Table Of Contents
Implementing Virtual Private LAN Services
Contents
Prerequisites for Implementing Virtual Private LAN Services
Restrictions for Implementing Virtual Private LAN Services
Information About Implementing Virtual Private LAN Services
Virtual Private LAN Services Overview
VPLS for an MPLS-based Provider Core
Hierarchical VPLS
H-VPLS with Ethernet Access QinQ or QinAny
H-VPLS with PW-access
Signaling
Interoperability Between Cisco IOS XR and Cisco IOS on VPLS LDP Signaling
Bridge Domain
MAC Address-related Parameters
MAC Address Flooding
MAC Address-based Forwarding
MAC Address Source-based Learning
MAC Address Aging
MAC Address Limit
MAC Address Withdrawal
LSP Ping over VPWS and VPLS
Pseudowire Redundancy for P2P AToM Cross-Connects
How to Implement Virtual Private LAN Services
Configuring a Bridge Domain
Creating a Bridge Domain
Configuring a Pseudowire
Configuring a Backup Pseudowire
Configuring Backup Disable Delay
Associating Members with a Bridge Domain
Configuring Bridge Domain Parameters
Disabling a Bridge Domain
Blocking Unknown Unicast Flooding
Configuring a Layer 2 Virtual Forwarding Instance
Adding the Virtual Forwarding Instance Under the Bridge Domain
Associating Pseudowires with the Virtual Forwarding Instance
Associating a Virtual Forwarding Instance to a Bridge Domain
Attaching Pseudowire Classes to Pseudowires
Configuring Any Transport over Multiprotocol Pseudowires By Using Static Labels
Disabling a Virtual Forwarding Instance
Configuring the MAC Address-related Parameters
Configuring the MAC Address Source-based Learning
Disabling the MAC Address Withdrawal
Configuring the MAC Address Limit
Configuring the MAC Address Aging
Disabling MAC Flush at the Bridge Port Level
Configuration Examples for Virtual Private LAN Services
Virtual Private LAN Services Configuration for Provider Edge-to-Provider Edge: Example
Virtual Private LAN Services Configuration for Provider Edge-to-Customer Edge: Example
Configuring Backup Disable Delay: Example
Blocking Unknown Unicast Flooding: Example
Disabling MAC Flush: Examples
H-VPLS with QinQ or QinAny: Examples
H-VPLS with Access-PWs: Examples
Additional References
Related Documents
Standards
MIBs
RFCs
Technical Assistance
Implementing Virtual Private LAN Services
This module provides the conceptual and configuration information for Virtual Private LAN Services (VPLS) on Cisco IOS XR software. VPLS supports Layer 2 VPN technology and provides transparent multipoint Layer 2 connectivity for customers.
This approach enables service providers to host a multitude of new services such as broadcast TV, Layer 2 VPNs.
For MPLS Layer 2 virtual private networks (VPNs), see Implementing MPLS Layer 2 VPNs module.
Note 
For more information about MPLS Layer 2 VPN on Cisco IOS XR software and for descriptions of the commands listed in this module, see the "Related Documents" section. To locate documentation for other commands that might appear while executing a configuration task, search online in the Cisco IOS XR software master command index.
Feature History for Implementing Virtual Private LAN Services on Cisco IOS XR Configuration Module
Release
|
Modification
|
Release 3.7.0
|
This feature was introduced.
|
Release 3.8.0
|
Support for the bridging funtionality feature (VPLS based) and pseudowire redundancy, was added on the Cisco CRS-1 router.
|
Release 3.9.0
|
The following features were added:
•Blocking unknown unicast flooding.
•Disabling MAC flush.
|
Contents
•Before you configure VPLS, ensure that the network is configured as follows:
•Restrictions for Implementing Virtual Private LAN Services
•Information About Implementing Virtual Private LAN Services
•How to Implement Virtual Private LAN Services
•Configuration Examples for Virtual Private LAN Services
•Additional References
Prerequisites for Implementing Virtual Private LAN Services
Before you configure VPLS, ensure that the network is configured as follows:
•To perform these configuration tasks, your Cisco IOS XR software system administrator must assign you to a user group associated with a task group that includes the corresponding command task IDs. All command task IDs are listed in individual command references and in the Cisco IOS XR Task ID Reference Guide.
If you need assistance with your task group assignment, contact your system administrator.
•Configure IP routing in the core so that the provider edge (PE) routers can reach each other through IP.
•Configure MPLS and Label Distribution Protocol (LDP) in the core so that a label switched path (LSP) exists between the PE routers.
•Configure a loopback interface to originate and terminate Layer 2 traffic. Make sure that the PE routers can access the other router's loopback interface.
Note The loopback interface is not needed in all cases. For example, tunnel selection does not need a loopback interface when VPLS is directly mapped to a TE tunnel.
Restrictions for Implementing Virtual Private LAN Services
The following restrictions are listed for implementing VPLS:
•All attachment circuits in a bridge domain on an Engine 3 line card must be the same type (for example, port, dot1q, qinq, or qinany), value (VLAN ID), and EtherType (for example, 0x8100, 0x9100, or 0x9200).
•The Engine 3 line cards, cannot simultaneously have attachment circuits and MPLS-enabled on any one of its interfaces. The line card cannot be Edge-facing and Core-facing at the same time.
•The line card requires ternary content addressable memory (TCAM) Carving configuration.
•Virtual Forwarding Instance (VFI) names have to be unique, because a bridge domain can have only one VFI.
•A PW cannot belong to both a peer-to-peer (P2P) cross-connect group and a VPLS bridge-domain. This means that the neighboring IP address and the pseudowire ID have to be unique on the router, because the pseudowire ID is signaled to the remote provider edge.
•You cannot manually set up a PW on one PE and use auto-discovery on the other PE to configure the same PW in the other direction.
For the Engine 5 line card, version 1 of the Ethernet SPA does not support QinQ mode and QinAny mode.
Note For the Engine 5 line card, version 2 of the Ethernet SPA supports all VLAN modes, such as VLAN mode, QinQ mode, or QinAny mode.
Information About Implementing Virtual Private LAN Services
To implement Virtual Private LAN Services (VPLS), you should understand the following concepts:
•Virtual Private LAN Services Overview
•VPLS for an MPLS-based Provider Core
•Hierarchical VPLS
•Signaling
•Bridge Domain
•MAC Address-related Parameters
•LSP Ping over VPWS and VPLS
•Pseudowire Redundancy for P2P AToM Cross-Connects
Virtual Private LAN Services Overview
Virtual Private LAN Service (VPLS) enables geographically separated local-area network (LAN) segments to be interconnected as a single bridged domain over an MPLS network. The full functions of the traditional LAN such as MAC address learning, aging, and switching are emulated across all the remotely connected LAN segments that are part of a single bridged domain. A service provider can offer VPLS service to multiple customers over the MPLS network by defining different bridged domains for different customers. Packets from one bridged domain are never carried over or delivered to another bridged domain, thus ensuring the privacy of the LAN service.
