Configure Gigabit Ethernet for Layer 2 VPNs

This chapter introduces you to Layer 2 features and standards, and describes how you can configure L2VPN features.

The distributed Gigabit Ethernet (including 10-Gigabit and 100-Gigabit) architecture and features deliver network scalability and performance, while enabling service providers to offer high-density, high-bandwidth networking solutions designed to interconnect the router with other systems in POPs, including core and edge routers and Layer 2 and Layer 3 switches.

Introduction to Layer 2 Virtual Private Networks

A Layer 2 Virtual Private Network (VPN) emulates a physical sub-network in an IP or MPLS network, by creating private connections between two points. Building a L2VPN network requires coordination between the service provider and customer. The service provider establishes Layer 2 connectivity. The customer builds a network by using the data link resources obtained from the service provider. In a L2VPN service, the service provider does not require information about the customer's network topology and other information. This helps maintain customer privacy, while using the service provider resources to establish the network.

The service provider requires Provider Edge (PE) routers with the following capabilities:

  • Encapsulation of L2 protocol data units (PDU) into Layer 3 (L3) packets.
  • Interconnection of any-to-any L2 transports.
  • Support for MPLS tunneling mechanism.
  • Process databases that include all information related to circuits and their connections.

This section introduces Layer 2 Virtual Private Networks (VPNs) and the corresponding Gigabit Ethernet services.

Introduction to Layer 2 VPNs on Gigabit Ethernet Interfaces

A L2VPN network enables service providers (SPs) to provide L2 services to geographically disparate customer sites. Typically, a SP uses an access network to connect the customer to the core network. This access network may use a mixture of L2 technologies, such as Ethernet and Frame Relay. The connection between the customer site and the nearby SP edge router is known as an attachment circuit (AC). Traffic from the customer travels over this link to the edge of the SP core network. The traffic then tunnels through a pseudowire over the SP core network to another edge router. The edge router sends the traffic down another AC to the customer's remote site.

The L2VPN feature enables the connection between different types of L2 attachment circuits and pseudowires, allowing users to implement different types of end-to-end services.


Note

BOOTP traffic (dst UDP 68) over any type of pseudowire is unsupported.

Cisco IOS XR software supports a point-to-point end-to-end service, where two Ethernet circuits are connected together. An L2VPN Ethernet port can operate in one of two modes:

  • Port Mode—In this mode, all packets reaching the port are sent over the pseudowire, regardless of any VLAN tags that are present on the packets. In Port mode, the configuration is performed under the l2transport configuration mode.

  • VLAN Mode—Each VLAN on a CE (customer edge) or access network to PE (provider edge) link can be configured as a separate L2VPN connection (using either VC type 4 or VC type 5). To configure L2VPN on VLANs, see The Carrier Ethernet Model chapter in this manual. In VLAN mode, the configuration is performed under the individual sub-interface.

Switching can take place in the following ways:

  • AC-to-PW—Traffic reaching the PE is tunneled over a PW (pseudowire) (and conversely, traffic arriving over the PW is sent out over the AC). This is the most common scenario.

  • Local switching—Traffic arriving on one AC is immediately sent out of another AC without passing through a pseudowire.

  • PW stitching—Traffic arriving on a PW is not sent to an AC, but is sent back into the core over another PW.


Note

  • If your network requires that packets are transported transparently, you may need to modify the packet’s destination MAC (Media Access Control) address at the edge of the Service Provider (SP) network. This prevents the packet from being consumed by the devices in the SP network.

  • The encapsulation dot1ad vlan-id and encapsulation dot1ad vlan-id dot1q any commands cannot co-exist on the same physical interface or bundle interface. Similarly, the encapsulation dot1q vlan-id and encap dot1q vlan-id second-dot1q any commands cannot co-exist on the same physical interface or bundle interface. If there is a need to co-exist, it is recommended to use the exact keyword in the single tag encapsulation. For example, encap dot1ad vlan-id exact or encap dot1q vlan-id exact.

  • In an interface which already has QinQ configuration, you cannot configure the QinQ Range sub-interface where outer VLAN range of QinQ Range overlaps with outer VLAN of QinQ. Attempting this configuration results in the splitting of the existing QinQ and QinQ Range interfaces. However, the system can be recovered by deleting a recently configured QinQ Range interface.

