Cisco IP Solution Center L2VPN User Guide, 3.1 - Creating an L2VPN Policy [Cisco IP Solution Center]

Table Of Contents

Creating an L2VPN Policy

Define an L2VPN Policy

Define an Ethernet Policy when CE is Present

Define an Ethernet Policy without a CE

Define an ATM Policy when CE is Present

Define an ATM Policy without a CE

Define a Frame Relay Policy when CE is Present

Define a Frame Relay Policy without a CE

Creating an L2VPN Policy

This chapter contains the basic steps to create an L2VPN policy:

•Define an L2VPN Policy

•Define an Ethernet Policy when CE is Present

•Define an Ethernet Policy without a CE

•Define an ATM Policy when CE is Present

•Define an ATM Policy without a CE

•Define a Frame Relay Policy when CE is Present

•Define a Frame Relay Policy without a CE

Define an L2VPN Policy

You must define an L2VPN policy before you can provision a Cisco IP Solution Center (ISC) service. An L2VPN policy defines the common characteristics shared by the end-to-end wire attributes and Attachment Circuit (AC) attributes.

A policy can be shared by one or more service requests that have similar service requirements. The Editable check box gives the network operator the option of making a field editable. If the value is set to editable, the service request creator can change to other valid values for the particular policy item. If the value is not set to editable, the service request creator cannot change the policy item.

The four major categories of an L2VPN policy correspond to the four major services that L2VPN provides:

•Point-to-point Ethernet Wire Service (EWS)

•Point-to-point Ethernet Relay Service (ERS)

•Frame Relay over MPLS (FRoMPLS)

•ATM over MPLS (ATMoMPLS)

A policy is a template of most of the parameters needed to define an L2VPN service request. Once you define it, an L2VPN policy can be used by all the L2VPN service requests that share a common set of characteristics.

You create a new L2VPN policy whenever you create a new type of service or a service with different parameters. L2VPN policy creation is normally performed by experienced network engineers.

To define an L2VPN policy in ISC, use the following steps. See Figure 3-1.

Step 1 Choose Service Design> Policy Manager. The Policies window appears as shown in Figure 3-1.

Step 2 Click Create.

Figure 3-1 Creating an L2VPN Policy

Step 3 Choose L2VPN Policy. When you choose L2VPN Policy, the window in Figure 3-2 appears:

Figure 3-2 Customer-Owned ERS Policy

Step 4 Enter a Policy Name for the L2VPN policy.

Step 5 Choose the Policy Owner for the L2VPN policy.

There are three types of L2VPN policy ownership:

•Customer ownership

•Provider ownership

•Global ownership: Any service operator can make use of this L2VPN policy.

This ownership has relevance when the ISC Role-Based Access Control (RBAC) comes into play. For example, an L2VPN policy that is customer-owned can only be seen by operators who are allowed to work on this customer-owned policy.

Similarly, operators who are allowed to work on a provider's network can view, use, and deploy a particular provider-owned policy.

Step 6 Click Select to choose the owner of the L2VPN. (If you choose Global ownership, the Select function is not available.) The Select Customer window or the Select Provider window appears and you can choose an owner of the policy and click Select.

Step 7 Choose the Service Type of the L2VPN policy.

There are four service types for L2VPN policies:

•Ethernet EVCS (Or ERS)

•Ethernet Point-To-Point TLS (Or EWS)

•Frame Relay over MPLS (FRoMPLS)

•ATM over MPLS (ATMoMPLS)

Step 8 Check the CE Present box if you want ISC to ask the service operator who uses this L2VPN policy to provide a CE router and interface during service activation. The default is CE present in the service.

If you do not check CE Present, ISC asks the service operator, during service activation, only for the PE-CLE or the PE-POP router and customer-facing interface.

Step 9 Click Next.

Define an Ethernet Policy when CE is Present

When you check CE Present as an L2VPN policy attribute, the window in Figure 3-3 appears.

The Editable check box gives you the option of making a field editable. If you check Editable, the service operator who is using this L2VPN policy can modify the editable parameter during L2VPN service request creation.

Note The following L2VPN policy example is for Ethernet-based L2VPN service requests. Policies for ATM and Frame Relay are similar but have different parameters that need to be set.

Figure 3-3 Choose CE Interface Type

Step 1 Choose an Interface Type from the drop-down menu.

You can choose to select a particular interface on a CE, PE-POP, or PE-CLE interface based on the service provider's POP design. The interfaces are:

•ANY (Any interface can be chosen.)

