
Detailed Steps
Step 1
Command
Purpose
enable
Example:
Router> enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# ip access-list
extended 101
Step 4
Example:
Router(config-ext-nacl)# deny ip
200.1.1.0 0.0.0.255 any
Step 5
class-map class-map-name
Example:
Router(config)# class-map c1
Step 6
Example:
Router(config-cmap)# match
access-group 101
Step 7
policy-map policy-map-name
Example:
Router(config)# policy-map p1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-98
OL-16147-20
Chapter 7
Configuring QoS
Deny ACL QoS Classification
Step 8
Command
Purpose
Example:
Router(config-pmap)# class c1
Step 9
Example:
Router(config)# interface
gigabitethernet 1/2
Step 10
no ip address
Example:
Router(config-if)# no ip address
Step 11
Example:
Router(config-if)# service instance 1
ethernet
Step 12
service-policy {input|output}
policy-map-name
Example:
Router(config-if-srv)# service-policy
output p1
Step 13
Example:
Router(config-if-srv)# encapsulation
dot1q 100
Step 14
bridge-domain bridge-id
Example:
Router(config-if-srv)# bridge-domain
10
Step 15
end
Example:
Router(config-if)# end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-99
Chapter 7
Configuring QoS
Examples
This example shows how to configure deny ACL QoS classification on an EVC interface using a
numbered access control list.
Router# enable
Router# configure terminal
Router(config)# ip access-list extended 102
Router(config-ext-nacl)# deny ip 200.1.1.0 0.0.0.255 any
Router(config)# class-map c1
Router(config-cmap)# match access-group 102
Router(config)# policy-map p1
Router(config-pmap)# class c1
Router(config)# interface gigabitethernet 1/2
Router(config-if)# no ip address
Router(config-if)# service-instance 1 ethernet
Router(config-if-srv)# service-policy output p1
Router(config-if-srv)# encapsulation dot1q 100
Router(config-if-srv)# bridge-domain 10
Router(config-if-srv)# end
Verification
Use these commands to verify the deny ACL QoS classification feature.
Command
Purpose
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-100
OL-16147-20
Chapter 7
Configuring QoS
Troubleshooting QoS on a ES+ Line Card
Table 7-10
Problem
Solution
Pro
- Inverted LOU
A -ACK
TOS
rtr
COD
- TOS Value
- Router
TN
- T -Tcp Control
- R -Recirc. Flag
- N -Non-cachable
- R -RST
- I -OrdIndep. Flag
- F -Fragment Flag
S -SYN
CAP
- Capture Flag
- D -Dynamic Flag
TCP-F
- Protocol
- FlowMask-Prior.
- V(Value)/M(Mask)/R(Result)
- XTAG
(*)
- Bank Priority
----------------------------------------Interface: 1104
protocol: IP
label: 1537
lookup_type: 1
packet-type: 0
+-+-----+---------------+---------------+
|T|Index| Dest Ip Addr | Source Ip Addr|
SPort
DPort
| TCP-F |Pro|MRFM|X|TOS|TN|COD|F-P|
+-+-----+---------------+---------------+ V 36828
0.0.0.0
-----M 36836
0
0.0.0.0
0 ---- 0
0.0.0.0
------
P=0
0 -- --- 0-0
0 X--- 0
P=0
<-
0.0.0.0
0
0
<-
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-101
Chapter 7
Configuring QoS
Problem
Solution
R rslt: 1D29C700
<-
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-102
OL-16147-20
Chapter 7
Configuring QoS
Troubleshooting QoS on a ES+ Line Card
Problem
Solution
Note
ELAM commands.
Select the slot to use the ELAM show platform capture
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-103
Chapter 7
Configuring QoS
Problem
Solution
D - down
P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3
S - Layer2
U - in use
Group
Ports
Port-channel
Protocol
------+-------------+-----------+---------------------------------------------1
Po1(RU)
Po2(SD)
Po3(SD)
4
Po4(RU)
Gi2/22(P)
Gi2/12(P)
Gi2/1(P)
Gi2/2(P)
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-104
OL-16147-20
Chapter 7
Configuring QoS
Troubleshooting QoS on a ES+ Line Card
Problem
Solution
Queuing issues
Interface: 1018
label: 513
lookup_type: 1
protocol: IP
packet-type: 0
|T|Index| Dest Ip Addr | Source Ip Addr|
DPort
|
SPort
| TCP-F |Pro|MRFM|X|TOS|TN|COD|F-P|
V 36828
0.0.0.0
0.0.0.0
P=0
P=0
-----0 ---- 0
0 -- --- 0-0 <M 36836
0.0.0.0
0.0.0.0
0
0
-----0 X--- 0
0
<-
R rslt: 142811A8
V 36829
P=0
M 36836
0
<-
0.0.0.0
0.0.0.0
P=0
-----0 M--- 0
0 -- --- 0-0
0.0.0.0
-----0 X--- 0
0.0.0.0
0
R rslt: 142811A8
Note
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-105
Chapter 7
Configuring QoS
Problem
Excessive drops in packets
Solution
Router#
Router#sh pol
Router#sh policy-map int gig10/6
GigabitEthernet10/6
Service-policy output: queuing
Counters last updated 00:00:27 ago
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-106
OL-16147-20
Chapter 7
Configuring QoS
Troubleshooting QoS on a ES+ Line Card
Problem
Solution
<<< drops due to bandwidth over subscription
(pkts output/bytes output) 0/0
bandwidth 200000 kbps
configured in the policy-map
<<<< bandwidth
precedence 2
Queueing
queue limit 32768 packets
(queue depth/total drops/no-buffer drops) 0/0/0
<<< drops due to shaper
(pkts output/bytes output) 0/0
shape (average) cir 100000000, bc 400000, be 400000
target shape rate 100000000
<<<
shaper
Random drop
Mark
pkts/bytes
prob
thresh
Tail drop
Minimum
pkts/bytes
thresh
0
3457/5687000
0/0
8192
16384 1/10
<<< wred packet/bytes counts
and threshold values
1
1/10
0/0
0/0
100
1000
2
1/10
0/0
0/0
150
1500
3
200
4
16384
0/0
0/0
0/0
12288
0/0
0/0
13312
0/0
0/0
14336
0/0
0/0
15360
1/10
5
16384
1/10
6
16384
1/10
7
16384
1408/4508780
800 1/10
1/10
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-107
Chapter 7
Configuring QoS
Problem
Solution
Class-map: class-default (match-any)
0 packets, 0 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any
Queueing
queue limit 32768 packets
(queue depth/total drops/no-buffer drops) 0/0/0
(pkts output/bytes output) 0/0
shape (average) cir 100000000, bc 400000, be 400000
target shape rate 100000000 <<<
in the policy-map by the user
shaper configured
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-108
OL-16147-20
Chapter 7
Configuring QoS
Troubleshooting QoS on a ES+ Line Card
Problem
Solution
!
end
Router#
Router#sh pol
Router#sh policy-map int gig10/6
GigabitEthernet10/6
<<<< bandwidth
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-109
Chapter 7
Configuring QoS
Problem
Debug QoS policing traffic issues
in EARL
Solution
Warning
SrcIP
:AdjPtr
Prot:SrcPort:DstPort Src
------------------------------------------------------------------------------Pkts
Threshold
Bytes
Leak
LastSeen
QoS
PoliceCount
------------------------------------------------------------------------------Drop
Bucket
--------------20.1.1.2
0x0
10.1.1.2
12857116
0
591427336
0
NO
255 :0
17:35:40
:0
0x80
-5117484352
3145792
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-110
OL-16147-20
Chapter 7
Configuring QoS
Troubleshooting QoS on a ES+ Line Card
Problem
Solution
1.
TCP traffic displays rates below the CIR due to the slow-start
algorithms and retransmissions.
2.
3.
Raise the bandwidth. Eg: old 10M users gig link in a 10 gig
backbone network.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-111
Chapter 7
Configuring QoS
Problem
Solution
Pro
- Inverted LOU
A -ACK
TOS
rtr
COD
- TOS Value
- Router
TN
- T -Tcp Control
- R -Recirc. Flag
- N -Non-cachable
- R -RST
- I -OrdIndep. Flag
- F -Fragment Flag
S -SYN
CAP
- Capture Flag
- D -Dynamic Flag
TCP-F
- Protocol
- FlowMask-Prior.
- V(Value)/M(Mask)/R(Result)
- XTAG
(*)
- Bank Priority
----------------------------------------Interface: 1104
protocol: IP
label: 1537
lookup_type: 1
packet-type: 0
+-+-----+---------------+---------------+
|T|Index| Dest Ip Addr | Source Ip Addr|
SPort
DPort
| TCP-F |Pro|MRFM|X|TOS|TN|COD|F-P|
+-+-----+---------------+---------------+ V 36828
0.0.0.0
-----M 36836
0
0.0.0.0
0 ---- 0
0.0.0.0
------
R rslt: 1D29C700
P=0
0 -- --- 0-0
0 X--- 0
P=0
<-
0.0.0.0
0
0
<-
<-
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-112
OL-16147-20
Chapter 7
Configuring QoS
Troubleshooting QoS on a ES+ Line Card
Problem
Solution
Following are the commands to use the elam.
1. Select slot on which to run elam: show platform capture elam
asic <sup/tyco> slot <slot no>
2. Set the trigger for packets of interest:show platform capture
elam trigger <intersted fields of the packets such as vlan id,
source and destination IP, source index, etc>
3. Start the Elam capture: show platform capture elam start
4. Show the status of Elam: show platform capture elam status
5. Show the captured Elam data: show platform capture elam data
Weneed to repeat the above steps for both dbus as well as rbus
captures .
show platform capture elam help
* Return a brief help that reminds how to use the ELAM
commands
Note
ELAM commands.
Select the slot to use the ELAM show platform capture
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-113
Chapter 7
Configuring QoS
Problem
Solution
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-114
OL-16147-20
Chapter 7
Configuring QoS
Troubleshooting QoS on a ES+ Line Card
Problem
Solution
D - down
P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3
S - Layer2
U - in use
Group
Ports
Port-channel
Protocol
------+-------------+-----------+---------------------------------------------1
Po1(RU)
Po2(SD)
Po3(SD)
4
Po4(RU)
Gi2/22(P)
Gi2/12(P)
Gi2/1(P)
Gi2/2(P)
Queuing issues
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
7-115
Chapter 7
Configuring QoS
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
7-116
OL-16147-20
CH A P T E R
Troubleshooting
This chapter describes techniques that you can use to troubleshoot the operation of your Cisco 7600
Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) line cards.
For more information about the commands used in this chapter, see the Cisco IOS Release 12.2 SR
Command References at
http://www.cisco.com/en/US/products/ps6922/prod_command_reference_list.html.
It includes the following sections:
Using the Cisco IOS Event Tracer to Troubleshoot Problems, page 8-2
Preparing for Online Insertion and Removal of Cisco 7600 Series ES+ Line Card, page 8-3
The first section provides information about basic interface troubleshooting. If you are having a problem
with your Small Form-factor Pluggable (SFP) and small form factor pluggable (XFP) modules, use the
steps in the Using the Cisco IOS Event Tracer to Troubleshoot Problems section to begin your
investigation of a possible interface configuration problem.
Note
The information provided in this chapter is applicable to both the ES+ and ES+T line cards unless
specified otherwise.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
8-1
Chapter 8
Troubleshooting
Caution
Because debugging output is assigned high priority in the CPU process, it can render the system
unusable. For this reason, use debug commands only to troubleshoot specific problems or during
troubleshooting sessions with Cisco technical support staff. Moreover, it is best to use debug commands
during periods of lower network traffic and fewer users. Debugging during these periods decreases the
likelihood that increased debug command processing overhead will affect system use.
For information about other debug commands supported on the Cisco 7600 series routers, refer to the
Cisco IOS Debug Command Reference, Release 12.2 SR at
http://www.cisco.com/en/US/docs/ios/12_2/debug/command/reference/122debug.html.
The Event Tracer feature is intended for use as a software diagnostic tool and should be configured only
under the direction of a Cisco Technical Assistance Center (TAC) representative.
The Event Tracer feature provides a binary trace facility for troubleshooting Cisco IOS software. This
feature gives Cisco service representatives additional insight into the operation of the Cisco IOS
software and can be useful in helping to diagnose problems in the unlikely event of an operating system
malfunction or, in the case of redundant systems, Route Processor switch over.
Event tracing works by reading informational messages from specific Cisco IOS software subsystem
components that have been pre-programmed to work with event tracing, and by logging messages from
those components into system memory. Trace messages stored in memory can be displayed on the screen
or saved to a file for later analysis.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
8-2
OL-16147-20
Chapter 8
Troubleshooting
Troubleshooting SFP/XFP Issues
For more information about using the Event Tracer feature, refer to the following URL:
http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/evnttrcr.html
The Cisco 7600-ES+ line card uses a slot, port numbering scheme. The slot refers to whichever slot the
line card occupies in the router. The port numbering begins at 1 on all versions of the Cisco 7600-ES+
line card. The upper limit depends on the card type. This physical port numbering is reflected in CLI
messages and all references to port numbers that are visible to the user.
Use the following commands when troubleshooting small form-factor pluggable (SFP) issues from the
route processor (RP) side:
Command
Purpose
Use the following commands when troubleshooting small form-factor pluggable (SFP) issues from the
ES+ line card side:
Command
Purpose
Preparing for Online Removal of a Cisco 7600 Series ES+ Line Card, page 8-4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
8-3
Chapter 8
Troubleshooting
Preparing for Online Insertion and Removal of Cisco 7600 Series ES+ Line Card
Verifying Deactivation and Activation of a Cisco 7600 Series ES+ Line Card, page 8-5
Preparing for Online Removal of a Cisco 7600 Series ES+ Line Card
The Cisco 7600 series router supports OIR of the ES+ line card. To do this, you can power down an ES+
line card (which automatically deactivates any installed optical transceivers) and remove the ES+ line
card still intact.
Although graceful deactivation of an ES+ line card is preferred using the no power enable module
command, the Cisco 7600 series router does support removal of the ES+ line card without deactivating
it first. If you plan to remove an ES+ line card, you can deactivate the ES+ line card first, using the
no power enable module global configuration command. When you deactivate an ES+ line card using
this command, it automatically deactivates each of the optical transceivers that are installed in that ES+
line card. Therefore, it is not necessary to deactivate each of the optical transceivers prior to deactivating
the ES+ line card.
Either a blank filler plate or a functional optical transceiver should reside in every subslot of an ES+ line
card during normal operation.
For more information about the recommended procedures for physical removal of the ES+ line card,
refer to the Cisco 7600 Series Ethernet Services Plus Line Card Hardware Installation Guide.
Purpose
For information on how to specify the physical locations of a ES+ line card on the Cisco 7600 series
routers, see the Specifying the Slot Location for a Cisco 7600 Cisco 7600 Series ES+ Line Cards section
in the Cisco 7600 Series Ethernet Services Plus Line Card Hardware Installation Guide.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
8-4
OL-16147-20
Chapter 8
Troubleshooting
Preparing for Online Insertion and Removal of Cisco 7600 Series ES+ Line Card
For example, consider the case in which you remove an ES+ line card from the router to replace it with
another ES+ line card. You reinstall the same optical transceivers into the new ES+ line card. When you
enter the power enable module command on the router, the optical transceivers will automatically
reactivate with the new ES+ line card.
To activate a ES+ line card and its installed optical transceivers after the ES+ line card has been
deactivated, use the following command in global configuration mode:
Command
Purpose
Activates the ES+ line card in the specified slot and its
installed optical transceivers, where:
For information on how to specify the physical locations of a ES+ line card on the Cisco 7600 series
routers, see the Specifying the Slot Location for a Cisco 7600 Cisco 7600 Series ES+ Line Cards section
in the Cisco 7600 Series Ethernet Services Plus Line Card Hardware Installation Guide.
Verifying Deactivation and Activation of a Cisco 7600 Series ES+ Line Card
To verify the deactivation of an ES+ line card, enter the show module command in privileged EXEC
configuration mode. Observe the Status field associated with the ES+ line card that you want to verify.
The following example shows that the ES+ line card located in slot 10 is deactivated. This is indicated
by its PwrDown status.
Router# show module 10
Mod Ports Card Type
Model
Serial No.
--- ----- -------------------------------------- ------------------ ----------10
20 7600 ES+
7600-ES+20G3CXL
JAE1151865I
Mod MAC addresses
Hw
Fw
Sw
Status
--- ---------------------------------- ------ ------------ ------------ ------10 001d.e5e8.2a00 to 001d.e5e8.2a3f
0.301 12.2(33r)SRD 12.2(nightly PwrDown
Mod
---10
10
Sub-Module
--------------------------7600 ES+ DFC XL
7600 ES+ 20xGE SFP
Model
-----------------7600-ES+3CXL
7600-ES+20G
Serial
Hw
Status
----------- ------- ------JAE115188YM 0.200 PwrDown
JAE1151860R 0.301 PwrDown
To verify activation and proper operation of an ES+ line card, enter the show module command and
observe Ok in the Status field as shown in the following example:
Router# show module 10
Mod Ports Card Type
Model
Serial No.
--- ----- -------------------------------------- ------------------ ----------10
20 7600 ES+
7600-ES+20G3CXL
JAE1151865I
Mod MAC addresses
Hw
Fw
Sw
Status
--- ---------------------------------- ------ ------------ ------------ ------10 001d.e5e8.2a00 to 001d.e5e8.2a3f
0.301 12.2(33r)SRD 12.2(nightly Ok
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
8-5
Chapter 8
Troubleshooting
Preparing for Online Insertion and Removal of Cisco 7600 Series ES+ Line Card
Mod
---10
10
Sub-Module
--------------------------7600 ES+ DFC XL
7600 ES+ 20xGE SFP
Model
-----------------7600-ES+3CXL
7600-ES+20G
Serial
Hw
Status
----------- ------- ------JAE115188YM 0.200 Ok
JAE1151860R 0.301 Ok
For information on how to specify the physical locations of a ES+ line card on the Cisco 7600 series
routers, see the Specifying the Slot Location for a Cisco 7600 Cisco 7600 Series ES+ Line Cards section
in the Cisco 7600 Series Ethernet Services Plus Line Card Hardware Installation Guide.
Deactivation of a Cisco 7600 Series ES+ Line Card Configuration Example, page 8-6
Activation of a Cisco 7600 Series ES+ Line Card Configuration Example, page 8-6
Notice that there are no corresponding console messages shown with activation. If you re-enter the
power enable module command, a message is displayed indicating that the module is already
enabled:
Router(config)# power enable module 5
% module is already enabled
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
8-6
OL-16147-20
Chapter 8
Troubleshooting
Line Card Online Diagnostics
Output from this procedure will vary slightly depending on which line card you are using, but the basic
information will be the same.
Line card field diagnostic software is bundled with the main Cisco IOS software to enable you to test
whether a suspect line card is faulty. For information on running online diagnostics, see the Configuring
Online Diagnostics chapter in the Cisco 7600 Series Cisco IOS Software Configuration Guide, 15.0 SR
at http://www.cisco.com/en/US/docs/routers/7600/ios/15S/configuration/guide/diags.html.
