Table Of Contents
mac tunnel address destination default
mac tunnel address destination map
port-channel load-balance (interface)
port-channel load-balance mpls
port-channel load-balance weighted rebalance
service instance ethernet (mac-tunnel)
mac access-group in
To use a MAC access control list (ACL) to control inbound traffic on an Ethernet service instance, use the mac access-group in command in service instance configuration mode. To remove a MAC ACL, use the no form of this command.
mac access-group access-list-name in
no mac access-group access-list-name in
Syntax Description
access-list-name
Name of a MAC ACL to apply to an interface or subinterface (as specified by the mac access-list extended command).
Command Default
A MAC ACL is not applied to the Ethernet service instance.
Command Modes
Service instance configuration (config-if-srv)
Command History
Usage Guidelines
The mac access-group in command is used to apply MAC ACLs on Ethernet service instances. After a networking device receives a packet, the Cisco IOS software checks the source MAC address of the packet against the ACL. If the MAC ACL permits the address, the software continues to process the packet.
If a MAC ACL does not exist on the Ethernet service instance, all packets are passed.
Examples
The following example shows how to apply a MAC ACL called mac_layer on inbound traffic to service instance 100:
Router> enableRouter# configure terminalRouter(config)# mac access-list extended mac_layerRouter(config-ext-macl)# permit 00aa.bbcc.ddee 0.0.0 anyRouter(config-ext-macl)# exitRouter(config)# interface gigabitethernet 2/0/0Router(config-if)# service instance 100 ethernetRouter(config-if-srv)# encapsulation dot1q 100Router(config-if-srv)# mac access-group mac_layer inRelated Commands
mac access-list extended
Defines a MAC ACL.
show ethernet service instance
Displays information about Ethernet service instances.
mac aging-time
To set the aging time of MAC addresses in a bridge domain, use the mac aging-time command in bridge-domain configuration mode. To remove an aging time setting, use the no form of this command.
mac aging-time seconds
no mac aging-time
Syntax Description
Command Default
If a MAC address aging time is not configured, the default MAC address aging time of 300 seconds is used.
Command Modes
Bridge-domain configuration (config-bdomain)
Command History
Usage Guidelines
Use this command if you want to change the aging time of a learned MAC address.
Examples
The following example shows how to configure an aging time of 25 seconds for MAC addresses in bridge domain 1:
Router(config)# bridge-domain 1Router(config-bdomain)# mac aging-time 25mac limit maximum addresses
To configure the maximum number of MAC addresses allowed on a bridge domain, use the mac limit maximum addresses command in bridge domain configuration mode. To return to the default state, use the no form of this command.
mac limit maximum addresses maximum-addresses
no mac limit maximum addresses maximum-addresses
Syntax Description
maximum-addresses
Integer in the range 1 to Platform_Upper_Bound that specifies the maximum number of MAC addresses allowed. Platform_Upper_Bound is a platform-specific upper limit.
Command Default
The maximum number of MAC addresses allowed by the platform.
Command Modes
Bridge domain configuration (config-bdomain)
Command History
Examples
The following example shows how to set the maximum number of MAC addresses on a specific bridge domain to 1000:
Router> enableRouter# configure terminalRouter(config)# bridge-domain 100Router(config-bdomain)# mac limit maximum addresses 1000Related Commands
mac security maximum addresses
Specifies the maximum number of MAC addresses allowed on an Ethernet service instance.
mac security
To configure MAC security and the various MAC security elements on an Ethernet service instance, use the mac security command in service instance configuration mode. To return to the default MAC security setup on the service instance, use the no form of this command.
mac security [address {permit | deny} mac-address | aging {static | sticky | time aging-time [inactivity]} | maximum addresses maximum-addresses | sticky [address mac-address] | violation {protect | restrict}]
no mac security [address {permit | deny} mac-address | aging {static | sticky | time aging-time [inactivity]} | maximum addresses maximum-addresses | sticky [address mac-address] | violation {protect | restrict}]
Syntax Description
Command Default
MAC security is disabled.
Command Modes
Service instance configuration (config-if-srv)
Command History
Usage Guidelines
The MAC security operation is enabled on an Ethernet service instance by the mac security command.
Configuring or removing MAC security elements is permitted irrespective of whether MAC security is enabled. Configured elements become operational only when the mac security command is issued and MAC security is enabled.
Examples
The following example shows how to enable MAC security on Ethernet service instance 100:
Router> enableRouter# configure terminalRouter(config)# interface gigabitethernet 2/0/1Router(config-if)# service instance 100 ethernetRouter(config-if-srv)# encapsulation dot1q 100Router(config-if-srv)# bridge-domain 200Router(config-if-srv)# mac securityThe following example shows how to configure a MAC address permit with three addresses:
Router> enableRouter# configure terminalRouter(config)# interface gigabitethernet 3/0/1Router(config-if)# service instance 200 ethernetRouter(config-if-srv)# encapsulation dot1Q 200Router(config-if-srv)# bridge-domain 100Router(config-if-srv)# mac security maximum addresses 3Router(config-if-srv)# mac security address permit a2aa.aaaa.aaaaRouter(config-if-srv)# mac security address permit a2aa.aaaa.aaabRouter(config-if-srv)# mac security address permit a2aa.aaaa.aaacRouter(config-if-srv)# mac securityThe following example shows how to enable a MAC address violation protect response on a service instance:
Router> enableRouter# configure terminalRouter(config)# interface gigabitethernet 2/0/0Router(config-if)# service instance 100 ethernetRouter(config-if-srv)# encapsulation dot1Q 100Router(config-if-srv)# bridge-domain 200Router(config-if-srv)# mac security address permit a2aa.aaaa.aaaaRouter(config-if-srv)# mac security address permit a2aa.aaaa.aaabRouter(config-if-srv)# mac security address permit a2aa.aaaa.aaacRouter(config-if-srv)# mac security violation protectRouter(config-if-srv)# mac securityThe following example shows how to enable MAC address security aging on a service instance, with the aging time set to 100 minutes:
Router> enableRouter# configure terminalRouter(config)# interface gigabitethernet 3/0/1Router(config-if)# service instance 200 ethernetRouter(config-if-srv)# encapsulation dot1Q 200Router(config-if-srv)# bridge-domain 100Router(config-if-srv)# mac security aging time 100Router(config-if-srv)# mac securityThe following example shows how to configure a MAC address limit of 1000 on a service instance.
Router> enableRouter# configure terminalRouter(config)# interface gigabitethernet 2/0/0Router(config-if)# service instance 150 ethernetRouter(config-if-srv)# encapsulation dot1Q 150Router(config-if-srv)# bridge-domain 100Router(config-if-srv)# mac security maximum addresses 1000Router(config-if-srv)# mac securityThe following example shows how to configure sticky MAC addressing on an Ethernet service instance:
Router> enableRouter# configure terminalRouter(config)# interface gigabitethernet 2/0/1Router(config-if)# service instance 100 ethernetRouter(config-if-srv)# encapsulation dot1Q 100Router(config-if-srv)# bridge-domain 150Router(config-if-srv)# mac security stickyRouter(config-if-srv)# mac securityRelated Commands
mac static address
To configure a static MAC address, use the mac static address command either in service instance configuration mode or in VFI neighbor configuration mode. To remove a static MAC address, use the no form of this command.
mac static address mac-addr [auto-learn] [disable-snooping]
no mac static address mac-addr
Syntax Description
Command Default
MAC static addresses are not configured.
Command Modes
Service instance configuration (config-if-srv)
VFI neighbor configuration (config-vfi-neighbor)Command History
Usage Guidelines
Static MAC addresses are related to a Layer 2 bridge domain table; therefore, only bridged services are supported.
Static MAC address configuration is supported only on Ethernet virtual circuit (EVC) bridge domain interfaces and VFI pseudowires.
A unicast static MAC address and MAC security cannot be simultaneously configured on the same Ethernet flow point (EFP). A static MAC multicast address and MAC security can be simultaneously supported on the same EFP.
The number of MAC addresses (unicast and multicast) is limited to 1024 per bridge domain, pseudowire, virtual forwarding instance (VFI), or system.