•Port-Channel (A bundle of ports that share the same characteristics—this gives the service provider the ability to aggregate bandwidth and protection.)

•Ethernet

•FastEthernet

•GE-WAN

•GigabitEthernet

The value defined here (see Figure 3-4) functions as a filter to restrict the interface types an operator can see during L2VPN service request creation.

Figure 3-4 ERS Policy

Note Note that the parameters in Figure 3-4 are for ERS only. For EWS, there are more parameters as shown in Figure 3-3.

Step 2 Enter an Interface Format as the slot number/port number for the CE interface (for example, 1/0 indicates that the interface is located at slot 1, port 0).

This is especially useful to specify here if you know that the link will always go through a particular interface's slot/port location on all or most of the network devices in the service.

Step 3 Choose an Encapsulation type. The choices are:

•DOT1Q

•DEFAULT

If DEFAULT is the CE encapsulation type, ISC shows another field for the UNI port type.

Note If the Interface Type is ANY, ISC will not ask for Step 3 in policy.

Step 4 Check UNI Shutdown box if you want to leave the UNI port shut during service activation, for example, when the service provider wants to deploy a service in the network but wants to activate it at a later time.

Step 5 Check the VLANID AutoPick box if you want ISC to choose a VLAN ID. If you do not check this box, you will be prompted to provide the VLAN in a Provider VLAN ID field during service activation.

Step 6 Enter a Link Speed of 10, 100, 1000, or auto.

Step 7 Enter a Line Duplex of full, half, or auto.

Step 8 Choose a UNI Port Type (ERS only): The choices are:

•Access Port

•Trunk with Native VLAN

Step 9 Enter one or more Ethernet MAC addresses in UNI MAC Addresses.

Step 10 Check the UNI Port Security box if you to want to provision port security-related CLIs to the UNI port by controlling the mac addresses that are allowed to go through the interface.

a. For Maximum MAC address, enter the number of MAC addresses allowed for port security.

b. For Aging, enter the length of time the MAC address can stay on the port security table.

c. For Violation Action, choose what action will occur when a port security violation is detected:

•PROTECT

•RESTRICT

•SHUTDOWN

d. In the Secure MAC Addresses box, enter one or more Ethernet MAC addresses.

Note Step 11 is for EWS only. If you are defining an ERS interface, go to Step 12.

Step 11 Check the Protocol Tunneling box if you want to define the Layer 2 Bridge Protocol Data Unit (BPDU) frames that can be tunneled over the core to the other end. For each protocol that you check, enter the threshold for that protocol:

a. Enable cdp Set a flag to enable Layer 2 tunnelling on a Cisco Discover Protocol (CDP).

b. cdp threshold Enter the number of packets per second to be received before the interface is shut down for the CDP protocol.

c. Enable vtp Enable Layer 2 tunnelling on a VLAN Trunk Protocol (VTP).

d. vtp threshold Enter the number of packets per second to be received before the interface is shut down for the VTP protocol.

e. Enable stp Enable Layer 2 tunnelling on a Spanning Tree Protocol (STP).

f. stp threshold Enter the number of packets per second to be received before the interface is shut down for the STP protocol.

g. Recovery Interval enter the amount of time, in seconds, to wait before recovering a UNI port.

Step 12 Check the Enable Templates box if you want to download free-format CLIs to a device. If you enable templates, you can create templates and data files to push down to the router commands that are not normally supported by ISC. See the Cisco IP Solution Center Infrastructure Reference, 3.1 for more information about template management.

Step 13 Click Finish.

Define an Ethernet Policy without a CE

When you do not check CE present as an L2VPN policy attribute, the window in Figure 3-5 appears.

The Editable check box gives you the option of making a field editable. If you check Editable, the service operator using this L2VPN policy can modify the editable parameter during L2VPN service request creation.

Figure 3-5 PE/PE-CLE Interface Type

Note Note that the parameters in Figure 3-5 are for ERS only. For EWS, there are more parameters as shown in Figure 3-6 and Figure 3-7.

Step 1 Choose a PE/PE-CLE Interface Type from the drop-down menu.

You can choose to select a particular interface as a CE, PE-POP, or PE-CLE interface based on the service provider's POP design. The interfaces are:

•ANY (Any interface can be chosen.)

•Port-Channel (A bundle of ports that share the same characteristics—this gives the service provider the ability to aggregate bandwidth and protection.)