Caution
OBFL is activated by default in all cards and should not be deactivated. OBFL is used to diagnose
problems in FRUs and to display a history of FRU data.
For information on configuring OBFL, see Onboard Failure Logging at
http://www.cisco.com/en/US/docs/ios/12_2sx/12_2sxh/feature/guide/sxhobfl.html.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
8-7
Chapter 8
Troubleshooting
TenGigabitEthernet10/1
Input Queue count:8
The output of the show platform lowq command indicates that the number of queues created on the
interface is already equal to the maximum number of queues allowed. So, you cannot create more queues
on that interface. To resolve the issue, reduce the number of queues and then try the service policy
installation again.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
8-8
OL-16147-20
CH A P T E R
Note
The information provided in this chapter is applicable to both the ES+ and ES+T line cards unless
specified otherwise.
For more information about the commands used in this chapter, see the Cisco IOS Release 12.2 SR
Command References at
http://www.cisco.com/en/US/products/ps6922/prod_command_reference_list.html.
This chapter includes the following sections:
FPD Quick Upgrade Before Upgrading your Cisco IOS Release (Recommended), page 9-2
FPD Quick Upgrade After Upgrading your Cisco IOS Release, page 9-2
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
9-1
Chapter 9
FPD Quick Upgrade Before Upgrading your Cisco IOS Release (Recommended)
Step 1
When getting your Cisco IOS image, download the FPD image package for the Cisco IOS release that
you are upgrading to any Flash disk on your router before booting the new version of Cisco IOS. The
FPD image package can be retrieved from the same site where you went to get your Cisco IOS image.
Do not change the name of the FPD image package.
Step 2
Boot using the new version of Cisco IOS. When the new Cisco IOS boots, it by default searches for the
FPD image package in the router flash file systems and the FPD images will be updated automatically
as part of the IOS boot process.
An FPD upgrade is not always necessary after Cisco IOS is reloaded. If you have already reloaded your
Cisco IOS, enter the show hw-module all fpd command to see if all system FPDs are compatible. If the
FPDs are compatible, no further action is necessary. If at least one FPD needs an upgrade, proceed to
Step 2.
Step 2
Go to the cisco.com site where you downloaded your specific Cisco IOS software and locate the FPD
image package.
Step 3
Download this FPD image package to a Flash disk on your router. Do not change the name of the FPD
image package.
Do not change any FPD-related settings on your system (if upgrade fpd auto or upgrade fpd path has
been changed, change the settings back to the default settings using the no form of the command).
Reboot your Cisco IOS release software. When the new Cisco IOS boots, it by default searches for the
FPD image package in the Flash file systems and the FPD images will be updated automatically as part
of the IOS boot process.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
9-2
OL-16147-20
Chapter 9
Note
The FPD automatic upgrade feature only searches for the FPD image package file that is the same
version number as the Cisco IOS release being used by the system. For example, if the Cisco IOS
release being used is Cisco IOS Release 12.2(33)SRD, then the system will search for the FPD image
package file that supports the specific Cisco IOS release (c7600-fpd-pkg.122-33.SRD.pkg).
Therefore, ensure the FPD image package file on your system is compatible with your Cisco IOS
release and do not change the name of the FPD image package file.
Upgrading FPD Images Before Upgrading Cisco IOS Release (Recommended), page 9-3
Upgrade FPD Images after Upgrading the New Cisco IOS Release, page 9-4
Placing FPD Image Package on Flash Disk Before Upgrading IOS (Recommended), page 9-3
Placing FPD Image Package on Flash Disk Before Upgrading IOS (Recommended)
Placing the FPD image package for the IOS release that you are upgrading to before upgrading IOS is
the recommended method for upgrading FPD because it is simple in addition to being fast. To perform
this type of FPD upgrade, follow these steps:
Step 1
While still running the Cisco IOS release that will be upgraded, place the FPD image package for the
new version of Cisco IOS onto one of your routers Flash file systems. For instance, if you are running
Cisco IOS Release 12.2(33)SRD and are upgrading to a newer release, place the FPD image package for
the newer release onto a Flash file system while still running Cisco IOS Release 12.2(33)SRD. You can
locate the FPD image package for a specific IOS release on cisco.com from the same area where you
download that Cisco IOS software image. Your router and Cisco 7600 Series ES+ line cards should
continue to operate normally since this action will have no impact on the current FPDs.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
9-3
Chapter 9
Caution
Do not change the filename of the FPD image package file. The Cisco IOS searches for the FPD
image package file by filename, so the FPD image package file cannot be found if it has been
renamed.
Step 2
Reboot your router using the new upgraded Cisco IOS image. As part of the bootup process, the router
will search for the FPD image package. Since the default settings for the FPD image package search are
to check for the FPD image package for the specific Cisco IOS Release in a Flash file system, the FPD
image package will be located during the bootup procedure and all FPDs that required upgrades will be
upgraded.
Step 3
When the router has booted, verify the upgrade was successful by entering the show hw-module all fpd
command.
Upgrade FPD Images after Upgrading the New Cisco IOS Release
The following steps explain how to upgrade FPD images if you have already upgraded your Cisco IOS
release but still need to upgrade your FPD images.
To perform an FPD upgrade after the new Cisco release has been booted, follow these steps:
Step 1
If you are unsure if your FPD images for your Cisco 7600 Series ES+ line cards are compatible, enter
the show hw-module all fpd command to verify compatibility of all Cisco 7600 Series ES+ line cards.
If all of your Cisco 7600 Series ES+ line cards are compatible, there is no reason to perform this upgrade.
Step 2
If an FPD upgrade is necessary, place the FPD image package for the new version of Cisco IOS onto the
routers Flash Disk or on an accessible FTP or TFTP server. You can locate the FPD image package on
cisco.com from the same area where you downloaded your Cisco IOS software image.
Step 3
Enter the upgrade hw-module [slot slot-number] file-url command. The file-url command should direct
users to the location of the FPD image package. For instance, if you had placed the FPD image package
for Release 12.2(33)SRD on the TFTP server abrick/muck/myfolder, you would enter upgrade
hw-module [slot slot-number] tftp://abrick/muck/myfolder/c7600-fpd-pkg.122-33.SRD.pkg to
complete this step.
If multiple Cisco 7600 Series ES+ line cards require upgrades, the different pieces of hardware will have
to be updated individually.
Note
Step 4
With the new Cisco IOS release running, if the ES+ cards are disabled or powered down due to
any FPD upgrade errors, the only way to do an FPD upgrade is by reloading the line card using
hw-module reset command (assuming that you have already copied the necessary FPD bundle
file in to the file system).The upgrade hw-module command works only when the line card is
in the UP state.
Verify the upgrade was successful by entering the show hw-module all fpd command.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
9-4
OL-16147-20
Chapter 9
Using a Non-Production System to Upgrade the Cisco 7600 Series ES+ Line Card FPD Image,
page 9-5
Using a Non-Production System to Upgrade the Cisco 7600 Series ES+ Line Card FPD Image
Before beginning the upgrade, ensure:
The spare system is running the same version of the Cisco IOS software release that the target
production system is running.
The automatic upgrade feature is enabled on the spare system (the automatic upgrade feature is
enabled by default. It can also be enabled using the upgrade fpd auto command).
Download the FPD image package file to the routers flash file system or TFTP or FTP server accessible
by the spare system. In most cases, it is preferable to place the file in a Flash file system since the router,
by default, searches for the FPD image package in the Flash file systems. If the Flash file systems are
full, use the upgrade fpd path command to direct the router to search for the FPD image package in the
proper location.
Step 2
Step 3
Verify the upgrade was successful by entering the show hw-module all fpd command.
Step 4
Remove the ES+ line card from the spare system after the upgrade.
Step 5
Insert the ES+ line card into the target production system.
If the FPD images on the ES+ line card are compatible with the system, you will only need to
re-enable the automatic upgrade feature (the automatic upgrade feature can be re-enabled using the
upgrade fpd auto command).
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
9-5
Chapter 9
If the FPD images on the ES+ line card are not compatible with the system, the ES+ line card is
disabled but will not impact system performance by attempting to perform an automatic upgrade.
Use the following procedure to check the FPD images on the ES+ line card for system compatibility:
Step 1
Disable the automatic upgrade feature using the no upgrade fpd auto global configuration command.
Step 2
Step 3
Re-enable the automatic upgrade feature using the upgrade fpd auto global configuration command.
Modifying the Default Path for the FPD Image Package File Location, page 9-8
Displaying Current and Minimum Required FPD Image Versions, page 9-9
Displaying Information About the Default FPD Image Package, page 9-10
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
9-6
OL-16147-20
Chapter 9
In this example, slot-number is the slot where the ES+ line card is installed, file-url is the location and
name of the FPD image package file.
Caution
An image upgrade can require a long period of time to complete depending on the ES+ line card.
Note
This approach can also be used if there is not enough disk space on the system Flash card to hold the
FPD image package file.
To download an FPD image package file to an FTP or TFTP server, use the following procedure:
Step 1
Copy the FPD image package file to the FTP or TFTP server.
Step 2
From global configuration mode, use the upgrade fpd path command to instruct the router to locate the
FPD image package file from the FTP or TFTP server location.
For example, enter one of the following global configuration commands from the target systems
console:
Router(config)# upgrade fpd path tftp://my_tftpserver/fpd_pkg_dir/
or
Router(config)# upgrade fpd path ftp://login:password@my_ftpserver/fpd_pkg_dir/
Note
The final / at the end of each of the above examples is required. If the path is specified without the
trailing / character, the command will not work properly.
In these examples, my_tftpserver or my_ftpserver is the path to server name, fpd_pkg_dir is the directory
on the TFTP server where the FPD image package is located, and login:password is your FTP login name
and password.
Step 3
Make sure that the FPD automatic upgrade feature is enabled by examining the output of the show
running-config command. (Look for the upgrade fpd auto configuration line in the output. If there are
no upgrade commands in the output, then upgrade fpd auto is enabled because it is the default setting.)
If automatic upgrades are disabled, use the upgrade fpd auto global configuration command to enable
automatic FPD upgrades.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
9-7
Chapter 9
Step 4
Enter the show upgrade fpd file command to ensure your router is connecting properly to the default
FPD image package. If you are able to generate output related to the FPD image package using this
command, the upgrade should work properly.
Step 5
Save the configuration and reload the system with the new Cisco IOS release.
During the system startup after the reload, the necessary FPD image version check for all the ES+ line
cards will be performed and any upgrade operation will occur automatically if an upgrade is required.
In each upgrade operation, the system extracts the necessary FPD images to the ES+ line card from the
FPD image package file located on the FTP or TFTP server.
Modifying the Default Path for the FPD Image Package File Location
By default, the Cisco IOS software looks for the FPD image package file on a Flash file system when
performing an automatic FPD image upgrade.
Note
Be sure there is enough space on one of your Flash file systems to accommodate the FPD image
package file.
Alternatively, you can store an FPD image package file elsewhere. However, because the system looks
on the Flash file systems by default, you need to change the FPD image package file location so that the
system is directed to search an alternate location (such an FTP or TFTP server) that is accessible by the
Cisco IOS software. Enter the upgrade fpd path fpd-pkg-dir-url global configuration command, where
fpd-pkg-dir-url is the alternate location, to instruct the router to search for the FPD image package
elsewhere.
When specifying the fpd-pkg-dir-url, be aware of the following:
The fpd-pkg-dir-url is the path to the FPD image package, but the FPD image package should not
be specified as part of the fpd-pkg-dir-url. For instance, if the c7600-fpd-pkg.122-33.SRD.pkg file
can be found on the TFTP server using the path
mytftpserver/myname/myfpdpkg/c7600-fpd-pkg.122-33.SRD.pkg and you wanted the router to
utilize this FPD image package for FPD upgrades, the upgrade fpd path
tftp://mytftpserver/myname/myfpdpkg/ command should be entered so the router knows where
to find the file. The actual filename should not be specified.
The final / character in the fpd-pkg-dir-url is required. In the preceding example, note that the
fpd-pkg-dir-url is tftp://mytftpserver/myname/myfpdpkg/. Entering
tftp://mytftpserver/myname/myfpdpkg (note: the final / character is missing) as the
fpd-pkg-dir-url in that scenario would not work.
If the upgrade fpd path global configuration command has not been entered to direct the router to locate
an FPD image package file in an alternate location, the system searches the Flash file systems on the
Cisco 7600 series router for the FPD image package file.
Failure to locate an FPD image package file when an upgrade is required will disable the ES+ line card.
Because ES+ line cards will not come online until FPD is compatible, the ES+ line card will also be
disabled if it requires an FPD upgrade and the automatic upgrade feature is disabled.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
9-8
OL-16147-20
Chapter 9
---4/0
---4/1
---4/2
---7
---------------------SPA-2X1GE
---------------------SPA-2X1GE
---------------------SPA-2X1GE
---------------------7600-ES20-GE3CXL
-----2.2
-----2.2
-----2.2
-----1.0
---------------------- -----7600-ES+3CXL
0.400
---------------------- -----7600-ES+40G
0.401
==== ====================== ======
=============================================
Field Programmable
Current
Min. Required
Device: "ID-Name"
Version
Version
================== =========== ==============
1-ROMMON
1.4
1.4
2-I/O FPGA
0.21
0.21
3-PKT ENG FPGA
0.5
0.5
5-20x1GE LINK FPGA
0.7
0.7
------------------ ----------- -------------1-ROMMON
1.3
1.3
2-I/O FPGA
0.82
0.82
3-SWITCH FPGA
0.39
0.39
------------------ ----------- -------------1-GE I/O FPGA
1.10
1.10
------------------ ----------- -------------1-GE I/O FPGA
1.10
1.10
------------------ ----------- -------------1-GE I/O FPGA
1.10
1.10
------------------ ----------- -------------1-ROMMON
1.4
1.4
2-I/O FPGA
0.21
0.21
3-PKT ENG FPGA
0.5
0.5
5-20x1GE LINK FPGA
0.7
0.7
------------------ ----------- -------------1-ROMMON
1.4
1.4
2-I/O FPGA
0.21
0.21
3-PKT ENG FPGA
0.5
0.5
4-2x10GE LINK FPGA
0.9
0.9
------------------ ----------- -------------1-ROMMON
1.1
1.1
2-I/O FPGA
0.17
0.17
3-SELENE
0.15
0.15
------------------ ----------- -------------4-PKT EN FPGA XL
0.8
0.8
11-Kp FPGA XL
1.1
1.1
------------------ ----------- -------------6-40x1G LinkFPGA
0.15
0.15
10-40x1G LedFPGA
0.2
0.2
=============================================
This example shows the output when verifying the FPD for the ES+ card in a specific slot:
Router# show hw-module slot 9 fpd
==== ====================== ======
H/W
Slot Card Type
Ver.
==== ====================== ======
9 7600-ES+40G3CXL
0.303
=============================================
Field Programmable
Current
Min. Required
Device: "ID-Name"
Version
Version
================== =========== ==============
1-ROMMON
1.1
1.1
2-I/O FPGA
0.17
0.17
3-SELENE
0.15
0.15
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
9-9
Chapter 9
Router#
No.
---1)
2)
3)
4)
5)
6)
7)
8)
9)
10)
11)
12)
13)
14)
15)
16)
17)
18)
19)
20)
21)
22)
23)
24)
25)
26)
Minimal
Card Type
HW Ver.
---------------------------------------- ------2 port adapter Enhanced FlexRouterN
1.0
2 port adapter Enhanced FlexRouterN
2.0
24xT1E1 CE/ATM SPA
1.0
1xOC3STM1 CE/ATM SPA
1.0
1xOC3STM1 CE/ATM SPA
2.0
2xT3E3 CE/ATM SPA
1.0
1xCHSTM1 SPA
0.0
2xCT3 SPA
0.100
2xCT3 SPA
0.200
4xCT3 SPA
0.100
4xCT3 SPA
0.200
10xGE SPA
0.0
8xGE SPA
0.0
8xFE TX SPA
0.0
4xFE TX SPA
0.0
5xGE SPA
0.0
2xGE SPA
0.0
1x10GE XFP SPA
0.0
10xGE SPA
0.0
8xGE SPA
0.0
8xFE TX SPA
0.0
4xFE TX SPA
0.0
5xGE SPA
0.0
1x10GE XFP SPA
0.0
1x10GE DWDM SPA
0.0
2xGE V2 SPA
0.0
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
9-10
OL-16147-20
Chapter 9
27)
28)
29)
30)
31)
32)
33)
34)
35)
36)
37)
38)
39)
40)
41)
42)
43)
44)
45)
46)
47)
48)
49)
50)
51)
52)
53)
54)
55)
56)
57)
58)
59)
60)
61)
62)
63)
64)
65)
66)
67)
68)
69)
70)
71)
72)
73)
74)
75)
76)
77)
78)
79)
80)
81)
----
8xCHT1/E1 SPA
0.140
8xCHT1/E1 SPA
0.0
4xT SERIAL SPA
0.0
4xT SERIAL SPA
2.0
2xOC3 POS SPA
0.0
2xOC3 POS SPA
0.200
4xOC3 POS SPA
0.0
4xOC3 POS SPA
0.200
1xOC12 POS SPA
0.0
1xOC12 POS SPA
0.200
1xOC192 POS/RPR XFP SPA
0.0
1xOC192 POS/RPR SPA
0.0
1xOC48 POS/RPR SPA
0.0
2xOC48 POS/RPR SPA
0.0
4xOC48 POS/RPR SPA
0.0
4-subslot SPA Interface Processor-200
0.100
4-subslot SPA Interface Processor-200
0.450
4-subslot SPA Interface Processor-200
0.500
4-subslot SPA Interface Processor-200
0.550
4-subslot SPA Interface Processor-200
0.600
4-subslot SPA Interface Processor-200
2.0
4-subslot SPA Interface Processor-400
0.1
1-subslot SPA Interface Processor-600
0.1
ESM20G
0.1
2-subslot Services SPA Carrier-400
0.3
2-subslot Services SPA Carrier-400
0.4
2-subslot Services SPA Carrier-400
0.5
2-subslot Services SPA Carrier-600
0.1
7600 ES+
0.100
7600 ES+
0.300
7600 ES+
0.400
7600 ES+ DFC XL
0.100
7600 ES+ DFC XL
0.300
7600 ES+ DFC LITE
0.100
7600 ES+ DFC LITE
0.300
7600 ES+ 40xGE SFP
0.100
7600 ES+ 40xGE SFP
0.200
7600 ES+ 40xGE SFP
0.400
7600 ES+ 20xGE SFP
0.100
7600 ES+ 20xGE SFP
0.200
7600 ES+ 20xGE SFP
0.400
7600 ES+ 4x10GE XFP
0.100
7600 ES+ 4x10GE XFP
0.200
7600 ES+ 4x10GE XFP
0.150
7600 ES+ 2x10GE XFP
0.100
7600 ES+ 2x10GE XFP
0.200
7600 ES+ 2x10GE XFP
0.150
2xT3E3 SPA
0.0
4xT3E3 SPA
0.0
2 Gbps IPSec SPA
0.1
2 Gbps C12000 IPSec SPA
0.1
2xOC3 ATM SPA
0.0
4xOC3 ATM SPA
0.0
1xOC12 ATM SPA
0.0
1xOC48 ATM SPA
0.0
---------------------------------------- -------
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
9-11
Chapter 9
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
9-12
OL-16147-20
Chapter 9
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
9-13
Chapter 9
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
9-14
OL-16147-20
CH A P T E R
10
Configuring IPoDWDM
This chapter provides information about configuring IP over dense wavelength-division multiplexing
(IPoDWDM) on the Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T
(ES+T) line cards on the Cisco 7600 series router.
