The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter describes how the SCE platform can be configured to support VAS traffic forwarding.
There are three broad aspects to configuring VAS traffic forwarding on the SCE platform:
•Configuring global VAS traffic forwarding options, such as enabling or disabling VAS traffic forwarding, or specifying the VAS traffic link.
•Configuring a VAS server, such as enabling or disabling a specific VAS server, or enabling or disabling the VAS health check for a specified VAS server.
•Configuring a VAS server group, such as adding or removing a specific VAS server, configuring the minimum number of active servers per group, or configuring VAS server group failure behavior.
This chapter contains the following topics:
•How to Configure the Global Options
•How to Configure a VAS Server
•How to Configure a VAS Server
There are two global VAS traffic forwarding options:
•Enable or disable VAS traffic forwarding.
•Configure the link number on which to transmit VAS traffic (necessary only if the VAS servers are connected to Link 0, rather than Link 1, which is the default VAS traffic link).
By default, VAS traffic forwarding is disabled. If VAS traffic forwarding is required, you must enable it.
For instructions on how to disable VAS traffic forwarding, see Disabling VAS Traffic Forwarding.
There are certain other SCE platform features that are incompatible with VAS traffic forwarding. Before enabling VAS traffic forwarding, ensure that no incompatible features or modes are configured.
These features and modes cannot coexist with the VAS mode:
•Line-card connection modes—receive-only, receive-only-cascade, inline-cascade
•Link mode other than forwarding
•All link encapsulation protocols, including VLAN, MPLS, L2TP
•Enhanced open flow mode
1. enable
2. configure
3. interface linecard 0
4. VAS-traffic-forwarding
There are two conditions to consider while disabling the VAS Traffic Forwarding feature in runtime:
•You cannot disable VAS mode on the SCE platform while the applied SCA BB policy instructs the SCE platform to forward traffic to the VAS servers.
Therefore, you must dismiss all VAS traffic forwarding rules in the applied SCA BB policy before you disable the VAS traffic forwarding on the SCE platform.
•After the SCA BB has been reconfigured, there may still be some open flows that have already been forwarded to the VAS servers. If the VAS feature is stopped while there are still such flows open, the packets coming back from the VAS servers may be routed to their original destination with the VLAN tag of the VAS server on it.
Therefore, it is also highly recommended that you shut down the line card before you disable the VAS traffic forwarding on the SCE platform to avoid inconsistency with flows that were already forwarded to the VAS servers.
1. From the SCA BB console, remove all the VAS table associations to packages and apply the changed policy.
2. enable
3. configure
4. interface linecard 0
5. shutdown
6. no VAS-traffic-forwarding
7. no shutdown
By default, the VAS traffic is transmitted on Link 1. If the VAS servers are connected on Link 0, you must configure the VAS traffic link to Link 0.
Note Although it supports up to eight GBE links, the SCE8000 GBE platform supports only the VAS traffic forwarding on Link 0 and Link 1. VAS traffic cannot be configured to any other link.
Note The VAS traffic link should be in forwarding mode.
Complete the following instructions to select the VAS traffic link. Use the no form of the command to revert to the default VAS traffic link (Link 1).
1. enable
2. configure
3. interface linecard 0
4. VAS-traffic-forwarding traffic-link {link-0 | link-1}
VAS servers must be user-defined. Each VAS server has the following parameters:
•Admin-mode—Enabled or Disabled
•Health Check mode—Enabled or Disabled
•Health Check ports
•VLAN tag
The range of supported server ID numbers is:
•SCE8000: 0-63
•SCE 2000: 0-7
This section explains how to perform the following operations for individual VAS servers:
•Enable a specified VAS server.
•Disable a specified VAS server.
•Define the VLAN tag for a specified VAS server.
•Enable or disable the health check for a VAS server.
•Define the source and destination ports to use for the health check.
•Delete all properties for a specified VAS server. The server returns to the default state, which is enabled. However, it is not operational because it does not have VLAN.
Complete the following instructions to enable a VAS server. Use the no form of the command to disable a VAS server.
Note A VAS server is not operational until the VLAN tag is defined, even if the server itself is enabled.
1. enable
2. configure
3. interface linecard 0
4. VAS-traffic-forwarding VAS server-id number enable
Complete the following instructions to restore all the properties of the specified VAS server to their default values.
1. enable
2. configure
3. interface linecard 0
4. no VAS-traffic-forwarding VAS server-id number
Note the following important points:
•The VAS server is not operational until the VLAN tag is defined.
•Disabling the server does not remove the VLAN tag number configured to the server.
•The no form of the command (same as the default form of the command), removes the previously configured VLAN tag.
•No VLAN is the default configuration.
Complete the following instructions to assign a VLAN tag to a VAS server. Use the no form of the command to remove the VLAN tag configuration from the VAS server.
1. enable
2. configure
3. interface linecard 0
4. VAS-traffic-forwarding VAS server-id id-number VLAN vlan-id
By default, the VAS server health check is enabled, however you can disable it.