•Ethernet

•FastEthernet

•GE-WAN

•GigabitEthernet

The value defined here (see Figure 3-6) functions as a filter to restrict the interface types an operator can see during L2VPN service request creation.

Figure 3-6 EWS PE Interface

Step 2 Enter an Interface Format as the slot number/port number for the PE interface (for example, 1/0 indicates that the interface is located at slot 1, port 0).

This is especially useful to specify here if you know that the link will always go through a particular interface's slot/port location on all or most of the network devices in the service.

Step 3 Choose an Encapsulation type. The choices are:

•DOT1Q

•DEFAULT

If DEFAULT is the CE encapsulation type, ISC shows another field for the UNI port type.

Note If the Interface Type is ANY, ISC will not ask for Step 3 in policy.

Step 4 Check UNI Shutdown box if you want to leave the UNI port shut during service activation, for example, when the service provider wants to deploy a service in the network but wants to activate it at a later time.

Step 5 Check the VLANID AutoPick box if you want ISC to choose a VLAN ID. If you do not check this box, you will be prompted to provide the VLAN in a Provider VLAN ID field during service activation.

Step 6 Enter a Link Speed of 10, 100, 1000, or auto.

Step 7 Enter a Line Duplex of full, half, or auto.

Step 8 Choose a UNI Port Type (ERS policy only). The choices are:

•Access Port

•Trunk with Native VLAN

Step 9 Enter one or more Ethernet MAC addresses in UNI MAC Addresses.

Step 10 Check the UNI Port Security box if you to want to provision port security-related CLIs to the UNI port by controlling the mac addresses that are allowed to go through the interface.

a. For Maximum MAC address, enter the number of MAC addresses allowed for port security.

b. For Aging, enter the length of time the MAC address can stay on the port security table.

c. For Violation Action, choose what action will occur when a port security violation is detected:

–PROTECT

–RESTRICT

–SHUTDOWN

d. In the Secure MAC Addresses box, enter one or more Ethernet MAC addresses.

Note Step 11 is for EWS only. If you are defining an ERS interface, go to Step 12.

Step 11 Check the Protocol Tunneling box (see Figure 3-7) if you want to define the Layer 2 Bridge Protocol Data Unit (BPDU) frames that can be tunneled over the core to the other end.

Figure 3-7 EWS Protocol Tunneling

For each protocol that you check, enter the threshold for that protocol:

a. Enable cdp Set a flag to enable Layer 2 tunnelling on a Cisco Discover Protocol (CDP).

b. cdp threshold Number of packets per second to be received before the interface is shut down for the CDP protocol.

c. Enable vtp Enable Layer 2 tunnelling on a VLAN Trunk Protocol (VTP).

d. vtp threshold Enter the number of packets per second to be received before the interface is shut down for the VTP protocol.

e. Enable stp Enable Layer 2 tunnelling on a Spanning Tree Protocol (STP).

f. stp threshold Enter the number of packets per second to be received before the interface is shut down for the STP protocol.

g. Recovery Interval enter the amount of time, in seconds, to wait before recovering a UNI port.

Step 12 Check the Enable Templates box if you want to download free-format CLIs to a device. If you enable templates, you can create templates and data files to push down to the router commands that are not normally supported by ISC. See the Cisco IP Solution Center Infrastructure Reference, 3.1 for more information about template management.

Step 13 Click Finish.

Define an ATM Policy when CE is Present

When you check CE Present as an L2VPN policy attribute, the window in Figure 3-8 appears.

The Editable check box gives you the option of making a field editable. If you check Editable, the service operator who is using this L2VPN policy can modify the editable parameter during L2VPN service request creation.

Figure 3-8 CE ATM Interface

Step 1 Choose the PE Encapsulation type from the drop-down menu. The choices are:

•AAL5

•AAL0

Step 2 Choose the CE Interface Type from the drop-down menu. The Choices are:

•ANY

•ATM

•Switch

Step 3 Enter an Interface Format as the slot number/port number for the CE interface (for example, 1/0 indicates that the interface is located at slot 1, port 0).

This is especially useful to specify here if you know that the link will always go through a particular interface's slot/port location on all or most of the network devices in the service.

Step 4 Choose a CE Encapsulation. The choices are:

•AAL5SNAP

•AAL5MUX

•AAL5NLPID

•AAL2

Step 5 Check the UNI Shutdown box if you want to leave the UNI port shut during service activation, for example, when the service provider wants to deploy a service in the network but wants to activate it at a later time.