  • In an interface which already has QinQ Range configuration, you cannot configure the QinQ Range sub-interface where outer VLAN range of QinQ Range overlaps with inner VLAN of QinQ Range. Attempting this configuration results in the splitting of the existing QinQ and QinQ Range interfaces. However, the system can be recovered by deleting a recently configured QinQ Range interface.

  • The inner VLAN ranges of sub-interfaces configured cannot have overlapping values. In such overlapping inner VLAN range cases, the system can be recovered by reloading the LC on Cisco IOS XR Release 6.5.x.

You can use the show interfaces command to display AC and pseudowire information.

Configure Gigabit Ethernet Interfaces for Layer 2 Transport

This section describes how you can configure Gigabit ethernet interfaces for Layer 2 transport.

Configuration Example 


/* Enter the interface configuration mode */
Router# configure
Router(config)# interface TenGigE 0/0/0/10

/* Configure the ethertype for the 802.1q encapsulation (optional) */
/* For VLANs, the default ethertype is 0x8100. In this example, we configure a value of 0x9100. 
/* The other assignable value is 0x9200 */
/* When ethertype is configured on a physical interface, it is applied to all sub-interfaces created on this interface */

Router(config-if)# dot1q tunneling ethertype 0x9100

/* Configure Layer 2 transport on the interface, and commit your configuration */
Router(config-if)# l2transport
Router(config-if)# no shutdown
Router(config-if)# exit
Router(config)# commit

Running Configuration 


configure
 interface TenGigE 0/0/0/10
  dot1q tunneling ethertype 0x9100
  l2transport
 !

Verification

Verify that the Ten-Gigabit Ethernet interface is up and operational. 


router# show interfaces TenGigE 0/0/0/10

...
TenGigE0/0/0/10 is up, line protocol is up 
  Interface state transitions: 1
  Hardware is TenGigE, address is 0011.1aac.a05a (bia 0011.1aac.a05a)
  Layer 1 Transport Mode is LAN
  Layer 2 Transport Mode
  MTU 1514 bytes, BW 10000000 Kbit (Max: 10000000 Kbit)
     reliability 255/255, txload 0/255, rxload 0/255
  Encapsulation ARPA,
  Full-duplex, 10000Mb/s, link type is force-up
  output flow control is off, input flow control is off
  Carrier delay (up) is 10 msec
  loopback not set,
  ...

Associated Commands

Configure Link Loss Forwarding for Layer 2 Transport

Link Loss Forwarding (LLF) is supported on Cisco router. The LLF is used to avoid any packet loss and trigger the network convergence through alternate links.

LLF sends signals across the PW to the neighbouring device to bring the PW and far-end AC down if the local AC goes down. The LLF feature supports the l2transport propagate remote-status command used to propagate Layer 2 transport events.

LLF is supported for TenGigE and GigE interfaces and not supported on the Bundle interfaces.


Note

  • Link Loss Forwarding (LLF) does not function on a 1GE copper SFP, irrespective of whether auto-negotiation is enabled or disabled.

  • LLF does not function on a 1 GE fiber SFP, when auto-negotiation is enabled. LLF functions only when auto-negotiation is disabled on the 1 GE fiber SFP.

  • Tx power level does not change to -40dBm, once the interface is in operational DOWN status due to LLF.

Running Configuration

/* Configuring propagation remote-status */
  interface TenGigE 0/0/0/5
    l2transport
      propagate remote-status
     !
     !

Ethernet Data Plane Loopback

Table 1. Feature History Table

Feature Name

Release

Description

Cisco NC57 Compatibility Mode: Ethernet Data Plane Loopback

Release 7.4.1

This feature is now supported on routers that have the Cisco NC57 line cards installed and operate in the compatibility mode.

Cisco NC57 Native Mode: Ethernet Data Plane Loopback

Release 7.3.1

This feature is now supported on routers that have the Cisco NC57 line cards installed and operate in the native mode.

To enable the native mode, use the hw-module profile npu native-mode-enable command in the configuration mode. Ensure that you reload the router after configuring the native mode.

