cisco evc infrastructure
TRANSCRIPT
EVC Infrastructure
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1
Access Edge
Content Farm
VOD TV SIP
Mobile
MSPP
ResidentialAggregation
Flexible Ethernet Edge
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 2
BRAS
SR/PE
DPI
Core NetworkMPLS /IP
Content Farm
VOD TV SIP
DSLResidential
STB
ETTx
PON
Cable
Business
Corporate
STB
L2 P-to-P (local or xconnect)L2 MP local bridgingL2 MP VPLSL3 routed
UntaggedSingle taggedDouble tagged802.1q802.1adetc
EVC
Ethernet Virtual Circuit (EVC) model is New CLI framework for configuring Ethernet Interfaces.
Current configuration models are also supported for existing features, but all New Flexible Ethernet Edge Features like Selective QinQ and Double tag Translations will only be supported using EVC
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 3
supported using EVC
EVC is supported on Cisco7600 in 12.2(33)SRB release.
EVC is support on ES20 line cards and SIP-400 line cards with V2 GE SPA
SIP-600 with or without V2 SPA doesn’t support EVC
SVI
SV
IVPLS
Local Connect
Flexible Service Mapping Summary
L3***
EFP
Local connect for EFPs on the same port (hair pinning) is not supported at Barracuda FCSEFPs on different ports is supported
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 4
SVI
SV
I
SV
I
VPLS
Bridging
EoMPLS
interface vlan 100xconnect … or ip address …
BD*
EoMPLS
EFP
EVC – New CLI
interface
interface <type><slot/port>
service instance <id> ethernet <evc-name> ID is per interface scope
<match criteria commands> VLAN tags, MAC, CoS, Ethertype
<rewrite commands> VLAN tags pop/push/translation
<forwarding commands> bridge-domain, xconnect or local connect
<feature commands> QoS, ACL, etc
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 5
interface
sub-interfaceservice instance X service instance Y
Per Port Per EVC Features
Per Port Per EVC Features
Per PortFeatures
Per Sub-interfaceFeatures (L3)
Layer 2 Services
• Bridging (VPLS via SVI)
• xconnect (EoMPLS)
• Local Connect L3/VRF termination
Hierarchical CLI Structure w/ Templates
Control Point (2 of 2)
evc A interface
sub-interfaceservice instance X service instance Y
Per PortFeatures
•Global EVC Attributes•OAM
evc B
Global EVC Attributes
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 6
Per Port Per EVC Features
Per Port Per EVC Features
Per Sub-interfaceFeatures (L3)
Layer 2 Services
• Bridging (Ethernet, 1483, 1490)
• VPLS
• EoMPLS
• Local Switched (Connect)
IP/VRF
service template
Shared Per Port Per EVC Features
Global EVC AttributesOAM
SWIDB
EFPs
Ethernet access to L3VPN/IP
BD SVI
L2 VFI
Data Path Control – EVC/EFP Forwarding Model
EFP – Ethernet Flow Point
EVC – Ethernet Virtual Circuit
BD SVI
P-to-P xconnect, local connect
SWIDB L3/VRF
MP
LS
MPLSUPLINK
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 7
ATM / FR
PVC / DLCI
BD
EFPs
L2 inter-working
Bridging
EFPsPhysical Ports
BD
P-to-P xconnect, local connect
MP
LS
EVC Packet Flow
Egress Encapsulation
Adjustment
Ingress Encapsulation
Adjustment
Tier 1 Input
Matching/Features
Tier 2 Input
Features
Tier 1 Output
Matching/Features
Tier 2 Output
Features
Service mapping
Ingress Interface Egress Interface
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 8
service instance ethernet
encapsulation <vlan | untagged | default>
rewrite ingress <push | pop | translate>
rewrite egress <push | pop | translate>
forwarding command <xconnect|E-MPB|connect>
service-policy input
service-policy output
Flexible Frame Matching CLI
Single tagged frameencapsulation dot1q {any | “<vlan-id>[,<vlan-id>[-<vlain-id>]]”} Vlan tag can be single, multiple or range or any (1-4096).