Examples
The following example shows how to configure a MAC static address in service instance configuration mode:
Router(config)# interface ethernet 1/0Router(config-if)# service instance 123 ethernetRouter(config-if-srv)# encapsulation dot1q 100Router(config-if-srv)# bridge-domain 100Router(config-if-srv)# mac static address 3333.1111.1111The following example shows how to configure a MAC static address in VFI neighbor configuration mode:
Router(config)# l2 vfi foo-core manualRouter(config-vfi)# vpn id 100Router(config-vfi)# bridge-domain 10Router(config-vfi)# neighbor 11.0.0.1 pw-class hubclassRouter(config-vfi-neighbor)# mac static address 1111.2222.3333mac tunnel address destination default
To specify a B-component destination address (B-DA) for a group of service instance IDs (I-SIDs), use the mac tunnel address destination default command in MAC-in-MAC tunnel configuration mode. To remove a MAC tunnel address, use the no form of this command.
mac tunnel address destination default mac-addr
no mac tunnel address destination default mac-addr
Syntax Description
Command Default
B-DAs are not configured.
Command Modes
MAC-in-MAC tunnel configuration (config-tunnel-minm)
Command History
Usage Guidelines
The MAC address specified can be either a unicast or a multicast address.
Examples
The following example shows how to specify a B-DA using MAC address 3333.1111.1111:
Router(config)# ethernet mac-tunnel virtual 1Router(config-tunnel-mimn)# mac tunnel address destination default 3333.1111.1111mac tunnel address destination map
To map a service provider backbone bridge MAC address to a customer MAC address, use the mac tunnel address destination map command in MAC tunnel service configuration mode. To remove a bridge mapping, use the no form of this command.
mac tunnel address destination map c-mac-addr b-mac-addr
no mac tunnel address destination map c-mac-addr b-mac-addr
Syntax Description
c-mac-addr
48-bit MAC address of the customer bridge.
b-mac-addr
48-bit MAC address of the service provider bridge.
Command Default
Service provider and customer bridges are not mapped.
Command Modes
MAC tunnel service configuration (config-tunnel-srv)
Command History
Usage Guidelines
The MAC address specified can be either a unicast or a multicast address. If a packet's destination is a backbone edge bridge, the MAC address must be a unicast address.
Examples
The following example shows how to map a customer bridge to a service provider backbone bridge:
Router(config)# ethernet mac-tunnel virtual 1Router(config-tunnel-mimn)# service instance 1 ethernetRouter(config-tunnel-srv)# mac tunnel address destination map 3333.1111.1111 5555.2222.2222maximum meps
To specify the number of maintenance endpoints (MEPs) across the network in a maintenance association, use the maximum meps command in Ethernet CFM service configuration mode. To restore the default value, use the no form of this command.
maximum meps max-num
no maximum meps
Syntax Description
Command Default
A maximum number of MEPs is not configured.
Command Modes
Ethernet CFM service configuration (config-ecfm-srv)
Command History
12.2(33)SXI2
This command was introduced.
12.2(33)SRE
This command was integrated into Cisco IOS Release 12.2(33)SRE.
Usage Guidelines
When the configured maximum is reached, continuity check messages (CCMs) from other remote MEPs are ignored and a warning message is displayed.
Output of the show running all command displays "maximum meps 100" when the default value is configured.
Examples
The following example shows how to configure a maximum of 50 MEPs:
Router(config)# ethernet cfm domain operatorA level 5Router(config-ecfm)# service vlan-id 5 portRouter(config-ecfm-srv)# maximum meps 50Related Commands
mep archive-hold-time
To set the amount of time, in minutes, that data from a missing maintenance end point (MEP) is kept in the continuity check database or that entries are held in the error database before they are purged, use the mep archive-hold-time command in Ethernet connectivity fault management (CFM) configuration mode. To restore the default number of minutes, use the no form of this command.
mep archive-hold-time minutes
no mep archive-hold-time minutes
Syntax Description
Syntax DescriptionCommand Syntax]
minutes
Integer from 1 to 65535 that specifies the number of minutes that data from a missing MEP is kept before it is purged. The default is 100.
Command Default
The command is enabled, and the archive hold time is set to 100 minutes.
Command Modes
Cisco pre-Standard CFM Draft 1 (CFM D1)
Ethernet CFM configuration (config-ether-cfm)
CFM IEEE 802.1ag Standard (CFM IEEE)
Ethernet CFM configuration (config-ecfm)
Command History
Usage Guidelines
When you reset the archive hold time, the new hold time applies only to entries in the database that occur after the reset. Entries made before the hold time was reset are not affected by the change.
Different archive hold times can be set for MEPs in different domains.
Note
A missing MEP is a remote MEP that sends a 0 expiration time in its continuity check or a remote MEP whose entry in the local continuity check database expires after it exceeds its lifetime.
In CFM IEEE, output of the show running all command displays "mep archive hold-time 100" when the default value is configured.
Examples
The following example shows how to set a timeout period of 1000 minutes in CFM D1:
Router(config-ether-cfm)# mep archive-hold-time 1000The following example shows how to set a timeout period of 1000 minutes in CFM IEEE:
Router(config-ecfm)# mep archive-hold-time 1000Related Commands
mep crosscheck mpid evc
To statically define a remote maintenance endpoint (MEP) within a maintenance domain, use the mep crosscheck mpid evc command in Ethernet CFM configuration mode. To delete a remote MEP, use the no form of this command.
mep crosscheck mpid id evc evc-name [mac mac-address]
no mep crosscheck mpid id evc evc-name [mac mac-address]
Syntax Description
Command Default
Remote MEPs are not configured.
Command Modes
Ethernet CFM configuration (config-ether-cfm)
Command History
Usage Guidelines
The mep crosscheck mpid evc command is available on the Cisco 7600 Series Route Switch Processor 720 (RSP 720) and the Cisco 7600 Series Supervisor Engine 720.
Use the mep crosscheck mpid evc command to statically configure remote MEPs that are part of a domain. These remote MEPs can be used in the cross-check operation. The cross-check operation works only when local MEPs are configured that correspond to the statically configured remote MEPs.
Examples
The following example shows how to define a MEP within a maintenance domain with an ID of 20, in EVC evc5, and with MAC address a5a1.a5a1.a5a1:
Router(config-ether-cfm)# mep crosscheck mpid 20 evc evc5 mac a5a1.a5a1.a5a1Related Commands
mep crosscheck mpid vlan
To statically define a remote maintenance endpoint (MEP) within a maintenance domain, use the mep crosscheck mpid vlan command in Ethernet CFM configuration mode. To delete a remote MEP, use the no form of this command.
mep crosscheck mpid id vlan vlan-id [mac mac-address]
no mep crosscheck mpid id vlan vlan-id [mac mac-address]
Syntax Description
Command Default
No remote MEPs are configured.
Command Modes
Ethernet CFM configuration (config-ether-cfm)
Command History
Usage Guidelines
Use the mep crosscheck mpid vlan command to statically configure remote MEPs that are part of a domain. These remote MEPs can be used in the cross-check operation. The cross-check operation only works when local MEPs are configured that correspond to the statically configured remote MEPs.
Examples
The following example shows how to define a MEP within a maintenance domain with an ID of 20, in VLAN 5, and with MAC address a5a1.a5a1.a5a1:
Router(config-ether-cfm)# mep crosscheck mpid 20 vlan 5 mac a5a1.a5a1.a5a1Related Commands
mep mpid
To statically define the maintenance endpoints (MEPs) within a maintenance association, use the mep mpid command in Ethernet connectivity fault management (CFM) service configuration mode. To remove MEP definitions, use the no form of this command.
mep mpid mpid
no mep mpid
Syntax Description
Command Default
No MEPs are statically defined.
Command Modes
Ethernet CFM service configuration (config-ecfm-srv)
Command History
12.2(33)SXI2
This command was introduced.
12.2(33)SRE
This command was integrated into Cisco IOS Release 12.2(33)SRE.
Usage Guidelines
Use this command to manually configure a list of MEPs in a maintenance association. The device logs a warning when a discovered MPID is not on the list of configured MPIDs.