The Ethernet Data Plane Loopback function allows you to run loopback tests to test the connectivity and quality of connections through a Layer 2 cloud. You can run this test on:

  • Main interface or sub-interfaces

  • Bundle or its sub-interfaces

  • Multiple hops through the underlying network

You can use this feature to test the throughput of an Ethernet port remotely. You can verify the maximum rate of frame transmission with no frame loss.

This feature allows for bidirectional or unidirectional throughput measurement, and on-demand or out-of-service (intrusive) operation during service turn-up.

Two types of Ethernet loopback are supported:

  • External loopback - Traffic loopback occurs at the Ingress interface. Traffic does not flow into the router for loopback.

  • Internal loopback - Traffic loopback occurs at the Egress interface. Traffic loopback occurs after the traffic flows into the router to the other interface.

Ethernet data traffic can be looped back on per port basis. This feature supports a maximum of 100 concurrent Ethernet data plane loopback sessions per system. Filters based on frame header can be used for initiating the loopback session. This ensures that only a subset of traffic that is received on an interface is looped back. You can use Source MAC, Destination MAC, and VLAN Priority (COS bits) as filters.

Ethernet Data Plane Loopback Configuration Restrictions

These configuration restrictions are applicable for Ethernet Data Plane Loopback:

  • The maximum supported Ethernet data plane loopback session at system level is 100.

  • CFM UP MEP is not supported with Ethernet data plane loopback.

  • QoS is not supported with an external Ethernet data plane loopback.

  • Ethernet data plane loopback is not supported on L3 interfaces or L3 sub-interfaces.

  • The following filters are not supported:

    • Outer VLAN or range of outer VLAN

    • Inner VLAN or range of inner VLAN

    • Ether type

  • Only the following combinations of filters are supported for external loopback:

    • Source MAC

    • Source MAC and Destination MAC

    • Source MAC, Destination MAC, and VLAN priority

    • Destination MAC

    • Destination MAC and VLAN priority

  • The rewrite modification on the loopback traffic is not supported.

  • Ethernet data plane loopback is not supported on BVI interface.

  • Only one Ethernet loopback session, either internal or external, can be active on the same interface at any given instance.

  • This feature supports a maximum throughput of 10Gbps for internal loopback over all the sessions. For external loopback, there is no throughput limit.

  • Dropping of packets that are received in the non-loopback direction is not supported.

  • Ethernet data plane loopback is not supported on packets having destination as multicast MAC address.

    However, on Cisco NC57 line cards for systems in native mode, Ethernet data plane loopback is supported on packets having destination as multicast MAC address.

  • External and internal Ethernet data plane loopback is not supported over bridge domain.

Configure Ethernet Data Plane Loopback

This section describes how you can configure Ethernet Data Plane Loopback on physical interface and sub-interface. Configuring Ethernet Data Plane Loopback involves these steps:

  • Configuring Ethernet Data Plane External Loopback

  • Starting an Ethernet Data Plane Loopback Session

Configuration Example 

/* Configuring Ethernet Data Plane External Loopback */

/* On physical interface */

RP/0/RSP0/CPU0:router# configure 
RP/0/RSP0/CPU0:router(config)# interface tenGigE 0/0/0/0 l2transport 
RP/0/RSP0/CPU0:router((config-if-l2)# ethernet loopback permit external

/* Starting an Ethernet Data Plane Loopback Session  */

RP/0/RSP0/CPU0:router# ethernet loopback start local interface tenGigE 0/0/0/0 external source mac-address 0000.0000.0001 destination mac-address 0000.0000.0002 cos 5 timeout none


/* On physical sub-interface */

RP/0/RSP0/CPU0:router# configure 
RP/0/RSP0/CPU0:router(config)# interface tenGigE 0/2/0/0/0.1 l2transport 
RP/0/RSP0/CPU0:router(config-subif)# encapsulation dot1q 100
RP/0/RSP0/CPU0:router((config-if-l2)# ethernet loopback permit external

/* Starting an Ethernet Data Plane Loopback Session  */

RP/0/RSP0/CPU0:router# ethernet loopback start local interface tenGigE 0/2/0/0/0.1 external source mac-address 0000.0000.0001 destination mac-address 0000.0000.0002 cos 5 timeout none

/* Configuring Ethernet Data Plane Internal Loopback */

/* On physical interface

RP/0/RSP0/CPU0:router# configure 
RP/0/RSP0/CPU0:router(config)# interface tenGigE 0/0/0/1 l2transport 
RP/0/RSP0/CPU0:router((config-if-l2)# ethernet loopback permit internal