Step 6 Check the Enable Templates box if you want to download free-format CLIs to a device. If you enable templates, you can create templates and data files to push down to the router commands that are not normally supported by ISC. See the Cisco IP Solution Center Infrastructure Reference, 3.1 for more information about template management.

Step 7 Click Finish.

Define an ATM Policy without a CE

When you do not check CE Present as an L2VPN policy attribute, the window in Figure 3-9 appears.

The Editable check box gives you the option of making a field editable. If you check Editable, the service operator who is using this L2VPN policy can modify the editable parameter during L2VPN service request creation.

Figure 3-9 PE-POP ATM Interface

Step 1 Choose the PE/PE-CLE Interface Type from the drop-down menu. The choices are:

•ANY

•ATM

•Switch

Step 2 Enter an Interface Format as the slot number/port number for the PE interface (for example, 1/0 indicates that the interface is located at slot 1, port 0).

This is especially useful to specify here if you know that the link will always go through a particular interface's slot/port location on all or most of the network devices in the service.

Choose a PE Encapsulation. The choices are:

•AAL5

•AAL0

Step 3 Check the UNI Shutdown box if you want to leave the UNI port shut during service activation, for example, when the service provider wants to deploy a service in the network but wants to activate it at a later time.

Step 4 Check the Enable Templates box if you want to download free-format CLIs to a device. If you enable templates, you can create templates and data files to push down to the router commands that are not normally supported by ISC. See the Cisco IP Solution Center Infrastructure Reference, 3.1 for more information about template management.

Step 5 Click Finish.

Define a Frame Relay Policy when CE is Present

When you check CE Present as an L2VPN policy attribute, the window in Figure 3-10 appears.

The Editable check box gives you the option of making a field editable. If you check Editable, the service operator who is using this L2VPN policy can modify the editable parameter during L2VPN service request creation.

Figure 3-10 CE Frame Relay Interface

Step 1 Choose the Encapsulation type for the PE from the drop-down menu. The choices are:

•FRAME RELAY

•FRAME RELAY IETF

Step 2 Choose the Interface Type for the CE from the drop-down menu. The choices are:

•ANY

•Serial

•POS

•Hssi

•BRI

Step 3 Enter an Interface Format as the slot number/port number for the CE interface (for example, 1/0 indicates that the interface is located at slot 1, port 0).

This is especially useful to specify here if you know that the link will always go through a particular interface's slot/port location on all or most of the network devices in the service.

Step 4 Choose the CE Encapsulation type. The choices are:

•FRAME RELAY

•FRAME RELAY IETF

Step 5 Check the UNI Shutdown box if you want to leave the UNI port shut during service activation, for example, when the service provider wants to deploy a service in the network but wants to activate it at a later time.

Step 6 Check the Enable Templates box if you want to download free-format CLIs to a device. If you enable templates, you can create templates and data files to push down to the router commands that are not normally supported by ISC. See the Cisco IP Solution Center Infrastructure Reference, 3.1 for more information about template management.

Step 7 Click Finish.

Define a Frame Relay Policy without a CE

When you do not check CE Present as an L2VPN policy attribute, the window in Figure 3-11 appears.

The Editable check box gives you the option of making a field editable. If you check Editable, the service operator who is using this L2VPN policy can modify the editable parameter during

Figure 3-11 PE-POP Frame Relay Interface

Step 1 Choose the PE/PE-CLE Interface Type for the CE from the drop-down menu. The choices are:

•ANY

•Serial

•POS

•Hssi

•BRI

Step 2 Enter an Interface Format as the slot number/port number for the PE interface (for example, 1/0 indicates that the interface is located at slot 1, port 0).

This is especially useful to specify here if you know that the link will always go through a particular interface's slot/port location on all or most of the network devices in the service.

Step 3 Choose the PE/PE-CLE Encapsulation type. The choices are:

•FRAME RELAY

•FRAME RELAY IETF

Step 4 Check the UNI Shutdown box if you want to leave the UNI port shut during service activation, for example, when the service provider wants to deploy a service in the network but wants to activate it at a later time.

Step 5 Check the Enable Templates box if you want to download free-format CLIs to a device. If you enable templates, you can create templates and data files to push down to the router commands that are not normally supported by ISC. See the Cisco IP Solution Center Infrastructure Reference, 3.1 for more information about template management.

Step 6 Click Finish.