Examples
The following example shows how to configure a MEP with an ID of 25:
Router(config)# ethernet cfm domain operatorA level 5Router(config-ecfm)# service vlan-id 5 portRouter(config-ecfm-srv)# mep mpid 25mip auto-create
To enable the automatic creation of a maintenance intermediate point (MIP) at a maintenance domain level, use the mip auto-create command in Ethernet connectivity fault management (CFM) configuration mode. To disable the automatic creation of a MIP, use the no form of this command.
mip auto-create [lower-mep-only]
no mip auto-create [lower-mep-only]
Syntax Description
lower-mep-only
(Optional) Creates a MIP only if there is a MEP for the service in another domain at the next lower active maintenance domain level.
Command Default
MIPs will not be created.
Command Modes
Ethernet CFM configuration (config-ecfm)
Command History
12.2(33)SXI2
This command was introduced.
12.2(33)SRE
This command was integrated into Cisco IOS Release 12.2(33)SRE.
Usage Guidelines
This command configures the MIP creation policy for members of a maintenance domain to apply for automatically creating a MIP at the domain maintenance level.
If you manually configure a MIP for the maintenance association, it will override the mip auto-create command for the MIP for that maintenance association. The mip auto-create command also has lower precedence than the MIP creation policy at the maintenance association.
Examples
The following example shows how to enable the automatic creation of a MIP in the customerA domain at maintenance level 5:
Router(config)# ethernet cfm domain customerA level 5Router(config-ecfm)# mip auto-createmip auto-create (cfm-srv)
To configure the policy for a maintenance association to dynamically create maintenance intermediate points (MIPs) at the enclosing maintenance domain level, use the mip auto-create command in Ethernet connectivity fault management (CFM) service configuration mode. To disable the dynamic creation of a MIP, use the no form of this command.
mip auto-create [lower-mep-only | none]
no mip auto-create [lower-mep-only | none]
Syntax Description
Command Default
The default behavior is to defer to the MIP configuration policy of the enclosing maintenance domain.
Command Modes
Ethernet CFM service configuration (config-ecfm-srv)
Command History
12.2(33)SXI2
This command was introduced.
12.2(33)SRE
This command was integrated into Cisco IOS Release 12.2(33)SRE.
Usage Guidelines
If the lower-mep-only or none options are not configured, a MIP is created at the maintenance association.
This command has lower precedence than the manual configuration of a MIP for a maintenance association. For example, if you manually configure a MIP for a maintenance association, that manual configuration overrides the dynamic configuration from this mip auto-create command.
Examples
The following example shows how to configure the policy for a maintenance association to dynamically create MIPs at the enclosing maintenance domain level:
Router(config)# ethernet cfm domain Domain_L5 level 5Router(config-ecfm)# service cust_500_l5 vlan 9Router(config-ecfm-srv)# mip auto-createmlacp interchassis group
To specify that the port-channel is a Multi-chassis Link Aggregation Control Protocol (mLACP) port-channel, use the mlacp interchassis group command in port-channel interface configuration mode. To return to the default setting, use the no form of this command.
mlacp interchassis group group-id
no mlacp interchassis group group-id
Syntax Description
Command Default
Default behavior is normal single chassis port-channel.
Command Modes
Port-channel interface configuration (config-if)
Command History
Usage Guidelines
The mlacp interchassis group command enables Multi-chassis LACP on the port-channel and specifies the interchassis group to which the port-channel belongs.
Examples
This example shows how to specify that interchassis group 1 is an mLACP group:
interface Port-channel1lacp max-bundle 3lacp min-bundle 2lacp failover non-revertivemlacp lag-priority 1000mlacp interchassis group 1service instance 100 ethernetencapsulation dot1q 100bridge-domain 100 c-macRelated Commands
interface port-channel
Creates a port-channel virtual interface and puts the CLI in interface configuration mode.
mlacp lag-priority
To set the Link Aggregation Control Protocol (LACP) port priorities for each of the local member links in the Link Aggregation Group (LAG), use the mlacp lag-priority command in port-channel interface configuration mode. To return to the default setting, use the no form of this command.
mlacp lag-priority priority-value
no mlacp lag-priority
Syntax Description
Command Default
This command is disabled by default. If you enter the command with no priority value, the default of 32768 is assigned as the priority.
Command Modes
Port-channel interface configuration (config-if)
Command History
Usage Guidelines
Port priority determines which ports should be activated and which should be left in standby mode when there are hardware or software limitations on the maximum number of links allowed in a LAG. For multi-chassis operation in Active/Standby mode, the port priorities for all links connecting to the Active PoA must be higher than the port priorities for links connecting to the Standby PoA. For example, pick the PoA with the highest port priority to be the Active PoA, and dynamically adjust the priorities of all other links with the same key to an equal value.
Note
This command is used to force a failover during operation in the following two ways:
•
•
In some cases, the operational priority and the configured priority may differ when using dynamic port priority management to force failovers. In this case, the configured version will not be changed unless the port-channel is operating in non-revertive mode. Run the show lacp multi-chassis port-channel command to view the current operational priorities. The configured priority values can be seen by using the show running-config command.
Dynamic port priority changes are not automatically written back to the running configuration or NVRAM configuration. If you want the current priorities to be used upon system reload, the mlacp lag-priority priority command must be used, and the configuration must be saved.
Examples
This example shows how to set the mLACP LAG priority to 1000:
interface Port-channel1lacp max-bundle 3lacp min-bundle 2lacp failover non-revertivemlacp lag-priority 1000mlacp interchassis group 1service instance 100 ethernetencapsulation dot1q 100bridge-domain 100 c-macRelated Commands
interface port-channel
Creates a port-channel virtual interface and puts the CLI in interface configuration mode.
mlacp node-id
To define the node ID used in the Link Aggregation Control Protocol (LACP) port-ID field by this member of the Multi-chassis LACP Redundancy Group, use the mlacp node-id command in redundancy group configuration mode. To disable this feature, use the no form of this command.
mlacp node-id node-id
no mlacp node-id node-id
Syntax Description
Command Default
This command is disabled by default, so no node ID is defined.
Command Modes
Redundancy group configuration mode (config-r-ic)
Command History
Usage Guidelines
Valid range for the node ID is 0 to 7, and the value should be different from the peer values.
The mlacp node-id command is mandatory to enable mLACP on an interchassis group.
Examples
The following example shows how to define the mLACP node ID as 1 for interchassis group 1 in the redundancy group:
redundancyinterchassis group 1protocol iccpmember ip 1.1.1.1monitor peer route-watchbackbone interface GigabitEthernet6/1mlacp node-id 1mlacp system-mac aabb.ccdd.eeffmlacp system-priority 100Related Commands
interchassis group
Configures an interchassis group within the redundancy configuration mode and assigns a group number.
redundancy
Enters redundancy configuration mode.
mlacp system-mac
To define and advertise the system MAC address to the Multi-chassis Link Aggregation Control Protocol (mLACP) members of the redundancy group for arbitration, use the mlacp system-mac command in redundancy group configuration mode. To disable this feature, use the no form of this command.
mlacp system-mac mac-address
no mlacp system-mac mac-address
Syntax Description
mac-address
The MAC address must be in standard Cisco IOS MAC address notation, for example, aabb.ccdd.eeff.
Command Default
The default value used for arbitration is the chassis backplane MAC address.
Command Modes
Redundancy group configuration mode (config-r-ic)
Command History
Usage Guidelines
The lowest numerical MAC address in the specified interchassis group will be used by mLACP.
Examples
The following example shows how to set the MAC address aabb.ccdd.eeff to be advertised to the mLACP members of interchassis group 1 in the redundancy group for arbitration:
redundancyinterchassis group 1protocol iccpmember ip 10.1.1.1monitor peer route-watchbackbone interface GigabitEthernet6/1mlacp node-id 1mlacp system-mac aabb.ccdd.eeffmlacp system-priority 100Related Commands
interchassis group
Configures an interchassis group within the redundancy configuration mode and assigns a group number.
redundancy
Enters redundancy configuration mode.
mlacp system-priority
To define the system priority to be advertised to other members of the Multi-Chassis Link Aggregation Control Protocol (mLACP) redundancy group for arbitration, use the mlacp system-priority command in redundancy group configuration mode. To return the system priority to the default value, use the no form of this command.
mlacp system-priority priority
no mlacp system-priority
Syntax Description
Command Default
The default value for the system priority is set to 32768.