IP over DWDM can be configured on the following Cisco 7600 Series ES+ Extended Transport (ES+XT)
line cards:
76-ES+XT-2TG3CXL
76-ES+XT-4TG3CXL
76-ES+T-2TG
76-ES+T-4TG
76-ES+XC-20G3C
76-ES+XC-20G3CXL
76-ES+XC-40G3C
76-ES+XC-40G3CXL
For more information about the commands in this chapter, see the Cisco IOS Release 12.2 SR Command
References at http://www.cisco.com/en/US/products/ps6922/prod_command_reference_list.html.
Note
Unless specified otherwise, the information provided in this chapter is applicable to ES+XT, ES+T and
ES+XC line cards. IPoDWDM is supported on ES+XC line cards from SRE1 and later releases.
Dark Fiber
Dark Wavelengths
This feature provides low cost optic solutions required for short distances networks that implement store
and forward network design requiring no optical amplifiers.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
10-1
Chapter 10
Configuring IPoDWDM
The OTN is based on the Optical Transport Hierarchy (OTH) developed by ITU. The OTN is based on
the network architecture defined in ITU G.872 "Architecture for the Optical Transport Network (OTN)".
The G.872 standard defines an architecture composed of the Optical Channel (OCh), Optical Multiplex
Section (OMS), and Optical Transmission Section (OTS). The use of digitally framed signal with digital
overhead for optical channel enables you to implement the management requirements of OCh. It also
allows the use of Forward Error Correction (FEC) system to improve the system performance. The two
new digital layer networks introduced to implement this feature are ODU and OTU.
OTN architecture (ITU-T G.872 standard) defines two interface classes:
Inter-domain interface (IrDI): The OTN IrDI interface class defines the interface (with the 3Rs
[Reamplification, Reshaping and Retiming] processing) at each end of the operator interface. the
operator interface can also be the interface between different vendors within the same operator
Intra-domain interface (IaDI): The IaDI interface class defines the interface within an operator or a
vendor domain.
Switching scalability
The distances between the two switching equipments using the WAN PHY and the DWDM facility
depends on the XFP used. Refer the data sheets of relevant XFP.
The MAC address is common for WAN PHY and LAN PHY. The WAN PHY operates at a rate
compatible with the payload rate of OC-192c/VC-464c.
Note
The hardware combination of Cisco-INTEL OC192 + 10GBASE-L XFP is not supported because of bit
rate incompatibility between INTEL XFP and OTN for the following transport mode configurations:
1.
enable
2.
configure terminal
3.
SUMMARY STEPS
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
10-2
OL-16147-20
Chapter 10
Configuring IPoDWDM
WAN PHY and OTN Support on ES+XC Combination Line Cards
4.
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Step 4
Example:
Router(config-if)# transport-mode otn
bit-transparent opu2e
DWDM Provisioning
All DWDM provisioning configurations take place on the controller. To configure a DWDM controller,
use the controller dwdm command in global configuration mode.
Prerequisites
The g709 configuration commands can be used only when the controller is in the shutdown state. Use
the no shutdown command after configuring the parameters, to remove the controller from shutdown
state and to enable the controller to move to up state.
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
10-3
Chapter 10
Configuring IPoDWDM
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# controller dwdm 1/3
Examples
The following are examples of IP over DWDM commands:
Router# show run int te2/3
Building configuration...
Current configuration : 96 bytes
!
interface TenGigabitEthernet2/3
ip address 11.11.11.2 255.255.255.0
transport-mode otn bit-transparent opu2e
end
Router# show controller dwdm 2/3
G709 Information:
Controller dwdm 3/1, is down (shutdown)
Transport mode LAN (10GBASE-R, 10.3125Gb/s)
TAS state is : OOS
Description: connected to a ginsu LC
G709 status : Disabled
OTU
LOS = 18
AIS = 0
TIM = 0
LOF = 0
BDI = 1
IAE = 0
LOM = 0
BIP = 14504
BEI = 2289
ODU
AIS = 0
OCI = 0
BIP = 14500
BDI = 0
LCK = 0
BEI = 2266
TIM = 0
PTIM = 0
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
10-4
OL-16147-20
Chapter 10
Configuring IPoDWDM
WAN PHY and OTN Support on ES+XC Combination Line Cards
C7600 Node ID :
0 :26:B :28:68:80
Connectivity Info:
Network Connection ID : This_is_a_static_string
Set
Set
Set
Set
Set
Set
Set
Set
Set
Set
Set
Set
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
6142
19113
14477
26689
4989
31230
14967
7234
29164
19852
15452
17460
14852
28561
6364
12832
21486
14312
30337
19184
28532
15403
21048
27105
18102
24607
16426
14253
21500
21952
13523
17545
7863
538
5251
18205
22331
27781
17862
26935
10028
16539
865
29015
7144
20299
27504
2190
13470
7222
8500
6988
18852
20882
21512
702
14117
1870
19304
13075
11919
26281
1898
18454
9948
15302
24263
24747
5275
29138
17325
19226
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
10-5
Chapter 10
Configuring IPoDWDM
Set
Set
Set
Set
13:
14:
15:
16:
10917
1126
20342
3366
18739
24967
29828
27109
16263
26662
7591
22805
20739
13147
18471
16266
32124
32739
18968
2421
24934
3591
7227
9339
Router#
Router# conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# int tenGigabitEthernet 2/3
Router(config-if)# transport
Router(config-if)# transport-mode ?
lan 10GBASE-R LAN pass-through (10.3125Gb/s)
otn 10GE over Optical Transport Network (G.709)
wan 10GBASE-W WAN SONET/SDH (9.95328Gb/s)
Router(config-if)# transport-mode otn ?
bit-transparent 10GBASE-R transparently mapped into OTU-2
Router(config-if)# transport-mode otn bit-transparent ?
opu1e 10GBASE-R over OPU1e without fixed stuffing (11.0491Gb/s)
opu2e 10GBASE-R over OPU2e with fixed stuffing (11.0957Gb/s)
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
10-6
OL-16147-20
Chapter 10
Configuring IPoDWDM
WAN PHY and OTN Support on ES+XC Combination Line Cards
Router# conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# controller dwdm 2/3
Router(config-controller)#?
Controller configuration commands:
Network
Configure Vtxp Netwrok parameters
Virtual-Link
Configure Virtual Link (PPC)
admin-state
Configure the transport admin state of the controller
default
Set a command to its defaults
description
Controller specific description
exit
Exit from controller configuration mode
g709
Configure G709 parameters
help
Description of the interactive help system
no
Negate a command or set its defaults
shutdown
Configure dwdm controller processing
transport-mode Configure 10GE PHY transport mode
wavelength
Configure transponder wavelength
Router(config-controller)# g709 ?
fec Configure FEC mode
odu Configure odu parameters
otu Configure otu parameters
tti-processing Configure Trail Trace Identifier
processing
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
10-7
Chapter 10
Configuring IPoDWDM
lck
oci
pm-tca
ptim
sd-ber
sf-ber
tim
Set
Set
Set
Set
Set
Set
Set
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
10-8
OL-16147-20
Chapter 10
Configuring IPoDWDM
WAN PHY and OTN Support on ES+XC Combination Line Cards
lom
los
sm-tca
tim
sd-ber
sf-ber
Set
Set
Set
Set
Set
Set
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
shut
5.
6.
{ g709 | no g709 } otu report { ais | bdi | fecmismatch | iae | lof | lom | los | sm-tca | tim | sd-ber
| sf-ber}
7.
{ g709 | no g709 } odu report { ais | bdi | lck | oci | pm-tca | ptim | sd-ber | sf-ber | tim }
8.
9.
10. { g709 | no g709 } otu overhead tti{ expected | sent } { ascii | hex } tti-string
11. { g709 | no g709 } odu overhead tti{ expected | sent } { ascii | hex } tti-string
12. no shut
13. end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
10-9
Chapter 10
Configuring IPoDWDM
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# controller dwdm 4/21
Step 4
shut
Example:
Router(config-controller)# shut
Step 5
Example:
Router(config-controller)# g709 fec enhanced
Step 6
Example:
Router(config-controller)# no g709 otu report
lof
Step 7
Example:
Router(config-controller)# no g709 otu
threshold sm-tca
Step 8
Example:
Router(config-controller)# g709 odu threshold
sd-ber 3
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
10-10
OL-16147-20
Chapter 10
Configuring IPoDWDM
WAN PHY and OTN Support on ES+XC Combination Line Cards
Step 9
Command or Action
Purpose
Example:
Router(config-controller)# g709 odu threshold
sd-ber 3
Step 10
Example:
Router(config-controller)# g709 otu overhead
tti expected ascii tti_new
Step 11
Example:
Router(config-controller)# g709 odu overhead
tti expected ascii tti_new
Step 12
no shut
Example:
Router(config-controller)# no shut
Step 13
end
Example:
Router(config-controller)# end
Note
You need to shutdown the interface using shut command before changing the FEC mode to EFEC.
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#controller dwdm 4/21
Router(config-controller)#shut
Router(config-controller)#g709 fec enhanced
Router(config-controller)#g709 otu report los
Router(config-controller)#no g709 otu report lof
Router(config-controller)#no g709 otu threshold sm-tca
Router(config-controller)#g709 odu threshold sd-ber 3
Router(config-controller)#no shut
Router(config-controller)#end
Verification
Use the show controllers command to verify the configuration for alarm assertion.
Router#show controllers dwdm 4/21
Controller dwdm 4/2, is up (no shutdown)
TAS state is : IS
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
10-11
Chapter 10
Configuring IPoDWDM
LOF = 0
BDI = 1
IAE = 0
LOM = 0
BIP = 0
BEI = 0
AIS = 0
OCI = 0
BIP = 0
BDI = 0
LCK = 0
BEI = 0
TIM = 0
PTIM = 0
ODU
Channel
Frequency (THz)
Wavelength (nm)
191.95
1561.83
192.00
1561.42
192.05
1561.01
192.10
1560.61
192.15
1560.20
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
10-12
OL-16147-20
Chapter 10
Configuring IPoDWDM
WAN PHY and OTN Support on ES+XC Combination Line Cards
Channel
Frequency (THz)
Wavelength (nm)
192.20
1559.79
192.25
1559.39
192.30
1558.98
192.35
1558.58
10
192.40
1558.17
11
192.45
1557.77
12
192.50
1557.36
13
192.55
1556.96
14
192.60
1556.55
15
192.65
1556.15]
16
192.70
1555.75
17
192.75
1555.34
18
192.80
1554.94
19
192.85
1554.54
20
192.90
1554.13
21
192.95
1553.73
22
193.00
1553.33
23
193.05
1552.93
24
193.10
1552.52
25
193.15
1552.12
26
193.20
1551.72
27
193.25
1551.32
28
193.30
1550.92
29
193.35
1550.52
30
193.40
1550.12
31
193.45
1549.72
32
193.50
1549.32
33
193.55
1548.91
34
193.60
1548.51
35
193.65
1548.11
36
193.70
1547.72
37
193.75
1547.32
38
193.80
1546.92
39
193.85
1546.52
40
193.90
1546.12
41
193.95
1545.72
42
194.00
1545.32
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
10-13
Chapter 10
Configuring IPoDWDM
Channel
Frequency (THz)
Wavelength (nm)
43
194.05
1544.92
44
194.10
1544.53
45
194.15
1544.13
46
194.20
1543.73
47
194.25
1543.33
48
194.30
1542.94
49
194.35
1542.54
50
194.40
1542.14
51
194.45
1541.75
52
194.50
1541.35
53
194.55
1540.95
54
194.60
1540.56
55
194.65
1540.16
56
194.70
1539.77
57
194.75
1539.37
58
194.80
1538.98
59
194.85
1538.58
60
194.90
1538.19
61
194.95
1537.79
62
195.00
1537.40
63
195.05
1537.00
64
195.10
1536.61
65
195.15
1536.22
66
195.20
1535.82
67
195.25
1535.43
68
195.30
1535.04
69
195.35
1534.64
70
195.40
1534.25
71
195.45
1533.86
72
195.50
1533.47
73
195.55
1533.07
74
195.60
1532.68
75
195.65
1532.29
76
195.70
1531.90
77
195.75
1531.51
78
195.80
1531.12
79
195.85
1530.72
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
10-14
OL-16147-20
Chapter 10
Configuring IPoDWDM
WAN PHY and OTN Support on ES+XC Combination Line Cards
Channel
Frequency (THz)
Wavelength (nm)
80
195.90
1530.33
81
195.95
1529.94
82
196.00
1529.55
Summary Steps
1.
enable
2.
configure terminal
3.
4.
Detailed Steps.
Step 1
Command or Action
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Step 4
Example:
Verification
In this example show idprom interface command checks the ITU configuration:
Router # enable
Router # configure terminal
Router(config)# interface TenGigabitEthernet 4/11
Router(config-if)#itu channel 28
Router#end
Router# show running-config interface TenGigabitEthernet 4/11
Current configuration : 114 bytes
!
interface TenGigabitEthernet4/11
ip address 5.5.5.5 255.255.255.0
itu channel 28
transport-mode otn bit-transparent opu1e
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
10-15
Chapter 10
Configuring IPoDWDM
end
Router# show idprom interface TenGigabitEthernet 4/11 detail
Hexadecimal dump of TRANSCEIVER SEPROM :
XFP IDPROM Page 0x0:
000:
0C 00 49 00 F8 00 46 00 FB 00
010:
00 00 00 00 00 00 00 00 A6 04
020:
09 C4 8C A0 13 88 9B 83 0F 8D
030:
62 1F 18 A6 13 94 00 0A 0C 5A
040:
00 10 00 18 FF E8 00 0C FF F4
050:
00 00 00 00 00 00 00 00 00 00
060:
00 BF 25 1C 00 C4 00 00 01 F4
070:
00 00 00 00 00 00 00 00 00 00
080:
00 00 00 00 BE 20 00 00 00 00
090:
00 00 00 00 00 00 20 F3 00 00
100:
00 00 00 00 00 00 00 00 00 00
110:
A2 B8 00 15 00 00 00 00 00 00 <<See byte 113, the hexa decimal
equivalent for ITU channel 21>>
120:
00 00 00 00 00 00 00 01
Maintains performance monitoring parameter counts and checks against configured threshold
values.
Parameter
Definition
BBE-PM
BBE-SM
BBER-PM
Path monitoring background block errors ratio (BBER-PM) indicates the background
block errors ratio recorded in the OTN path during the PM time interval.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
10-16
OL-16147-20
Chapter 10
Configuring IPoDWDM
Performance Monitoring on DWDM Controllers
Parameter
Definition
BBER-SM
BIEC
Bit errors corrected (BIEC) indicates the number of bit errors corrected in the DWDM
trunk line during the PM time interval.
ES-PM
Path monitoring errored seconds (ES-PM) indicates the errored seconds recorded in the
OTN path during the PM time interval.
ESR-PM
Path monitoring errored seconds ratio (ESR-PM) indicates the errored seconds ratio
recorded in the OTN path during the PM time interval.
ESR-SM
Section monitoring errored seconds ratio (ESR-SM) indicates the errored seconds ratio
recorded in the OTN section during the SM time interval.
ES-SM
Section monitoring errored seconds (ES-SM) indicates the errored seconds recorded in
the OTN section during the PM time interval.
FC-PM
Path monitoring failure counts (FC-PM) indicates the failure counts recorded in the
OTN path during the PM time interval.
FC-SM
Section monitoring failure counts (FC-SM) indicates the failure counts recorded in the
OTN section during the PM time interval.
LBC-MIN
Laser bias current minimum (LBC-MIN) is the minimum laser bias current.
LBC-AVG
Laser bias current average (LBC-AVG) is the average laser bias current.
LBC-MAX
Laser bias current maximum (LBC-MAX) is the maximum laser bias current.
OPT-AVG
OPT-MAX
OPT-MIN
OPR-AVG
Optical power average (OPR-AVG) is the measure of average optical power on the
unidirectional port.
OPR-MAX
OPR-MIN
Optical power minimum (OPR-MIN) is the measure of minimum value of optical power
on the unidirectional port.
SES-PM
Path monitoring severely errored seconds (SES-PM) indicates the severely errored
seconds recorded in the OTN path during the PM time interval.
SES-SM
Section monitoring severely errored seconds (SES-SM) indicates the severely errored
seconds recorded in the OTN section during the PM time interval.
76-ES+XT-2TG3CXL
76-ES+XT-4TG3CXL
76-ES+T-2TG
76-ES+T-4TG
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
10-17
Chapter 10
Configuring IPoDWDM
Note
76-ES+XC-20G3C
76-ES+XC-20G3CXL
76-ES+XC-40G3C
76-ES+XC-40G3CXL
Before you configure performance monitoring using the pm command, you should change the transport
mode to transport-mode otn.
SUMMARY STEPS
1.
configure terminal
2.
3.
4.
pm {15-min | 24-hour} optics threshold {lbc | opr | opt} {max | min} threshold
5.
6.
7.
pm {15-min | 24-hour} optics report {lbc | opr | opt} {max-tca | min-tca} enable
8.
