Cisco ASR 1000 Series Aggregation Services Routers Software Configuration Guide
Configuring Bridge Domain Interfaces
Downloads: This chapterpdf (PDF - 259.0KB) The complete bookPDF (PDF - 7.68MB) | Feedback

Table of Contents

Configuring Bridge Domain Interfaces

Finding Feature Information

Contents

Restrictions for Bridge Domain Interfaces

Information About Bridge Domain Interfaces

Ethernet Virtual Circuit Overview

Bridge Domain Interface Encapsulation

Assigning a MAC Address

Support for IP Protocols

Support for IP Forwarding

Packet Forwarding

Layer 2 to Layer 3

Layer 3 to Layer 2

Link States of a Bridge Domain and a Bridge Domain Interface

BDI Initial State

BDI Link State

Bridge Domain Interface Statistics

Creating or Deleting a Bridge Domain Interface

Bridge Domain Interface Scalability

How to Configure a Bridge Domain Interface

Example

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Feature Information for Configuring Bridge Domain Interfaces

Configuring Bridge Domain Interfaces

The Cisco ASR 1000 Series Aggregation Services Routers support the bridge domain interface (BDI) feature for packaging Layer 2 Ethernet segments into Layer 3 IP.

Finding Feature Information

Your software release might not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the “Feature Information for Configuring Bridge Domain Interfaces” section.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn . An account on Cisco.com is not required.

Restrictions for Bridge Domain Interfaces

The following are the restrictions pertaining to bridge domain interfaces:

  • Only 4096 bridge domain interfaces are supported per system.
  • Bridge domain interfaces do not support the following features:

PPP over Ethernet (PPPoE)

Bidirectional Forwarding Detection (BFD) protocol

Netflow

QOS

Network-Based Application Recognition (NBAR) or Advanced Video Coding (AVC)

  • Bridge domain interfaces support the following features from IOS XE 3.8.2 and later:

Hot Standby Router Protocol (HSRP)

Virtual Router Redundancy Protocol (VRRP)

  • For a BDI, the maximum transmission unit (MTU) size can be configured between 1500 and 9216 bytes.
  • Crypto is not supported on bridge domain interfaces.
  • MPLS is not supported on bridge domain interfaces.

Information About Bridge Domain Interfaces

Bridge domain interface is a logical interface that allows bidirectional flow of traffic between a Layer 2 bridged network and a Layer 3 routed network traffic. Bridge domain interfaces are identified by the same index as the bridge domain. Each bridge domain represents a Layer 2 broadcast domain. Only one bridge domain interface can be associated with a bridge domain.

Bridge domain interface supports the following features:

  • IP termination
  • Layer 3 VPN termination
  • Address Resolution Protocol (ARP), G-ARP, and P-ARP handling
  • MAC address assignment

Prior to configuring a bridge domain interface, you must understand the following concepts:

Ethernet Virtual Circuit Overview

An Ethernet Virtual Circuit (EVC) is an end-to-end representation of a single instance of a Layer 2 service being offered by a provider to a customer. It embodies the different parameters on which the service is being offered. In the Cisco EVC Framework, the bridge domains are made up of one or more Layer 2 interfaces known as service instances. A service instance is the instantiation of an EVC on a given port on a given router. Service instance is associated with a bridge domain based on the configuration.

An incoming frame can be classified as service instance based on the following criteria:

  • Single 802.1Q VLAN tag, priority-tagged, or 802.1ad VLAN tag
  • Both QinQ (inner and outer) VLAN tags, or both 802.1ad S-VLAN and C-VLAN tags
  • Outer 802.1p CoS bits, inner 802.1p CoS bits, or both
  • Payload Ethernet type (five choices are supported: IPv4, IPv6, PPPoE-all, PPoE-discovery, and PPPoE-session)

Service instance also supports alternative mapping criteria:

  • Untagged—Mapping to all the frames lacking a 802.1Q or 802.1ad header
  • Default—Mapping to all the frames

For more information on the EVC architecture, see Configuring Ethernet Virtual Connections on the Cisco ASR 1000 Router chapter in the Carrier Ethernet Configuration Guide located at:

http://www.cisco.com/en/US/docs/ios-xml/ios/cether/configuration/xe-3s/ce-ether-vc-infra-xe.html

Bridge Domain Interface Encapsulation

An EVC provides the ability to employ different encapsulations on each Ethernet flow point (EFP) present in a bridge domain. A BDI egress point may not be aware of the encapsulation of an egress packet because the packet may have egressed from one or more EFPs with different encapsulations.