/* Starting an Ethernet Data Plane Loopback Session  */

RP/0/RSP0/CPU0:router# ethernet loopback start local interface tenGigE 0/0/0/1 internal source mac-address 0000.0000.0002 destination mac-address 0000.0000.0003 cos 5 timeout none


/* On physical sub-interface */  

RP/0/RSP0/CPU0:router# configure 
RP/0/RSP0/CPU0:router(config)# interface tenGigE 0/2/0/0/0.1 l2transport 
RP/0/RSP0/CPU0:router(config-subif)# encapsulation dot1q 100
RP/0/RSP0/CPU0:router(config-if-l2)# ethernet loopback permit internal  

/* Starting an Ethernet Data Plane Loopback Session  */

RP/0/RSP0/CPU0:router# ethernet loopback start local interface tenGigE 0/2/0/0/0.1 internal source mac-address 0000.0000.0002 destination mac-address 0000.0000.0003 cos 5 timeout none



/* Stopping an Ethernet Data Plane Loopback Session */

RP/0/RSP0/CPU0:router# ethernet loopback stop local interface tenGigE 0/0/0/0 id 1
RP/0/RSP0/CPU0:router# ethernet loopback stop local interface tenGigE 0/0/0/1 id 2
RP/0/RSP0/CPU0:router# ethernet loopback stop local interface tenGigE 0/2/0/0/0.1 id 1

Similarly, you can configure the Ethernet Data Plane Loopback session for bundle interface and bundle sub-interface.

Running Configuration

This section shows Ethernet Data Plane Loopback running configuration. 

/* External Loopback */

/* On physical interface */

configure
 interface interface tenGigE 0/0/0/0 l2transport
  ethernet loopback permit external
 !

/* On physical sub-interface */

configure
 interface interface tenGigE 0/2/0/0/0.1 l2transport
  encapsulation dot1q 100
  ethernet loopback permit external
 !



/* Internal Loopback */

/* On physical interface */

configure
 interface interface tenGigE 0/0/0/1 l2transport
  ethernet loopback permit internal
 !

/* On physical sub-interface */

configure
 interface interface tenGigE 0/2/0/0/0.1 l2transport
  encapsulation dot1q 100
  ethernet loopback permit internal
 !

Verification

The following example displays the loopback capabilities per interface. The output shows internal loopback has been permitted on Ten Gigabit Ethernet 0/0/0/1 interface and external loopback has been permitted on Ten Gigabit Ethernet 0/0/0/0 interface. 



RP/0/RSP0/CPU0:router# show ethernet loopback permitted 

--------------------------------------------------------------------------------
Interface                               Dot1q(s)                       Direction
--------------------------------------------------------------------------------
tenGigE 0/0/0/1.1                        100                             Internal
tenGigE 0/0/0/0.1                        100                             External
---------------------------------------------------------------------------------


/* This example shows all active sessions on the router */

RP/0/RSP0/CPU0:router# show ethernet loopback active   
Thu Jul 20 11:00:57.864 UTC
Local: TenGigE0/0/0/0.1, ID 1
============================================
Direction:                          External
Time out:                               None
Time left:                                 -
Status:                               Active
Filters:
  Dot1Q:                                 Any
  Second-dot1Q:                          Any
  Source MAC Address:                    Any
  Destination MAC Address:               Any
  Class of Service:                      Any
Local: TenGigE0/0/0/0.1, ID 2
============================================
Direction:                          External
Time out:                               None
Time left:                                 -
Status:                               Active
Filters:
  Dot1Q:                                 Any
  Second-dot1Q:                          Any
  Source MAC Address:         0000.0000.0001
  Destination MAC Address:    0000.0000.0002
  Class of Service:                        5
Related Topics
Associated Commands

  • ethernet loopback

  • show ethernet loopback

Associated Commands

  • ethernet loopback

  • show ethernet loopback

VPLS and EVPN Services with Ethernet Data Plane Loopback

Table 2. Feature History Table

Feature Name

Release

Description

VPLS and EVPN services with Ethernet Data Plane Loopback

Release 7.5.1

The Ethernet Data Plane Loopback feature allows you to run loopback tests to test the connectivity and quality of connections through a Layer 2 cloud. The Ethernet Data Plane Loopback supports the following services on routers that have the Cisco NC57 line cards installed and operate in the native mode:

  • BGP-VPLS

  • EVPN-ELAN

  • EVPN-VPWS

Configuration Example


/* VPLS Configuration */
l2vpn 
 bridge group BG1 
  bridge-domain BD1 
   interface BundleEther1.2001
    vfi vf1
    ! AD independent VFI attributes
    vpn-id 100
    ! Auto-discovery attributes
    autodiscovery bgp
    rd auto
    route-target 2.2.2.2:100
    ! Signaling attributes
    signaling-protocol bgp
    ve-id 3
 !
/* EVPN-VPWS Configuration */
l2vpn
 xconnect group evpn_vpws_203
  p2p evpn_vpws_phy-100
   interface Bundle-Ether1.2001
   neighbor evpn evi 30001 target 30001 source 50001
   !
  !
 /* EVPN-ELAN Configuration */
l2vpn
 bridge group cfm
  bridge-domain cfm401
   interface Bundle-Ether1.2001
   !
   evi 701
   !
  !
 evpn
  evi 701
   
   advertise-mac
  !

/* Ethernet Data Plane Loopback Configuration */
interface Bundle-Ether1.2001 l2transport
 encapsulation dot1q 100
 rewrite ingress tag pop 1 symmetric
  ethernet loopback permit internal
  ethernet loopback permit external
!

Ethernet Local Management Interface (E-LMI)

The Cisco NCS 5500 Series Router supports the Ethernet Local Management Interface (E-LMI) protocol as defined by the Metro Ethernet Forum, Technical Specification MEF 16, Ethernet Local Management Interface (E-LMI), January 2006 standard.

E-LMI runs on the link between the customer-edge (CE) device and the provider-edge (PE) device, or User Network Interface (UNI), and provides a way for the CE device to auto-configure or monitor the services offered by the PE device (see this figure).

Figure 1. E-LMI Communication on CE-to-PE Link

E-LMI is an asymmetric protocol whose basic operation involves the User-facing PE (uPE) device providing connectivity status and configuration parameters to the CE using STATUS messages in response to STATUS ENQUIRY messages sent by the CE to the uPE.

E-LMI Messaging

The E-LMI protocol as defined by the MEF 16 standard, defines the use of only two message types—STATUS ENQUIRY and STATUS.

These E-LMI messages consist of required and optional fields called information elements, and all information elements are associated with assigned identifiers. All messages contain the Protocol Version, Message Type, and Report Type information elements, followed by optional information elements and sub-information elements.

E-LMI messages are encapsulated in 46- to 1500-byte Ethernet frames, which are based on the IEEE 802.3 untagged MAC-frame format. E-LMI frames consist of the following fields:

  • Destination address (6 bytes)—Uses a standard MAC address of 01:80:C2:00:00:07.

  • Source address (6 bytes)—MAC address of the sending device or port.

  • E-LMI Ethertype (2 bytes)—Uses 88-EE.

  • E-LMI PDU (46–1500 bytes)—Data plus 0x00 padding as needed to fulfill minimum 46-byte length.

  • CRC (4 bytes)—Cyclic Redundancy Check for error detection.

For more details about E-LMI messages and their supported information elements, refer to the Metro Ethernet Forum, Technical Specification MEF 16, Ethernet Local Management Interface (E-LMI), January 2006.

E-LMI Operation

The basic operation of E-LMI consists of a CE device sending periodic STATUS ENQUIRY messages to the PE device, followed by mandatory STATUS message responses by the PE device that contain the requested information. Sequence numbers are used to correlate STATUS ENQUIRY and STATUS messages between the CE and PE.

The CE sends the following two forms of STATUS ENQUIRY messages called Report Types:

  • E-LMI Check—Verifies a Data Instance (DI) number with the PE to confirm that the CE has the latest E-LMI information.

  • Full Status—Requests information from the PE about the UNI and all EVCs.

The CE device uses a polling timer to track sending of STATUS ENQUIRY messages, while the PE device can optionally use a Polling Verification Timer (PVT), which specifies the allowable time between transmission of the PE’s STATUS message and receipt of a STATUS ENQUIRY from the CE device before recording an error.