Double tagged frame (only look up to 2 tags if receive more than 2 tagged frames)encapsulation dot1q <vlan-id> second-dot1q {any | “<vlan-id>[,<vlan-id>[-<vlain-id>]]”}
interface gig 1/1/1service instance 1 ethernetencapsulation ?default catch-all unconfigured encapsulationdot1ad 802.1ad - Provider Bridgesdot1q IEEE 802.1Q Virtual LAN or S-VLANpriority-tagged Priority tagged EFPuntagged Untagged encapsulation
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 9
encapsulation dot1q <vlan-id> second-dot1q {any | “<vlan-id>[,<vlan-id>[-<vlain-id>]]”}First vlan tag must be unique, second vlan tag can be any, unique, range or multiple
Default tagencapsulation defaultMatch all frames tagged or untagged that are not matched by other more specific service instances
untaggedencapsulation untaggedMatch no tagged frames, for example native vlan
EVC only supports Non-Exact matching
‘encap dot1q 10’ matches any packets with outmost tag equals to 10:
Exact vs. Non-Exact
10
10 200
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 10
‘encap dot1q 10 sec 100’ matches any packets with outmost tag as 10 and second most tag as 100
10 200
10 100
10 100 1000
Longest tag matchEVC supports longest tag matching within the same GigE port. Matching double
tag at first, then single tag
10
10 200dot1q 10
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 11
10 100
10 130
dot1q 10
sec 100
dot1q 10
sec 128-133
Int G
3/0/
0
Encap match order
From most specific to most general
No exact match based on outmost tag #
Encap untag matches untagged packet
Encap default catches all remaining traffic w/o specific
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 12
Encap default catches all remaining traffic w/o specific match. If there is no encap untag configured, it also catches untag packet.
EVC – Flexible VLAN Tag Manipulation and Translation
Flexible VLAN tag manipulation and translation of any combination of up to 2 VLAN tags. Virtually any tag (0,1 or 2) can be rewritten to any other tag (0,1,2)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 13
or 2) can be rewritten to any other tag (0,1,2)
1-1,1-2,2-1,2-2 VLAN translation
Add 1 or 2 new VLAN tags
Removing 1 or 2 existing VLAN tags
Encapsulation Rewrite CLI
NPE1(config-if-srv)#rewrite ingress tag pop ?
1 Pop the outermost tag remove 1 tag
2 Pop two outermost tags remove 2 tag
NPE1(config-if-srv)#rewrite ingress tag push dot1q 10 add one tag
NPE1(config-if-srv)#rewrite ingress tag push dot1q 10 second-dot1q 20 add two tag
interface gig 1/1/1service instance 1 ethernetencapsulation dot1q 10rewrite ingress tag ?pop Pop the tagpush Rewrite Operation of pushtranslate Translate Tag
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 14
NPE1(config-if-srv)#rewrite ingress tag translate ?
1-to-1 Translate 1-to-1
1-to-2 Translate 1-to-2
2-to-1 Translate 2-to-1
2-to-2 Translate 2-to-2
Encapsulation Rewrite CLI - Symmetric
Encapsulation rewrite should be always symmetric, meaning whatever rewrite on ingress direction should have the reverse rewrite on the egress direction for the same interface, same EFP
For example, if it remove outer vlan tag on ingress, then it need to add the original vlan tag back on the egress direction. As the result, it always need two lines of rewrite configuration, one for rewrite ingress, the other for rewrite egress
To make configuration simple and avoid misconfiguration, keyword
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 15
To make configuration simple and avoid misconfiguration, keyword “symmetric” is used mandatory, and “rewrite egress” CLI is blocked on purpose.
Valid configuration
Invalid configuration
service instance 3 ethernetencapsulation dot1q 10rewrite ingress tag pop 1 symmetric
service instance 3 ethernetencapsulation dot1q 10rewrite ingress tag pop 1rewrite egress tag push dot1q 10
EVC – Flexible Service Mapping
Flexible access VLAN to service mapping
Mapping includes,1-to-1 acess VLAN to service mapping
Same port, multiple access VLANs to same service mapping
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 16
Same port, multiple access VLANs to same service mapping
Multiple port, multiple access VLANs to same service mapping
Service includes,L2 point-to-point local connect
L2 point-to-point xconnect
L2 multipoint local bridging
L2 multipoint VPLS
L3 termination
Comparison with Existing CLI
interface GigabitEthernet9/0/2
no ip address
mls qos trust dscp
service instance 10 ethernet
encapsulation dot1q 10
xconnect 2.2.2.2 10 -
interface GigabitEthernet9/0/3
no ip address
mls qos trust dscp
interface GigabitEthernet9/0/3.1
encapsulation dot1Q 10
xconnect 2.2.2.2 10 -encapsulation
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 17
xconnect 2.2.2.2 10 -encapsulation mpls
service instance 20 ethernet
encapsulation dot1q 10 second-dot1q 1-4094
xconnect 2.2.2.2 20 encapsulation mpls (**)
xconnect 2.2.2.2 10 -encapsulation mpls (*)
interface GigabitEthernet9/0/3.2
encapsulation dot1Q 10 second-dot1q 100
xconnect …. (***)
(*) Subinterface Xconnect is Limited to 4K PW’s and dosent support local vlan significance with ESM20(**) Double or Single tagged Xconnect on Service Instance scales upto 16K PW’s in 12.2(33) SRB(***) Double Tagged Termination into PW’s (xconnect) is not supported with Sub-interface
Comparison with Existing CLI
interface GigabitEthernet9/0/2
service instance 30 ethernet
encapsulation dot1q 10 second-dot1q 1-4094
bridge domain 500
service instance 30 ethernet
encapsulation dot1q 10
interface GigabitEthernet9/0/3
interface GigabitEthernet9/0/3.2
encapsulation dot1Q 10 second-dot1q 100
Bridge-domain …. (*)
interface GigabitEthernet9/0/3.2
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 18
encapsulation dot1q 10 second-dot1q 1-4094
Rewite push/pop/translate ..