VPLS transports Ethernet 802.3, VLAN 802.1q, and VLAN-in-VLAN (Q-in-Q) traffic across multiple sites that belong to the same Layer 2 broadcast domain. VPLS offers simple Virtual LAN services that include flooding broadcast, multicast, and unknown unicast frames that are received on a bridge. The VPLS solution requires a full mesh of pseudowires that are established among provider edge (PE) routers. The VPLS implementation is based on Label Distribution Protocol (LDP)-based pseudowire signaling.
A VFI is a virtual bridge port that is capable of performing native bridging functions, such as forwarding, based on the destination MAC address, source MAC address learning and aging.
After provisioning attachment circuits, neighbor relationships across the MPLS network for this specific instance are established through a set of manual commands identifying the end PEs. When the neighbor association is complete, a full mesh of pseudowires is established among the network-facing provider edge devices, which is a gateway between the MPLS core and the customer domain.
The service provider network starts switching the packets within the bridged domain specific to the customer by looking at destination MAC addresses. All traffic with unknown, broadcast, and multicast destination MAC addresses is flooded to all the connected customer edge devices, which connect to the service provider network. The network-facing provider edge devices learn the source MAC addresses as the packets are flooded. The traffic is unicasted to the customer edge device for all the learned MAC addresses.
VPLS requires the provider edge device to be MPLS-capable. The VPLS provider edge device holds all the VPLS forwarding MAC tables and Bridge Domain information. In addition, it is responsible for all flooding broadcast frames and multicast replications.
Note VPLS with Traffic Engineering Fast Reroute (TE FRR) is not supported.
VPLS for an MPLS-based Provider Core
VPLS is a multipoint Layer 2 VPN technology that connects two or more customer devices using bridging techniques. The VPLS architecture allows for the end-to-end connection between the Provider Edge (PE) routers to provide Multipoint Ethernet Services.
VPLS requires the creation of a bridge domain (Layer 2 broadcast domain) on each of the PE routers. The access connections to the bridge domain on a PE router are called attachment circuits (AC).
The attachment circuits can be a set of physical ports, virtual ports, or both that are connected to the bridge at each PE device in the network.
The MPLS/IP provider core simulates a virtual bridge that connects the multiple attachment circuits on each of the PE devices together to form a single broadcast domain. A VFI is created on the PE router for each VPLS instance. The PE routers make packet-forwarding decisions by looking up the VFI of a particular VPLS instance. The VFI acts like a virtual bridge for a given VPLS instance. More than one attachment circuit belonging to a given VPLS are connected to the VFI. The PE router establishes emulated VCs to all the other PE routers in that VPLS instance and attaches these emulated VCs to the VFI. Packet forwarding decisions are based on the data structures maintained in the VFI.
Hierarchical VPLS
Hierarchical VPLS (H-VPLS) is an extension of basic VPLS that provides scaling and operational benefits. H-VPLS provides a solution to deliver Ethernet multipoint services over MPLS. H-VPLS partitions a network into several edge domains that are interconnected using an MPLS core. The use of Ethernet switches at the edge offers significant technical and economic advantages. H-VPLS also allows Ethernet point-to-point and multipoint Layer 2 VPN services, as well as Ethernet access to high-speed Internet and IP VPN services.
Two flavors of H-VPLS are:
•Ethernet access in the edge domain
•MPLS access in the edge domain
H-VPLS with Ethernet Access QinQ or QinAny
Figure 7 shows Ethernet access for H-VPLS. The edge domain can be built using Ethernet switches and techniques such as QinQ. Using Ethernet as the edge technology simplifies the operation of the edge domain and reduces the cost of the edge devices.
Figure 7 Ethernet Access for H-VPLS
H-VPLS with PW-access
Figure 8 shows pseudowire (PW) access for H-VPLS. The edge domain can be an MPLS access network. In this scenario, the U-PE device carries the customer traffic from attachment circuits (AC) over the point to point (p2p) pseudowires. The p2p pseudowires terminate in a bridge domain configured on the N-PE device.
Access PW is configured as a member directly under a bridge domain. A bridge-domain in N-PE1 can have multiple ACs (physical/VLAN Ethernet ports), multiple access PWs and one VFI (consisting of core PWs) as members, is depicted in Figure 8.
Figure 8 PW access for H-VPLS
Signaling
An important aspect of VPN technologies, including VPLS, is the ability of network devices to automatically signal to other devices about an association with a particular VPN, often referred to as signaling mechanisms.
The implementation of VPLS in a network requires the establishment of a full mesh of pseudowires between the provider edge (PE) routers. The signaling of pseudowires between provider edge devices, described in draft-ietf-l2vpn-vpls-ldp-09, uses targeted LDP sessions to exchange label values and attributes and to setup the pseudowires. LDP is an efficient mechanism for signaling pseudowire status for Ethernet point-to-point and multipoint services.
Interoperability Between Cisco IOS XR and Cisco IOS on VPLS LDP Signaling
The Cisco IOS Software encodes the NLRI length in the fist byte in bits format in the BGP Update message. However, the Cisco IOS XR Software interprets the NLRI length in 2 bytes. Therefore, when the BGP neighbor with VPLS-VPWS address family is configured between the IOS and the IOS XR, NLRI mismatch can happen, leading to flapping between neighbors. To avoid this conflict, IOS supports prefix-length-size 2 command that needs to be enabled for IOS to work with IOS XR. When the prefix-length-size 2 command is configured in IOS, the NLRI length is encoded in bytes. This configuration is mandatory for IOS to work with IOS XR.
This is a sample IOS configuration with the prefix-length-size 2 command:
address-family l2vpn vpls
neighbor 5.5.5.2 activate
neighbor 5.5.5.2 prefix-length-size 2 --------> NLRI length = 2 bytes
Bridge Domain
The native bridge domain refers to a Layer 2 broadcast domain consisting of a set of physical or virtual ports (including VFI). Data frames are switched within a bridge domain based on the destination MAC address. Multicast, broadcast, and unknown destination unicast frames are flooded within the bridge domain. In addition, the source MAC address learning is performed on all incoming frames on a bridge domain. A learned address is aged out. Incoming frames are mapped to a bridge domain, based on either the ingress port or a combination of both an ingress port and a MAC header field.