9.
end
10. show controllers dwdm instance pm history [15-min | 24-hour | fec | optics | otn]
11. show controllers dwdm instance pm interval {15-min | 24-hour} [fec | optics | otn]
DETAILED STEPS
Step 1
Command or Action
Purpose
configure terminal
Example:
router# configure terminal
Step 2
Example:
router(config)# controller dwdm 4/1
Step 3
Example:
router(config-controller)# pm 15-min fec
threshold ec-bits 900
router(config-controller)# pm 15-min fec
threshold uc-words 800
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
10-18
OL-16147-20
Chapter 10
Configuring IPoDWDM
Performance Monitoring on DWDM Controllers
Step 4
Command or Action
Purpose
Example:
router(config-controller)# pm 15-min optics
threshold opt max 900
router(config-controller)# pm 15-min optics
threshold lbc min 700
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
10-19
Chapter 10
Configuring IPoDWDM
Step 5
Command or Action
Purpose
Example:
router(config-controller)# pm 15-min otn
threshold bbe-pm-ne 800
router(config-controller)# pm 15-min otn
threshold es-sm-fe 900
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
10-20
OL-16147-20
Chapter 10
Configuring IPoDWDM
Performance Monitoring on DWDM Controllers
Command or Action
Step 6
Purpose
Example:
router(config-controller)# pm 15-min fec report
ec-bits enable
router(config-controller)# pm 15-min fec report
uc-words enable
Step 7
Example:
router(config-controller)# pm 15-min optics
report opt enable
router(config-controller)# pm 15-min optics
report lbc enable
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
10-21
Chapter 10
Configuring IPoDWDM
Step 8
Command or Action
Purpose
Example:
router(config-controller)# pm 15-min otn report
bbe-pm-ne enable
router(config-controller)# pm 15-min otn report
es-sm-fe enable
Step 9
end
Example:
router(config-controller)# end
Step 10
Example:
router# show controllers dwdm 4/1 pm history
24-hour fec
router# show controllers dwdm 4/1 pm history
Step 11
Example:
router# show controllers dwdm 4/1 pm interval
24-hour 0
router# show controllers dwdm 4/1 pm interval
15-min optics 1
Configuration Examples
This example shows how to configure performance monitoring for the optics parameters:
router# config terminal
router(config)# controller
router(config-controller)#
router(config-controller)#
router(config-controller)#
router(config-controller)#
router(config-controller)#
router(config-controller)#
router(config-controller)#
router(config-controller)#
router(config-controller)#
router(config-controller)#
router(config-controller)#
router(config-controller)#
router(config-controller)#
router(config)# exit
dwdm 4/21
pm 15-min
pm 15-min
pm 15-min
pm 15-min
pm 15-min
pm 15-min
pm 15-min
pm 15-min
pm 15-min
pm 15-min
pm 15-min
pm 15-min
exit
optics
optics
optics
optics
optics
optics
optics
optics
optics
optics
optics
optics
Verification
Verify the configuration by using the show controllers dwdm command.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
10-22
OL-16147-20
Chapter 10
Configuring IPoDWDM
Performance Monitoring on DWDM Controllers
This example displays the performance measurement and TCA generation information for a specific
interval:
router# show controllers dwdm 4/21 pm interval 24-hour 1
g709 OTN in interval 1 [HH:MM:SS Month Date Year Month Date Year]
ES-SM
: 0
Threshold : 0
TCA(enable) : NO
ESR-SM
: 0
Threshold : 0
TCA(enable) : NO
SES-SM
: 0
Threshold : 0
TCA(enable) : NO
SESR-SM : 0
Threshold : 0
TCA(enable) : NO
UAS-SM
: 0
Threshold : 0
TCA(enable) : NO
BBE-SM
: 0
Threshold : 0
TCA(enable) : NO
BBER-SM : 0
Threshold : 0
TCA(enable) : NO
FC-SM
: 0
Threshold : 0
TCA(enable) : NO
ES-PM
: 0
Threshold : 0
TCA(enable) : NO
ESR-PM
: 0
Threshold : 0
TCA(enable) : NO
SES-PM
: 0
Threshold : 0
TCA(enable) : NO
SESR-PM : 0
Threshold : 0
TCA(enable) : NO
UAS-PM
: 0
Threshold : 0
TCA(enable) : NO
BBE-PM
: 0
Threshold : 0
TCA(enable) : NO
BBER-PM : 0
Threshold : 0
TCA(enable) : NO
FC-PM
: 0
Threshold : 0
TCA(enable) : NO
g709 FEC in the current interval []
EC-BITS
: 0
Threshold : 0
UC-WORDS : 0
Threshold : 0
TCA(enable)
TCA(enable)
: NO
: NO
Troubleshooting Tips
Table 10-3
Problem
Solution
For disabling the logging of OTU alarms, use the no g709 otu
report command in DWDM configuration mode.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
10-23
Chapter 10
Configuring IPoDWDM
Restrictions
Following restrictions apply for proactive protection:
The polling interval of 10ms is not guaranteed in IOS. The actual polling intervals vary depending
on the load on CPU.
You can expect a time lag while triggering or reverting the proactive protection.
Even though the configuration range offered for the thresholds is from 9E-3 to 1E-9, the working
range is only from 9E-4 to 1E-7. Since the values below this range are negligible, it is rounded off
to 0. The values above this range are too high, and can cause the interface to be unstable.
If you enable proactive protection, and shut down the primary interface, the Loss of Signal
Reporting (LOS) will be sent to the other end. Because of this, the PP FSM goes to local state. But
on the local end, where an OTU-BDI is declared, the FSM does not go to remote failed state.
Because of this, the FSM states will not be in sync on both sides.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
10-24
OL-16147-20
Chapter 10
Configuring IPoDWDM
IPoDWDM Proactive Protection
SUMMARY STEPS
1.
configure terminal
2.
3.
proactive enable
4.
5.
6.
7.
8.
end
DETAILED STEPS
Step 1
Command or Action
Purpose
configure terminal
Example:
Router# config terminal
Step 2
Example:
Router(config)# controller dwdm 0/1
Step 3
proactive enable
Example:
Router(config-controller)# proactive enable
Step 4
Example:
Router(config-controller)# proactive
trig-threshold 1 5
Step 5
Example:
Router(config-controller)# proactive
trig-window 2045
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
10-25
Chapter 10
Configuring IPoDWDM
Step 6
Command or Action
Purpose
Example:
Router(config-controller)# proactive
rvrt-threshold 1 6
Step 7
Example:
Router(config-controller)# proactive
rvrt-window 20345
Step 8
end
Example:
Router(config-controller)# end
Configuration Examples
This example shows how to configure automatic triggering of FEC-FRR:
Router# configure terminal
Router(config)# controller
Router(config-controller)#
Router(config-controller)#
Router(config-controller)#
Router(config-controller)#
Router(config-controller)#
Router(config-controller)#
dwdm 0/1
proactive
proactive
proactive
proactive
proactive
end
enable
trig-threshold 1 5
trig-window 2045
rvrt-threshold 1 6
rvrt-window 20345
Verification
Verify the configuration by using the show controllers dwdm proactive status command.
router#show controllers dwdm 3/1 proactive status
Proactive Protection Status: ON
Transport admin-state: IS
Trigger threshold: 6E-4
Revert threshold: 5E-6
Trigger integration window: 2000
Revert integration window: 3000
Received APS: 0x0F
Transmitted APS: 0x0F
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
10-26
OL-16147-20
Chapter 10
Configuring IPoDWDM
IPoDWDM Proactive Protection
Troubleshooting Tips
Table 10-4
Problem
Solution
Please check the state of the backup tunnel. The backup tunnel
in READY state indicates that the FE FRR is not triggered.
The backup tunnel in ACTIVE state indicates that the FE TRR
is triggered.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
10-27
Chapter 10
Configuring IPoDWDM
76-ES+XT-2TG3CXL
76-ES+XT-4TG3CXL
76-ES+T-2TG
76-ES+T-4TG
76-ES+XC-20G3C
76-ES+XC-20G3CXL
76-ES+XC-40G3C
76-ES+XC-40G3CXL
Node authentication
You need to configure PPC through Cisco Transport Controller (CTC) on the ONS15454 because Cisco
7600 does not support PPC. For detailed configuration information, see the ONS documentation at the
following URL:
http://www.cisco.com/en/US/docs/optical/15000r9_2/dwdm/reference/guide/454d92_optcircuitref.htm
l#wp373015
http://www.cisco.com/en/US/docs/optical/15000r9_2/dwdm/procedure/guide/454d92_opticalchannelci
rc.html#wp656975
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
10-28
OL-16147-20
CH A P T E R
11
76-ES+XT-2TG3CXL
76-ES+XT-4TG3CXL
76-ES+T-2TG
76-ES+T-4TG
76-ES+XC-20G3C
76-ES+XC-20G3CXL
76-ES+XC-40G3C
76-ES+XC-40G3CXL
For more information about the commands in this chapter, see the Cisco IOS Release 12.2 SR Command
References at http://www.cisco.com/en/US/products/ps6922/prod_command_reference_list.html.
Note
Unless otherwise specified, the information provided in this chapter is applicable to ES+XT, ES+T and
ES+XC line cards. ALS is supported on ES+XC line cards from SRE1 release.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
11-1
Chapter 11
If a break remains in the fiber, one or both LOS alarms will remain and the transmitters will be disabled.
The near-end transmitter will turn off at the end of its pulse.
There are two types of restart: manual and automatic. In manual restart, you can request a single restart
pulse from the ALS agent. In automatic restart, the ALS agent sends a periodic restart pulse; the period
is configurable.
Disabled modeIf mode is disabled, ALS is disabled. LOS will not cause laser shutdown.
Manual restart modeThe laser is turned off when the ALS agent detects an LOS for 500 ms. After
ALS is engaged, a manual command is issued that turns on the laser for the time period of the pulse
width. The laser is turned on when the LOS has been cleared for 100 ms.
Automatic restart modeThe laser is shut down for the time period of pulse spacing when the ALS
agent detects a LOS for 500 ms. Then, the laser automatically turns on for the time period of the
selected pulse width. If an LOS still exists at that time, the laser is shut down again. This pattern
continues until the LOS is cleared for 100 ms; then, the laser will stay on.
1.
enable
2.
configure terminal
3.
interface tengigabitethernet
4.
als
5.
6.
7.
SUMMARY STEPS
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface tengigabitethernet
Example:
Router(config)# interface tengigabitethernet
2/1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
11-2
OL-16147-20
Chapter 11
Step 4
Command or Action
Purpose
als
Enables ALS.
Example:
Router(config-if)# als
Step 5
Example:
Router(config-if)# als restart
Step 6
Example:
Router(config-if)# als restart mode automatic
Step 7
Example:
Router(config-if)# als restart pulse interval
2000
Verification
Use the following commands to verify operation.
Command
Purpose
Examples
The following are examples of ALS configuration commands:
Router(config)# interface t2/1
Router(config-if)# als ?
<cr>
Router(config-if)# als
Router(config-if)# do show running inter t2/1
Building configuration...
Current configuration : 59 bytes
!
interface TenGigabitEthernet2/1
no ip address
als
end
Router(config-if)# als ?
restart Specify ALS parameters
<cr>
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
11-3
Chapter 11
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
11-4
OL-16147-20
Chapter 11
Router#
Router# hw-module ?
interface Interface
module
Apply command to a module component
subslot
Control a component in a subslot
Router# hw-module inter t2/1 ?
als
Automatic Laser Shutdown
Router# hw-module inter t2/1 als ?
restart restart ALS for the given inteface
Router# hw-module inter t2/1 als restart ?
<cr>
Router# hw-module inter t2/1 als restart
Router#
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
11-5
Chapter 11
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
11-6
OL-16147-20
CH A P T E R
12
76-ES+XT-2TG3CXL
76-ES+XT-4TG3CXL
For more information about the commands in this chapter, see the Cisco IOS Release 12.2 SR Command
References at http://www.cisco.com/en/US/products/ps6922/prod_command_reference_list.html.
Note
The information provided in this chapter is applicable to both the ES+ and ES+T line cards unless
specified otherwise.
Contents
This chapter contains the following sections:
These enhancements provide Synchronous Ethernet (SyncE) feature support for service provider
applications making the 76-ES+XT-2TG3CXL and 76-ES+XT-4TG3CXL line cards the preferred
choices for carrier Ethernet environments.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
12-1
Chapter 12
Network Clocking on Cisco 7600 Series Ethernet Services Plus Line Cards
The 76-ES+XT-2TG3CXL or 76-ES+XT-4TG3CXL line cards operate in three different modes for clock
synchronization depending on the configuration and the current source state.
Free-runningA line card that is not participating in network clocking or a line card that is actively
sourcing the clock operates in free-running mode. In this mode, the line card internal oscillator
generates the reference clock to the backplane.
Note
In a nonpartcipating mode or a disabled mode, the line card distributes a Stratum 3-quality
timing signal to an external reference clock. Other interfaces on different line cards receive
either the backplane reference clock or the external reference clock depending on their
configurations.
Note
Line card operation is in free-running mode only if it is not participating in the system
clocking, is configured as the active source using on-board oscillator, or does not currently
have a valid clock source before the first clock synchronization; otherwise the line cards
operate in normal mode.
NormalIn normal mode, the module synchronizes with an externally supplied network timing
reference, sourced from one of the chassis BITS inputs or recovered from a network interface. In
this mode, the accuracy and stability of the output signal is determined by the accuracy and stability
of the input reference.
HoldoverIn holdover mode, the network timing module generates a timing signal based on the
stored timing reference used when operating in normal mode. Holdover mode is automatically
selected when the recovered reference is lost or has drifted excessively.
Note
Note
You cannot configure the drift range; it is set internally on the line card to +/9.2~12 ppm
(parts per million) by default. This ppm setting is typical for applications that requires a
clock quality level of Stratum 3/3E, ITU-T G.813 option 1.
All line cards operate in the free-running mode until the network clock is configured.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
12-2
OL-16147-20
Chapter 12
Network Clocking on Cisco 7600 Series Ethernet Services Plus Line Cards
How to Configure Network Clocking
Usage Guidelines
Use the following guidelines:
When the network clocking configuration is present in the startup configuration, the clocking
configuration is not applied until five minutes after the configuration has been parsed. This prevents
clocking instability on the backplane when the interfaces and controllers come up out of order.
Cisco IOS Release 12.2(33)SRD1 does not support synchronization status messaging (SSM)
through BITS input.
If there is a BITS clock source flap because of Loss of Signal (LOS), Loss of Frame (LOF), T1 Blue
Alarm, or E1 Alarm Indication Signal (AIS), there is an interval of 150 seconds before the source
becomes valid and active.
In the event of an Out-of-Range (OOR) switchover (revertive mode), the source switchover occurs
when the clock offset crosses the +/12 ppm threshold. If this occurs, you must reconfigure the
source.
1.
enable
2.
configure terminal
3.
network-clock slot slot bits number {2m | e1 [crc4] | j1 [esf]| t1 [d4 | esf [133ft | 266ft | 399ft |
533ft | 655ft]}
4.
5.
exit
SUMMARY STEPS
Detailed Steps
To configure BITS clock support for the Cisco 76-ES+XT-2TG3CXL and 76-ES+XT-4TG3CXL, use the
following commands.
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
12-3
Chapter 12
Network Clocking on Cisco 7600 Series Ethernet Services Plus Line Cards
Step 3
Command
Purpose
Example:
Router(config)# network-clock slot 1
bits 0
Step 4
Example:
Router(config)# network-clock select 1
slot 1 bits 0
Step 5
exit
Example:
Router(config)# exit
Example
The following example shows how to configure BITS clock support for the Cisco 76-ES+XT-2TG3CXL
and 76-ES+XT-4TG3CXL.
Router# enable
Router# configure terminal
Router(config)# network-clock slot 1 bits 0 ?
2m 2.048MHz square wave signal type
e1 E1 signal type
j1 Japan J1 signal type
t1 T1 signal type
Router(config)# network-clock slot 1 bits 0 t1 ?
d4 T1 D4 framing mode
esf T1 ESF framing mode
Router(config)# network-clock slot 1 bits 0 t1 d4 ?
133ft Line Build-Out Select 0 to 133 feet
266ft Line Build-Out Select 133 to 266 feet
399ft Line Build-Out Select 266 to 399 feet
533ft Line Build-Out Select 399 to 533 feet
655ft Line Build-Out Select 533 to 655 feet
Router(config)# network-clock slot 1 bits 0 t1 d4 266ft
Router(config)# network-clock select 1 slot 1 bits 0
Router(config)# exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
12-4
OL-16147-20
Chapter 12
Network Clocking on Cisco 7600 Series Ethernet Services Plus Line Cards
How to Configure Network Clocking
Usage Guidelines
Use the following guidelines:
When the network clocking configuration is present in the startup configuration, the clocking
configuration is not applied until five minutes after the configuration has been parsed. This prevents
clocking instability on the backplane when the interfaces/controllers come up out of order.
Cisco IOS Release 12.2(33)SRD1 does not support Ethernet Synchronization Message Channel
(ESMC) on LAN PHY and SSM received from SONET/SDH frames for WANPHY.
If there is a clock source flap because of interface up and down events, there is an interval of 150
seconds before the source becomes valid and active.
In the event of an Out-of-Range (OOR) switchover (revertive mode), but the interface stays up, the
source switchover occurs when the clock offset crosses the +/12 ppm threshold. If this occurs, you
must reconfigure the source.
1.
enable
2.
configure terminal
3.
4.
5.
exit
6.
7.
exit
SUMMARY STEPS
Detailed Steps
To configure 10GE interface as the clock source, use the following commands.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
12-5
Chapter 12
Network Clocking on Cisco 7600 Series Ethernet Services Plus Line Cards
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface
tengigabitethernet 1/1
Step 4
Example:
Step 5
exit
Example:
Router(config-if)# exit
Step 6
Example:
Router(config)# network-clock select 1
interface TenGigabitEthernet 1/1
Example
The following example shows how to configure 10GE interface as the clock source.
Router# enable
Router# configure terminal
Router(config)# interface tengigabitethernet 1/1
Router(config-if)# clock source line
Router(config-if)# exit
Router(config)# network-clock select 1 interface TenGigabitEthernet 1/1
Router(config)# exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
12-6
OL-16147-20
Chapter 12
Network Clocking on Cisco 7600 Series Ethernet Services Plus Line Cards
How to Configure Network Clocking
State
Hardware not present
Valid
Valid
Reason
Use the show platform hardware network-clocks command to verify output on the line card side.
Router-dfc# show platform hardware network-clocks
Local Loop Timing:
Port 1: N
Port 2: N
Port 3: N
Port 4: N
Normal
Priority
Priority
Priority
Priority
:
:
:
:
15
15
15
15
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
12-7
Chapter 12
Network Clocking on Cisco 7600 Series Ethernet Services Plus Line Cards
Status
: Good
Clock state shows Hardware not present if the line card is removed.
Clock becomes Validate but not present if BITS Rx reports LOS, LOF, Blue Alarm (T1), or AIS
(E1)
Clock state shows Hardware not present if the line card is removed.
For both 10GE port clock recovery and BITS port clock recovery, when the clock source is recovered,
the line card will send notification to the RP. Then after a 150-second debounce period, the RP sends a
control message to every participant to synchronize with the valid clock source again.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
12-8
OL-16147-20
CH A P T E R
13
For more information about the commands used in this chapter, see the Cisco IOS Release 12.2 SR
Command References at
http://www.cisco.com/en/US/products/ps6922/prod_command_reference_list.html.
Note
The information provided in this chapter is applicable to all the ES+ line card family unless specified
otherwise.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-1
Chapter 13
8000 ACEs are supported per ACL with only single ACL present
Layer 2 and Layer 3 ACLs cannot coexist on the same service instance
The number of uniquely defined ACLs on the chassis is not affected by support on service instances
ACL configuration with ACEs that contain type of service (ToS) configuration is not supported, but
differentiated services code point (DSCP) is supported
enable
2.
configure terminal
3.
4.
[no] ip address
5.
6.
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
or
interface tengigabitethernet slot/port
Example:
Router(config)# interface
gigabitethernet 4/1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-2
OL-16147-20
Chapter 13
Step 4
Command
Purpose
[no] ip address
Example:
Router(config-if)# no ip address
Step 5
Example:
Router(config-if)# service instance 101
ethernet
Step 6
ip access-group {access-list-name |
access-list-number} {in | out}
Example:
Router(config-if-srv)# ip access-group
101 out
Configuring on a Port-Channel
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
[no] ip address
5.
6.