	Cisco IP Solution Center L2VPN User Guide, 3.1
	Creating an L2VPN Policy
Cisco IP Solution Center L2VPN User Guide, 3.1 Index About This Guide ISC L2VPN and VPLS Concepts Setting up the ISC Service Creating an L2VPN Policy Managing an L2VPN Service Request Creating a VPLS Policy Managing a VPLS Service Request Managing and Auditing Service Requests	Download this chapter Creating an L2VPN Policy Download the complete book Cisco IP Solution Center, 3.1: L2VPN Management User Guide, 3.1 - Entire Book in PDF (PDF - 3 MB) Table Of Contents Creating an L2VPN Policy Define an L2VPN Policy Define an Ethernet Policy when CE is Present Define an Ethernet Policy without a CE Define an ATM Policy when CE is Present Define an ATM Policy without a CE Define a Frame Relay Policy when CE is Present Define a Frame Relay Policy without a CE Creating an L2VPN Policy This chapter contains the basic steps to create an L2VPN policy: •Define an L2VPN Policy •Define an Ethernet Policy when CE is Present •Define an Ethernet Policy without a CE •Define an ATM Policy when CE is Present •Define an ATM Policy without a CE •Define a Frame Relay Policy when CE is Present •Define a Frame Relay Policy without a CE Define an L2VPN Policy You must define an L2VPN policy before you can provision a Cisco IP Solution Center (ISC) service. An L2VPN policy defines the common characteristics shared by the end-to-end wire attributes and Attachment Circuit (AC) attributes. A policy can be shared by one or more service requests that have similar service requirements. The Editable check box gives the network operator the option of making a field editable. If the value is set to editable, the service request creator can change to other valid values for the particular policy item. If the value is not set to editable, the service request creator cannot change the policy item. The four major categories of an L2VPN policy correspond to the four major services that L2VPN provides: •Point-to-point Ethernet Wire Service (EWS) •Point-to-point Ethernet Relay Service (ERS) •Frame Relay over MPLS (FRoMPLS) •ATM over MPLS (ATMoMPLS) A policy is a template of most of the parameters needed to define an L2VPN service request. Once you define it, an L2VPN policy can be used by all the L2VPN service requests that share a common set of characteristics. You create a new L2VPN policy whenever you create a new type of service or a service with different parameters. L2VPN policy creation is normally performed by experienced network engineers. To define an L2VPN policy in ISC, use the following steps. See Figure 3-1. Step 1 Choose Service Design> Policy Manager. The Policies window appears as shown in Figure 3-1. Step 2 Click Create. Figure 3-1 Creating an L2VPN Policy Step 3 Choose L2VPN Policy. When you choose L2VPN Policy, the window in Figure 3-2 appears: Figure 3-2 Customer-Owned ERS Policy Step 4 Enter a Policy Name for the L2VPN policy. Step 5 Choose the Policy Owner for the L2VPN policy. There are three types of L2VPN policy ownership: •Customer ownership •Provider ownership •Global ownership: Any service operator can make use of this L2VPN policy. This ownership has relevance when the ISC Role-Based Access Control (RBAC) comes into play. For example, an L2VPN policy that is customer-owned can only be seen by operators who are allowed to work on this customer-owned policy. Similarly, operators who are allowed to work on a provider's network can view, use, and deploy a particular provider-owned policy. Step 6 Click Select to choose the owner of the L2VPN. (If you choose Global ownership, the Select function is not available.) The Select Customer window or the Select Provider window appears and you can choose an owner of the policy and click Select. Step 7 Choose the Service Type of the L2VPN policy. There are four service types for L2VPN policies: •Ethernet EVCS (Or ERS) •Ethernet Point-To-Point TLS (Or EWS) •Frame Relay over MPLS (FRoMPLS) •ATM over MPLS (ATMoMPLS) Step 8 Check the CE Present box if you want ISC to ask the service operator who uses this L2VPN policy to provide a CE router and interface during service activation. The default is CE present in the service. If you do not check CE Present, ISC asks the service operator, during service activation, only for the PE-CLE or the PE-POP router and customer-facing interface. Step 9 Click Next. Define an Ethernet Policy when CE is Present When you check CE Present as an L2VPN policy attribute, the window in Figure 3-3 appears. The Editable check box gives you the option of making a field editable. If you check Editable, the service operator who is using this L2VPN policy can modify the editable parameter during L2VPN service request creation. Note The following L2VPN policy example is for Ethernet-based L2VPN service requests. Policies for ATM and Frame Relay are similar but have different parameters that need to be set. Figure 3-3 Choose CE Interface Type Step 