The health check is activated only if all the following conditions are true. If the health check is enabled, the server will bein a Down state if one or more conditions are not met:
•VAS traffic forwarding mode is enabled.
•Pseudo IPs are configured for the SCE platform GBE ports on the VAS traffic link.
•VAS server is enabled.
•Server has a VLAN tag.
•Health check for the server is enabled.
If the health check of the server is disabled, its operational status depends on the following (requirements for Up state are in parentheses):
•admin status (enable)
•VLAN tag configuration (VLAN tag defined)
•group mapping (assigned to group)
Complete the following instructions to enable health check on the specified VAS server. Use the no form of the command to disable the health check.
1. enable
2. configure
3. interface linecard 0
4. VAS-traffic-forwarding VAS server-id number health-check
If you define health check ports, you must define both a source port number and a destination port number. By default, the port numbers begin with <63140,63141> used for server 0 and continue sequentially for all configured VAS servers.
Use the no form of the command to remove the UDP port configuration.
1. enable
2. configure
3. interface linecard 0
4. VAS-traffic-forwarding VAS server-id number health-check UDP ports source source-portnumber destination destination-portnumber
Use the pseudo-ip command to configure source and destination pseudo IP addresses for the health check packets. This command allows you to specify a unique IP address to be used by the health check packets.
The SCE platform uses the pseudo IP as follows:
•Pseudo IP configured for the subscriber-side interface:
–source IP address for health check packets going in the Upstream direction
–destination IP address for health check packets going in the Downstream direction
•Pseudo IP configured for the network side interface:
–source IP address for health check packets going in the Downstream direction
–destination IP address for health check packets going in the Upstream direction
You must configure a pseudo-IP address for both the subscriber-side and the network-side interfaces. The interfaces that should be configured are those interfaces which connect the SCE platform with the VAS servers. By default, the following are the interfaces:
•SCE 2000—GBE 0/3 and GBE 0/4
•SCE8000 GBE—3/0/2 and 3/0/3
•SCE8000 10G—3/2/0 and3/3/0
The interface designations are:
•SCE 2000—0/port-number
•SCE8000 GBE—3/0/port-number
•SCE8000 10G—3/port-number/0
Note The pseudo-ip command is a ROOT level command in the Gigabit Interface Configuration mode.
Complete the following instructions to define pseudo IP addresses for the VAS interfaces. Use the no form of the command to delete the pseudo IP addresses.
1. enable authorization-level
2. configure
3. interface gigabitethernet interface-designation
4. pseudo-ip ip-address [mask]
5. exit
6. interface gigabitethernet 2nd-interface-designation
7. pseudo-ip 2nd-ip-address [mask]
Up to eight VAS server groups can be defined. Each VAS server group has the following parameters:
•Server Group ID—You can configure up to eight VAS server groups numbered 0 through 7.
•A list of VAS servers attached to this group. The maximum number of VAS servers (total, not per group) supported is:
–SCE8000: 0-63
–SCE 2000: 0-7
•Failure detection—Minimum number of active servers required for this group for it to be considered active. If the number of active servers goes below this minimum, the group will be in Failure state.
•Failure action—Action performed on all new data flows that should be mapped to this server group while it is in Failure state.
Options:
–block
–pass
The commands in this section perform these operations for a VAS server group:
•Add or remove a VAS server to or from a specified group.
•Configure the minimum number of active servers for a specified group.
•Configure failure behavior for a specified group.
This section explains how to add servers to and remove servers from a specified VAS server group.
•Adding a VAS Server to a Specified VAS Server Group
•Removing All VAS Servers from a Specified VAS Server Group
Complete the following instructions to add a VAS server to a specified VAS server group. Use the no form of the command to delete a VAS server from a specified VAS server group.
1. enable
2. configure
3. interface linecard 0
4. VAS-traffic-forwarding VAS server-group group-number server-id id-number
Complete the following instructions to remove all VAS servers from a specified VAS server group.
1. enable
2. configure
3. interface linecard 0
4. no VAS-traffic-forwardingVAS server-group group-number
This section explains how to to configure the following failure parameters for the specified VAS server group:
•Minimum number of active servers—If the number of active servers in the server group goes below this number, the group will be in Failure state.
Default is one.
•Failure action—The action to be applied to all new flows mapped to this server group while it is Failure state:
–Block—All new flows assigned to the failed VAS server group are blocked by the SCE platform.
–Pass (default)—All new flows assigned to the failed VAS server group are considered as regular non-VAS flows, and are processed without VAS service.
Complete the following instructions to configure the minimum number of active servers required for the specified VAS server group. Use the default form of the command to reset the minimum number of active servers required to the default value (one server).
1. enable
2. configure
3. interface linecard 0
4. VAS-traffic-forwarding VAS server-group group-number failure minimum-active-servers min-number
Complete the following instructions to configure the failure action for the specified VAS server group. Use the default form of the command to reset the failure action to the default action (pass).
1. enable
2. configure
3. interface linecard 0
4. VAS-traffic-forwardingVAS server-group group-number failure action {block | pass}