DETAILED STEPS
Step 1
Command
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
Example:
Router(config)# interface port-channel
12
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-3
Chapter 13
Step 4
Command
Purpose
[no] ip address
Example:
Router(config-if)# no ip address
Step 5
Example:
Router(config-if)# service instance 101
ethernet
Step 6
ip access-group {access-list-name |
access-list-number} {in | out}
Example:
Router(config-if)# ip access-group 101
out
Examples
In this example, the Layer 3 access control list below is applied under the EVC and a port-channel on a
Cisco ES+ line card.
ip access-list extended l3acl
permit ip 1.1.1.1 255.255.255.255 any
permit ip 2.2.2.2 255.255.255.255 any
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 3/1
Router(config-if)# no ip address
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# ip access-group l3acl in/out
Router# enable
Router# configure terminal
Router(config)# interface port-channel 3/1
Router(config-if)# no ip address
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# ip access-group l3acl in/out
In this example, the Layer 4 access control list below is applied under the EVC and a port-channel on a
Cisco ES+ line card.
ip access-list extended l4acl
permit tcp host 1.1.1.1 eq 30 any
Router# enable
Router# configure terminal
Router(config)# interface GigabitEthernet 3/1
Router(config-if)# no ip address
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# ip access-group l4acl in/out
Router# enable
Router# configure terminal
Router(config)# interface port-channel 3/1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-4
OL-16147-20
Chapter 13
Router(config-if)# no ip address
Router(config-if)# service instance 1 ethernet
Router(config-if-srv)# ip access-group l4acl in/out
Verification
Use the following commands to verify operation.
Command
Purpose
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-5
Chapter 13
Note
In case of major data loss, the reported MDC & MLR values are capped to 65535 for an interval and
reset to zero from the next interval.
Note
Note
DF computed using RFC4445 algorithm includes the inter-packet gap and hence it is never zero. But
IPDV does not include the inter-packet gap and the computed DF can be zero.
These are the characteristics of IPDV configuration:
IPDV and MDI-DF can be configured under different class-maps under the same policy-map.
IPDV algorithm works with both CBR and VBR flows and reports only the network introduced
delay. The DF calculation does not include the inter packet delay.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-6
OL-16147-20
Chapter 13
Note
Tag to Tag: 7600 router configured as Label Switch Router (LSR) to switch MPLS packets.
Tag to IP: 7600 router configured as Label Edge Router (LER) to remove the last MPLS tag.
IP to Tag: 7600 router configured as LER to add the first MPLS tag.
The following MPLS packet formats are supported for inline video monitoring:
L3VPN packet formats: 0x8847, MPLS Labels, IP header, UDP header, and MPEG. (ignore
acronyms)
L2VPN and VPLS packet formats: Router MAC, 0x8847, MPLS Labels, control word, VLAN Tags,
CE MAC, IP, UDP, and MPEG.
Note
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-7
Chapter 13
The timestamp information in the RTP packet header is used for calculating jitter in a network data
stream. Effective from Release 15.1(2)S, inline video monitoring supports monitoring packet loss and
jitter metrics for RTP flows in addition to IP-CBR and MPEG flow.
RTP metrics is enabled on a per class-map basis on the Cisco 7600 series routers. A new RTP flow is
created for each RTP Synchronization Source (SSRC) detected in the RTP session matching the
class-map classification criteria. Since RTP sessions are dynamically negotiated, they must be validated
before learning the RTP flow for monitoring. A RTP header does not contain protocol specific
information to identify it as an RTP packets. Currently, these checks are performed to ensure that a
particular RTP packet is valid:
Note
The payload type should be known and not equal to SR (Sender Report 200) or RR (Receiver Report
201).
When the SSRC identifier is received for the first time, the data packets carrying the identifier are
considered invalid until a number of data packets with consecutive sequence numbers are received.
RTP SSRC is a part of flow key along with existing five flow tuples.
RTP Metrics
Apart from the packet loss and jitter metrics, an RTP flow contains additional metrics that provide
information about the RTP traffic. Table 13-1 lists the metrics exported and displayed for an RTP flow.
Table 13-1
Metric Name
Description
Cumulative/ Interval
total_pkts
Interval + Cumulative
expected_pkts
lost_pkts
jitter
Interval
max_jitter
Interval
loss_intervals
num_resync
Interval + Cumulative
late_pkts
Interval
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-8
OL-16147-20
Chapter 13
Metric Name
Description
Cumulative/ Interval
reord_pkts
lost_fraction
avg loss
duration
valid packets
Interval
Interval
1. For loss interval calculations any late or reordered packets should also be treated as lost.
Note
Trunk interface: When you configure a switch-port mode as trunk, multiple VLANs can be switched
on the interface.
Access interface: When you configure a switch-port mode as access, a single VLAN can be switched
on the interface.
Dot1q tunnel: When you configure a switch-port mode on the router as trunk and on the peer as
non-trunk or vice-versa.
Apart from the five tuple keys, inner and outer VLAN ids can be used as a key to differentiate flows.
PPPoE packets
Eth + VLAN + PPPoE + IP
L2VPN
Eth + MPLS + Eth + VLAN + PPPoE + IP
Eth + VLAN + MPLS + Eth + VLAN + PPPoE + IP
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-9
Chapter 13
Note
Video monitoring for PPPoE encapsulated packets is not supported on a node where the session
terminates.
Inline Video Monitoring Support of MDI Metrics for RTP Encapsulated Flows
Effective with Release 15.1(3)S, inline video monitoring supports MDI metrics calculation for
MPEG2-Transport Stream (TS) flows encapsulated in RTP (RFC3550) headers. The MDI metric
(RFC4445) provides information about the buffer required at the consumer node for packet jitter (DF)
and an estimate of the packet loss during the data transmission (MLR/MDC).
Note
Currently, you can monitor either the MDI or RTP at a time for data flow, not both together.
Note
Before Cisco IOS Release 15.1(3), inline video monitoring provided metrics such as MLR and DF for
MDI traffic, and jitter and loss-fraction for RTP traffic. To understand these metrics, a user should have
an understanding of technology and standards.
Transport-availability is calculated as the percentage of time a transport stream is available over a
measured time interval, and the error-seconds (downtime) is the time interval for which the transport
stream in not available for data transmission. The transport-availability is calculated as:
Transport-availability = (Interval duration Error-seconds) / Interval duration
Note
Two new react-types, transport-availability and error-seconds, are introduced in the react command to
help configure alarms based on the keyword values.
Note
Note
Only the packet loss is considered for calculating error-seconds; jitter is not considered for error-seconds
calculation.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-10
OL-16147-20
Chapter 13
Note
You can disable jitter calculation for unsupported frequencies. The jitter value for unsupported
frequencies is reported as 0.
The supported supervisor engines are Sup720 and RSP720 (1 gigabits and 10 gigabits).
Up to 1000 video monitoring flows per Line Card and up to 8000 flows per router are supported for
inline video monitoring.
The video traffic is not monitored up to first two intervals after the flow is learnt.
After the LC flow traffic stops and is timed out using the configured timeout value under class-map,
some of the system resources are released only after 25 minutes. The learn-delete process may result
in delay in monitoring the flows because the system resources are not released immediately.
In case of video monitoring on EVC, monitoring is performed for learnt unicast and multicast traffic
only. Traffic with unknown unicast destination MAC is not monitored.
MDI:DF, MDI:MLR, MDI:MDC, IP-CBR:DF, and IP-CBR:MRV metrics are supported for CBR
flows. For VBR flows, only MDI:MLR and MDI:MDC are supported.
MDI:DF, MDI:MLR, and MDI:MDC are supported only for MPEG-2 and MPEG-4 transport
streams. Both the single program transport streams (SPTS) and multi-program transport streams
(MPTS) are supported.
Only a flat performance-traffic policy type can be configured in each direction. Hierarchical policies
are not supported for Video Monitoring in the performance-traffic typed policy.
Video Monitoring is an independent feature and can co-exist with QoS. Though QoS and
performance-traffic are policy-map based, both can be applied to the same interface in the same
direction to function independently.
Only the configured PIDs are monitored. For example, if only one PID is configured, no other new
PIDs are monitored.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-11
Chapter 13
Layer 3 VPN (L3VPN) and Layer 2 VPN (L2VPN)/Virtual Private LAN Services (VPLS) MPLS
encapsulated packet format are supported.
MPLS labels and EXP values are not supported as part of the flow key. If two different customers
using different MPLS labels but same IP address and UDP ports are on the same target, both are
mapped to the same video monitoring flow.
RTP metric cannot co-exist with MDI or IP-CBR in the same class-map.
Clock rate support is limited to 90Khz. Jitter metric computation accuracy is not guaranteed if the
clock rate for packets is not 90Khz.
Performance-type policy-map is supported on switch-port trunk mode, access mode, and Dot1q
tunnel mode.
Transport-availability and error-seconds metrics are not calculated for IP-CBR flows.
Static payload types 1 to 95 can only be mapped to the frequency option disable.
Supported Interfaces
Video Monitoring is supported on the routed main interface, subinterfaces, switchports, and EVCs in
release 15.0(01)S.
Table 13-2 lists the inline video monitoring interface support for each release:
Table 13-2
Interfaces Supported
12.2(33) ZI
Main-interface, Sub-interface.
15.0(1)
15.1(1)
15.1(2)
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-12
OL-16147-20
Chapter 13
Note
Video monitoring on EVC enables you to monitor video traffic on layer 2 networks.
IP+UDP
Single program transport streams (SPTS) and multi-program transport streams (MPTS)
MPLS+IP+UDP
IP+UDP+RTP
MSE interval causes invalidation of metrics data for up to two subsequent intervals. Metrics from these
invalidated intervals do not trigger any traps or reacts.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-13
Chapter 13
notification. The alerts can be immediate or average. An immediate alert is triggered at the end of
monitoring interval if the metric value crosses the configured range. An average alert is sent based on
the average value, which is computed based on the last n monitored intervals.
Note
If two alerts are asserted for a same interval, the alert with lower profile-id is asserted. The alert profiles
with lower profile-id have higher priority.
Note
The maximum number of class maps supported in a performance-traffic policy map is 50. The maximum
number of policy maps (including QoS and typed policy maps) supported on a router is 1023.
Follow these steps to configure video monitoring on an interface:
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
4.
5.
6.
exit
7.
8.
class class-map-name
9.
monitor parameters
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-14
OL-16147-20
Chapter 13
value4]}
22. action {syslog | snmp}
23. alarm severity {none | informational | notification | warning | error | critical | alert | emergency}
24. alarm type discrete
25. description character string
26. interface type number
27. (optional) service instance instance-number ethernet
28. service-policy type performance-traffic {input | output} {policy-map name}
29. exit
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
router> enable
Step 2
configure terminal
Example:
router# configure terminal
Step 3
access-list-number
source destination
access-list
permit ip [host]
Example:
router(config)# access-list 101 permit ip host
10.10.2.20 any
Note
Note
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-15
Chapter 13
Command or Action
Step 4
Step 5
Purpose
class-map match-any
class-map-name
Example:
router(config)# class-map match-any video-class
access-group-name
|access-group-number
match access-group
Example:
router(config-cmap)# match access-group 101
Step 6
exit
Example:
router(config-cmap)# exit
Step 7
Step 8
policy-map
name
Example:
router(config)# policy-map type
performance-traffic video-monitor
class
class-map-name
Example:
router(config-pmap)# class video-class
Step 9
monitor parameters
Example:
router(config-pmap-c)# monitor parameters
Step 10
interval duration
n-secs
Example:
router(config-pmap-c-monitor)# interval
duration 30
Step 12
timeout
n-inteval
Example:
router(config-pmap-c-monitor)# timeout 200
Step 13
Step 14
df rfc4445 | ipdv
Example:
router(config-pmap-c-monitor)# df ipdv
Step 11
n-inteval
Note
Example:
router(config-pmap-c-monitor)# history 20
exit
history
Example:
router(config-pmap-c-monitor)# exit
Step 15
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-16
OL-16147-20
Chapter 13
Command or Action
Step 16
clock-rate
Purpose
dynamic_pt frequency
Example:
router(config-pmap-c-metric)# clock-rate 1 96
Step 17
(optional) monitor
148.5/1.001Mhz
148.5Mhz
27Mhz
Disable
[pid5]
Example:
router(config-pmap-c-metric)# monitor pids
0x0011
Step 18
rate media
n (bps
Example:
router(config-pmap-c-metric)# rate media
2500031 bps
Note
Step 19
Example:
router(config-pmap-c-metric)# packet size media
188
Example:
router(config-pmap-c-metric)# packet count
media in-layer3 7
Step 20
exit
Example:
router(config-pmap-c-metric)# exit
Step 21
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-17
Chapter 13
Command or Action
Step 22
Purpose
n [pps]
Example:
router(config-pmap-c-metric)# rate layer3
packet 300
Note
Step 23
exit
Example:
router(config-pmap-c-metric)# exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-18
OL-16147-20
Chapter 13
Step 24
Command or Action
Purpose
MDI Example:
router(config-pmap-c)# react 100 mdi-df
IP-CBR Example:
router(config-pmap-c)# react 200 ip-cbr-df
mdi-df
mdi-mdc
mdi-mlr
ip-cbr-mrv
ip-cbr-df
media-stop
rtp
transport-availability
error-seconds
Note
A profile-id once used for a react type can not be reused for
any other react type until it is removed using the no react
profile-id react-type command.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-19
Chapter 13
Step 25
Command or Action
Purpose
Example:
router(config-pmap-c-react)# threshold gt 4
router(config-pmap-c-react)# threshold type
average 5
Step 26
Step 27
Step 28
Step 29
Example:
router(config-pmap-c-react)# alarm type
discrete
Note
description
character-string
Example:
router(config-pmap-c-react)# description
critical TCA
Step 30
Adds the comments for the submodes. Available for all the
submodes. The character-string cannot exceed 200
characters.
Exits the configuration mode.
end
Example:
router(config-pmap-c-react)#end
Step 31
configure terminal
Example:
router# configure terminal
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-20
OL-16147-20
Chapter 13
Command or Action
Step 32
interface
type number
Purpose
Configures the interface type and number.
Example:
router(config)# interface gig 1/2
Step 33
Step 34
Note
policy-map-name
Example:
router(config-if-srv)# service-policy type
performance-traffic input video-monitor
Step 35
Note
exit
Example:
router(config-if)# exit
Example
The following example shows how to configure video monitoring feature on an interface:
Router(config)#policy-map type performance-traffic video-monitor
Router(config-pmap)#class video-class
Router(config-pmap-c)# monitor parameters
Router(config-pmap-c-monitor)# df ipdv
Router(config-pmap-c-monitor)#description mon
Router(config-pmap-c-monitor)#interval duration 30
Router(config-pmap-c-monitor)#history 30
Router(config-pmap-c-monitor)#timeout 10
Router(config-pmap-c-monitor)#exit
Router(config-pmap-c)#monitor metric ip-cbr
Router(config-pmap-c-metric)#rate layer3 packet 237.465 pps
Router(config-pmap-c-metric)#exit
Router(config-pmap-c)#monitor metric mdi
Router(config-pmap-c-metric)# monitor pids 0x0011
Router(config-pmap-c-metric)#rate media 2500031 bps
Router(config-pmap-c-metric)#packet count media in-layer3 7
Router(config-pmap-c-metric)#packet size media 188
Router(config-pmap-c-metric)#exit
Router(config-pmap-c)#react 1 ip-cbr-df
Router(config-pmap-c-react)#alarm severity critical
Router(config-pmap-c-react)#threshold type immediate
Router(config-pmap-c-react)#threshold ge 30.000
Router(config-pmap-c-react)#react 2 ip-cbr-mrv
Router(config-pmap-c-react)#alarm severity informational
Router(config-pmap-c-react)#threshold type immediate
Router(config-pmap-c-react)#threshold le -1.00000
Router(config-pmap-c-react)#react 3 mdi-df
Router(config-pmap-c-react)#alarm severity critical
Router(config-pmap-c-react)#threshold type immediate
Router(config-pmap-c-react)#threshold range 20.000 50.000
Router(config-pmap-c-react)#react 4 mdi-mlr
Router(config-pmap-c-react)#alarm severity critical
Router(config-pmap-c-react)#threshold type immediate
Router(config-pmap-c-react)#threshold gt 0
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-21
Chapter 13
Router(config-pmap-c-react)#react 5 media-stop
Router(config-pmap-c-react)#description for me
Router(config-pmap-c-react)#alarm severity critical
Router(config-pmap-c-react)#react 15 mdi-mdc
Router(config-pmap-c-react)#alarm severity notification
Router(config-pmap-c-react)#threshold type immediate
Router(config-pmap-c-react)#threshold gt 0
Router(config-pmap-c-react)#react 10 ip-cbr-mrv
Router(config-pmap-c-react)#alarm severity informational
Router(config-pmap-c-react)#threshold type immediate
Router(config-pmap-c-react)#threshold ge 1.00000
Router(config-pmap-c-react)#exit
Router(config-pmap-c)#exit
Router(config-pmap)#exit
Router(config)#interface TenGigabitEthernet3/1
Router(config-if)#service-policy type performance-traffic input video-monitor
Router(config-if)#end
This example shows how to configure RTP metrics for video monitoring:
Router(config)#policy-map type performance-traffic video-monitor
Router(config-pmap)#class video-class
Router(config-pmap-c)# monitor parameters
Router(config-pmap-c-monitor)#description mon
Router(config-pmap-c-monitor)#interval duration 30
Router(config-pmap-c-monitor)#history 30
Router(config-pmap-c-monitor)#timeout 10
Router(config-pmap-c-monitor)#exit
Router(config-pmap-c)#monitor metric rtp
Router(config-pmap-c-metric)#exit
Router(config-pmap-c)#react 1 rtp-jitter
Router(config-pmap-c-react)#alarm severity critical
Router(config-pmap-c-react)#threshold type immediate
Router(config-pmap-c-react)#threshold ge 30.000
Router(config-pmap-c-react)#react 2 rtp-loss-rate
Router(config-pmap-c-react)#alarm severity informational
Router(config-pmap-c-react)#threshold type immediate
Router(config-pmap-c-react)#threshold le 50.00
Router(config-pmap-c-react)#react 3 rtp-max-jitter
Router(config-pmap-c-react)#alarm severity critical
Router(config-pmap-c-react)#threshold type immediate
Router(config-pmap-c-react)#threshold range 20.000 50.000
Router(config-pmap-c-react)#react 4 rtp-lost-pkts
Router(config-pmap-c-react)#alarm severity critical
Router(config-pmap-c-react)#threshold type immediate
Router(config-pmap-c-react)#threshold ge 10
Router(config-pmap-c-react)#react 5 media-stop
Router(config-pmap-c-react)#description for me
Router(config-pmap-c-react)#alarm severity critical
outer(config-pmap-c-react)#exit
Router(config-pmap-c)#exit
Router(config-pmap)#exit
Router(config)#interface TenGigabitEthernet3/1
Router(config-if)#service-policy type performance-traffic input video-monitor
Router(config-if)#end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-22
OL-16147-20
Chapter 13
Port: 6300;
Src: 11.0.0.2
Avail(%)
: 100.000
Error_secs : 0.000
Port: 63
Pkt_cnt
MRV(%)
: 126002
: 0.00000
Error
Transport
Intvl Updated at Type
Pkt_cnt
MRV(%)/MLR
DF(msec)
MDC
Seconds Avail (%)
-----+----------+----+--------------+------------+----------+---------+--------+---------+
43
21:21:36 cbr
3000
0.00000
10.075
NA
NA
NA
43
21:21:36 mdi
3000
600
10.075
600
0.000
100.000
42
21:21:06 cbr
3000
0.00000
10.075
NA
NA
NA
42
21:21:06 mdi
3000
600
10.075
600
0.000
100.000
41
21:20:36 cbr
3000
0.00000
10.075
NA
NA
NA
41
21:20:36 mdi
3000
600
10.075
600
0.000
100.000
40
21:20:06 cbr
3000
0.00000
10.075
NA
NA
NA
40
21:20:06 mdi
3000
600
10.075
600
0.000
100.000
39
21:19:36 cbr
3001
0.03300
10.075
NA
NA
NA
39
21:19:36 mdi
3001
600
10.075
600
0.000
100.000
Note
Upd at
Type
Pkt
count
Exp Lost
pkts pkts
Loss
Jitter MaxJitter Avg.Loss
Rate(%) (msec) (msec)
Duration
Video-monitoring on ethernet service instance is supported on ScEompls, SVI based Eompls, VPLS,
EVC BD, and EVC local connect services.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-23
Chapter 13
Use the show policy-map type performance-traffic interface interface_name aggregate command to
display the total number of flows on an interface:
Router#show policy-map type performance-traffic interface gig 8/11 aggregate
GigabitEthernet8/11
Service-policy input: video-swport
Total Number of flows
: 6
Use the show policy-map type performance-traffic interface interface_name brief command to
display brief description of all the metrics for all the flows on an interface.