Command Modes
Redundancy group configuration (config-r-ic)
Command History
Usage Guidelines
Each device that runs mLACP has an mLACP system priority value. You can accept the default value of 32768 for this parameter, or you can configure a value between 1 and 65535. The mLACP uses the system priority with the MAC address to form the system ID and also during negotiation with other systems. The system ID is unique for each virtual device context (VDC).
When setting the priority, note that a higher number means a lower priority.
This command does not require a license.
Examples
The following example shows how to set the system priority to 100 for interchassis group 1 in the redundancy group for arbitration:
redundancyinterchassis group 1protocol iccpmember ip 10.1.1.1monitor peer route-watchbackbone interface GigabitEthernet6/1mlacp node-id 1mlacp system-mac aabb.ccdd.eeffmlacp system-priority 100Related Commands
interchassis group
Configures an interchassis group within the redundancy configuration mode and assigns a group number.
redundancy
Enters redundancy configuration mode.
monitor loss counter
To monitor local Tx and Rx counters (aggregated counters) for losses, use the monitor loss counter command in Ethernet CFM interface configuration mode. To turn off monitoring, use the no form of this command.
monitor loss counter [priority cos-range]
no monitor loss counter
Syntax Description
priority
(Optional) Monitors Local Tx and Rx counters for loss functionality.
cos-range
(Optional) String that identifies the class of service
Command Default
Counters are not maintained.
Command Modes
Ethernet CFM interface configuration (config-if-ecfm-mep)
Command History
Usage Guidelines
An aggregate counter includes both the Tx and Rx counters for all traffic matching an Ethernet flow point (EFP) and for all class of service (CoS) values defined by the encapsulation command, when a priority is not defined by the monitor loss counter command. If a priority is defined by the monitor loss counter command, separate Rx and Tx counters are maintained for each priority defined.
Examples
The following example shows how to configure monitoring for loss counters:
Router(config)# ethernet cfm domain test level 5Router(config-ecfm)# service vlan-id 17Router(config-ecfm-srv)# exitRouter(config-ecfm)# exitRouter(config)# interface gigabitethernet 1/1Router(config-if)# ethernet cfm mep domain test mpid 5 vlan 17Router(config-if-ecfm-mep)# monitor loss counteroam protocol
To specify an operations, maintenance, and administration (OAM) protocol for an Ethernet virtual connection (EVC), use the oam protocol command in EVC configuration mode. To remove an OAM protocol configuration for an EVC, use the no form of this command.
oam protocol {cfm svlan svlan-id domain domain-name | ldp}
no oam protocol
Syntax Description
Command Default
An OAM protocol is not specified.
Command Modes
EVC configuration (config-evc)
Command History
Usage Guidelines
Use this command to specify the OAM protocol to use for communicating link status in an Ethernet over Multiprotocol Label Switching (EoMPLS) network.
Examples
The following example shows how to specify CFM as the OAM protocol:
Router(config)# ethernet evc evc10Router(config-evc)# oam protocol cfm svlan 10 domain cstmroutput
To enable out put of time of day messages using a 1PPS interface, use the output command in global configuration mode. To disable PTP output, use the no form of this command.
output 1pps slot/bay [offset offset-value [negative]] [pulse-width pulse-amount {ns | us | ms}]
no output 1pps slot/bay [offset offset-value [negative]] [pulse-width pulse-amount {ns | us | ms}]
Syntax Description
Command Default
No default behavior or values.
Command Modes
Global configuration (config)
Command History
Usage Guidelines
If you want to provide output frequency clock, configure this command in PTP slave mode. This command only applies to platforms that have 1PPS ports.
Examples
The following example shows how to configure output clocking:
Router# configure terminalRouter(config)# ptp clock ordinary domain 0Router(config-ptp-clk)# output 1pps 3/0 offset 10 pulse-width 1000 msRouter(config-ptp-clk)# endRouter#Related Commands
input
Enables PTP input clocking using the 1.544 Mhz, 2.048 Mhz, or 10 Mhz timing interface or phase using the 1PPS or RS-422 interface.
period (CFM-AIS-link)
To configure a specific Alarm Indication Signal (AIS) transmission interval on a server maintenance endpoint (SMEP), use the period command in CFM SMEP AIS configuration mode. To remove the interval configuration, use the no form of this command.
period seconds
no period
Syntax Description
seconds
Integers 1 or 60 that specify the time interval, in seconds, between AIS transmissions. The default is 60.
Command Default
AIS frames are transmitted every 60 seconds.
Command Modes
CFM SMEP AIS configuration mode (config-ais-link-cfm)
Command History
12.2(33)SRD
This command was introduced.
15.0(1)XA
This command was integrated into Cisco IOS Release 15.0(1)XA.
Usage Guidelines
When the default value is configured, "period 60" is displayed when the show running all command is issued.
Examples
The following example shows how to configure an AIS transmission interval of 1 second:
Router(config)# ethernet cfm ais link-status globalRouter(config-ais-link-cfm)# period 1Related Commands
ping ethernet
To send Ethernet connectivity fault management (CFM) loopback messages to a destination maintenance endpoint (MEP) and maintenance intermediate point (MIP), use the ping ethernet command in privileged EXEC mode.
ping ethernet {mac-address | mpid mpid | multicast} {domain domain-name {port | vlan vlan-id}} [cos cos-value | source source-mpid [cos cos-value]] [de]
Syntax Description
Command Default
A CFM ping operation to the specified MEP and MIP is performed.
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
Use this command to test connectivity between MEPs.
If the continuity check database does not have entries for the specified MPID, an error message is displayed notifying you to use the ping ethernet mac-address command instead.
If a domain name has more than 154 characters, a warning message is displayed notifying you that the maintenance domain ID (MDID) will be truncated to 43 characters in continuity check messages (CCMs) if "id <fmt> <MDID>" is not configured.
This command can be issued by specifying keywords and arguments as one command or as an extended command in which you specify options line by line.
The CFM ping (loopback) supports up to 1488 bytes.
Examples
The following examples show how to send an Ethernet CFM loopback message to a destination MEP using the extended command format:
Router# pingProtocol [ip]: ethernetMulticast [n] :Mac Address : 0015.6215.46d0Maintenance Domain : vik-vfi-ofmEVC: evc2Source MPID [555]:Repeat Count [5]:Datagram Size [100]: 9000% A decimal number between 64 and 1488.Datagram Size [100]:Timeout in seconds [5]:Interval in seconds [0]:Extended commands [n]:Type escape sequence to abort.Sending 5 Ethernet CFM loopback messages to 0015.6215.46d0, timeout is 5 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/8 msRouter# pingProtocol [ip]: ethernetMulticast [n] :Mac Address : 0015.637b.4e00Maintenance Domain : CUSTOMEREVC: evc500Source MPID [2345]:Repeat Count [5]:Datagram Size [100]: 9000% A decimal number between 64 and 1488.Datagram Size [100]:Timeout in seconds [5]:Interval in seconds [0]:Extended commands [n]:Type escape sequence to abort.Sending 5 Ethernet CFM loopback messages to 0015.637b.4e00, timeout is 5 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 msTable 1 describes the significant fields in the display.
ping ethernet evc
To send Ethernet connectivity fault management (CFM) loopback messages to a maintenance endpoint (MEP) or maintenance intermediate point (MIP) destination, use the ping ethernet evc command in privileged EXEC mode.
ping ethernet {mac-address | mpid} {domain domain-name | level level-id}
evc evc-name [source mpid]Syntax Description
Command Default
A basic CFM ping operation to the specified MAC address (MEP or MIP) is performed.
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
A local MEP must be configured for the same level and EVC before you can use this command.