In addition to the periodic STATUS ENQUIRY/STATUS message sequence for the exchange of E-LMI information, the PE device also can send asynchronous STATUS messages to the CE device to communicate changes in EVC status as soon as they occur and without any prompt by the CE device to send that information.

Both the CE and PE devices use a status counter (N393) to determine the local operational status of E-LMI by tracking consecutive errors received before declaring a change in E-LMI protocol status.

Configure Ethernet Local Management Interface (E-LMI)

Before you configure E-LMI on the router, be sure that you complete the following requirements:

  • Identify the local and remote UNIs in your network where you want to run E-LMI, and define a naming convention for them.

  • Enable E-LMI on the corresponding CE interface link on a device that supports E-LMI CE operation.

E-LMI is not supported on physical sub-interfaces and bundle main and sub- interfaces. E-LMI is configurable on Ethernet physical interfaces only.

In order to ensure the correct interaction between the CE and the PE, each device has two configurable parameters. The CE uses a Polling Timer (PT) and a Polling Counter; the PE uses a Polling Verification Timer (PVT) and a Status Counter.

To configure Ethernet LMI, complete the following tasks:

  • Configure EVCs for E-LMI (required)

  • Configure Ethernet CFM for E-LMI (required)

  • Enable E-LMI on the Physical Interface (required)

  • Configure the Polling Verification Timer (optional)

  • Configure the Status Counter (optional) 

/* Configure EVCs for E-LMI/

RP/0/RSP0/CPU0:router# configure 
RP/0/RSP0/CPU0:router(config)# interface TenGigE0/3/0/9/1.1 l2transport 
RP/0/RSP0/CPU0:router(config-subif)# encapsulation dot1q 1
RP/0/RSP0/CPU0:router(config-subif)# xconnect group evpn
RP/0/RSP0/CPU0:router(config)# l2vpn
RP/0/RSP0/CPU0:router(config-l2vpn)# xconnect group evpn
RP/0/RSP0/CPU0:router(config-l2vpn-xc)# p2p p1
RP/0/RSP0/CPU0:router(config-l2vpn-xc-p2p)# interface TenGigE0/3/0/9/1.1
RP/0/RSP0/CPU0:router(config-l2vpn-xc-p2p)# neighbor evpn evi 1 target 3001 source 1
RP/0/RSP0/CPU0:router(config-l2vpn-xc-p2p)#commit


/* Configure Ethernet CFM for E-LMI */

RP/0/RSP0/CPU0:router# configure
RP/0/RSP0/CPU0:router(config)#interface TenGigE0/3/0/9/1.1 l2transport
RP/0/RSP0/CPU0:router(config-subif)# encapsulation dot1q 1
RP/0/RSP0/CPU0:router(config-subif)# ethernet cfm
RP/0/RSP0/CPU0:router(config-if-cfm)#  mep domain irf_evpn_up service up_mep_evpn_1 mep-id 3001
RP/0/RSP0/CPU0:router(config-if-cfm-mep)#exit
RP/0/RSP0/CPU0:router(config)#ethernet cfm
RP/0/RSP0/CPU0:router(config-cfm)# domain irf_evpn_up level 3 id null
RP/0/RSP0/CPU0:router(config-cfm-dmn)#service up_mep_evpn_1 xconnect group evpn p2p p1 id number 1
RP/0/RSP0/CPU0:router(config-cfm-dmn-svc)# mip auto-create all ccm-learning
RP/0/RSP0/CPU0:router(config-cfm-dmn-svc)# continuity-check interval 1m loss-threshold 3
RP/0/RSP0/CPU0:router(config-cfm-dmn-svc)#continuity-check archive hold-time 10
RP/0/RSP0/CPU0:router(config-cfm-dmn-svc)#mep crosscheck
RP/0/RSP0/CPU0:router(config-cfm-xcheck)# mep-id 1
RP/0/RSP0/CPU0:router(config-cfm-xcheck)#ais transmission interval 1m cos 6
RP/0/RSP0/CPU0:router(config-cfm-dmn-svc)#log ais
RP/0/RSP0/CPU0:router(config-cfm-dmn-svc)#log continuity-check errors
RP/0/RSP0/CPU0:router(config-cfm-dmn-svc)#log crosscheck errors
RP/0/RSP0/CPU0:router(config-cfm-dmn-svc)#log continuity-check mep changes
RP/0/RSP0/CPU0:router(config-cfm-dmn-svc)#commit