By default, split horizon is enabled on a bridge domain. In other words, any packets that are coming on either the attachment circuits or pseudowires are not returned on the same attachment circuits or pseudowires. In addition, the packets that are received on one pseudowire are not replicated on other pseudowires in the same VFI.
MAC Address-related Parameters
The MAC address table contains a list of the known MAC addresses and their forwarding information. In the current VPLS design, the MAC address table and its management are distributed. In other words, a copy of the MAC address table is maintained on the route processor (RP) card and the line cards.
These topics provide information about the MAC address-related parameters:
•MAC Address Flooding
•MAC Address-based Forwarding
•MAC Address Source-based Learning
•MAC Address Aging
•MAC Address Limit
•MAC Address Withdrawal
MAC Address Flooding
Ethernet services require that frames that are sent to broadcast addresses and to unknown destination addresses be flooded to all ports. To obtain flooding within VPLS broadcast models, all unknown unicast, broadcast, and multicast frames are flooded over the corresponding pseudowires and to all attachment circuits. Therefore, a PE must replicate packets across both attachment circuits and pseudowires.
MAC Address-based Forwarding
To forward a frame, a PE must associate a destination MAC address with a pseudowire or attachment circuit. This type of association is provided through a static configuration on each PE or through dynamic learning, which is flooded to all bridge ports.
Note In this case, split horizon forwarding applies; for example, frames that are coming in on an attachment circuit or pseudowire are not sent out of the same attachment circuit or pseudowire. The pseudowire frames, which are received on one pseudowire, are replicated on to other attachment circuits, VFI pseudowires and access pseudowires.
MAC Address Source-based Learning
When a frame arrives on a bridge port (for example, pseudowire or attachment circuit) and the source MAC address is unknown to the receiving PE router, the source MAC address is associated with the pseudowire or attachment circuit. Outbound frames to the MAC address are forwarded to the appropriate pseudowire or attachment circuit.
MAC address source-based learning uses the MAC address information that is learned in the hardware forwarding path. The updated MAC tables are sent to all line cards (LCs) and program the hardware for the router.
The number of learned MAC addresses is limited through configurable per-port and per-bridge domain MAC address limits.
MAC Address Aging
A MAC address in the MAC table is considered valid only for the duration of the MAC address aging time. When the time expires, the relevant MAC entries are repopulated. When the MAC aging time is configured only under a bridge domain, all the pseudowires and attachment circuits in the bridge domain use that configured MAC aging time.
A bridge forwards, floods, or drops packets based on the bridge table. The bridge table maintains both static entries and dynamic entries. Static entries are entered by the network manager or by the bridge itself. Dynamic entries are entered by the bridge learning process. A dynamic entry is automatically removed after a specified length of time, known as aging time, from the time the entry was created or last updated.
If hosts on a bridged network are likely to move, decrease the aging-time to enable the bridge to adapt to the change quickly. If hosts do not transmit continuously, increase the aging time to record the dynamic entries for a longer time, thus reducing the possibility of flooding when the hosts transmit again.
MAC Address Limit
The MAC address limit is used to limit the number of learned MAC addresses. The limit is set at the bridge domain level and the port level. When the MAC address limit is violated, the system is configured to take one of the actions that are listed in Table 2.
Table 2 MAC Address Limit Actions
Action
|
Description
|
Limit flood
|
Discards the new MAC addresses.
|
Limit no-flood
|
Discards the new MAC addresses. Flooding of unknown unicast packets is disabled.
|
Shutdown
|
Disables the bridge domain or bridge port. When the bridge domain is down, none of the bridging functions, such as learning, flooding, forwarding, and so forth take place for the bridge domain. If a bridge port is down as a result of the action, the interface or pseudowire representing the bridge port remains up but the bridge port is not participating in the bridge. When disabled, the port or bridge domain is manually brought up by using an EXEC CLI.
|
When a limit is exceeded, the system is configured to perform the following notifications:
•Syslog (default)
•Simple Network Management Protocol (SNMP) trap
•Syslog and SNMP trap
•None (no notification)
To clear the MAC limit condition, the number of MACs must go below 75 percent of the configured limit.
MAC Address Withdrawal
For faster VPLS convergence, you can remove or unlearn the MAC addresses that are learned dynamically. The Label Distribution Protocol (LDP) Address Withdrawal message is sent with the list of MAC addresses, which need to be withdrawn to all other PEs that are participating in the corresponding VPLS service.
For the Cisco IOS XR VPLS implementation, a portion of the dynamically learned MAC addresses are cleared by using the MAC addresses aging mechanism by default. The MAC address withdrawal feature is added through the LDP Address Withdrawal message. To enable the MAC address withdrawal feature, use the withdrawal command in l2vpn bridge group bridge domain MAC configuration mode. To verify that the MAC address withdrawal is enabled, use the show l2vpn bridge-domain command with the detail keyword.
Note By default, the LDP MAC Withdrawal feature is enabled on Cisco IOS XR.
The LDP MAC Withdrawal feature is generated due to the following events:
•Attachment circuit goes down. You can remove or add the attachment circuit through the CLI.
•MAC withdrawal messages are received over a VFI pseudowire and are not propagated over access pseudowires. RFC 4762 specifies that both wildcards (by means of an empty Type, Length and Value [TLV]) and a specific MAC address withdrawal. Cisco IOS XR software supports only a wildcard MAC address withdrawal.
LSP Ping over VPWS and VPLS
For Cisco IOS XR software, the existing support for the Label Switched Path (LSP) ping and traceroute verification mechanisms for point-to-point pseudowires (signaled using LDP FEC128) is extended to cover the pseudowires that are associated with the VFI (VPLS). Currently, the support for the LSP ping and traceroute is limited to manually configured VPLS and access pseudowires (signaled using LDP FEC128). Virtual Circuit Connection Verification (VCCV) is also supported on access pseudowires. For information about VCCV support and the ping mpls pseudowire command, see Cisco IOS XR MPLS Command Reference for the Cisco CRS Router.
Pseudowire Redundancy for P2P AToM Cross-Connects
Backup pseudowires (PW) are associated with the corresponding primary pseudowires. A backup PW is not programmed to forward data when inactive. It is activated only if a primary PW fails. This is known as pseudowire redundancy. The primary reason for backing up a PW is to reduce traffic loss when a primary PW fails. When the primary PW is active again, it resumes its activity.
A primary PW can be associated with only one backup PW. Similarly, a backup PW can be associated with only one primary PW.