The optional source keyword is available only when you enter a domain name. The source keyword is useful when there are multiple local MEPs in the same domain, level, and EVC as the ping target. For outward facing MEPs, choosing the source MPID implicitly selects the interface from which the ping will be sent.
Examples
The following example shows how to send an Ethernet CFM loopback message to MAC address 1010.pcef.1010 at maintenance level 2 on evc5:
Router# ping ethernet 1010.pcef.1010 level 2 evc evc5Related Commands
ping ethernet mpid vlan
Note
To send Ethernet connectivity fault management (CFM) loopback messages to a maintenance end point (MEP) destination, use the ping ethernet mpid vlan command in privileged EXEC mode.
ping ethernet mpid mpid {domain domain-name | level level-id} vlan vlan-id
Syntax Description
Command Default
A basic CFM ping operation to the specified maintenance end point ID (MPID) is performed.
Command Modes
Privileged EXEC (#)
Command History
12.2(33)SRA
This command was introduced.
12.4(11)T
This command was replaced by the ping ethernet vlan command.
Usage Guidelines
Use this command to test connectivity between MEPs.
If the continuity check database does not have entries for the specified MPID, an error message displays indicating that the command cannot be used.
Examples
The following example shows how to send an Ethernet CFM loopback message to MPID 3075, maintenance domain operatorv, maintenance level 3, VLAN ID 4325:
Router# ping ethernet mpid 3075 domain operatorv level 3 vlan 4325Type escape sequence to abort. Sending 5 Ethernet CFM loopback messages, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 60/62/72 msRelated Commands
ping ethernet vlan
To send Ethernet connectivity fault management (CFM) loopback messages to a maintenance endpoint (MEP) or maintenance intermediate point (MIP) destination, use the ping ethernet vlan command in privileged EXEC command mode.
ping ethernet {mac-address | mpid} {domain domain-name | level level-id} vlan vlan-id [source mpid]
Syntax Description
Command Default
A basic CFM ping operation to the specified MAC address (MEP or MIP) is performed.
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
A local MEP must be configured for the same level and VLAN before you can use this command.
The optional source keyword is available only when you enter a domain name. The source keyword is useful when there are multiple local MEPs in the same domain, level, and VLAN as the ping target. For outward facing MEPs, choosing the source MPID implicitly selects the interface from which the ping will be sent.
Examples
The following example shows how to send an Ethernet CFM loopback message to MAC address 4123.pcef.9879 at maintenance level 3, VLAN ID 4325:
Router# ping ethernet 4123.pcef.9879 level 3 vlan 4325Related Commands
ping
Sends an echo request packet to an address, and then awaits a reply to determine whether a device can be reached or is functioning.
port-channel load-balance
To set the load distribution method among the ports in a bundle, use the port-channel load-balance command in global configuration mode. To reset the load distribution to the default settings, use the no form of this command.
port-channel load-balance method module slot
no port-channel load-balance
Syntax Description
Command Default
The default method is src-dst-ip.
Command Modes
Global configuration (config)
Command History
Usage Guidelines
Valid method values are as follows:
•
•
•
•
•
•
•
•
•
•
•
•
The port-channel load-balance method module slot command is supported on DFC systems only.
The port-channel per-module load-balance command allows you to enable or disable port-channel load-balancing on a per-module basis. You can enter the port-channel load-balance method module slot command to specify the load-balancing method on a specific module after you have entered the port-channel per-module load-balance command.
The following keywords are supported on systems that are in PFC3C or PFC3CXL mode (PFC3C or PFC3CXL with no DFC3A or DFC3B/BXL) only:
•
•
•
Note
Examples
The following example shows how to set the load-distribution method to dst-ip:
Router(config)# port-channel load-balance dst-ipThe following example shows how to set the load-distribution method on a specific module:
Router(config)# port-channel load-balance dst-ip module 2The following example shows how to set the load-distribution method excluding the VLAN option:
Router(config)# port-channel load-balance dst-ip exclude vlanRelated Commands
port-channel load-balance (interface)
To configure a member link for load balancing, a default service instance weight, or weighted load balancing on port-channel member links, use the port-channel load-balance command in interface configuration mode. To cause the default weight to revert to 1 and to disable weighted load balancing, use the no form of this command.
port-channel load-balance {link link-id | weighted {default weight weight | link {all | link-id} | rebalance {disable | weight}}}
no port-channel load-balance {link link-id | weighted {default weight | link | rebalance}}
Syntax Description
Command Default
Service instance weight and weighted load balancing are not configured.
Command Modes
Interface configuration (config-if)
Command History
Usage Guidelines
When weighted load balancing enabled, the weight configured using this command is inherited by all service instances on the port channel that have not been specifically configured with a weight.
Configuring a default weight is optional; the default weight value is 1.
Use of the weighted and link keywords is required to enable weighted load balancing on a port channel. When the all keyword is configured, traffic is distributed across all active member links in the port channel. When one or more member links is specified, traffic is distributed across only those member links. To allow for out-of-order configuration, link IDs not yet assigned to member links may be specified. Issuing this command with the weighted and link keywords more than once under the same port-channel interface results in overwriting the command settings previously configured.
If this command is configured with a list of link IDs and the member link corresponding to one of those link IDs is later configured with a different ID, a warning is displayed on the console that notifies the user that the action will affect the current load-balancing activity.
When the disable keyword is configured, automatic rebalancing is not performed and the operator must manually invoke rebalancing by issuing the port-channel load-balance weighted rebalance command in privileged EXEC mode.
When the disable keyword is not configured, either the configured or a default weight is used to automatically rebalance service instances. Automatic rebalancing occurs when the average absolute deviation (AAD) of the current distribution exceeds the configured threshold and when the resulting AAD of the rebalanced distribution is less than the current AAD. If automatic rebalancing does not result in a lower AAD, the rebalancing is not done, even if the current AAD exceeds the threshold.
The AAD calculation is (1/n)*Sum(|w(i) - m|) for all n member links where:
n = number of member links
m = mean of member link weights (sum of all Ethernet service instance weights divided by n)
w(i) = sum of Ethernet service instance weights on member link i
Two conditions cause the port-channel load-balance command to fail:
•
•
Examples
The following example shows how to configure port-channel load balancing for all port-channel member links:
Router(config)# interface port-channel1Router(config-if)# port-channel load-balance weighted link allport-channel load-balance mpls
To set the load-distribution method among the ports in the bundle for Multiprotocol Label Switching (MPLS) packets, use the port-channel load-balance mpls command in global configuration mode. To reset the load distribution to the default settings, use the no form of this command.
port-channel load-balance mpls {label | label-ip}
no port-channel load-balance mpls
Syntax Description
Defaults
label-ip
Command Modes
Global configuration
Command History
12.2(14)SX
Support for this command was introduced on the Supervisor Engine 720.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
Usage Guidelines
This command is not supported on Cisco 7600 series routers that are configured with a Supervisor Engine 2.
If you select label, these guidelines apply:
•
•
If you select label-ip, these guidelines apply:
•
•
•
Examples
This example shows how to set the load-distribution method to label-ip:
Router(config)# port-channel load-balance mpls label-ipRouter(config)#Related Commands
interface port-channel
Creates a port-channel virtual interface and enters interface configuration mode.
show etherchannel
Displays the EtherChannel information for a channel.
port-channel load-balance weighted rebalance
To perform a rebalancing of all port-channel interfaces configured with weighted load balancing, use the port-channel load-balance weighted rebalance command in privileged EXEC mode.
port-channel load-balance weighted rebalance [interface port-channel number]
Syntax Description
Command Default
Load rebalancing is not performed.
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
If a port-channel interface is specified, only that interface is rebalanced; otherwise all port channels with weighted load balancing enabled are rebalanced.
This command may be used when automatic rebalancing is disabled via the port-channel load-balance weighted rebalance disable command or when a rebalancing of service instances is desired prior to reaching the automatic rebalance threshold.
If the specified interface is not a port channel enabled for weighted load balancing, the port-channel load-balance weighted rebalance command has no effect on load balancing on that interface.