Router#show policy-map type performance-traffic interface gig 8/11 brief
GigabitEthernet8/11
Service-policy input: video-swport
class-map: sw-vlan1
-----------------------------------------------------------------------------------------Mon-Interval(sec): 30, History(intvls): 2, Timeout(sec): 60, DF: rfc4445, Total Flows: 1
-----------------------------------------------------------------------------------------MRV(%)
Error Transport
FlowID Flow Key
Type Pkt_cnt /MLR
DF(msec) MDC Secs
Avail(%)
------------------ ------- ------ ------- --------1 21.0.1.2:63->32.0.1.2:5000,10:0
cbr 3000
0.00000 10.135
NA
NA
NA
1 21.0.1.2:63->32.0.1.2:5000,10:0
mdi 3000
600
10.135
600
0.000
100.000
class-map: sw-rtp-vlan1
-----------------------------------------------------------------------------------------Mon-Interval(sec): 30, History(intvls): 3, Timeout(sec): 60, Total Flows: 1
-----------------------------------------------------------------------------------------Expected Lost Loss
Jitter
Lost
Err Transport
FlowID Flow Key
Pkts
Pkts Rate(%) (msec) Intvls Secs Avail
------ -------------- ------- ----- ----- -------1 21.0.1.3:63->32.0.1.2:50000,10:0, 30536
536
1.75530 0.000
1
0.008 99.973
3735927471
Use the show policy-map type performance-traffic interface interface_name cumulative command
to display cumulative metrics for the flows on a specified interface.
Router#show policy-map type performance-traffic interface gig 8/11 cumulative
GigabitEthernet8/11
Service-policy input: video-swport
class-map: sw-vlan1
-----------------------------------------------------------------------------------------Mon-Interval(sec): 30, History(intvls): 2, Timeout(sec): 60, DF: rfc4445, Total Flows:
1
-----------------------------------------------------------------------------------------FlowID Flow Key
MRV(%)
MDC
MLR
Error Secs
Avail (%)
------ ---------------------------------1 21.0.1.2:63-> 32.0.1.2:5000, 10:0
0.00000 32400 32400
0.000
100.000
class-map: sw-rtp-vlan1
-----------------------------------------------------------------------------------------Mon-Interval(sec): 30, History(intvls): 3, Timeout(sec): 60, Total Flows: 1
-----------------------------------------------------------------------------------------FlowID FlowKey
Exp
Lost
Lost
Resyncs
Err
Avail
Pkts
Pkts
Intvls
Secs
------ ----------- ----------- ---------- ----1 21.0.1.3:63->32.0.1.2:50000,10:0,
1633428 13400
25
25
0.200 99.975
3735927471
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-24
OL-16147-20
Chapter 13
Use the show policy-map type performance-traffic interface interface_name input|output command
to display the data flow on an interface in a specified direction.
Router#show policy-map type performance-traffic interface gig 8/11 input
GigabitEthernet8/11
Service-policy input: video-swport
class-map: sw-vlan3
-----------------------------------------------------------------------------------------Mon-Interval(sec): 30, History(intvls): 5, Timeout(sec): 60, DF: rfc4445, Total Flows:
1
-----------------------------------------------------------------------------------------Flow: 0001, IPV4;
Dest: 12.0.0.2
Agg Value(Per Flow)
MDC
: 37200
MLR
: 37200
Port: 6300;
Src: 11.0.0.2
Avail(%)
: 100.000
Error_secs : 0.000
Port: 63
Pkt_cnt
MRV(%)
: 186003
: 0.00000
Error
Transport
Intvl Updated at Type
Pkt_cnt
MRV(%)/MLR
DF(msec)
MDC
Seconds Avail (%)
-----+----------+----+--------------+------------+----------+---------+--------+---------+
65
21:32:36
cbr
3000
0.00000
10.075
NA
NA
NA
65
21:32:36
mdi
3000
600
10.075
600
0.000
100.000
64
21:32:06
cbr
3000
0.00000
10.075
NA
NA
NA
64
21:32:06
mdi
3000
600
10.075
600
0.000
100.000
63
21:31:36
cbr
3000
0.00000
10.075
NA
NA
NA
63
21:31:36
mdi
3000
600
10.075
600
0.000
100.000
62
21:31:06
cbr
3000
0.00000
10.075
NA
NA
NA
62
21:31:06
mdi
3000
600
10.075
600
0.000
100.000
61
21:30:36
cbr
3000
0.00000
10.075
NA
NA
NA
61
21:30:36
mdi
3000
600
10.075
600
0.000
100.000
class-map: sw-rtp-vlan3
-----------------------------------------------------------------------------------------Mon-Interval(sec): 30, History(intvls): 5, Timeout(sec): 60, Total Flows: 1
-----------------------------------------------------------------------------------------Flow: 0001, IPV4;
Dest: 12.0.0.2 Port: 50000;
Src: 11.0.0.12 Port: 5000; rtp-ssrc:
3735927471
Agg Value(Per Flow)
Avail(%)
: 99.973
Loss_Intvls : 29
Resyncs
: 29
Pkt_cnt
: 1920034
Error_secs : 0.232
Pkt_exp
: 1935578
Pkt_lost : 15544
Pkt
Exp Lost Loss Jitter MaxJitter Avg. Loss Loss Err Transport
Intvl Updated Type count pkts pkts Rate(%) (msec) (msec) Dur.
Intvls Sec Avail(%)
-----+----------+----+----------+----------+----------+---------+--------+--------+------66
21:33:01 rtp 30000 30536 536 1.75530 0.005 0.048
536.00
1
0.008
99.973
65
21:32:31 rtp 30001 30001 0
0.00000 0.005 0.024
0.00
0
0.000 100.000
64
21:32:01 rtp 30000 30536 536 1.75530 0.006 0.048
536.00
1
0.008
99.973
63
21:31:31 rtp 30001 30001 0
0.00000 0.005 0.048
0.00
0
0.000 100.000
62
21:31:01 rtp 30000 30536 536 1.75530 0.005 0.024
536.00
1
0.008
99.973
Use the show policy-map type performance-traffic interface interface_name detail command to
display the detailed information for the latest interval of each flow.
Router#show policy-map type performance-traffic interface gig 8/11 detail
GigabitEthernet8/11
Service-policy input: video-swport
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-25
Chapter 13
class-map: sw-vlan3
-----------------------------------------------------------------------------------------Mon-Interval(sec): 30, History(intvls): 5, Timeout(sec): 60, DF: rfc4445, Total Flows:
1
-----------------------------------------------------------------------------------------Flow: 0001 Key: 11.0.0.2:63 -> 12.0.0.2:6300 Intervals : 1
Intvl# 68, Updated at 21:34:06.775 PDT Fri Jun 10 2011
Metric Type
: IP-CBR
MRV
: 0.00000%
DF(ms)
: 10.075
Packets
: 3000
Bytes
: 4296000
Intvl# 68, Updated at 21:34:06.775 PDT Fri Jun 10 2011
Metric Type
: MDI
MLR
: 600
MDC
: 600
Packets
: 3000
Bytes
: 4296000
DF(ms)
: 10.075
Error seconds
: 0.000
Transport Availability (%) : 100.000
class-map: sw-rtp-vlan3
-------------------------------------------------------------------------------------------Mon-Interval(sec): 30, History(intvls): 5, Timeout(sec): 60, Total Flows: 1
-------------------------------------------------------------------------------------------Flow: 0001 Key: 11.0.0.12:5000 -> 12.0.0.2:50000, 3735927471 Intervals : 1
Intvl# 68, Updated at 21:34:01.731 PDT Fri Jun 10 2011
Pkts Recieved : 30000
Pkts Exp
: 30536
Pkts Valid
:
Pkts Lost
: 536
Pkts Late
: 0
Pkts reord
:
Loss Rate (%) : 1.75530
Loss Intvls : 1
Avg Loss duration:
Jitter(msec) : 0.006
Max Jitter : 0.024
Resyncs
:
Error seconds : 0.008
Transport Availability (%) : 99.973
30000
0
536.00
1
Use the show policy-map type performance-traffic interface interface_name last n command to
display the last n number of intervals for each flow on an interface:
Router#show policy-map type performance-traffic interface gig 8/11 last 2
GigabitEthernet8/11
Service-policy input: video-swport
class-map: sw-vlan3
-----------------------------------------------------------------------------------------Mon-Interval(sec): 30, History(intvls): 5, Timeout(sec): 60, DF: rfc4445, Total Flows:
1
-----------------------------------------------------------------------------------------Flow: 0001, IPV4;
Dest: 12.0.0.2
Agg Value(Per Flow)
MDC
: 39600
MLR
: 39600
Port: 6300;
Src: 11.0.0.2
Avail(%)
: 100.000
Error_secs : 0.000
Port: 63
Pkt_cnt
MRV(%)
: 198003
: 0.00000
Error
Transport
Intvl Updated at
Type
Pkt_cnt
MRV(%)/MLR
DF(msec)
MDC
Seconds Avail (%)
-----+----------+----+--------------+------------+----------+---------+--------+---------+
69
21:34:36
cbr
3000
0.00000
10.075
NA
NA
NA
69
21:34:36
mdi
3000
600
10.075
600
0.000
100.000
68
21:34:06
cbr
3000
0.00000
10.075
NA
NA
NA
68
21:34:06
mdi
3000
600
10.075
600
0.000
100.000
class-map: sw-rtp-vlan3
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-26
OL-16147-20
Chapter 13
Intvl Updated
---- -----70 21:35:01
69 21:34:31
Pkt
Exp Lost Loss Jitter MaxJitter Avg. Loss Loss Err Transport
Type count pkts pkts Rate(%) (msec) (msec)
Dur.
Intvls Sec Avail(%)
--- ---- --- ----- -------- ----------------- ---- --rtp 30000 30536 536 1.75530 0.007 0.048
536.00
1
0.008 99.973
rtp 30001 30001 0
0.00000 0.007 0.048
0.00
0
0.000 100.000
Use the show policy-map type performance-traffic interface interface-name service instance
instance-number command to display all the flows learnt on the specified EVC:
Router#show policy-map type performance-traffic interface gig 8/11 ser in 1
GigabitEthernet8/11: EFP 1
Service-policy input: video-monitor
class-map: mpls
-----------------------------------------------------------------------------------------Mon-Interval(sec): 30, History(intvls): 5, Timeout(sec): 420, DF: rfc4445, Total
Flows: 1
-----------------------------------------------------------------------------------------Flow: 0001, IPV4;
Dest: 12.0.1.2
Agg Value(Per Flow)
MDC
: 7803
MLR
: 7803
Port: 6300;
Src: 11.0.1.2
Avail(%)
: 100.000
Error_secs : 0.000
Port: 63
Pkt_cnt
MRV(%)
: 39001
: 0.00000
Error
Transport
Intvl Updated at Type
Pkt_cnt
MRV(%)/MLR
DF(msec)
MDC
Seconds Avail (%)
-----+----------+----+--------------+------------+----------+---------+--------+---------+
21
22:20:04
cbr
3000
0.00000
10.135
NA
NA
NA
21
22:20:04
mdi
3000
600
10.135
600
0.000
100.000
20
22:19:34
cbr
3000
0.00000
10.248
NA
NA
NA
20
22:19:34
mdi
3000
600
10.248
600
0.000
100.000
19
22:19:04
cbr
3000
0.00000
10.134
NA
NA
NA
19
22:19:04
mdi
3000
600
10.134
600
0.000
100.000
18
22:18:34
cbr
3000
0.00000
10.135
NA
NA
NA
18
22:18:34
mdi
3000
600
10.135
600
0.000
100.000
17
22:18:04
cbr
3000
0.00000
10.229
NA
NA
NA
17
22:18:04
mdi
3000
600
10.229
600
0.000
100.000
class-map: rtp-mpls
-----------------------------------------------------------------------------------------Mon-Interval(sec): 30, History(intvls): 5, Timeout(sec): 420, Total Flows: 1
-----------------------------------------------------------------------------------------Flow: 0001, IPV4;
Dest: 12.0.1.2 Port: 50000;
Src: 11.0.0.13 Port: 63; rtp-ssrc:
3735927471
Agg Value(Per Flow)
Avail(%)
: 99.973
Loss_Intvls : 7
Resyncs
: 7
Pkt_cnt
: 420008
Error_secs : 0.056
Pkt_exp
: 423760
Pkt_lost : 3752
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-27
Chapter 13
Intvl Updated
---- -----21 22:20:09
20 22:19:39
19 22:19:09
18 22:18:39
17 22:18:09
Type
--rtp
rtp
rtp
rtp
rtp
Pkt
count
---30000
30001
30000
30001
30000
Exp Lost
pkts pkts
--- ----30000 0
30537 536
30000 0
30537 536
30000 0
************************************************************************
Use show running-config interface interface-name command to display detailed information about
interface:
router#sh running-config interface tenGigabitEthernet 7/21
Building configuration...
Current configuration : 816 bytes
interface TenGigabitEthernet7/21
ip arp inspection limit none
no ip address
ip rsvp bandwidth
service instance 1 ethernet
encapsulation dot1q 101
rewrite ingress tag pop 1 symmetric
service-policy type performance-traffic input video_monitor_1
service-policy type performance-traffic output video_monitor_2
bridge-domain 101
service instance 2 ethernet
encapsulation dot1q 102
rewrite ingress tag pop 1 symmetric
service-policy type performance-traffic input video_monitor_1
service-policy type performance-traffic output video_monitor_2
bridge-domain 102
end
Use the show policy-map type performance-traffic interface interface_name match ipv4 source
ip-address mask destination ip-address mask command to display the flow matching the specified IPV4
source or destination IP.
Router#show policy-map type performance-traffic interface gig 8/11 match ipv4 source
11.0.0.12 255.255.255.255 destination 12.0.0.2 255.255.255.255
GigabitEthernet8/11
Service-policy input: video-swport
class-map: sw-vlan3
-----------------------------------------------------------------------------------------Mon-Interval(sec): 30, History(intvls): 5, Timeout(sec): 60, DF: rfc4445, Total Flows: 1
------------------------------------------------------------------------------------------
class-map: sw-rtp-vlan3
-----------------------------------------------------------------------------------------Mon-Interval(sec): 30, History(intvls): 5, Timeout(sec): 60, Total Flows: 1
-----------------------------------------------------------------------------------------Flow: 0001, IPV4;
Dest: 12.0.0.2 Port: 50000;
Src: 11.0.0.12 Port: 5000; rtp-ssrc:
3735927471
Agg Value(Per Flow)
Avail(%)
: 99.973
Loss_Intvls : 32
Resyncs
: 32
Pkt_cnt
: 2130038
Error_secs : 0.256
Pkt_exp
: 2147190
Pkt_lost : 17152
Pkt
Exp
Lost
Loss
Jitter
Loss
Err Transport
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-28
OL-16147-20
Chapter 13
Intvl Updated
---- -----73 21:36:31
72 21:36:01
71 21:35:31
70 21:35:01
69 21:34:31
Note
The match option can be used with brief, cumulative, or detail options in the show command.
Note
The last option can be used with brief or detail options in the show command.
Check the interface statistics using the show interface interface-type slot/port command to
ensure that the traffic is flowing.
2.
Check the configuration of class-map and the ACL configured under the class-map to ensure
that the ACL is classifying the flows. The following example shows how to check the
configuration of a class-map:
ROUTER#show running-config class-map video-class
Building configuration...
Current configuration : 67 bytes
!
class-map match-any video-class
match access-group 102
!
end
ROUTER#
outer#sh access-lists 102
Extended IP access list 102
10 permit ip any host 200.0.0.2
3.
Note
Check whether the rate layer3 packet command or rate media command is configured under
the class using show policy-map type performance-traffic policy-map-name command.
The data flow path is not learnt for fragmented packets, MPLS packets, non-UDP protocols, and
tunneled packets.
The change in media rate does not affects the DF metrics.
Use the show policy-map type performance-traffic policy-map-name command to check if the
rate layer3 packet command is configured for the class. If the rate layer3 packet command is
configured for the class, the IP-CBR packet rate configuration is used for both the IP-CBR and MDI
metric calculations.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-29
Chapter 13
When packets are dropped, no message is triggered for MDI:DF even if the TCAs (reacts) are
configured for MDI:DF.
When there are drops seen in the stream, DF computed is incorrect. In such a case, where packets
are dropped in a stream(MLR), the computed DF is not used for triggering the message.
TCA threshold messages are not triggered even when the metric value crosses the configured range.
Use the show policy-map type performance-traffic policy-map-name command to verify that the
alarm severity is not configured to none.
2.
Run the show platform npc performance-traffic action np number interface classmap
command to display the class-map configuration on the line card.
3.
Run the show platform npc performance-traffic action np number interface result command
to display the class-map structure used by the microcode.
4.
Run the show platform npc performance-traffic action np number interface stats command
to print per flow statistics for the network processor.
5.
Run the show platform npc performance-traffic action np number stats command to print the
aggregate flow count in the network processor.
6.
Run the show platform npc performance-traffic classification all to print the classification
details for each class.
Supported MIBs
Video Monitoring supports the following MIBs. These MIBs are used for retrieving the data collected
by flow monitors.
CISCO-FLOW-MONITOR-MIB: This MIB module defines a framework that describes the flow
monitors supported by the system, the flows that are learned, and the flow metrics collected for those
flows.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-30
OL-16147-20
Chapter 13
CISCO-RTP-METRICS-MIB: This MIB module defines objects that describe the quality metrics
of RTP streams.