In a bridge domain, if all the EFPs have different encapsulations, the BDI must be untagged (using the no 802.1Q tag). Encapsulate all the traffic in the bridge domain (popped or pushed) at the EFPs. Configure rewrite at each EFP to enable encapsulation of the traffic on the bridge domain.

In a bridge domain, if all the EFPs have the same encapsulation, configure the encapsulations on the BDI using the encapsulation command. Enabling encapsulation at the BDI ensures effective pushing or popping of tags, thereby eliminating the need for configuring the rewrite command at the EFPs. For more information on configuring the encapsulations on the BDI, see the How to Configure a Bridge Domain Interface .

Assigning a MAC Address

All the bridge domain interfaces on the Cisco ASR 1000 chassis share a common MAC address. The first bridge domain interface on a bridge domain is allocated a MAC address. Thereafter, the same MAC address is assigned to all the bridge domain interfaces that are created in that bridge domain.


NoteYou can configure a static MAC address on a bridge domain interface using themac-address command.


Support for IP Protocols

Brigde domain interfaces enable the Cisco ASR 1000 Series Aggregation Services Routers to act as a Layer 3 endpoint on the Layer 2 bridge domain for the following IP-related protocols:

  • ARP
  • DHCP
  • HTTP
  • ICMP
  • NTP
  • RARP
  • SNMP
  • TCP
  • Telnet
  • TFTP
  • UDP

Support for IP Forwarding

Bridge domain interface supports the following IP forwarding features:

  • IPv4 input and output access control lists (ACL)
  • IPv4 input and output QoS policies. The operations supported for the input and output service policies on a bridge domain interface are:

Classification

Marking

Policing

  • IPv4 L3 VRFs

Packet Forwarding

A bridge domain interface provides bridging and forwarding services between the Layer 2 and Layer 3 network infrastructure.

Layer 2 to Layer 3

During a packet flow from a Layer 2 network to a Layer 3 network, if the destination MAC address of the incoming packet matches the bridge domain interface MAC address, or if the destination MAC address is a multicast address, the packet or a copy of the packet is forwarded to the bridge domain interface.


NoteMAC address learning cannot not be performed on the bridge domain interface.



NoteIn a bridge domain, when flooding unknown unicast frames, bridge domain interface is not included.


Layer 3 to Layer 2

When a packet arrives at a Layer 3 physical interface of a router, a route lookup action is performed. If route lookup points to a bridge domain interface, then the bridge domain interface adds the layer 2 encapsulation and forwards the frame to the corresponding bridge domain. The byte counters are updated.

During a Layer 2 lookup on a bridge domain to which the bridge domain interface belongs, the bridge domain forwards the packets to the correct service instance based on the destination MAC address.

Link States of a Bridge Domain and a Bridge Domain Interface

Bridge domain interface acts as a routable IOS interface on Layer 3 and as a port on a bridge domain. Both bridge domain interfaces and bridge domains operate with individual administrative states.

Shutting down a bridge domain interface stops the Layer 3 data service, but does not override or impact the state of the associated bridge domain.

Shutting down a bridge domain stops Layer 2 forwarding across all the associated members including service instances and bridge domain interfaces. The operational state of a bridge domain is influenced by associated service instances. Bridge domain interface cannot be operational unless one of the associated service instance is up.


NoteBecause a bridge domain interface is an internal interface, the operational state of bridge domain interface does not affect the bridge domain operational state.


BDI Initial State

The initial administrative state of a BDI depends on how the BDI is created. When a BDI is created at boot time in the startup configuration, the default administrative state for the BDI will be up, and will remain in this state unless the startup configuration includes the shutdown command. This behavior is consistent with all the other interfaces. When a BDI is created dynamically by a user at command prompt, the default administrative state is down.