Examples
The following example shows how to force a rebalancing of service instances, based on their assigned weights, for all port channels with weighted load balancing enabled:
Router# port-channel load-balance weighted rebalanceRelated Commands
port-channel load-balance (interface)
Configures a member link for load balancing, a default service instance weight, or weighted load balancing on port-channel member links.
priority1
To set a set a preference level for a Precision Time Protocol clock, use the priority1 command in PTP clock configuration mode. To remove a priority1 configuration, use the no form of this command.
priority1 priorityvalue
no priority1 priorityvalue
Syntax Description
priorityvalue
Number value of the preference level. The range is from 0 to 255; lower values indicate a higher precedence. The default value is 128.
Command Default
The default priority level is 128.
Command Modes
PTP clock configuration (config-ptp-clk)
Command History
Usage Guidelines
Slave devices use the priority1 value when selecting a master clock. The priority1 value has precedence over the priority2 value.
Examples
The following example shows how to configure a ptp priority1 value:
Router# configure terminalRouter# ptp clock ordinary domain 0Router(config-ptp-clk)# priority1 128Router(config-ptp-clk)# endRouter#Related Commands
priority2
To set a set a secondary preference level for a Precision Time Protocol clock, use the priority2 command in PTP clock configuration mode. To remove a priority2 configuration, use the no form of this command.
priority2 priorityvalue
no priority2 priorityvalue
Syntax Description
priorityvalue
The number value of the preference level. The range is from 0 to 255; lower values indicate a higher precedence. The default value is 128.
Command Default
The default priority level is 128.
Command Modes
PTP clock configuration (config-ptp-clk)
Command History
Usage Guidelines
Slave devices use the priority2 value to select a master clock; the priority2 value is only considered when the device cannot use priority1 and other clock attributes to select a clock.
Examples
The following example shows how to configure the ptp priority2 value:
Router# configure terminalRouter# ptp clock ordinary domain 0Router(config-ptp-clk)# priority2 128Router(config-ptp-clk)# endRouter#Related Commands
ptp clock
To create a Precision Time Protocol clock and specify the clock mode, use the ptp clock command in the global configuration mode. To remove a ptp clock configuration, use the no form of this command.
ptp clock {{ordinary | transparent} boundary} domain domain
no ptp clock {{ordinary | transparent} boundary} domain domain
Syntax Description
Command Default
No default behavior or values.
Command Modes
Global configuration (config)
Command History
Usage Guidelines
This command creates a new PTP clock and enters clock configuration mode.
Examples
The following example shows how to configure a PTP clock and enter clock configuration mode:
Router# configure terminalRouter# ptp clock ordinary domain 0Router(config-ptp-clk)#Related Commands
rewrite egress tag
To perform an encapsulation adjustment on a frame egressing a service instance, use the rewrite egress tag command in service instance configuration mode. To delete an encapsulation adjustment, use the no form of this command.
rewrite egress tag {pop {1 | 2} | push {dot1ad vlan-id [dot1q vlan-id] | dot1q vlan-id [second-dot1q vlan-id | vlan-type {0x88a8 | 0x9100 | 0x9200} [second-dot1q vlan-id]]} | translate {1-to-1 {dot1ad vlan-id | dot1q vlan-id [vlan-type {0x88a8 | 0x9100 | 0x9200}]} | 1-to-2 {dot1ad vlan-id dot1q vlan-id | dot1q vlan-id {second-dot1q vlan-id | vlan-type {0x88a8 | 0x9100 | 0x9200} second-dot1q vlan-id} | 2-to-1 {dot1ad vlan-id | dot1q vlan-id [vlan-type {0x88a8 | 0x9100 | 0x9200}]} | 2-to-2 {dot1ad vlan-id dot1q vlan-id | dot1q vlan-id {second-dot1q vlan-id | vlan-type {0x88a8 | 0x9100 | 0x9200} second-dot1q vlan-id}}
no rewrite egress
Syntax Description
Command Default
The frame is left intact on egress.
Command Modes
Service instance configuration (config-if-srv)
Command History
Usage Guidelines
Use the rewrite egress tag command to modify packet VLAN tags. You can use this command to emulate traditional 802.1Q tagging and to facilitate VLAN translation and IEEE 802.1QinQ (QinQ) encapsulation. An encapsulation method must be configured before you can use the rewrite egress tag command.
Examples
The following example shows how to specify the encapsulation adjustment that is needed on the ingress frame to the service instance:
Router> enableRouter# configure terminalRouter(config)# interface gigabitethernet 2/0/0Router(config-if)# service instance 100 ethernetRouter(config-if-srv)# encapsulation dot1q 100Router(config-if-srv)# rewrite egress tag push dot1q 200rewrite ingress tag
To specify the encapsulation adjustment to be performed on a frame ingressing a service instance, use the rewrite ingress tag command in service instance configuration mode. To delete the encapsulation adjustment, use the no form of this command.
rewrite ingress tag {pop {1 | 2} [symmetric] | push {dot1ad vlan-id [dot1q vlan-id] [symmetric] | dot1q vlan-id [second-dot1q vlan-id] [symmetric]} | translate {1-to-1 {dot1ad vlan-id | dot1q vlan-id} [symmetric] | 1-to-2 {dot1ad vlan-id dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id} [symmetric] | {2-to-1 {dot1ad vlan-id | dot1q vlan-id} [symmetric] | 2-to-2 {dot1ad vlan-id dot1q vlan-id | dot1q vlan-id second-dot1q vlan-id} [symmetric]}
no rewrite ingress tag
Syntax on the Cisco ASR 1000 Series Aggregation Router
rewrite ingress tag {pop {1 | 2} [symmetric] | push {dot1ad vlan-id [dot1q vlan-id] [symmetric] | dot1q vlan-id [second-dot1q vlan-id] [symmetric] | vlan-type {0x88a8 | 0x9100 | 0x9200} [second-dot1q vlan-id] [symmetric]} | translate {1-to-1 {dot1ad vlan-id | dot1q vlan-id [vlan-type {0x88a8 | 0x9100 | 0x9200}] [symmetric]} | 1-to-2 {dot1ad vlan-id dot1q vlan-id | dot1q vlan-id {second-dot1q vlan-id | vlan-type {0x88a8 | 0x9100 | 0x9200} second-dot1q vlan-id}} [symmetric] | 2-to-1 {dot1ad vlan-id [symmetric] | dot1q vlan-id [vlan-type {0x88a8 | 0x9100 | 0x9200}] [symmetric]} | 2-to-2 {dot1ad vlan-id dot1q vlan-id [symmetric] | dot1q vlan-id {second-dot1q vlan-id | vlan-type {0x88a8 | 0x9100 | 0x9200} second-dot1q vlan-id} [symmetric]}}
no rewrite ingress tag
Syntax Description
Command Default
The frame is left intact on ingress (the service instance is equivalent to a trunk port).
Command Modes
Service instance configuration (config-if-srv)
Command History
12.2(33)SRB
This command was introduced.
Cisco IOS XE Release 3.2S
This command was integrated into Cisco IOS XE Release 3.2S.
Usage Guidelines
The symmetric keyword is accepted for all rewrite operations only when a single VLAN is configured in encapsulation. If a list of VLANs or a range of VLANs is configured in encapsulation, the symmetric keyword is accepted only for push rewrite operations.
The pop keyword assumes the elements being popped are defined by the encapsulation type. The exception case should be drop the packet.
The translate keyword assumes the tags being translated from are defined by the encapsulation type. In the 2-to-1 option, the "2" means 2 tags of a type defined by the encapsulation command. The translation operation requires at least one "from" tag in the original packet. If the original packet contains more tags than the ones defined in the "from," the operation should be done beginning on the outer tag. Exception cases should be dropped.
Examples
The following example shows how to specify the encapsulation adjustment to be performed on the frame ingressing the service instance:
Router> enableRouter# configure terminalRouter(config) interface gigabitethernet 2/0/0Router(config-if)# service instance 100 ethernetRouter(config-if-srv)# encapsulation dot1q 100Router(config-if-srv)# rewrite ingress tag push dot1q 200Related Commands
sender-id
To indicate the contents of the Sender ID TLV field transmitted in Ethernet connectivity fault management (CFM) messages for members of a maintenance domain, use the sender-id command in Ethernet CFM configuration mode. To send no sender ID information, use the no form of this command.
sender-id {chassis}
no sender-id {chassis}
Syntax Description
Command Default
The Sender ID TLV is not included in messages.