interface GigabitEthernet9/0/3.2
encapsulation dot1Q 10 second-dot1q 100
Rewite push/pop/translate ..(**)
(*) bridgedomain config is not Supported with Sub-interface ( except SIP-400 single tag)(**) Rewrite commands / tag manipulation is not supported under sub-interface config
Comparison with Existing CLI
interface GigabitEthernet9/0/2
service instance 30 ethernet
encapsulation dot1q 10 second-dot1q 1-4094
interface GigabitEthernet9/0/3
interface GigabitEthernet9/0/3.2
encapsulation dot1Q 10 second-dot1q 100
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 19
second-dot1q 1-4094
ip address …. (*)
second-dot1q 100
ip address ….
(*) Ip address config is not supported directly under EVC , instead use associated Bridge-domain SVI for IP termination ( All Tags should be popped at ingress EVC
for L3 termination on SVI)
Service CLI – Point-to-pointP-to-P local/xconnect doesn’t require global VLAN resource, no MAC learning/forwarding. It can scale beyond 4K VLAN limit
Point-to-point local connect
connect <name> <interface-type/slot/port> <efp-id> <ethernet-type/slot/port> <efp-id>
interface GigabitEthernet4/1/0service instance 3 ethernetencapsulation dot1q 51rewrite ingress tag translate 1-to-2 dot1q 52 second-dot1q 52 symmetric
interface GigabitEthernet4/1/1service instance 3 ethernetencapsulation dot1q 52 second-dot1q 52
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 20
encapsulation dot1q 52 second-dot1q 52
connect eline-3 GigabitEthernet4/1/0 3 GigabitEthernet4/1/1 3
Point-to-point xconnect
xconnect <peer-add> <VC-ID> encapsulation mpls
interface GigabitEthernet4/1/1service instance 11 ethernetencapsulation dot1q 101 second-dot1q 60-70xconnect 10.0.0.3 101 encapsulation mpls
Service CLI – MultipointMAC based forwarding
Multiple point local bridging and VPLSbridge-domain <global-vlan-id> [split-horizon]
Split-horizon to disable L2 communication between two EFPs
Local Bridging(Packet flow example 3C)
interface GigabitEthernet4/1/0
VPLS
interface GigabitEthernet4/1/0service instance 2 ethernetencapsulation dot1q 20
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 21
interface GigabitEthernet4/1/0service instance 101 ethernetencapsulation dot1q 101-1000bridge-domain 100
interface GigabitEthernet4/1/1service instance 101 ethernetencapsulation dot1q 101-1000bridge-domain 100
interface GigabitEthernet3/1switchport access vlan 100switchport mode dot1q-tunnel
encapsulation dot1q 20bridge-domain 20 split-horizon
interface GigabitEthernet4/1/1service instance 2 ethernetencapsulation dot1q 20bridge-domain 20 split-horizon
interface Vlan20xconnect vfi vpls-20
Service CLI – L3 routed
Single tag termination
Option 1
interface GigabitEthernet4/1/1service instance 100 ethernetencapsulation dot1q 100rewrite ingress tag pop 1 symmetricbridge-domain 100
interface Vlan100
Double tag termination
Option 1
interface GigabitEthernet4/1/1service instance 100 ethernetencapsulation dot1q 100 second 200rewrite ingress tag pop 2 symmetricbridge-domain 100
interface Vlan100
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 22
interface Vlan100ip address 100.1.100.1 255.255.255.0
Option 2
interface GigabitEthernet4/1/1.100encapsulation dot1q 100 VLAN id is global significant for ES20 (not SIP400)ip address 100.1.100.1 255.255.255.0
interface Vlan100ip address 100.1.100.1 255.255.255.0
Option 2
interface GigabitEthernet4/1/1.100encapsulation dot1q 100 second 200 VLAN id is local significantaddress 100.1.100.1 255.255.255.0
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 23