Note This feature is supported only for an AToM instance on the Cisco XR 12000 Series Router, and for an EoMPLS instance on the Cisco CRS-1 router.
How to Implement Virtual Private LAN Services
This section describes the tasks that are required to implement VPLS:
•Configuring a Bridge Domain
•Configuring a Layer 2 Virtual Forwarding Instance
•Configuring the MAC Address-related Parameters
Configuring a Bridge Domain
These topics describe how to configure a bridge domain:
•Creating a Bridge Domain
•Configuring a Pseudowire
•Associating Members with a Bridge Domain
•Configuring Bridge Domain Parameters
•Disabling a Bridge Domain
•Blocking Unknown Unicast Flooding
Creating a Bridge Domain
Perform this task to create a bridge domain.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge-group-name
4. bridge-domain bridge-domain-name
5. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge-group-name
Example:
RP/0/0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain-name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# end
or
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Configuring a Pseudowire
Perform this task to configure a pseudowire under a bridge domain.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. vfi {vfi name}
6. exit
7. neighbor {A.B.C.D} {pw-id value}
8. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
vfi {vfi-name}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# vfi v1
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi)#
|
Configures the virtual forwarding interface (VFI) parameters and enters L2VPN bridge group bridge domain VFI configuration mode.
•Use the vfi-name argument to configure the name of the specified virtual forwarding interface.
|
Step 6
|
exit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi)# exit
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Exits the current configuration mode.
|
Step 7
|
neighbor {A.B.C.D} {pw-id value}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# neighbor
10.1.1.2 pw-id 1000
RP/0/0/CPU0:router(config-l2vpn-bg-bd-pw)#
|
Adds an access pseudowire port to a bridge domain or a pseudowire to a bridge virtual forwarding interface (VFI).
•Use the A.B.C.D argument to specify the IP address of the cross-connect peer.
•Use the pw-id keyword to configure the pseudowire ID and ID value. The range is 1 to 4294967295.
|
Step 8
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-pw)# end
or
RP/0/0/CPU0:router(config-l2vpn-bg-bd-pw)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Configuring a Backup Pseudowire
Perform this task to configure a backup pseudowire for a point-to-point neighbor.
SUMMARY STEPS
1. configure
2. l2vpn
3. xconnect group group name
4. p2p xconnect name
5. neighbor ip-address pw-id number
6. backup neighbor ip-address pw-id number
7. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
xconnect group group name
Example:
RP/0/0/CPU0:router(config-l2vpn)# xconnect group A
RP/0/0/CPU0:router(config-l2vpn-xc)#
|
Enters the name of the cross-connect group.
|
Step 4
|
p2p xconnect name
Example:
RP/0/0/CPU0:router(config-l2vpn-xc)# p2p
rtrX_to_rtrY
RP/0/0/CPU0:router(config-l2vpn-xc-p2p)#
|
Enters a name for the point-to-point cross-connect.
|
Step 5
|
neighbor ip-address pw-id number
Example:
RP/0/0/CPU0:router(config-l2vpn-xc-p2p)# neighbor
1.1.1.1 pw-id 2
RP/0/0/CPU0:router(config-l2vpn-xc-p2p-pw)#
|
Configures the pseudowire segment for the cross-connect.
|
Step 6
|
backup neighbor ip-address pw-id number
Example:
RP/0/0/CPU0:router(config-l2vpn-xc-p2p)# backup
neighbor 1.1.1.1 pw-id 2
RP/0/0/CPU0:router(config-l2vpn-xc-p2p-pw-backup)#
|
Configures the backup pseudowire for the point-to-point neighbor.
|
Step 7
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-xc-p2p-pw-backup)#en
d
or
RP/0/0/CPU0:router(config-l2vpn-xc-p2p-pw-backup)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Configuring Backup Disable Delay
The Backup Disable Delay function specifies the time for which the primary pseudowire in active state waits before it takes over for the backup pseudowire. Perform this task to configure a disable delay.
SUMMARY STEPS
1. configure
2. l2vpn
3. pw-class class name
4. backup disable delay seconds
5. exit
6. xconnect group group name
7. p2p xconnect name
8. neighbor ip-address pw-id number
9. pw-class class name
10. backup neighbor ip-address pw-id number
11. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
pw-class class_1
Example:
RP/0/RP0/CPU0:router(config-l2vpn)# pw-class class_1
RP/0/RP0/CPU0:router(config-l2vpn-pwc)#
|
Configures the pseudowire class name.
|
Step 4
|
backup disable delay seconds
Example:
RP/0/0/CPU0:router(config-l2vpn-pwc)# backup disable
delay 20
RP/0/0/CPU0:router(config-l2vpn-pwc)#
|
Specifies how long a backup pseudowire virtual circuit (VC) should wait before resuming operation after the primary pseudowire VC becomes nonfunctional.
|
Step 5
|
exit
Example:
RP/0/0/CPU0:router(config-l2vpn-pwc)# exit
|
Exits the pseudowire class submode.
|
Step 6
|
xconnect group group name
Example:
RP/0/0/CPU0:router(config-l2vpn)# xconnect group A
RP/0/0/CPU0:router(config-l2vpn-xc)#
|
Enters the name of the cross-connect group.
|
Step 7
|
p2p xconnect name
Example:
RP/0/0/CPU0:router(config-l2vpn-xc)# p2p
rtrX_to_rtrY
RP/0/0/CPU0:router(config-l2vpn-xc-p2p)#
|
Enters a name for the point-to-point cross-connect.
|
Step 8
|
neighbor ip-address pw-id number
Example:
RP/0/0/CPU0:router(config-l2vpn-xc-p2p)# neighbor
1.1.1.1 pw-id 2
RP/0/0/CPU0:router(config-l2vpn-xc-p2p-pw)#
|
Configures the pseudowire segment for the cross-connect.
|
Step 9
|
pw-class class_1
Example:
RP/0/0/CPU0:router(config-l2vpn-xc-p2p-pw)# pw-class
class_1
RP/0/0/CPU0:router(config-l2vpn-xc-p2p-pw)#
|
Configures the pseudowire class name.
|
Step 10
|
backup neighbor ip-address pw-id number
Example:
RP/0/0/CPU0:router(config-l2vpn-xc-p2p-pw)# backup
neighbor 1.1.1.1 pw-id 2
RP/0/0/CPU0:router(config-l2vpn-xc-p2p-pw-backup)#
|
Configures the backup pseudowire for the point-to-point neighbor.