1 Choose an Interface Type from the drop-down menu. You can choose to select a particular interface on a CE, PE-POP, or PE-CLE interface based on the service provider's POP design. The interfaces are: •ANY (Any interface can be chosen.) •Port-Channel (A bundle of ports that share the same characteristics—this gives the service provider the ability to aggregate bandwidth and protection.) •Ethernet •FastEthernet •GE-WAN •GigabitEthernet The value defined here (see Figure 3-4) functions as a filter to restrict the interface types an operator can see during L2VPN service request creation. Figure 3-4 ERS Policy Note Note that the parameters in Figure 3-4 are for ERS only. For EWS, there are more parameters as shown in Figure 3-3. Step 2 Enter an Interface Format as the slot number/port number for the CE interface (for example, 1/0 indicates that the interface is located at slot 1, port 0). This is especially useful to specify here if you know that the link will always go through a particular interface's slot/port location on all or most of the network devices in the service. Step 3 Choose an Encapsulation type. The choices are: •DOT1Q •DEFAULT If DEFAULT is the CE encapsulation type, ISC shows another field for the UNI port type. Note If the Interface Type is ANY, ISC will not ask for Step 3 in policy. Step 4 Check UNI Shutdown box if you want to leave the UNI port shut during service activation, for example, when the service provider wants to deploy a service in the network but wants to activate it at a later time. Step 5 Check the VLANID AutoPick box if you want ISC to choose a VLAN ID. If you do not check this box, you will be prompted to provide the VLAN in a Provider VLAN ID field during service activation. Step 6 Enter a Link Speed of 10, 100, 1000, or auto. Step 7 Enter a Line Duplex of full, half, or auto. Step 8 Choose a UNI Port Type (ERS only): The choices are: •Access Port •Trunk with Native VLAN Step 9 Enter one or more Ethernet MAC addresses in UNI MAC Addresses. Step 10 Check the UNI Port Security box if you to want to provision port security-related CLIs to the UNI port by controlling the mac addresses that are allowed to go through the interface. a. For Maximum MAC address, enter the number of MAC addresses allowed for port security. b. For Aging, enter the length of time the MAC address can stay on the port security table. c. For Violation Action, choose what action will occur when a port security violation is detected: •PROTECT •RESTRICT •SHUTDOWN d. In the Secure MAC Addresses box, enter one or more Ethernet MAC addresses. Note Step 11 is for EWS only. If you are defining an ERS interface, go to Step 12. Step 11 Check the Protocol Tunneling box if you want to define the Layer 2 Bridge Protocol Data Unit (BPDU) frames that can be tunneled over the core to the other end. For each protocol that you check, enter the threshold for that protocol: a. Enable cdp Set a flag to enable Layer 2 tunnelling on a Cisco Discover Protocol (CDP). b. cdp threshold Enter the number of packets per second to be received before the interface is shut down for the CDP protocol. c. Enable vtp Enable Layer 2 tunnelling on a VLAN Trunk Protocol (VTP). d. vtp threshold Enter the number of packets per second to be received before the interface is shut down for the VTP protocol. e. Enable stp Enable Layer 2 tunnelling on a Spanning Tree Protocol (STP). f. stp threshold Enter the number of packets per second to be received before the interface is shut down for the STP protocol. g. Recovery Interval enter the amount of time, in seconds, to wait before recovering a UNI port. Step 12 Check the Enable Templates box if you want to download free-format CLIs to a device. If you enable templates, you can create templates and data files to push down to the router commands that are not normally supported by ISC. See the Cisco IP Solution Center Infrastructure Reference, 3.1 for more information about template management. Step 13 Click Finish. Define an Ethernet Policy without a CE When you do not check CE present as an L2VPN policy attribute, the window in Figure 3-5 appears. The Editable check box gives you the option of making a field editable. If you check Editable, the service operator using this L2VPN policy can modify the editable parameter during L2VPN service request creation. Figure 3-5 PE/PE-CLE Interface Type Note Note that the parameters in Figure 3-5 are for ERS only. For EWS, there are more parameters as shown in Figure 3-6 and Figure 3-7. Step 1 Choose a PE/PE-CLE Interface Type from the drop-down menu. You can choose to select a particular interface as a CE, PE-POP, or PE-CLE interface based on the service provider's POP design. The interfaces are: •ANY (Any interface can be chosen.) •Port-Channel (A bundle of ports that share the same characteristics—this gives the service provider the ability to aggregate bandwidth and protection.) •Ethernet •FastEthernet •GE-WAN •GigabitEthernet The value defined here (see Figure 3-6) functions as a filter to restrict the interface types an operator can see during L2VPN service request creation. Figure 3-6 EWS PE Interface Step 2 Enter an Interface Format as the slot number/port number for the PE interface (for example, 1/0 indicates that the interface is located at slot 1, port 0). This is especially useful to specify here if you know that the link will always go through a particular interface's slot/port location on all or most of the network devices in the service. Step 3 Choose an Encapsulation type. The choices are: •DOT1Q •DEFAULT If DEFAULT is the CE encapsulation type, ISC shows another field for the UNI port type. Note If the Interface Type is ANY, ISC will not ask for Step 3 in policy. Step 4 Check UNI Shutdown box if you want to leave the UNI port shut during service activation, for example, when the service provider wants to deploy a service in the network but wants to activate it at a later time. Step 5 Check the VLANID AutoPick box if you want ISC to choose a VLAN ID. If you do not check this box, you will be prompted to provide the VLAN in a Provider VLAN ID field during service activation. Step 6 Enter a Link Speed of 10, 100, 1000, or auto. Step 7 Enter a Line Duplex of full, half, or auto. Step 8 Choose a UNI Port Type (ERS policy only). The choices are: •Access Port •Trunk with Native VLAN Step 9 Enter one or more Ethernet MAC addresses in UNI MAC Addresses. Step 10 Check the UNI Port Security box if you to want to provision port security-related CLIs to the UNI port by controlling the mac addresses that are allowed to go through the interface. a. For Maximum MAC address, enter the number of MAC addresses allowed for port security. b. For Aging, enter the length of time the MAC address can stay on the port security table. c. For Violation Action, choose what action will occur when a port security violation is detected: –PROTECT –RESTRICT –SHUTDOWN d. In the Secure MAC Addresses box, enter one or more Ethernet MAC addresses. Note Step 11 is for EWS only. If you are defining an ERS interface, go to Step 12. Step 11 Check the Protocol Tunneling box (see Figure 3-7) if you want to define the Layer 2 Bridge Protocol Data Unit (BPDU) frames that can be tunneled over the core to the other end. Figure 3-7 EWS Protocol Tunneling For each protocol that you check, enter the threshold for that protocol: a. Enable cdp Set a flag to enable Layer 2 tunnelling on a Cisco Discover Protocol (CDP). b. cdp threshold Number of packets per second to be received before the interface is shut down for the CDP protocol. c. Enable vtp Enable Layer 2 tunnelling on a VLAN Trunk Protocol (VTP). d. vtp threshold Enter the number of packets per second to be received before the interface is shut down for the VTP protocol. e. Enable stp Enable Layer 2 tunnelling on a Spanning Tree Protocol (STP). f. stp threshold Enter the number of packets per second to be received before the interface is shut down for the STP protocol. g. Recovery Interval enter the amount of time, in seconds, to wait before recovering a UNI port. Step 12 Check the Enable Templates box if you want to download free-format CLIs to a device. If you enable templates, you can create templates and data files to push down to the router commands that are not normally supported by ISC. See the Cisco IP Solution Center Infrastructure Reference, 3.1 for more information about template management. Step 13 Click Finish. Define an ATM Policy when CE is Present When you check CE Present as an L2VPN policy attribute, the window in Figure 3-8 appears. The Editable check box gives you the option of making a field editable. If you check Editable, the service operator who is using this L2VPN policy can modify the editable parameter during L2VPN service request creation. Figure 3-8 CE ATM Interface Step 1 Choose the PE Encapsulation type from the drop-down menu. The choices are: •AAL5 •AAL0 Step 2 Choose the CE Interface Type from the drop-down menu. The Choices are: •ANY •ATM •Switch Step 3 Enter an Interface Format as the slot number/port number for the CE interface (for example, 1/0 indicates that the interface is located at slot 1, port 0). This is especially useful to specify here if you know that the link will always go through a particular interface's slot/port location on all or most of the network devices in the service. Step 4 Choose a CE Encapsulation. The choices are: •AAL5SNAP •AAL5MUX •AAL5NLPID •AAL2 Step 5 Check the UNI Shutdown box if you want to leave the UNI port shut during service activation, for example, when the service provider wants to deploy a service in the network but wants to activate it at a later time. Step 6 Check the Enable Templates box if you want to download free-format CLIs to a device. If you enable templates, you can create templates and data files to push down to the router commands that are not normally