BDI Link State

As with all Cisco IOS interfaces, a BDI maintains a link state that comprises of three states, administratively down, operationally down, and up. The link state of a BDI is derived from two independent inputs, the BDI administrative state set by the corresponding users and the fault indication state from the lower levels of the interface states. defines a BDI link state based on the state of the two inputs.

Fault Indication State
BDI Administrative State

Shutdown
No Shutdown
No faults asserted

Admin-down

Up

At least one fault asserted

Admin-down

Operationally-down

Bridge Domain Interface Statistics

For virtual interfaces, such as the bridge domain interface, protocol counters are periodically queried from the QFP.

When packets flow from a Layer 2 bridge domain network to a Layer 3 routing network through the bridge domain interface, the packets are treated as bridge domain interface input packets and bytes. When packets arrive at a Layer 3 interface and are forwarded through the bridge domain interface to a Layer 2 bridge domain, the packets are treated as output packets and bytes, and the counters are updated accordingly.

A BDI maintains a standard set of Layer 3 packet counters as the case with all Cisco IOS interfaces. Use the show interface command to view the Layer 3 packet counters.

The convention of the counters is relative to the Layer 3 cloud, for example, input refers to the traffic entering the Layer 3 cloud from the Layer 2 BD, while output refers to the traffic leaving the Layer 3 cloud to the Layer 2 BD.

Use the show interfaces accounting command to display the statistics for the BDI status. Use the show interface <if-name> command to display the overall count of the packets and bytes that are transmitted and received.

Creating or Deleting a Bridge Domain Interface

When you define an interface or subinterface for a Cisco IOS router, you name it and specify how it is assigned an IP address.You can create a bridge domain interface before adding a bridge domain to the system, this new bridge domain interface will be activated after the associated bridge domain is configured.


NoteWhen a bridge domain interface is created, a bridge domain is automatically created.


When both bridge domain interface and bridge domain are created, the system maintains the required associations for mapping the bridge domain-bridge domain interface pair.

The mapping of bridge domain and bridge domain interface is maintained in the system. The bridge domain interface uses the index of the associated bridge domain to show the association.

Bridge Domain Interface Scalability

Table 16-1 lists the bridge domain interface scalability numbers, based on the type of Cisco ASR 1000 Series Aggregation Services Router’s Forwarding Processors.

 

Table 16-1 Bridge Domain Interface Scalability Numbers Based on the Type of Cisco ASR 1000 Series Aggregation Services Router’s Forwarding Processors

Description
ASR1000-ESP5,
ASR 1001,
ASR 1002-F (ESP2.5)
ASR1000-ESP10,
ASR1000-ESP10-N,
ASR1000-ESP20
ASR1000-ESP40

Maximum bridge domain interfaces per router

4096

4096

4096

How to Configure a Bridge Domain Interface

To configure a bridge domain interface, perform the following steps:

SUMMARY STEPS

1. configure terminal

2. interface BDI interface number

3. encapsulation encapsulation dot1q <first-tag> [second-dot1q <second-tag>]

4. ip address ip-address mask

5. mac-address {mac-address}

6. no shut

7. shut

DETAILED STEPS

Command or Action
Purpose

Step 1

configure terminal

 

Router# configure terminal

Enters the global configuration mode.

Step 2

interface BDI {interface number}

 

Router(config)# interface BDI3

Specifies a bridge domain interface on a Cisco ASR 1000 Series Aggregation Services Router.

Step 3

encapsulation encapsulation dot1q <first-tag> [second-dot1q <second-tag>]

 

Router(config-if)#encapsulation dot1Q 1 second-dot1q 2

Defines the encapsulation type.

The example shows how to define dot1q as the encapsulation type.

Step 4

ip address ip-address mask

 

or

ipv6 address { X:X:X:X::X link-local | X:X:X:X::X / prefix [ anycast | eui-64 ] | autoconfig [ default ]}

 

Router(config-if)# ip address 2.2.2.1 255.255.255.0

Specifies either the IPv4 or IPv6 address for the bridge domain interface.