|
Step 11
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-xc-p2p-pw-backup)#en
d
or
RP/0/0/CPU0:router(config-l2vpn-xc-p2p-pw-backup)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Associating Members with a Bridge Domain
After a bridge domain is created, perform this task to assign interfaces to the bridge domain. The following types of bridge ports are associated with a bridge domain:
•Ethernet and VLAN
•VFI
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge-group-name
4. bridge-domain bridge-domain-name
5. interface type interface-path-id
6. static-mac-address {MAC-address}
7. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge-group-name
Example:
RP/0/0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain-name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
interface type interface-path-id
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# interface
GigabitEthernet 0/4/0/0
RP/0/0/CPU0:router(config-l2vpn-bg-bd-ac)#
|
Enters interface configuration mode and adds an interface to a bridge domain that allows packets to be forwarded and received from other interfaces that are part of the same bridge domain.
|
Step 6
|
static-mac-address {MAC-address}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-ac)#
static-mac-address 1.1.1
|
Configures the static MAC address to associate a remote MAC address with a pseudowire or any other bridge interface.
|
Step 7
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-ac)# end
or
RP/0/0/CPU0:router(config-l2vpn-bg-bd-ac)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Configuring Bridge Domain Parameters
To configure the bridge domain parameters, associate the following parameters with a bridge domain:
•Maximum transmission unit (MTU)—Specifies that all members of a bridge domain have the same MTU. The bridge domain member with a different MTU size is not used by the bridge domain even though it is still associated with a bridge domain.
•Flooding—Enables or disables flooding on the bridge domain. By default, flooding is enabled.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. flooding disable
6. mtu bytes
7. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters l2vpn configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters l2vpn bridge group bridge domain configuration mode.
|
Step 5
|
flooding disable
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# flooding
disable
|
Configures flooding for traffic at the bridge domain level or at the bridge port level.
|
Step 6
|
mtu bytes
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# mtu 1000
|
Adjusts the maximum packet size or maximum transmission unit (MTU) size for the bridge domain.
•Use the bytes argument to specify the MTU size, in bytes. The range is from 64 to 65535.
|
Step 7
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# end
or
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Disabling a Bridge Domain
Perform this task to disable a bridge domain. When a bridge domain is disabled, all VFIs that are associated with the bridge domain are disabled. You are still able to attach or detach members to the bridge domain and the VFIs that are associated with the bridge domain.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. shutdown
6. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge-group-name
Example:
RP/0/0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain-name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters l2vpn bridge group bridge domain configuration mode.
|
Step 5
|
shutdown
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Shuts down a bridge domain to bring the bridge and all attachment circuits and pseudowires under it to admin down state.
|
Step 6
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# end
or
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Blocking Unknown Unicast Flooding
Perform this task to disable flooding of unknown unicast traffic at the bridge domain level.
You can disable flooding of unknown unicast traffic at the bridge domain, bridge port or access pseudowire levels. By default, unknown unicast traffic is flooded to all ports in the bridge domain.
Note If you disable flooding of unknown unicast traffic on the bridge domain, all ports within the bridge domain inherit this configuration. You can configure the bridge ports to override the bridge domain configuration.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge-group name
4. bridge-domain bridge-domain name
5. flooding unknown-unicast disable
6. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge-group-name
Example:
RP/0/0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain-name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters l2vpn bridge group bridge domain configuration mode.
|
Step 5
|
flooding unknown-unicast disable
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
flooding unknown-unicast disable
|
Disables flooding of unknown unicast traffic at the bridge domain level.
|
Step 6
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# end
or
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Configuring a Layer 2 Virtual Forwarding Instance
These topics describe how to configure a Layer 2 virtual forwarding instance (VFI):
•Adding the Virtual Forwarding Instance Under the Bridge Domain
•Associating Pseudowires with the Virtual Forwarding Instance
•Associating a Virtual Forwarding Instance to a Bridge Domain
•Attaching Pseudowire Classes to Pseudowires
•Configuring Any Transport over Multiprotocol Pseudowires By Using Static Labels
•Disabling a Virtual Forwarding Instance
Adding the Virtual Forwarding Instance Under the Bridge Domain
Perform this task to create a Layer 2 Virtual Forwarding Instance (VFI) on all provider edge devices under the bridge domain.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. vfi {vfi name}
6. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
vfi {vfi name}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# vfi v1
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi)#
|
Configures virtual forwarding interface (VFI) parameters and enters L2VPN bridge group bridge domain VFI configuration mode.
|
Step 6
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi-vpn)# end
or
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi-vpn)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Associating Pseudowires with the Virtual Forwarding Instance
After a VFI is created, perform this task to associate one or more pseudowires with the VFI.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. vfi {vfi name}
6. neighbor A.B.C.D {pw-id value}
7. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
vfi {vfi name}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# vfi v1
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi)#
|
Configures virtual forwarding interface (VFI) parameters and enters L2VPN bridge group bridge domain VFI configuration mode.
|
Step 6
|
neighbor A.B.C.D {pw-id value}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi)# neighbor
10.1.1.2 pw-id 1000
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
|
Adds an access pseudowire port to a bridge domain or a pseudowire to a bridge virtual forwarding interface (VFI).
•Use the A.B.C.D argument to specify the IP address of the cross-connect peer.
•Use the pw-id keyword to configure the pseudowire ID and ID value. The range is 1 to 4294967295.
|
Step 7
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)# end
or
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Associating a Virtual Forwarding Instance to a Bridge Domain
Perform this task to associate a VFI to be a member of a bridge domain.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. vfi {vfi name}
6. neighbor {A.B.C.D} {pw-id value}
7. static-mac-address {MAC address}
8. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
vfi vfi name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# vfi v1
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi)#
|
Configures virtual forwarding interface (VFI) parameters and enters L2VPN bridge group bridge domain VFI configuration mode.
|
Step 6
|
neighbor A.B.C.D {pw-id value}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi)# neighbor
10.1.1.2 pw-id 1000
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
|
Adds an access pseudowire port to a bridge domain or a pseudowire to a bridge virtual forwarding interface (VFI).
•Use the A.B.C.D argument to specify the IP address of the cross-connect peer.