Command Modes
Ethernet CFM configuration (config-ecfm)
Command History
12.2(33)SXI2
This command was introduced.
12.2(33)SRE
This command was integrated into Cisco IOS Release 12.2(33)SRE.
Usage Guidelines
This command has lower precedence than the sender-id command issued at the maintenance association. To override the configuration at the maintenance association, configure the service ID as "none."
Examples
The following example shows how to include only the chassis ID information in the Sender ID TLV:
Router(config)# ethernet cfm domain customerA level 5Router(config-ecfm)# sender-id chassissender-id (CFM-srv)
To indicate the contents of the Sender ID TLV field transmitted in Ethernet connectivity fault management (CFM) messages for the maintenance association, use the sender-id command in Ethernet CFM service configuration mode. To send no sender ID information, use the no form of this command.
sender-id {chassis | none}
no sender-id {chassis | none}
Syntax Description
Command Default
The Sender ID TLV is not included in messages.
Command Modes
Ethernet CFM service configuration (config-ecfm-srv)
Command History
12.2(33)SXI2
This command was introduced.
12.2(33)SRE
This command was integrated into Cisco IOS Release 12.2(33)SRE.
Usage Guidelines
This command has higher precedence than the sender-id command issued for the maintenance domain.
The default is that the enclosing maintenance domain determines the Sender ID.
Examples
The following example shows how to include only the chassis ID information in the Sender ID TLV:
Router(config)# ethernet cfm domain customerA level 5Router(config-ecfm)# service vlan-id 17 portRouter(config-ecfm-srv)# sender-id chassisservice (CFM-srv)
To configure a maintenance association within a maintenance domain and place the command-line interface (CLI) into Ethernet connectivity fault management (CFM) service configuration mode (config-ecfm-srv), use the service command in Ethernet CFM configuration mode. To remove the configuration, use the no form of this command.
service {ma-name | ma-num | vlan-id vlan-id | vpn-id vpn-id} [port | vlan vlan-id [direction down]]
no service {ma-name | ma-num | vlan-id vlan-id | vpn-id vpn-id} [port | vlan vlan-id [direction down]]
Syntax Description
Command Default
No maintenance associations are configured.
Command Modes
Ethernet CFM configuration (config-ecfm)
Command History
12.2(33)SXI2
This command was introduced.
12.2(33)SRE
This command was integrated into Cisco IOS Release 12.2(33)SRE.
Usage Guidelines
The maintenance association ID (MAID) is a combination of a maintenance domain ID and the short maintenance association name, and the length of the MAID TLV should not exceed 48 characters.
If you configure the same short maintenance association name for two VLANs in the same domain, an error message is displayed and the command is rejected.
If you specify the service direction as down (outward to the LAN), you can create multiple outward services at the same level containing an overlapping set of VLANs. The set of VLANs in an outward service can also overlap with inward services. A set of VLANs between inward services at the same level must be unique.
Examples
The following example shows how to configure a maintenance association with the ID 10, VLAN 17, and service direction toward the LAN within the customerA maintenance domain:
Router(config)# ethernet cfm domain customerA level 5Router(config-ecfm)# service 10 vlan-id 17 direction downRouter(config-ecfm-srv)#service evc
To set a universally unique ID for a customer service instance (CSI) within a maintenance domain, use the service evc command in Ethernet CFM configuration mode. To remove a universally unique ID for a service within a maintenance domain, use the no form of this command.
service csi-id evc evc-name
no service csi-id evc evc-name
Syntax Description
csi-id
String of a maximum of 100 characters that identifies the CSI.
evc-name
String that identifies the Ethernet virtual circuit (EVC).
Command Default
No universally unique ID is set for the CSI.
Command Modes
Ethernet CFM configuration (config-ether-cfm)
Command History
Usage Guidelines
A fully qualified service ID consists of a service ID plus a domain name. Service IDs identify customers within a domain. Ethernet connectivity fault management (CFM) requires that service IDs are unique in a network.
You must configure a service EVC before you can configure a maintenance endpoint (MEP) for a domain.
The following restrictions apply when you issue the service evc command:
•
•
•
For two domains at the same maintenance level, the same service ID can be used for two different EVCs. If you try to configure the same service ID for two EVCs in the same domain, the command is rejected and an error message is displayed.
Specifying a domain as outward allows you to create multiple outward domains at the same level with a set of services that overlap. These EVCs also can overlap with inward domains. Note that a set of EVCs overlapping inward domains at only the same level must be unique.
You can use the same service ID in the same EVC or different EVCs if the service IDs are in different levels.
Before you remove a service ID, all MEPs corresponding to the service must be removed.
On Cisco 7600 series routers, a VLAN service and an EVC service may have the same service ID if the bridge domain is associated with an EVC and the bridge-domain ID equals the VLAN service ID. This situation occurs because the bridge domain and the VLAN of the same number form a single broadcast domain representing the same CFM service.
Examples
The following example shows how to configure an Ethernet CFM service with EVC evc100:
ethernet cfm domain PROVIDER level 4service provider_100 evc evc100The following example shows how to configure Ethernet CFM service on a Cisco Route Switch Processor 720. You must configure the VLAN and EVC services with the same name because VLAN 100 and bridge domain 100, which is associated with EVC 100, represent a single broadcast domain.
ethernet cfm domain CUSTOMER level 7service customer_100 vlan 100service customer_100 evc evc100!ethernet evc evc100!interface Ethernet0/0service instance 100 ethernet evc100encapsulation dot1q 100bridge-domain 100Related Commands
service instance ethernet
To configure an Ethernet service instance on an interface and to enter Ethernet service configuration mode, use the service instance ethernet command in interface configuration mode. To delete a service instance, use the no form of this command.
service instance id ethernet [evc-name]
no service instance id
Syntax Description
Command Default
No Ethernet service instances are defined.
Command Modes
Interface configuration (config-if)
Command History
Usage Guidelines
A service instance is a configuration object (container) that holds all management and control-plane attributes and parameters that apply to that service instance on a per-port basis. Different service instances that correspond to the same EVC must share the same name. Service instances are associated with a global EVC object through their shared name.
After you enter the service instance ethernet command, the device enters Ethernet service configuration mode, and these configuration commands are available:
•
•
•
•
•
Examples
The following example shows how to define an Ethernet service instance and enter Ethernet service configuration mode for an EVC:
Router(config-if)# service instance 333 ethernet testRouter(config-if-srv)#Related Commands
service instance ethernet (mac-tunnel)
To define an Ethernet flow point (EFP) that corresponds to a specific service instance ID (I-SID) encapsulation and to place the command-line interface (CLI) into MAC tunnel service configuration mode, use the service instance ethernet command in MAC-in-MAC tunnel configuration mode. To delete an EFP, use the no form of this command.
service instance id ethernet
no service instance id
Syntax Description
Command Default
No EFPs are defined.
Command Modes
MAC-in-MAC tunnel configuration (config-tunnel-minm)
Command History
Usage Guidelines
This command is required to do MAC-in-MAC tunneling.
The service instance ID is unique for all MAC tunnels; for example, if service instance 10 is configured under MAC tunnel 1, service instance 10 cannot be configured under any other MAC tunnel.
Examples
The following example shows how to define an EFP and place the CLI into MAC tunnel service configuration mode:
Router(config)# ethernet mac-tunnel virtual 100Router(config-tunnel-minm)# service instance 5 ethernetRouter(config-tunnel-srv)#service vlan
To set a universally unique ID for a customer service instance (CSI) within a maintenance domain, use the service vlan command in Ethernet connectivity fault management (CFM) configuration mode. To remove a universally unique ID for a service within a maintenance domain, use the no form of this command.
service csi-id vlan vlan-id
no service csi-id vlan vlan-id
Syntax Description
csi-id
String of a maximum of 100 characters that identifies the CSI.
vlan-id
Integer from 1 to 4094 that identifies the VLAN.