Step 5

mac-address {mac-address}

 

Router(config-if)# mac-address 1.1.3

Specifies the MAC address for the bridge domain interface.

Step 6

no shut
 
hostname(config-if)# no shut

Enables the bridge domain interface on the Cisco ASR 1000 Series Aggregation Services Router.

Step 7

shut
 
hostname(config-if)# shut

Disables the bridge domain interface on the Cisco ASR 1000 Series Aggregation Services Router.

Example

The following example shows the configuration of a bridge domain interface at IP address 2.2.2.1 255.255.255.0:

Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# interface BDI3
Router(config-if)# encapsulation dot1Q 1 second-dot1q 2
Router(config-if)# ip address 2.2.2.1 255.255.255.0
Router(config-if)# mac-address 1.1.3
Router(config-if)# no shut
Router(config-if)# exit
Router(config)#
 

You can use different show commands to display the bridge domain interface configuration information:

  • show interfaces bdi— Displays the configuration summary of the corresponding BDI.

Example:

Router# show interfaces BDI3
 
  • show platform software interface fp active name —Displays the bridge domain interface configuration in a Forwarding Processor.

Example:

Router# show platform software interface fp active name BDI4
 
  • show platform hardware qfp active interface if-name— Displays the bridge domain interface configuration in a data path.

Example:

Router# show platform hardware qfp active interface if-name BDI4
 

You can use the following debug commands to debug the bridge domain interface configurations:

  • debug platform hardware qfp feature —Debugs the features in the Cisco Quantum Flow Processor (QFP).

The following example shows how to debug the l2bd for all the clients:

Router# debug platform hardware qfp active feature l2bd client all

The selected CPP L2BD Client debugging is on.

 
  • platform trace runtime process forwarding-manager module —Enables the Forwarding Manager Route Processor and Embedded Service Processor trace messages for the Forwarding Manager process.

In the following example, the trace level for the forwarding processor module in the Forwarding Manager of the ESP processor in slot 0 is set to the informational tracing level (info):

Router(config)# platform trace runtime slot F0 bay 0 process forwarding-manager module interfaces level info
 
  • platform trace boottime process forwarding-manager module interfaces —Enables the Forwarding Manager Route Processor and Embedded Service Processor trace messages for the Route Processor Forwarding Manager process during bootup.

In the following example, the trace level for the forwarding processor module in the Forwarding Manager of the ESP processor in slot R0 is set to the informational tracing level (max):

Router(config)# platform trace boottime slot R0 bay 1 process forwarding-manager forwarding-manager level max
 

For additional information on the commands and the options available with each command, see the Cisco IOS Configuration Fundamentals Command Reference Guide located at:

http://www.cisco.com/en/US/docs/ios/fundamentals/command/reference/cf_book.html

Additional References

Related Documents

Related Topic
Document Title

Configuring Ethernet Virtual Connections on the Cisco ASR 1000 Series Aggregation Services Routers

Carrier Ethernet Configuration Guide, Cisco IOS XE Release 3S

EVC Quality of Service

http://www.cisco.com/en/US/docs/ios/ios_xe/qos/configuration/guide/qos_evc_xe.html

Cisco IOS commands

Cisco IOS Master Commands List, All Releases

Standards

Standard
Title

None

MIBs

MIB
MIBs Link

None

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at this URL:

http://www.cisco.com/go/mibs

RFCs

RFC
Title

None

Technical Assistance

Description
Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html

Feature Information for Configuring Bridge Domain Interfaces

Table 16-2 lists the features in this module and provides links to specific configuration information.

Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn . An account on Cisco.com is not required.


NoteTable 16-2 lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.


 

Table 16-2 Feature Information for Configuring Bridge Domain Interfaces

Feature Name
Releases
Feature Information

Configuring Bridge Domain Interface

Cisco IOS XE 3.2.0S

This feature was introduced on the Cisco ASR 1000 Series Aggregation Services Routers.

Configuring Bridge Domain Interface

Cisco IOS XE 3.7.0S

This feature was updated on the Cisco ASR 1000 Series Aggregation Services Routers. The following section was updated for this feature:

Information About Bridge Domain Interfaces