Configuring IPv6 Rapid Deployment on the Cisco 7600 series router Platform, page 13-34
6RD does not require IP addresses to have a 2002::/16 prefix. Therefore, the prefix can be from the
service provider's own address block. This function allows the 6RD operational domain to be within
the service provider network. From the perspective of customer sites and the general IPv6 internet
connected to a 6RD-enabled service provider network, the IPv6 service provided is equivalent to
native IPv6.
Not all the 32 bits from the IPv4 destination address are carried to the IPv6 payload header. The IPv4
destination is obtained from a combination of bits in the payload header and information on the
router. The IPv4 address is not at a fixed location in the IPv6 header as in the case with 6to4
tunneling.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-31
Chapter 13
Figure 13-1
6RD Deployment
The service provider delegates a 6RD service provider prefix for the IPv6 deployment, using the IPv4
address bits.
Figure 13-2 shows how 6RD prefix delegation works.
Figure 13-2
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-32
OL-16147-20
Chapter 13
Supported Features
Table 13-3 shows the list of supported and unsupported features for 6RD functionality.
Table 13-3
Feature
Supported
6RD BR mode
Yes
6RD CE mode
Yes
6RD tunnel
Yes
Scale
512
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-33
Chapter 13
Feature
Supported
MIBs
No
Linecards
ES40
VRF awareness
No
ISG Co-existence
No
Qos on Tunnels
No
Configuring IPv6 Rapid Deployment on the Cisco 7600 series router Platform
The following sections describe how to configure 6RD on the c7600 platform:
Configuring 6RD
Complete the following steps to configure 6RD.
SUMMARY STEPS
Step 1
enable
Step 2
configure terminal
Step 3
Step 4
Step 5
Step 6
Step 7
Step 8
Step 9
Step 10
exit
Step 11
Step 12
ip address ip-address
Step 13
Step 14
exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-34
OL-16147-20
Chapter 13
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
interface tunnel
tunnel-number
Example:
Router(config)# interface
tunnel 1
Step 4
ipv6 address
{ipv6-address/prefix-length |
prefix-name
sub-bits/prefix-length}
Specifies the IPv6 address assigned to the interface and enables IPv6 processing
on the interface.
Example:
Router(config-if)# ipv6
address
2001:B000:400::1/124
Step 5
Specifies the source interface type and number for the tunnel interface.
Example:
Router(config-if)# tunnel
source loopback 0
Step 6
Example:
Router(config-if)# tunnel
mode ipv6ip 6rd
Step 7
Redirects the IPv6 traffic to IPv4 core facing interface on the ES40 line card.
Example:
Router(config-if)# mls 6rd
reserve interface gig 9/5
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-35
Chapter 13
Step 8
Command or Action
Purpose
Example:
Router(config-if)# tunnel
6rd prefix 2001:B000::/32
Step 9
Specifies the prefix and suffix length of the IPv4 transport address common to all
the 6RD routers in a domain.
Example:
Router(config-if)# tunnel
6rd ipv4 prefix-len 16
suffix-len 8
Step 10
exit
Exits configuration mode, and returns the CLI to privileged EXEC mode.
Example:
Router(config-if)# exit
Step 11
interface
type instance
Enters interface configuration mode and names the new loopback interface.
Example:
Router(config)# interface
loopback 0
Step 12
ip address
ip-address
Example:
Router(config-if)# ip
address 10.1.4.1
255.255.255.255
Step 13
ipv6 route
ipv6-prefix/prefix-length
tunnel tunnel-number
Example:
Router(config-if)# ipv6
route 2001:b000::/32
tunnel 1
Step 14
end
Example:
Router(config-if)# end
Configuration Examples
This example shows how to configure 6RD.
Router# enable
Router# configure terminal
Router(config)# interface tunnel 1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-36
OL-16147-20
Chapter 13
Troubleshooting Tips
For troubleshooting information, contact Cisco Technical Assistance Center (TAC) at:
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-37
Chapter 13
IPv6 overlay address in VRF and IPv4 transport address in Global routing table (RT).
Figure 13-4 illustrates the topology for the IPv6 overlay address in VRF, and the IPv4 transport address
in VRF.
Figure 13-4
The VRF Aware IPv6 over IPv4 Tunnel can have any line card towards the core facing side.
.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-38
OL-16147-20
Chapter 13
Due to EARL limitation, the same source tunnels across VRFs are not supported.
The tunnel source and the tunnel destination should be in the same VRF instance.
The tunnel IPv4 transport addresses and the physical interface where the tunnel traffic exits, should be
in the same VRF instance.
The incoming IPv6 interface and the tunnel should be in the same VRF instance.
Configure IPv6 overlay addresses in VRF and IPv4 transport addresses in Global RT, page 13-39
Configure IPv6 overlay addresses in VRF and IPv4 transport addresses in VRF, page 13-45
Configure IPv6 overlay addresses in VRF and IPv4 transport addresses in Global RT
Complete the following steps to configure IPv6 overlay addresses in VRF and IPv4 transport addresses in
Global RT:
SUMMARY STEPS
Step 1
enable
Step 2
configure terminal
Step 3
ipv6 unicast-routing
Step 4
Step 5
Step 6
Step 7
Step 8
address-family ipv6
Step 9
exit
Step 10
address-family ipv4
Step 11
exit
Step 12
exit
Step 13
Step 14
Step 15
Step 16
exit
Step 17
Step 18
ip address ip-address
Step 19
exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-39
Chapter 13
Step 20
Step 21
ip address ip-address
Step 22
exit
Step 23
Step 24
Step 25
Step 26
Step 27
Step 28
Step 29
end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-40
OL-16147-20
Chapter 13
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
ipv6 unicast-routing
Example:
Router(config)# ipv6
unicast-routing
Step 4
Example:
Router(config)# mls ipv6
vrf
Step 5
Example:
Router(config)# vrf
definition VRF_RED
Step 6
rd {ASN:nn | IP address:
nn}
Example:
Router(config-vrf)# rd 1:1
Step 7
route-target [import |
export | both]{ASN:nn | IP
address: nn}
Example:
Router(config-vrf)#route-ta
rget export 1:1
Router(config-vrf)#route-ta
rget import 1:1
Step 8
address-family ipv6
Example:
both: Imports both import and export routing information to the target VPN
extended community.
Selects an address family type for a VRF table and enters VRF address family
configuration mode. This command configures the separate route-target policies
for IPv6.
Router#(config-vrf)#address
-family ipv6
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-41
Chapter 13
Step 9
Command or Action
Purpose
exit
Example:
Router#(config-vrf-af)#exit
Step 10
address-family ipv4
Example:
Selects an address family type for a VRF table and enters VRF address family
configuration mode. This command configures the separate route-target policies
for IPv4.
Router#(config-vrf)#address
-family ipv4
Step 11
exit
Example:
Router#
(config-vrf-af)#exit
Step 12
exit
Example:
Router#(config-vrf)#exit
Step 13
interface gigabitethernet
slot/port
Enters the interface configuration mode and specifies the Gigabit interface to
configure.
Example:
Note
Router(config)# interface
gigabitethernet 3/1
Step 14
Example:
Router(config-if)#vrf
forwarding VRF_RED
Step 15
ipv6 address
{ipv6-address|prefix-length
| prefix-name sub-bits
|prefix-length}
Specifies the IPv6 address assigned to the interface and enables IPv6 processing
on the interface.
Example:
Router (config-if)# ipv6
address 1::2/64
Step 16
exit
Example:
Router (config-if)#exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-42
OL-16147-20
Chapter 13
Step 17
Command or Action
Purpose
interface gigabitethernet
slot/port
Enters the interface configuration mode and specifies the Gigabit interface to
configure.
Example:
Step 18
Router(config)# interface
gigabitethernet 4/1
Note
ip address ip-address
Example:
Router(config-if)#ip
address 10.1.1.1
255.255.255.0
Step 19
exit
Example:
Router(config-if)# exit
Step 20
interface loopback
interface-number
Enters interface configuration mode and names the new loopback interface.
Note
Example:
Router(config)# interface
Loopback 666
Step 21
ip address ip-address
Example:
Router(config-if)#ip
address 66.66.66.66
255.255.255.255
Step 22
exit
Example:
Router(config-if)# exit
Step 23
interface tunnel
tunnel-number
Example:
Router(config)# interface
tunnel 666
Step 24
Example:
This command specifies the VRF instance to which the tunnel belongs,
that is, the VRF instance used for IPv6 overlay address lookup.
Router# (config-if)#vrf
forwarding VRF_RED
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-43
Chapter 13
Command or Action
Step 25
ipv6 address
{ipv6-address/prefix-length
Purpose
|
prefix-name
sub-bits/prefix-length}
Specifies the IPv6 address assigned to the interface and enables IPv6 processing
on the interface.
Example:
Router(config-if)# ipv6
address 3::1/120
Step 26
Specifies the source interface type and number for the tunnel interface.
Example:
Router(config-if)# tunnel
source loopback 666
Step 27
tunnel destination
{host-name | ip-address |
ipv6-address}
Example:
Router(config-if)# tunnel
destination 10.66.66.1
Step 28
Example:
Router(config-if)# tunnel
mode ipv6ip
Step 29
end
Example:
Router(config-if)# end
Configuration Example
This example shows how to configure the IPv6 overlay addresses in VRF, and the IPv4 transport
addresses in the Global Routing Table:
Router# enable
Router# configure terminal
Router(config)# ipv6 unicast-routing
Router(config)# mls ipv6 vrf
Router(config)# vrf definition VRF_RED
Router(config-vrf)# rd 1:1
Router(config-vrf)# route-target export 1:1
Router(config-vrf)# route-target import 1:1
Router(config-vrf)# address-family ipv6
Router(config-vrf-af)# exit
Router(config-vrf)# address-family ipv4
Router(config-vrf)# (config-vrf-af)# exit
Router(config-vrf)# exit
Router(config)# interface gigabitethernet 3/1
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-44
OL-16147-20
Chapter 13
Configure IPv6 overlay addresses in VRF and IPv4 transport addresses in VRF
Complete the following steps to configure IPv6 overlay addresses in VRF, and IPv4 transport addresses
in VRF:
SUMMARY STEPS
Step 1
enable
Step 2
configure terminal
Step 3
ipv6 unicast-routing
Step 4
Step 5
Step 6
Step 7
Step 8
address-family ipv6
Step 9
exit
Step 10
address-family ipv4
Step 11
exit
Step 12
exit
Step 13
Step 14
Step 15
Step 16
address-family ipv4
Step 17
exit
Step 18
exit
Step 19
Step 20
Step 21
Step 22
exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-45
Chapter 13
Step 23
Step 24
Step 25
ip address ip-address
Step 26
exit
Step 27
Step 28
Step 29
ip address ip-address
Step 30
exit
Step 31
Step 32
Step 33
Step 34
Step 35
Step 36
Step 37
Step 38
end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-46
OL-16147-20
Chapter 13
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
ipv6 unicast-routing
Example:
Router(config)# ipv6
unicast-routing
Step 4
Example:
Router(config)# mls ipv6
vrf
Step 5
Example:
Router(config)# vrf
definition VRF_RED
Step 6
rd {ASN:nn | IP address:
nn}
Example:
Router(config-vrf)# rd 1:1
Step 7
route-target [import |
export | both]{ASN:nn | IP
address: nn}
Example:
Router(config-vrf)#route-t
arget export 1:1
Router(config-vrf)#route-t
arget import 1:1
Step 8
address-family ipv6
Example:
both: Imports both import and export routing information to the target VPN
extended community.
Select san address family type for a VRF table and enters VRF address family
configuration mode. This command configures the separate route-target policies
for IPv6.
Router(config-vrf)#address
-family ipv6
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-47
Chapter 13
Step 9
Command or Action
Purpose
exit
Example:
Router(config-vrf-af)#exit
Step 10
address-family ipv4
Example:
Selects an address family type for a VRF table and enters VRF address family
configuration mode. This command configures the separate route-target policies
for IPv4.
Router(config-vrf)#address
-family ipv4
Step 11
exit
Example:
Router
(config-vrf-af)#exit
Step 12
exit
Example:
Router(config-vrf)#exit
Step 13
Example:
Router(config)# vrf
definition VRF_GREEN
Step 14
rd {ASN:nn | IP address:
nn}
Example:
Router(config-vrf)# rd 1:1
Step 15
route-target [import |
export | both]{ASN:nn | IP
address: nn}
Example:
Router(config-vrf)#route-t
arget export 1:1
Router(config-vrf)#route-t
arget import 1:1
Step 16
address-family ipv4
Example:
both: Imports both import and export routing information to the target VPN
extended community.
Selects an address family type for a VRF table and enters VRF address family
configuration mode. This command configures the separate route-target policies
for IPv4.
Router(config-vrf)#address
-family ipv4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-48
OL-16147-20
Chapter 13
Step 17
Command or Action
Purpose
exit
Example:
Router
(config-vrf-af)#exit
Step 18
exit
Example:
Router(config-vrf)#exit
Step 19
interface gigabitethernet
slot/port
Enters the interface configuration mode and specifies the Gigabit interface to
configure.
Example:
Router(config)# interface
gigabitethernet 3/1
Step 20
Note
Example:
Router(config-if)#vrf
forwarding VRF_RED
Step 21
ipv6 address
{ipv6-address|prefix-lengt
h | prefix-name sub-bits
|prefix-length}
Specifies the IPv6 address assigned to the interface and enables IPv6 processing
on the interface.
Example:
Router(config-if)# ipv6
address 1::2/64
Step 22
exit
Example:
Router# (config-if)# exit
Step 23
interface gigabitethernet
slot/port
Enters the interface configuration mode and specifies the Gigabit interface to
configure.
Example:
Router(config)# interface
gigabitethernet 4/1
Step 24
Note
Example:
Router(config-if)#vrf
forwarding VRF_GREEN
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-49
Chapter 13
Step 25
Command or Action
Purpose
ip address ip-address
Example:
Router(config-if)#ip
address 10.1.1.1
255.255.255.0
Step 26
exit
Example:
Router(config-if)# exit
Step 27
interface loopback
interface-number
Enters interface configuration mode and names the new loopback interface.
Note
Example:
Router(config)# interface
Loopback 666
Step 28
Example:
Router(config-if)#vrf
forwarding VRF_GREEN
Step 29
ip address ip-address
Example:
Router(config-if)#ip
address 66.66.66.66
255.255.255.255
Step 30
exit
Example:
Router(config-if)# exit
Step 31
interface tunnel
tunnel-number
Example:
Router(config)# interface
tunnel 666
Step 32
Example:
This command specifies the VRF instance to which the tunnel belongs, that
is, the VRF instance used for IPv6 overlay address lookup.
Router(config-if)#vrf
forwarding VRF_RED
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-50
OL-16147-20
Chapter 13
Command or Action
Step 33
ipv6 address
{ipv6-address/prefix-length
Purpose
|
prefix-name
sub-bits/prefix-length}
Specifies the IPv6 address assigned to the interface and enables IPv6 processing
on the interface.
Example:
Router(config-if)# ipv6
address 3::1/120
Step 34
Specifies the source interface type and number for the tunnel interface.
Example:
Router(config-if)# tunnel
source loopback 666
Step 35
tunnel destination
{host-name | ip-address |
ipv6-address}
Example:
Router(config-if)# tunnel
destination 10.66.66.1
Step 36
Example:
Router(config-if)# tunnel
mode ipv6ip
Step 37
Example:
Note
Router(config-if)# tunnel
vrf VRF_GREEN
Step 38
end
This command specifies the VRF instance used for tunnel IPv4 transport
address lookup, that is, the tunnel source and the tunnel destination.
Example:
Router(config-if)# end
Configuration Example
This example shows how to configure the IPv6 overlay addresses in VRF, and the IPv4 transport
addresses in VRF:
Router# enable
Router# configure terminal
Router(config)# ipv6 unicast-routing
Router(config)# mls ipv6 vrf
Router(config)# vrf definition VRF_RED
Router(config-vrf)# rd 1:1
Router(config-vrf)# route-target export 1:1
Router(config-vrf)# route-target import 1:1
Router(config-vrf)# address-family ipv6
Router(config-vrf-af)# exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-51
Chapter 13
Default RD
100:1
Protocols
ipv4,ipv6
Interfaces
Tu666
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-52
OL-16147-20
Chapter 13
Troubleshooting Tips
For troubleshooting information, contact Cisco Technical Assistance Center (TAC) at:
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-53
Chapter 13
The VRF Aware IPv6 over IPv4 GRE tunnel must have ES+ line card towards the core facing side.
The IPv4 tunnel facing interface must be on the ES+ line card.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-54
OL-16147-20
Chapter 13
The IPv4 fragmentation after tunnel encapcapsulation is not supported in the hardware.
The fragmented IPv4 packets for tunnel decapsulation is not supported in the hardware.
The IPv4 GRE keepalives are supported, but the IPv6 GRE keepalives are not supported.
The keepalives are not supported when the VRF instances configured using the vrf forwarding and
tunnel vrf commands are different.
Due to EARL limitation, same source tunnels across VRFs are not supported.
With scaled configurations, when changing the tunnel mode from IPv6 over GRE to IPv6IP and on
enabling the mls mpls tunnel-recirc command, the system didplays an error message with a
traceback.
enable
Step 2
configure terminal
Step 3
ipv6 unicast-routing
Step 4
Step 5
Step 6
exit
Step 7
Step 8
ip address ip-address
Step 9
exit
Step 10
Step 11
ip address ip-address
Step 12
exit
Step 13
Step 14
ipv6 enable
Step 15
Step 16
Step 17
Step 18
Step 19
exit
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-55
Chapter 13
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
ipv6 unicast-routing
Example:
Router(config)# ipv6
unicast-routing
Step 4
interface gigabitethernet
slot/port
Enters the interface configuration mode and specifies the Gigabit interface to
configure.
Example:
Router(config)# interface
gigabitethernet 3/1
Step 5
ipv6 address
{ipv6-address|prefix-lengt
h | prefix-name sub-bits
|prefix-length}
Note
Specifies the IPv6 address assigned to the interface, and enables IPv6 processing
on the interface.
Example:
Router(config-if)# ipv6
address 1::2/64
Step 6
exit
Example:
Router# (config-if)# exit
Step 7
interface gigabitethernet
slot/port
Enters the interface configuration mode and specifies the Gigabit interface to
configure.
Example:
Router(config)# interface
gigabitethernet 4/1
Step 8
ip address ip-address
Note
Example:
Router(config-if)#ip
address 10.1.1.1
255.255.255.0
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-56
OL-16147-20
Chapter 13
Step 9
Command or Action
Purpose
exit
Example:
Router(config-if)# exit
Step 10
Enters interface configuration mode and names the new loopback interface.
interface loopback
interface-number
Note
Example:
Router(config)# interface
Loopback 666
Step 11
ip address ip-address
Example:
Router(config-if)#ip
address 66.66.66.66
255.255.255.255
Step 12
exit
Example:
Router(config-if)# exit
Step 13
interface tunnel
tunnel-number
Note
Example:
Router(config)# interface
tunnel 666
Step 14
ipv6 enable
Example:
Router(config-if)# ipv6
enable
Step 15
ipv6 address
{ipv6-address/prefix-length
prefix-name
sub-bits/prefix-length}
Specifies the IPv6 address assigned to the interface, and enables IPv6 processing
on the interface.