/* Enable E-LMI on the Physical Interface */

RP/0/RSP0/CPU0:router# configure
RP/0/RSP0/CPU0:router(config)#interface TenGigE0/3/0/9/1
RP/0/RSP0/CPU0:router(config-if)# ethernet lmi
RP/0/RSP0/CPU0:router(config-if-elmi)#commit


/* Configure the Polling Verification Timer */

The MEF T392 Polling Verification Timer (PVT) specifies the allowable time between transmission of a STATUS message and receipt of a STATUS ENQUIRY from the UNI-C before recording an error. The default value is 15 seconds.

RP/0/RSP0/CPU0:router# configure
RP/0/RSP0/CPU0:router(config)#interface gigabitethernet 0/0/0/0
RP/0/RSP0/CPU0:router(config-if)# ethernet lmi
RP/0/RSP0/CPU0:router(config-if-elmi)#polling-verification-timer 30
RP/0/RSP0/CPU0:router(config-if-elmi)#commit

/* Configure the Status Counter */

The MEF N393 Status Counter value is used to determine E-LMI operational status by tracking receipt of consecutive good packets or successive expiration of the PVT on packets. The default counter is four, which means that while the E-LMI protocol is in Down state, four good packets must be received consecutively to change the protocol state to Up, or while the E-LMI protocol is in Up state, four consecutive PVT expirations must occur before the state of the E-LMI protocol is changed to Down on the interface.

RP/0/RSP0/CPU0:router# configure
RP/0/RSP0/CPU0:router(config)#interface gigabitethernet 0/0/0/0
RP/0/RSP0/CPU0:router(config-if)# ethernet lmi
RP/0/RSP0/CPU0:router(config-if-elmi)#status-counter 5
RP/0/RSP0/CPU0:router(config-if-elmi)#commit

Running Configuration

This section shows E-LMI running configuration. 

/* Configure EVCs for E-LMI */

configure
 interface TenGigE0/3/0/9/1.1 l2transport
  encapsulation dot1q 1

!

l2vpn
 xconnect group evpn
  p2p p1
   interface TenGigE0/3/0/9/1.1
   neighbor evpn evi 1 target 3001 source 1
   commit
!


/* Configure Ethernet CFM for E-LMI */

configure
 interface TenGigE0/3/0/9/1.1 l2transport
  encapsulation dot1q 1
  ethernet cfm
   mep domain irf_evpn_up service up_mep_evpn_1 mep-id 3001
!
configure
 ethernet cfm
  domain irf_evpn_up level 3 id null
   service up_mep_evpn_1 xconnect group evpn p2p p1 id number 1
    mip auto-create all ccm-learning
    continuity-check interval 1m loss-threshold 3
    continuity-check archive hold-time 10
    mep crosscheck
    mep-id 1
    !
    ais transmission interval 1m cos 6
    log ais
    log continuity-check errors
    log crosscheck errors
    log continuity-check mep changes
!

/* Enable E-LMI on the Physical Interface */

configure
 interface TenGigE0/3/0/9/1
  ethernet lmi
!


/* Configure the Polling Verification Timer */

configure
 interface gigabitethernet 0/0/0/0
  ethernet lmi
   polling-verification-timer 30
!

/* Configure the Status Counter */

configure
 interface gigabitethernet 0/0/0/0
  ethernet lmi
   status-counter 5
!

Verify the Ethernet Local Management Interface (E-LMI) Configuration

Use the show ethernet lmi interfaces detail command to display the values for the Ethernet LMI configuration for a particular interface, or for all interfaces. The following example shows sample output for the command: 



RP/0/RSP0/CPU0:router# show ethernet lmi interfaces detail 

Interface: TenGigE0/3/0/9/1
 Ether LMI Link Status: Up
  Line Protocol State: Up
  MTU: 1514 (1 PDU reqd. for full report)
  CE-VLAN/EVC Map Type: Service Multiplexing with no bundling (1 EVC)
  Configuration: Status counter 4, Polling Verification Timer 15 seconds
  Last Data Instance Sent: 130
  Last Sequence Numbers: Sent 179, Received 108