Command Default
No universally unique ID is set for the CSI.
Command Modes
Ethernet CFM configuration (config-ether-cfm)
Command History
Usage Guidelines
A fully qualified service ID consists of a service ID plus a domain name. Service IDs identify customers within a domain. Ethernet CFM requires that service IDs are unique in a network.
You must configure a service VLAN before you can configure a MEP for a domain.
The following restrictions apply when you issue the service vlan command:
•
•
•
For two domains at the same maintenance level, the same service ID can be used for two different VLANs. If you try to configure the same service ID for two VLANs in the same domain, the command is rejected and an error message displays.
Specifying a domain as outward allows you to create multiple outward domains at the same level with a set of services that overlap. These VLANs also can overlap with inward domains. Note that a set of VLANs overlapping inward domains at only the same level must be unique.
You can use the same service ID in the same VLAN or different VLANs if the service IDs are in different levels.
Before you remove a service ID, all MEPs corresponding to the service must be removed.
Examples
The following example shows how to set a unique service ID within a maintenance domain:
Router(config-ether-cfm)# service firstinstance vlan 35show bridge-domain
To display bridge-domain information, use the show bridge-domain command in privileged EXEC mode.
show bridge-domain [[bridge-id] [c-mac] [mac {security [address | last violation | statistics] | static address | table [mac-address | aging-time | count]}] | split-horizon [group {group-number | all | none}] | stats]
Syntax Description
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
This command is useful for system monitoring and troubleshooting.
This command is available on both linecards and route processors. To invoke this command on a line card, log in to the line card. To invoke this command on a route processor, use the remote command module command; for example, remote command module 10 bridge-domain 25.
Examples
The following example shows sample output where the MAC addresses on all service instances for a specific bridge domain are displayed:
Router# show bridge-domain 730 mac security addressPort MAC Address Type Rem. Age(min)Gi1/0/0 ServInst 1 0001.0001.0001 static 74Gi1/0/0 ServInst 1 0001.0001.0002 static 74Gi1/0/0 ServInst 1 0001.0001.aaaa dynamic 74Gi1/0/0 ServInst 1 0001.0001.aaab dynamic 74Gi1/0/0 ServInst 2 0002.0002.0002 static -Gi1/0/0 ServInst 2 0002.0002.0003 static -Gi1/0/0 ServInst 2 0002.0002.0004 static -Gi1/0/0 ServInst 2 0002.0002.aaaa dynamic -Gi1/0/0 ServInst 2 0002.0002.bbbb dynamic -Gi1/0/0 ServInst 2 0002.0002.cccc dynamic -Table 2 describes the significant fields shown in the display.
Related Commands
show cfmpal
To display Ethernet connectivity fault management (CFM) platform adaptation layer (PAL) information, use the show cfmpal command in user EXEC or privileged EXEC mode.
show cfmpal {epl | info | interface type number {fwd_vlan vlan-number | level | vlan_list}}
Syntax Description
Command Modes
User EXEC (>)
Privileged EXEC (#)Command History
Usage Guidelines
Use the available keywords and arguments to restrict the display to information about a specific Ethernet CFM PAL.
Examples
The following are sample outputs from the show cfmpal command. The fields are self-explanatory.
Router# show cfmpal infoCFM enable status Disabledreg_used_ether_cfmpal_process_rx is Not Usedreg_used_raw_enqueue for LINK_ETHER_CFM is Not Usedflowpoint (fp) count 0max configured level (MCL) -2cfmpal cfmpal1 mac addr 0005.0050.9c00,CFM multicast mac address BASE 0100.0ccc.ccc0CFM multicast mac address MASK 0000.0000.000fRouter# show cfmpal eplflowpoint count 0, MCL -2Router# show cfmpal interface fastethernet 0/0 levelFastEthernet0/0 is not on epl, it is in transparent levelshow ethernet cfm domain
To display information for an Ethernet connectivity fault management (CFM) domain, use the show ethernet cfm domain command in privileged EXEC mode.
show ethernet cfm domain [domain-name | brief]
Syntax Description
domain-name
(Optional) String of a maximum of 154 characters.
brief
(Optional) Specifies a display of brief details about configured maintenance domains.
Command Default
All information about all the configured domains is displayed when no keyword or argument is used.
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
When a domain name is not specified, information for all domains is shown.
If a domain name has more than 43 characters, a warning message is displayed notifying that the maintenance domain ID (MDID) will be truncated to 43 characters in continuity check messages (CCMs) if "id <fmt> <MDID>" is not configured.
When the brief keyword is used, the command output shows the following summary data:
•
•
•
•
•
Examples
Following is sample output from a show ethernet cfm domain command using the brief keyword:
Router# show ethernet cfm domain briefDomain Name Index Level Services Archive(min)Domain_L7 19 7 1 100Domain_L5 20 5 1 100Domain_port 18 0 1 100Router1-cfm#Table 3 describes the significant fields shown in the display.
Following is sample output from a show ethernet cfm domain command when neither of the options is used:
Router# show ethernet cfm domainDomain Name: Domain_L7Level: 7Total Services : 1Services:VLAN Dir CC CC-int Static-rmep Crosscheck MaxMEP MA-Name11 Up Y 10s Disabled Disabled 100 cust_700_l7Domain Name: Domain_L5Level: 5Total Services : 1Services:VLAN Dir CC CC-int Static-rmep Crosscheck MaxMEP MA-Name9 Up Y 10s Disabled Disabled 100 cust_500_l5Domain Name: Domain_portLevel: 0Total Services : 1Services:VLAN Dir CC CC-int Static-rmep Crosscheck MaxMEP MA-Namenone Dwn Y 10s Disabled Disabled 100 portmepTable 4 describes the significant fields shown in the display.
Related Commands
show ethernet cfm errors
To display connectivity fault management (CFM) continuity check error conditions logged on a device since it was last reset or since the log was last cleared, use the show ethernet cfm errors command in privileged EXEC mode.
Cisco pre-Standard CFM Draft 1 (CFM D1)
show ethernet cfm errors [domain domain-name | level level-id]
CFM IEEE 802.1ag Standard (CFM IEEE)
show ethernet cfm errors [configuration | domain-id {mac address | domain-name | dns dns-name | null} [service {ma-name | ma-num | vlan-id vlan-id | vpn-id vpn-id}]]
Syntax Description
Command Default
In CFM IEEE, when no maintenance domain is specified, errors for all domains are displayed.
In CFM D1, when no maintenance domain or maintenance level is specified, errors for all domains and all levels are displayed.
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
Errors that are logged and that the show ethernet cfm errors command displays depend on the version of CFM that is running. Errors include the following:
•
•
•
•
•
•
•
Error conditions are kept in a log for the duration of the archive hold time configured on the maintenance domain or until the error condition is cleared, whichever occurs first.
Examples
The following example shows CFM IEEE sample output from a show ethernet cfm errors command using none of the optional keywords or arguments:Router# show ethernet cfm errors--------------------------------------------------------------------------------MPID Domain Id Mac Address Type Id LvlMAName Reason Age--------------------------------------------------------------------------------37 Domain_port aabb.cc03.ba00 Port none 0portmep Lifetime Timer Expired 89s401 Domain_L5 aabb.cc03.bb99 Vlan 9 5cust_500_l5 Lifetime Timer Expired 88s301 Domain_L7 aabb.cc03.bb99 Vlan 11 7cust_700_l7 Lifetime Timer Expired 86sTable 5 describes the significant fields shown in the display.
The following example shows CFM IEEE sample output from a show ethernet cfm errors command using the optional configuration keyword:Router# show ethernet cfm errors configuration--------------------------------------------------------------------------------CFM Interface Type Id Level Error type--------------------------------------------------------------------------------Et0/0 VLAN 100 1 CFMLeakTable 6 describes the significant fields shown in the display.
The following example shows CFM D1 sample output from a show ethernet cfm errors command for CFM error conditions at maintenance level 3:
Router# show ethernet cfm errors level 3Level Vlan MPID Remote MAC Reason Service ID5 102 40 aabb.cc00.ca10 Receive AIS service testTable 7 describes the significant fields shown in the display.