Example:
Router(config-if)# ipv6
address 3::1/120
Step 16
Specifies the source interface type and number for the tunnel interface.
Example:
Router(config-if)# tunnel
source loopback 666
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-57
Chapter 13
Step 17
Command or Action
Purpose
tunnel destination
{host-name | ip-address |
ipv6-address}
Example:
Router(config-if)# tunnel
destination 10.66.66.1
Step 18
Example:
Router(config-if)# tunnel
mode gre ip
Step 19
end
Example:
Router(config-if)# end
Configuration Example
This example shows how to configure IPv6 traffic over IPv4-GRE tunnel:
Router# enable
Router# configure terminal
Router(config)# ipv6 unicast-routing
Router(config)# interface gigabitethernet 3/1
Router(config-if)# ipv6 address 1::2/64
Router(config-if)# exit
Router(config)# interface gigabitethernet 4/1
Router(config-if)# ip address 10.1.1.1 255.255.255.0
Router(config-if)# exit
Router(config)# interface Loopback 666
Router(config-if)# ip address 66.66.66.66 255.255.255.255
Router(config-if)# exit
Router(config)# interface tunnel 666
Router(config-if)# ipv6 enable
Router(config-if)# ipv6 address 3::1/120
Router(config-if)# tunnel source loopback 666
Router(config-if)# tunnel destination 10.66.66.1
Router(config-if)# tunnel mode gre ip
Router(config-if)# end
enable
Step 2
configure terminal
Step 3
ipv6 unicast-routing
Step 4
Step 5
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-58
OL-16147-20
Chapter 13
Step 6
Step 7
Step 8
address-family ipv6
Step 9
exit
Step 10
address-family ipv4
Step 11
exit
Step 12
exit
Step 13
Step 14
Step 15
Step 16
address-family ipv4
Step 17
exit
Step 18
exit
Step 19
Step 20
Step 21
Step 22
exit
Step 23
Step 24
Step 25
ip address ip-address
Step 26
exit
Step 27
Step 28
Step 29
ip address ip-address
Step 30
exit
Step 31
Step 32
Step 33
Step 34
Step 35
Step 36
Step 37
Step 38
end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-59
Chapter 13
DETAILED STEPS
Step 1
Command or Action
Purpose
enable
Example:
Router# enable
Step 2
configure terminal
Example:
Router# configure terminal
Step 3
ipv6 unicast-routing
Example:
Router(config)# ipv6
unicast-routing
Step 4
Example:
Router(config)# mls ipv6
vrf
Step 5
Example:
Router(config)# vrf
definition VRF_RED
Step 6
rd {ASN:nn | IP address:
nn}
Example:
Specifies an RD.
Router(config-vrf)# rd 1:1
Step 7
route-target [import |
export | both]{ASN:nn | IP
address: nn}
Example:
Router(config-vrf)#route-t
arget export 1:1
Router(config-vrf)#route-t
arget import 1:1
Step 8
address-family ipv6
Example:
both: Imports both import and export routing information to the target VPN
extended community.
Select san address family type for a VRF table and enters VRF address family
configuration mode. This command configures the separate route-target policies
for IPv6.
Router(config-vrf)#address
-family ipv6
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-60
OL-16147-20
Chapter 13
Step 9
Command or Action
Purpose
exit
Example:
Router(config-vrf-af)#exit
Step 10
address-family ipv4
Example:
Selects an address family type for a VRF table and enters VRF address family
configuration mode. This command configures the separate route-target policies
for IPv4.
Router(config-vrf)#address
-family ipv4
Step 11
exit
Example:
Router
(config-vrf-af)#exit
Step 12
exit
Example:
Router(config-vrf)#exit
Step 13
Example:
Router(config)# vrf
definition VRF_GREEN
Step 14
rd {ASN:nn | IP address:
nn}
Example:
Specifies an RD.
Router(config-vrf)# rd 1:1
Step 15
route-target [import |
export | both]{ASN:nn | IP
address: nn}
Example:
Router(config-vrf)#route-t
arget export 1:1
Router(config-vrf)#route-t
arget import 1:1
Step 16
address-family ipv4
Example:
both: Imports both import and export routing information to the target VPN
extended community.
Selects an address family type for a VRF table and enters VRF address family
configuration mode. This command configures the separate route-target policies
for IPv4.
Router(config-vrf)#address
-family ipv4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-61
Chapter 13
Step 17
Command or Action
Purpose
exit
Example:
Router
(config-vrf-af)#exit
Step 18
exit
Example:
Router(config-vrf)#exit
Step 19
interface gigabitethernet
slot/port
Enters the interface configuration mode and specifies the Gigabit interface to
configure.
Example:
Router(config)# interface
gigabitethernet 3/1
Step 20
Note
Example:
Router(config-if)#vrf
forwarding VRF_RED
Step 21
ipv6 address
{ipv6-address|prefix-lengt
h | prefix-name sub-bits
|prefix-length}
Specifies the IPv6 address assigned to the interface and enables IPv6 processing
on the interface.
Example:
Router(config-if)# ipv6
address 1::2/64
Step 22
exit
Example:
Router# (config-if)# exit
Step 23
interface gigabitethernet
slot/port
Enters the interface configuration mode and specifies the Gigabit interface to
configure.
Example:
Router(config)# interface
gigabitethernet 4/1
Step 24
Note
Example:
Router(config-if)#vrf
forwarding VRF_GREEN
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-62
OL-16147-20
Chapter 13
Step 25
Command or Action
Purpose
ip address ip-address
Example:
Router(config-if)#ip
address 10.1.1.1
255.255.255.0
Step 26
exit
Example:
Router(config-if)# exit
Step 27
interface loopback
interface-number
Enters interface configuration mode and names the new loopback interface.
Note
Example:
Router(config)# interface
Loopback 666
Step 28
Example:
Router(config-if)#vrf
forwarding VRF_GREEN
Step 29
ip address ip-address
Example:
Router(config-if)#ip
address 66.66.66.66
255.255.255.255
Step 30
exit
Example:
Router(config-if)# exit
Step 31
interface tunnel
tunnel-number
Example:
Router(config)# interface
tunnel 666
Step 32
Example:
This command specifies the VRF instance to which the tunnel belongs ,
that is, the VRF instance used for IPv6 overlay address lookup.
Router(config-if)#vrf
forwarding VRF_RED
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-63
Chapter 13
Step 33
Command or Action
Purpose
ipv6 address
{ipv6-address|prefix-lengt
h | prefix-name sub-bits
|prefix-length}
Specifies the IPv6 address assigned to the interface and enables IPv6 processing
on the interface.
Example:
Router(config-if)# ipv6
address 3::1/120
Step 34
Specifies the source interface type and number for the tunnel interface.
Example:
Router(config-if)# tunnel
source loopback 666
Step 35
tunnel destination
{host-name | ip-address |
ipv6-address}
Example:
Router(config-if)# tunnel
destination 10.66.66.1
Step 36
Example:
Router(config-if)# tunnel
mode gre ip
Step 37
Example:
Note
Router(config-if)# tunnel
vrf VRF_GREEN
Step 38
end
This command specifies the VRF instance used for tunnel IPv4 transport
address lookup, that is, the tunnel source and the tunnel destination.
Example:
Router(config-if)# end
Configuration Example
This example shows how to configure VRF Aware IPv6 over IPv4-GRE Tunnel:
Router# enable
Router# configure terminal
Router(config)# ipv6 unicast-routing
Router(config)# mls ipv6 vrf
Router(config)# vrf definition VRF_RED
Router(config-vrf)# rd 1:1
Router(config-vrf)# route-target export 1:1
Router(config-vrf)# route-target import 1:1
Router(config-vrf)# address-family ipv6
Router(config-vrf-af)# exit
Router(config-vrf)# address-family ipv4
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-64
OL-16147-20
Chapter 13
Router(config-vrf-af)# exit
Router(config-vrf)# exit
Router(config)# vrf definition VRF_GREEN
Router(config-vrf)# rd 1:1
Router(config-vrf)# route-target export 1:1
Router(config-vrf)# route-target import 1:1
Router(config-vrf)# address-family ipv4
Router(config-vrf-af)# exit
Router(config-vrf)# exit
Router(config)# interface gigabitethernet 3/1
Router(config-if)# vrf forwarding VRF_RED
Router(config-if)# ipv6 address 1::2/64
Router(config-if)# exit
Router(config)# interface gigabitethernet 4/1
Router(config-if)# vrf forwarding VRF_GREEN
Router(config-if)# ip address 10.1.1.1 255.255.255.0
Router(config-if)# exit
Router(config)# interface Loopback 666
Router(config-if)# vrf forwarding VRF_GREEN
Router(config-if)# ip address 66.66.66.66 255.255.255.255
Router(config-if)# exit
Router(config)# interface tunnel 666
Router(config-if)# vrf forwarding VRF_RED
Router(config-if)# ipv6 address 3::1/120
Router(config-if)# tunnel source loopback 666
Router(config-if)# tunnel destination 10.66.66.1
Router(config-if)# tunnel mode gre ip
Router(config-if)# tunnel vrf VRF_GREEN
Router(config-if)# end
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-65
Chapter 13
..?.ht........\D
*E..BBBBABBB..B.
Raw output :
g_vmr.value : 42 42 42 42 42 42 42 41 03 00 00 00 00 00 00 00 00 00 E8 80
g_vmr.mask : 00 00 00 00 00 00 00 00 00 FF FF FF FF FF FF FF FF FF 64 A0
g_vmr.result: 04 01 01 03 00 09 C2 87
Dumping tcam for 1026 on NP 1
Key Decode :
Source
IP : 66.66.66.65 Mask : 00000000
Destination IP : 66.66.66.66 Mask : 00000000
Feature id
: 3 Mask : 00
Result Decode :
Vlan
: 1025
Statistics ID
: 0x9C28B
Raw output :
g_vmr.value : 42 42 42 42 42 42 42 41 03 00 00 00 00 00 00 00 00 00 E8 80
g_vmr.mask : 00 00 00 00 00 00 00 00 00 FF FF FF FF FF FF FF FF FF 64 A0
g_vmr.result: 04 01 01 03 00 09 C2 8B
Router# show platform npc ipv6ogre xlif 1026
Egress XLIF table fields
Feature common enable:
Feature enable:
Feature bits:
Control common bits:
Control feature bits:
Control rewrite opcode:
Port:
Match cond
Entry valid:
Optimal Path en :
Dbus VLAN:
QoS policy ID:
ACL ID:
Statistics ID:
Inner rewrite VLAN:
Outer rewrite VLAN:
QoS flow ID:
IP Session en :
0x1
0x1
0x04
0x00
0x00
0x00
0x4
0x1
0x1
0x0
1017
0
0
0
0
0
0
0
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-66
OL-16147-20
Chapter 13
Feature data 0
Intf etype:
Multicast enable:
Post Filter Opcode
Pre Filter Opcode
Pre Tag Outer
Pre Tag Inner
Post Filter Vlan high
Post Filter Vlan low
Post Filter Vlan outer
EVC - MST:
EVC etype
CFM MEP Level
CFM MIP Level
CFM disable
MIP filtering
block_data: 0x0
block_l2bpdu: 0x1
sacl:
sacl index:
sacl statid:
Span Enable:
0x40C40010
0x00004242
0x00000001
0x00000004
0x00000000
0x00000010
0x000000C4
0x00000414
0x00000242
0x00000242
0x0
0x03F9
0x00000004
0x00000002
0x0
0x1
0x0
0x0000
0x00100
0x0
0x1
0x1
0x01
0x00
0x00
0x00
0x4
0x1
0x1
0x1
1017
0
0
0
0
0
0
0
0x00C40010
0x00008100
0x00000000
0x00000008
0x00000000
0x00000010
0x000000C4
0x00000000
0x00000100
0x00000000
0x0
0x0000
0x00000000
0x00000000
0x0
0x0
0x0
0x0000
0x00000
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-67
Chapter 13
Span Enable:
0x0
Troubleshooting Tips
For troubleshooting information, contact Cisco Technical Assistance Center (TAC) at:
http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
Classifies traffic based on extended access list criteria. It provides access to lists and then establishes
the match criteria.
Sets IPv6 precedence bits and enables the network to differentiate classes of service.
Routes packets to specific traffic-engineered paths. You can route the packets to allow a specific
quality of service (QoS) through the network.
The Cisco 7600 Series Router implements this feature using the Earl7 forwarding engines capability to
classify traffic through an Access Control List (ACL) Ternary Content Addressable Memory (TCAM)
lookup. The ACL TCAM lookup classifies traffic based on the combination of a variety of Layer 3 and
Layer 4 traffic parameters. Once classified, the ACL TCAM drives results for matching flows. The
Feature Manager (FM) component converts the route map policy configured on an interface into a series
of values, masks and results (VMRs) and programs these in the ACL TCAM.
If a packet matches all match statements for a route map that is marked as permit, the router subjects
the packet to PBR using the set statements.
If the packet matches any match statements for a route map that is marked as deny, the router does
not subject the packet to PBR and forwards it normally.
If the statement is marked as permit and the packets do not match any route map statements, the
router sends the packets back through the normal forwarding channels and performs
destination-based routing.
Packet Matching
The IPv6 PBR match criterion for a sequence is specified through a combination of IPv6 access-lists and
packet length operations. Match statements are evaluated first by the criteria specified in the match ipv6
address command and then by criteria specified in the match length command. Therefore, if both an
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-68
OL-16147-20
Chapter 13
ACL and a length statement are used, a packet is first subjected to an ACL match. Only packets that pass
the ACL match are subjected to the length match. Finally, only packets that pass both the ACL and the
length statement are policy routed.
Set Statement
Notes
Specifies the next hop for the packet. The next hop must be present
in the Routing Information Base (RIB); it must be directly
connected, and it must be a global IPv6 address. If the next hop is
invalid, the set statement is ignored.
Specifies the connected next hop for the packet if the usual
forwarding method fails to produce the default result. It must be a
global IPv6 address. This set statement is used only when there is
no explicit entry for the packet destination in the IPv6 RIB.
Match length is not supported in the hardware, and the PBR is applied to the software.
Packet marking actions are not supported in the hardware, and packets requiring marking due to
PBR are punted to the software.
Set interface is supported in the hardware only for the serial interface. Other interfaces are supported
on the software.
Packets containing an IPv6 hop-by-hop header need to be examined by the router and are punted to
the software. Such packets are subjected to PBR in the software.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
13-69
Chapter 13
PBR policies using access-lists matching on IPv6 flow label, DSCP value and extension headers
such as, routing, mobility, destination headers cannot be fully classified in the hardware, and are
punted to the software after partial classification.
It is not possible to completely classify traffic in hardware, when access-lists matching on non
compressible addresses are used. In such cases, the PBR is applied to the software.
On Tycho based systems, fragment packets that require matching on layer 4 protocol are punted to
the software .
IPv6 PBR on SVI interfaces is applied to the software, and hardware provides only partial
classification.
IPv6 PBR when applied to hardware will also be applied on packets destined to a router address.
A set next-hop action where the next-hop is at the other end of a tunnel is not supported in the
hardware.
For set interface and set default interface, the interface should be a point-to-point one.
PBR is not applied to multicast traffic and the traffic destined to link local addresses.
When there is no traffic flow, the TCAM entry does not change from punt to policy-route.
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
13-70
OL-16147-20
I N D EX
(example)
disabling
9-12
8-6
9-6
re-enabling
6-44
9-6
B
Backup
4-39
4-127
4-39
Detailed Steps
4-368
4-367
4-381
bridge-domain command
4-367
4-366
4-366
4-61
Custom Ethertype
cautions, usage in text
i-xxiv
Examples
command syntax
conventions
4-115
Rewrite Rules
i-xxiii
4-112
Supported Rewrites
4-113
4-113
configuration example
6-40
6-41
8-5
8-2
6-43
debug commands
4-114
8-2
4-64
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
IN-1
Index
4-69
7-15, 7-16
9-1
9-7 to 9-8
8-2
8-6
restrictions
7-50
deactivation (example)
reactivating
hierarchical QoS
8-4
ISSU support
8-6
http
3-1
//www.cisco.com/en/US/docs/ios/ipv6/configuration/
guide/ip6-tunnel_ps6922_TSD_Products_Configurati
on_Guide_Chapter.html 13-31
8-4
1-2
//www.cisco.com/en/US/support/tsd_cisco_worldwid
e_contacts.html 4-55, 4-181, 13-37
Ethertypes
0x8100 802.1q
4-112
0x88a8 802.1ad
8-6
4-112
0x9100 Q-in-Q
4-112
0x9200 Q-in-Q
4-112
4-49
EVC on port-channel
event tracer feature
8-2
IP-CBR
flexible QinQ mapping and service awareness
4-24
5-3
4-75
5-3
9-10
9-7 to 9-8
13-5
13-7
9-4, 9-8
downloading
5-1
caution
6-26
9-8
9-2
9-3
4-83,
FPD images
displaying minimum and current versions
manually upgrading
upgrade scenarios
9-9
Verification
4-60, 4-252
9-6
9-3
upgrading in production
9-5 to 9-6
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
IN-2
OL-16147-20
Index
O
OIR
4-56
9-6
8-3, 8-4
7-40
load balancing
online diagnostics
6-57
8-7
8-7
8-3
M
MAC address security for EVC bridge-domain
marking
4-90
PFC QoS
7-22
7-9
MIBs, supported
Q
7-9
QoS
7-10
ingress trust
7-10
13-6
13-13
1-2
VPLS
policing
7-13
shaping
7-26
queue scheduling
6-1
6-23
7-31
6-70
REP
4-79
4-210
4-33
4-33
4-210
4-35
7-55
6-14
7-22
MPLS
traffic engineering
marking
7-4
8-5, 8-6
7-9
7-66
7-9
7-47
7-8
7-8
8-4, 8-6
i-xxiv
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
IN-3
Index
S
service instance command
set cos command
7-23
7-24
7-24
set-dscp-transmit command
7-15, 7-16
7-24
7-23
7-23
T
7-24
set-mpls-experimental-imposition-transmit
command 7-15, 7-16
set mpls experimental topmost command
7-16
set-prec-transmit command
SFPs, troubleshooting
shape peak command
9-7 to 9-8
13-13
i-xxiv
8-1, 8-3
7-27
7-26
9-9
7-40
restrictions
7-40
8-5
7-40, 7-70
7-40
4-87, 4-346
9-7, 9-8
9-7
9-7
9-10
4-210
4-122,
V
Video Monitoring
7-15, 7-16
8-3
6-32
set-mpls-experimental-topmost-transmit command
shaping
4-2
13-5
4-210
basic configuration
6-34
configuration example
7-56
4-287
4-113
6-52
6-42
6-41
6-34
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
IN-4
OL-16147-20
Index
6-24
restrictions
services
6-24
6-32
supported features
VPLS
6-43
6-31
6-23
6-23
W
WAN PHY and OTN Support on ES+XC Combination
Line Cards 10-1
X
xconnect vfi command
5-3
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
OL-16147-20
IN-5
Index
Cisco 7600 Series Ethernet Services Plus (ES+) and Ethernet Services Plus T (ES+T) Line Card Configuration Guide
IN-6
OL-16147-20