•Use the pw-id keyword to configure the pseudowire ID and ID value. The range is 1 to 4294967295.
|
Step 7
|
static-mac-address {MAC address}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
static-mac-address 1.1.1
|
Configures the static MAC address to associate a remote MAC address with a pseudowire or any other bridge interface.
|
Step 8
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)# end
or
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Attaching Pseudowire Classes to Pseudowires
Perform this task to attach a pseudowire class to a pseudowire.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. vfi {vfi name}
6. neighbor {A.B.C.D} {pw-id value}
7. pw-class {class name}
8. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
vfi {vfi name}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# vfi v1
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi)#
|
Configures virtual forwarding interface (VFI) parameters and enters L2VPN bridge group bridge domain VFI configuration mode.
|
Step 6
|
neighbor {A.B.C.D} {pw-id value}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi)# neighbor
10.1.1.2 pw-id 1000
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
|
Adds an access pseudowire port to a bridge domain or a pseudowire to a bridge virtual forwarding interface (VFI).
•Use the A.B.C.D argument to specify the IP address of the cross-connect peer.
•Use the pw-id keyword to configure the pseudowire ID and ID value. The range is 1 to 4294967295.
|
Step 7
|
pw-class {class name}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
pw-class canada
|
Configures the pseudowire class template name to use for the pseudowire.
|
Step 8
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)# end
or
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Configuring Any Transport over Multiprotocol Pseudowires By Using Static Labels
Perform this task to configure the Any Transport over Multiprotocol (AToM) pseudowires by using the static labels. A pseudowire becomes a static AToM pseudowire by setting the MPLS static labels to local and remote.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. vfi {vfi name}
6. neighbor {A.B.C.D} {pw-id value}
7. mpls static label {local value} {remote value}
8. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
vfi {vfi name}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# vfi v1
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi)#
|
Configures virtual forwarding interface (VFI) parameters and enters L2VPN bridge group bridge domain VFI configuration mode.
|
Step 6
|
neighbor {A.B.C.D} {pw-id value}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi)# neighbor
10.1.1.2 pw-id 1000
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
|
Adds an access pseudowire port to a bridge domain or a pseudowire to a bridge virtual forwarding interface (VFI).
•Use the A.B.C.D argument to specify the IP address of the cross-connect peer.
•Use the pw-id keyword to configure the pseudowire ID and ID value. The range is 1 to 4294967295.
|
Step 7
|
mpls static label {local value} {remote value}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)# mpls
static label local 800 remote 500
|
Configures the MPLS static labels and the static labels for the access pseudowire configuration. You can set the local and remote pseudowire labels.
|
Step 8
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)# end
or
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi-pw)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Disabling a Virtual Forwarding Instance
Perform this task to disable a VFI. When a VFI is disabled, all the previously established pseudowires that are associated with the VFI are disconnected. LDP advertisements are sent to withdraw the MAC addresses that are associated with the VFI. However, you can still attach or detach attachment circuits with a VFI after a shutdown.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. vfi {vfi name}
6. shutdown
7. end
or
commit
8. show l2vpn bridge-domain [detail]
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
vfi {vfi name}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# vfi v1
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi)#
|
Configures virtual forwarding interface (VFI) parameters and enters L2VPN bridge group bridge domain VFI configuration mode.
|
Step 6
|
shutdown
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi)# shutdown
|
Disables the virtual forwarding interface (VFI).
|
Step 7
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi)# end
or
RP/0/0/CPU0:router(config-l2vpn-bg-bd-vfi)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Step 8
|
show l2vpn bridge-domain [detail]
Example:
RP/0/0/CPU0:router# show l2vpn bridge-domain detail
|
Displays the state of the VFI. For example, if you shut down the VFI, the VFI is shown as shut down under the bridge domain.
|
Configuring the MAC Address-related Parameters
These topics describe how to configure the MAC address-related parameters:
•Configuring the MAC Address Source-based Learning
•Disabling the MAC Address Withdrawal
•Configuring the MAC Address Limit
•Configuring the MAC Address Aging
•Disabling MAC Flush at the Bridge Port Level
The MAC table attributes are set for the bridge domains.
Configuring the MAC Address Source-based Learning
Perform this task to configure the MAC address source-based learning.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. mac
6. learning disable
7. end
or
commit
8. show l2vpn bridge-domain [detail]
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
mac
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# mac
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac)#
|
Enters L2VPN bridge group bridge domain MAC configuration mode.
|
Step 6
|
learning disable
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac)# learning
disable
|
Overrides the MAC learning configuration of a parent bridge or sets the MAC learning configuration of a bridge.
|
Step 7
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac)# end
or
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Step 8
|
show l2vpn bridge-domain [detail]
Example:
RP/0/0/CPU0:router# show l2vpn bridge-domain detail
|
Displays the details that the MAC address source-based learning is disabled on the bridge.
|
Disabling the MAC Address Withdrawal
Perform this task to disable the MAC address withdrawal for a specified bridge domain.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. mac
6. withdraw { access-pw disable | disable }
7. end
or
commit
8. show l2vpn bridge-domain [detail]
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
mac
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# mac
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac)#
|
Enters L2VPN bridge group bridge domain MAC configuration mode.
|
Step 6
|
withdraw { access-pw disable | disable }
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac)# withdraw
access-pw disable
|
Disables the MAC address withdrawal for the specified bridge domain.
Note Mac address withdrawal is generated when the access pseudowire is not operational.
|
Step 7
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac)# end
or
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Step 8
|
show l2vpn bridge-domain [detail]
Example:
P/0/0/CPU0:router# show l2vpn bridge-domain detail
|
Displays detailed sample output to specify that the MAC address withdrawal is enabled. In addition, the sample output displays the number of MAC withdrawal messages that are sent over or received from the pseudowire.
|
The following sample output shows the MAC address withdrawal fields:
RP/0/0/CPU0:router# show l2vpn bridge-domain detail
Bridge group: siva_group, bridge-domain: siva_bd, id: 0, state: up, ShgId: 0, MSTi: 0
Broadcast & Multicast: enabled
MAC address aging time: 300 s Type: inactivity
MAC address limit: 4000, Action: none, Notification: syslog
DHCPv4 Snooping: disabled
MAC Filter: Static MAC addresses:
ACs: 1 (1 up), VFIs: 1, PWs: 2 (1 up)
AC: GigabitEthernet0/4/0/1, state is up
MTU 1500; XC ID 0x5000001; interworking none; MSTi 0 (unprotected)
Broadcast & Multicast: enabled
MAC address aging time: 300 s Type: inactivity
MAC address limit: 4000, Action: none, Notification: syslog
DHCPv4 Snooping: disabled
packet totals: receive 6,send 0
byte totals: receive 360,send 4
PW: neighbor 1.1.1.1, PW ID 1, state is down ( local ready )
PW class not set, XC ID 0xff000001
Encapsulation MPLS, protocol LDP
PW type Ethernet, control word enabled, interworking none
PW backup disable delay 0 sec
------------ ------------------------------ -------------------------
Interface siva/vfi unknown
Control word enabled unknown
------------ ------------------------------ -------------------------
Create time: 19/11/2007 15:20:14 (00:25:25 ago)
Last time status changed: 19/11/2007 15:44:00 (00:01:39 ago)
MAC withdraw message: send 0 receive 0
Configuring the MAC Address Limit
Perform this task to configure the parameters for the MAC address limit.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. mac
6. limit
7. maximum {value}
8. action {flood | no-flood | shutdown}
9. notification {both | none | trap}
10. end
or
commit
11. show l2vpn bridge-domain [detail]
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
mac
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# mac
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac)#
|
Enters L2VPN bridge group bridge domain MAC configuration mode.