 
  Reliability Errors:
    Status Enq Timeouts                  0 Invalid Sequence Number             0
    Invalid Report Type                  0

  Protocol Errors:
    Malformed PDUs                       0 Invalid Protocol Version            0
    Invalid Message Type                 0 Out of Sequence IE                  0
    Duplicated IE                        0 Mandatory IE Missing                0
    Invalid Mandatory IE                 0 Invalid non-Mandatory IE            0
    Unrecognized IE                      0 Unexpected IE                       0
 

  Full Status Enq Received  00:03:17 ago   Full Status Sent      00:03:17 ago
  PDU Received              00:00:07 ago   PDU Sent              00:00:07 ago
  LMI Link Status Changed   01:59:54 ago   Last Protocol Error      never
  Counters Cleared             never

 
  Sub-interface: TenGigE0/3/0/9/1.1
    VLANs: 1
    EVC Status: Active
    EVC Type: Point-to-Point
    OAM Protocol: CFM
      CFM Domain: irf_evpn_up (level 3)
      CFM Service: up_mep_evpn_1

    Remote UNI Count: Configured = 1, Active = 1
     Remote UNI Id                                                    Status
    -------------                                                    ------
    <Remote UNI Reference Id: 1>                                     Up

Make sure:

  • The protocol (Ether LMI Link Status) is 'Up'.

  • The output does not have "local UNI (UNI Id)" and also it is in provisioned state.

  • The interface (Line Protocol State) is 'Up'.

  • The CE-VLAN/EVC Map Type is as expected and shows the correct number of EVCs.

  • The error counters are all 0.

  • The LMI Link Status Changed timer shows the time since the protocol started.

  • The sub-interface name(s) corresponds to the EFP(s) configured.

  • The VLANs on each interface are as configured.

  • The EVC Status is 'Active'.

  • The CFM Domain and CFM Service match the provisioning.

  • The Remote UNI Id is as provisioned.

Verify CFM (UP MEP) 



RP/0/RSP0/CPU0:router# show ethernet cfm peer meps
Flags:
> - Ok                          I - Wrong interval
R - Remote Defect received      V - Wrong level
L - Loop (our MAC received)     T - Timed out
C - Config (our ID received)    M - Missing (cross-check)
X - Cross-connect (wrong MAID)  U - Unexpected (cross-check)
* - Multiple errors received    S - Standby

Domain irf_evpn_up (level 3), Service up_mep_evpn_1
Up MEP on TenGigE0/3/0/9/1.1 MEP-ID 3001
================================================================================
St    ID MAC Address    Port    Up/Downtime   CcmRcvd SeqErr   RDI Error
-- ----- -------------- ------- ----------- --------- ------ ----- -----
 >     1 008a.964b.6410 Up      00:09:59           12      0     0     0
================================================================================

Ensure St is >, which means it is OK(up)

Related Topics

Associated Commands

  • ethernet lmi

  • show ethernet lmi interfaces

  • show ethernet cfm peer meps

Queueing Support for BUM Traffic on Attachment Circuits

Starting from Cisco IOS XR Release 7.2.2, queueing for BUM traffic is enabled by default. The flood mode ac-ingress-replication command has been deprecated from Cisco IOS XR Release 7.2.2 onwards. We recommend not to use this command starting from Cisco IOS XR Release 7.2.2.


Note

This function is not supported on devices that have multiple NPUs or line cards.

With Ingress Replication, the same interface filter drop for BUM traffic in a bridge domain happens on the egress pipeline in the ASIC. Hence, the packets dropped with the same interface filtering logic will utilize the queue bandwidth of the incoming port.

On single NPU devices, you can add BUM traffic queueing support for attachment circuits in a bridge domain. Use the flood mode ac-ingress-replication command to enable the function. To support this, BUM traffic is replicated through Ingress Replication, and the replicated packets will use the Ingress VOQ.

Configuration Example

Router# configure
Router(config)# l2vpn
Router(config-l2vpn)# bridge group 10
Router(config-l2vpn-bg)# bridge-domain 1
Router(config-l2vpn-bg-bd)# flood mode ac-ingress-replication 
Router(config-l2vpn-bg-bd)# commit

Associated Commands