supported by ISC. See the Cisco IP Solution Center Infrastructure Reference, 3.1 for more information about template management. Step 7 Click Finish. Define an ATM Policy without a CE When you do not check CE Present as an L2VPN policy attribute, the window in Figure 3-9 appears. The Editable check box gives you the option of making a field editable. If you check Editable, the service operator who is using this L2VPN policy can modify the editable parameter during L2VPN service request creation. Figure 3-9 PE-POP ATM Interface Step 1 Choose the PE/PE-CLE Interface Type from the drop-down menu. The choices are: •ANY •ATM •Switch Step 2 Enter an Interface Format as the slot number/port number for the PE interface (for example, 1/0 indicates that the interface is located at slot 1, port 0). This is especially useful to specify here if you know that the link will always go through a particular interface's slot/port location on all or most of the network devices in the service. Choose a PE Encapsulation. The choices are: •AAL5 •AAL0 Step 3 Check the UNI Shutdown box if you want to leave the UNI port shut during service activation, for example, when the service provider wants to deploy a service in the network but wants to activate it at a later time. Step 4 Check the Enable Templates box if you want to download free-format CLIs to a device. If you enable templates, you can create templates and data files to push down to the router commands that are not normally supported by ISC. See the Cisco IP Solution Center Infrastructure Reference, 3.1 for more information about template management. Step 5 Click Finish. Define a Frame Relay Policy when CE is Present When you check CE Present as an L2VPN policy attribute, the window in Figure 3-10 appears. The Editable check box gives you the option of making a field editable. If you check Editable, the service operator who is using this L2VPN policy can modify the editable parameter during L2VPN service request creation. Figure 3-10 CE Frame Relay Interface Step 1 Choose the Encapsulation type for the PE from the drop-down menu. The choices are: •FRAME RELAY •FRAME RELAY IETF Step 2 Choose the Interface Type for the CE from the drop-down menu. The choices are: •ANY •Serial •POS •Hssi •BRI Step 3 Enter an Interface Format as the slot number/port number for the CE interface (for example, 1/0 indicates that the interface is located at slot 1, port 0). This is especially useful to specify here if you know that the link will always go through a particular interface's slot/port location on all or most of the network devices in the service. Step 4 Choose the CE Encapsulation type. The choices are: •FRAME RELAY •FRAME RELAY IETF Step 5 Check the UNI Shutdown box if you want to leave the UNI port shut during service activation, for example, when the service provider wants to deploy a service in the network but wants to activate it at a later time. Step 6 Check the Enable Templates box if you want to download free-format CLIs to a device. If you enable templates, you can create templates and data files to push down to the router commands that are not normally supported by ISC. See the Cisco IP Solution Center Infrastructure Reference, 3.1 for more information about template management. Step 7 Click Finish. Define a Frame Relay Policy without a CE When you do not check CE Present as an L2VPN policy attribute, the window in Figure 3-11 appears. The Editable check box gives you the option of making a field editable. If you check Editable, the service operator who is using this L2VPN policy can modify the editable parameter during Figure 3-11 PE-POP Frame Relay Interface Step 1 Choose the PE/PE-CLE Interface Type for the CE from the drop-down menu. The choices are: •ANY •Serial •POS •Hssi •BRI Step 2 Enter an Interface Format as the slot number/port number for the PE interface (for example, 1/0 indicates that the interface is located at slot 1, port 0). This is especially useful to specify here if you know that the link will always go through a particular interface's slot/port location on all or most of the network devices in the service. Step 3 Choose the PE/PE-CLE Encapsulation type. The choices are: •FRAME RELAY •FRAME RELAY IETF Step 4 Check the UNI Shutdown box if you want to leave the UNI port shut during service activation, for example, when the service provider wants to deploy a service in the network but wants to activate it at a later time. Step 5 Check the Enable Templates box if you want to download free-format CLIs to a device. If you enable templates, you can create templates and data files to push down to the router commands that are not normally supported by ISC. See the Cisco IP Solution Center Infrastructure Reference, 3.1 for more information about template management. Step 6 Click Finish.
	© 1992-2008 Cisco Systems, Inc. All rights reserved. Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks of Cisco Systems, Inc.