|
Step 6
|
limit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac)# limit
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac-limit)#
|
Sets the MAC address limit for action, maximum, and notification and enters L2VPN bridge group bridge domain MAC limit configuration mode.
|
Step 7
|
maximum {value}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac-limit)#
maximum 5000
|
Configures the specified action when the number of MAC addresses learned on a bridge is reached.
|
Step 8
|
action {flood | no-flood | shutdown}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac-limit)#
action flood
|
Configures the bridge behavior when the number of learned MAC addresses exceed the MAC limit configured.
|
Step 9
|
notification {both | none | trap}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac-limit)#
notification both
|
Specifies the type of notification that is sent when the number of learned MAC addresses exceeds the configured limit.
|
Step 10
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac-limit)#
end
or
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac-limit)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Step 11
|
show l2vpn bridge-domain [detail]
Example:
RP/0/0/CPU0:router# show l2vpn bridge-domain detail
|
Displays the details about the MAC address limit.
|
Configuring the MAC Address Aging
Perform this task to configure the parameters for MAC address aging.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge group name
4. bridge-domain bridge-domain name
5. mac
6. aging
7. time {seconds}
8. type {absolute | inactivity}
9. end
or
commit
10. show l2vpn bridge-domain [detail]
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge group name
Example:
RP/0/0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters L2VPN bridge group bridge domain configuration mode.
|
Step 5
|
mac
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# mac
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac)#
|
Enters L2VPN bridge group bridge domain MAC configuration mode.
|
Step 6
|
aging
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac)# aging
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac-aging)#
|
Enters the MAC aging configuration submode to set the aging parameters such as time and type.
|
Step 7
|
time {seconds}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac-aging)#
time 300
|
Configures the maximum aging time.
•Use the seconds argument to specify the maximum age of the MAC address table entry. The range is from 300 to 30000 seconds. Aging time is counted from the last time that the switch saw the MAC address. The default value is 300 seconds.
|
Step 8
|
type {absolute | inactivity}
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac-aging)#
type absolute
|
Configures the type for MAC address aging.
•Use the absolute keyword to configure the absolute aging type.
•Use the inactivity keyword to configure the inactivity aging type.
|
Step 9
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac-aging)#
end
or
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac-aging)#
commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Step 10
|
show l2vpn bridge-domain [detail]
Example:
RP/0/0/CPU0:router# show l2vpn bridge-domain detail
|
Displays the details about the aging fields.
|
Disabling MAC Flush at the Bridge Port Level
Perform this task to disable the MAC flush at the bridge domain level.
You can disable the MAC flush at the bridge domain, bridge port or access pseudowire levels. By default, the MACs learned on a specific port are immediately flushed, when that port becomes nonfunctional.
SUMMARY STEPS
1. configure
2. l2vpn
3. bridge group bridge-group name
4. bridge-domain bridge-domain name
5. mac
6. port-down flush disable
7. end
or
commit
DETAILED STEPS
| |
Command or Action
|
Purpose
|
Step 1
|
configure
Example:
RP/0/0/CPU0:router# configure
|
Enters global configuration mode.
|
Step 2
|
l2vpn
Example:
RP/0/0/CPU0:router(config)# l2vpn
RP/0/0/CPU0:router(config-l2vpn)#
|
Enters L2VPN configuration mode.
|
Step 3
|
bridge group bridge-group-name
Example:
RP/0/0/CPU0:router(config-l2vpn)# bridge group csco
RP/0/0/CPU0:router(config-l2vpn-bg)#
|
Creates a bridge group so that it can contain bridge domains and then assigns network interfaces to the bridge domain.
|
Step 4
|
bridge-domain bridge-domain-name
Example:
RP/0/0/CPU0:router(config-l2vpn-bg)# bridge-domain
abc
RP/0/0/CPU0:router(config-l2vpn-bg-bd)#
|
Establishes a bridge domain and enters l2vpn bridge group bridge domain configuration mode.
|
Step 5
|
mac
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd)# mac
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac)#
|
Enters l2vpn bridge group bridge domain MAC configuration mode.
|
Step 6
|
port-down flush disable
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac)#
port-down flush disable
|
Disables MAC flush when the bridge port becomes nonfunctional.
|
Step 7
|
end
or
commit
Example:
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac)# end
or
RP/0/0/CPU0:router(config-l2vpn-bg-bd-mac)# commit
|
Saves configuration changes.
•When you issue the end command, the system prompts you to commit changes:
Uncommitted changes found, commit them
before exiting(yes/no/cancel)?
[cancel]:
–Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.
–Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.
–Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.
•Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.
|
Configuration Examples for Virtual Private LAN Services
This section includes the following configuration examples:
•Virtual Private LAN Services Configuration for Provider Edge-to-Provider Edge: Example
•Virtual Private LAN Services Configuration for Provider Edge-to-Customer Edge: Example
•Configuring Backup Disable Delay: Example
•Blocking Unknown Unicast Flooding: Example
•Disabling MAC Flush: Examples
•H-VPLS with QinQ or QinAny: Examples
•H-VPLS with Access-PWs: Examples
Virtual Private LAN Services Configuration for Provider Edge-to-Provider Edge: Example
These configuration examples show how to create a Layer 2 VFI with a full-mesh of participating VPLS provider edge (PE) nodes.
The following configuration example shows how to configure PE 1:
neighbor 2.2.2.2 pw-id 1---PW1
neighbor 3.3.3.3 pw-id 1---PW2
ipv4 address 1.1.1.1 255.255.255.25
The following configuration example shows how to configure PE 2:
interface GigabitEthernet0/0---AC
neighbor 1.1.1.1 pw-id 1---PW1
neighbor 3.3.3.3 pw-id 1---PW2
ipv4 address 2.2.2.2 255.255.255.25
The following configuration example shows how to configure PE 3:
interface GigabitEthernet0/0---AC
neighbor 1.1.1.1 pw-id 1---PW1
neighbor 2.2.2.2 pw-id 1---PW2
ipv4 address 3.3.3.3 255.255.255.25
Virtual Private LAN Services Configuration for Provider Edge-to-Customer Edge: Example
The following configuration shows how to configure VPLS for a PE-to-CE nodes:
interface GigabitEthernet0/0
l2transport---AC interface
no ipv4 directed-broadcast
interface GigabitEthernet0/0
no ipv4 directed-broadcast
interface GigabitEthernet0/0
no ipv4 directed-broadcast
Configuring Backup Disable Delay: Example
The following example shows how a backup delay is configured for point-to-point PW where the backup disable delay is 50 seconds:
backup neighbor 2.2.2.2 pw- id 5
The following example shows how a backup delay is configured for point-to-point PW where the backup disable delay is never:
backup neighbor 2.2.2.2 pw-id 5
Blocking Unknown Unicast Flooding: Example
Unknown-unicast flooding can be blocked at the following levels:
•bridge domain
•bridge port (attachment circuit (AC))
•access pseudowire (PW)
The following example shows how to block unknown-unicast flooding at the bridge domain level:
flooding unknown-unicast disable
The following example shows how to block unknown-unicast flooding at the bridge port level:
flooding unknown-unicast disable
end
The following example shows how to block unknown-unicast flooding at the access pseudowire level:
neighbor 10.1.1.1 pw-id 1000
flooding unknown-unicast disable
Disabling MAC Flush: Examples
You can disable the MAC flush at the following levels:
•bridge domain
•bridge port (attachment circuit (AC))
•access pseudowire (PW)
The following example shows how to disable the MAC flush at the bridge domain level:
The following example shows how to disable the MAC flush at the bridge port level:
The following example shows how to disable the MAC flush at the access pseudowire level:
neighbor 10.1.1.1 pw-id 1000
H-VPLS with QinQ or QinAny: Examples
This example shows the QinQ or QinAny AC type in the output of the show l2vpn forwarding bridge-domain hardware ingress/egress command:
INGRESS AC [version, state]: [1, BOUND]
Xconnect-ID: [15] TCAM-Key: (UIDB:0x4 O-vlan:2 I-vlan:2 Ether-Type:0x8100)
HW: 0x34001000 0x0118000f 0x1011801c 0xc7ff5100
SW: 0x34001000 0x0118000f 0x1011801c 0xc7ff5100
Service type: 7 (bridging pmp QinQ)
Rewrite supported: 0 (No)
Interface handle: 0x11801c
Ingress AC stats: 0x7ff51
EGRESS AC [version, state]: [1, BOUND]
Xconnect-ID: [15] TLU2-entry-addr: [0x200a00f]
HW: 0x8018b000 0x0000000f 0x00004002 0xfb748000
SW: 0x8018b000 0x0000000f 0x00004002 0xfb748000
Outer Ether Type: 0 (dot1q)
Default EgressQ (SharqQ): 15
Rewrite supported: 0 (No)
Control-word supported: 0 (No)
H-VPLS with Access-PWs: Examples
This example shows the PW type in the output of the show l2vpn forwarding bridge-domain hardware ingress/egress command:
INGRESS BRIDGE PORT [version, state]: [1, BOUND]
Bridge Port Type: Access PW
XID: 127/15/CPU0 : 1 (0xfff80001)
Bridge ID: 0, Split Horizon ID: 0
INGRESS BRIDGE PORT [version, state]: [1, BOUND]
Bridge Port Type: VFI(Core) PW
XID: 127/15/CPU0 : 2 (0xfff80002)
Bridge ID: 0, Split Horizon ID: 1
OIF[1] seg_type: Access PW xid: 0xfff80001 ecd_ptr: 0x500a
TLU RESULT tlu_addr: 0x200bc00 ch: 2 seg_type: 0
HW: 0x0000500a 0x00000000 0xfff80001 0x03e8a000
SW: 0x0000500a 0x00000000 0xfff80001 0x03e8a000
OIF[2] seg_type: VFI(Core) PW xid: 0xfff80002 ecd_ptr: 0x500f
TLU RESULT tlu_addr: 0x3000601 ch: 3 seg_type: 0
HW: 0x0100500f 0x00000000 0xfff80002 0x03e87000
SW: 0x0100500f 0x00000000 0xfff80002 0x03e87000
EGRESS BRIDGE PORT [version, state]: [1, BOUND]
Bridge Port Type: Access PW
XID: 127/15/CPU0 : 1 (0xfff80001)
Bridge ID: 0, Split Horizon ID: 0
EGRESS BRIDGE PORT [version, state]: [1, BOUND]
Bridge Port Type: VFI(Core) PW
XID: 127/15/CPU0 : 2 (0xfff80002)
Bridge ID: 0, Split Horizon ID: 1
Additional References
For additional information related to implementing VPLS, refer to the following references:
Related Documents
Related Topic
|
Document Title
|
Cisco IOS XR L2VPN command reference document
|
MPLS Virtual Private Network Commands on Cisco IOS XR Software module in Cisco IOS XR MPLS Command Reference
|
MPLS VPLS-related commands
|
MPLS Virtual Private LAN Services Commands on Cisco IOS XR Software module in Cisco IOS XR MPLS Command Reference
|
MPLS Layer 2 VPNs
|
Implementing MPLS Layer 2 VPNs on Cisco IOS XR Software module in Cisco IOS XR MPLS Configuration Guide
|
MPLS VPNs over IP Tunnels
|
MPLS VPNs over IP Tunnels on Cisco IOS XR Software module in Cisco IOS XR MPLS Configuration Guide
|
Cisco CRS router getting started material
|
Cisco IOS XR Getting Started Guide
|
Information about user groups and task IDs
|
Configuring AAA Services on Cisco IOS XR Software module of Cisco IOS XR System Security Configuration Guide
|
Standards
|
|
Title
|
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.
|
—
|
MIBs
RFCs
RFCs
|
Title
|
RFC 3931
|
Layer Two Tunneling Protocol - Version 3 (L2TPv3)
|
RFC 4447
|
Pseudowire Setup and Maintenance Using the Label Distribution Protocol (LDP), April 2006
|
RFC 4448
|
Encapsulation Methods for Transport of Ethernet over MPLS Networks, April 2006
|
Technical Assistance
Description
|
Link
|
The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.
|
http://www.cisco.com/techsupport
|
Feedback
