Which is true about VLAN information? IEEE Different encapsulation methods for tagging frames on trunk links. The port can handle both voice and data traffic. Open navigation menu. Close suggestions Search Search.
User Settings. Skip carousel. Carousel Previous. Carousel Next. What is Scribd? Uploaded by James Reamer II. Did you find this document useful? Is this content inappropriate? Report this Document. Flag for inappropriate content. Download now. Related titles. Carousel Previous Carousel Next. Activity 6. Jump to Page. Search inside document. Kiran Varma. Fernando Tercero.
Rico Agung Firmansyah. Chris Lee. Popular in Telecommunications Standards. Hai Tran. Sajid Ali Laghari. Raymon Saber. Information System. Haroon Fazal Meo. The PE s remote from the dual homed CE are not required to participate in the designated forwarding election for a remote dual-homed CE. The site-id is unique within the scope of a VPLS.
The single-homed CEs CE1, 2, 3 and 4 do not require allocation of a multi-homed site-id. The processing procedures described in this section start from the above identification of the BGP Update as not destined for pseudo-wire signaling.
Blackholing refers to the forwarding of frames to a PE that is no longer carrying the designated forwarder. This could happen for traffic from:. Changes in DF election results or MH site status must be detected by all of the above network elements to provide for Blackhole Avoidance.
Assuming there is a transition of the existing DF to non-DF status. For the CEs or access PEs support is provided for indicating the blocking of the MH site using the following procedures:. An example of a Multi-Homing topology is depicted in Figure Alternatively, one may choose to associate the MH site to multiple access pseudo-wires using an access SHG. Broadcast frames are targeted to all receivers. Flooding to all sites can cause wasted network bandwidth and unnecessary replication on the ingress PE router.
In order to avoid this condition, VPLS is IP multicast-aware; therefore, it forwards IP multicast traffic based on multicast states to the object on which the IP multicast traffic is requested. This is achieved by enabling the following related IP multicast protocol snooping:. IGMP snooping is enabled at the service level and is not supported in the following services:. The guidelines and procedures are similar to IGMP snooping as described above. MLD snooping is enabled at the service level and is not supported in the following services:.
A trap is generated that reports the condition to the operator and is logged to the syslog. A trap is generated and is logged to the syslog. A trap is generated to report the scenario to the operator and is logged to the syslog. Again, a trap is generated to report the condition to the operator and is logged to the syslog. To map an IPv6 multicast address to a MAC-layer multicast address, the low-order 32 bits of the IPv6 multicast address are mapped directly to the low-order 32 bits in the MAC-layer multicast address.
Thus, when both MLD snooping or PIM snooping for IPv6 and native IPv6 multicast are enabled on the same device, both types of forwarding entries are supported on the same forward plane, although they are used for different services. Without this capability, there would be a longer delay in re-establishing the multicast traffic path due to having to wait for the Layer 2 states to be snooped. Multi-chassis synchronization MCS is enabled per peer router and uses a sync-tag , which is configured on the objects requiring synchronization on both of the routers.
This allows MCS to map the state of a set of objects on one router to a set of objects on the other router. Specifically, objects relating to a sync-tag on one router are backed up by, or are backing up, the objects using the same sync-tag on the other router the state is synchronized from the active object on one router to its backup objects on the standby router. The object type must be the same on both routers; otherwise, a mismatch error is reported. It is enabled as follows:.
Configuring an mrouter port under an object that has the synchronizing of IGMP snooping states enabled is not recommended. In addition, the mrouter port command causes all IGMP messages on that object to be discarded. Consequently, the mrouter port could cause the two MCS peers to be forwarding different sets of multicast streams out of the related object when each is active. The command is not blocked for backward-compatibility reasons, but has no effect on the system if configured.
Any PIM hello state information received over the MCS connection from the peer router takes precedence over locally snooped hello information. Appropriate actions based on the expiration of PIM related-timers on the standby router are only taken after it has become the active peer for the related object after a failover. Configuring an mrouter port under an object that has the synchronizing of PIM snooping for IPv4 states enabled is not recommended.
In addition, the mrouter port command causes all PIM messages on that object to be discarded. The root-and-leaf command is required; otherwise, this node will behave as a leaf only node by default. Note that the user must still configure a LSP template even if the node is a leaf only. These labels allow LSR nodes in a network to load-balance labeled packets in a much more granular fashion than allowed by simply hashing on the standard label stack.
When a service name is applied to any service context, the name and service ID association is registered with the system. A service name cannot be assigned to more than one service ID. Only one interface can be bound to the specified name.
As soon as the allow-ip-int-bind flag is configured on the VPLS, the corresponding IP interface will be bound and become operational up. If an IP interface is not currently bound to the service name used by the VPLS service, no action is taken at the time of the service name assignment. In the event that the defined service ID is created on the system, the system will check to ensure that the service type is VPLS.
Secondly the system will ensure that the service is not already bound to another IP interface via the service ID. Only one interface can be bound to a service. When an IP interface is bound to a service name and the IP interface is administratively up, the system will scan for a VPLS service context using the name and take the following actions:.
No console warning is generated. Once a VPLS service has been bound to an IP interface through its service name, the service name assigned to the service cannot be removed or changed unless the IP interface is first unbound from the VPLS service name. As virtual ports are created in the system, the virtual port cannot become operational unless the configured port MTU minus the virtual port service delineation overhead is greater than or equal to the configured VPLS service MTU.
Thus, an operational virtual port is ensured to support the largest packet traversing the VPLS service. The service delineation overhead on each Layer 2 packet is removed before forwarding into a VPLS service. VPLS services do not support fragmentation and must discard any Layer 2 packet larger than the service MTU after the service delineation overhead is removed. Two address-oriented table entries are used when routing into a VPLS service.
If the destination IP address is in a remote subnet that is reached by another router attached to the VPLS service, the routing lookup will return the local IP address on the VPLS service of the remote router will be returned. IP routing to all destination hosts associated with the next-hop IP address stops until the ARP cache is populated with an entry for the next-hop.
In typical routing behavior, the system uses the IP route table to select the egress interface and then at the egress forwarding engine, an ARP entry is used forward the packet to the appropriate Ethernet MAC. If the MAC is unknown, the packet is flooded by the ingress forwarding engine to all egress forwarding engines where the VPLS service exists.
When the MAC is known on a virtual port, the ingress forwarding engine forwards the packet to the proper egress forwarding engine. No ARP entry. The system uses the setting of the flag as a key to determine what type of ports and which type of forwarding planes the VPLS service may span. The system also uses the flag state to define which VPLS features are configurable on the VPLS service to prevent enabling a feature that is not supported when routing support is enabled.
When at least one VPLS context is configured with the allow-ip-int-bind flag set, all ports within the system defined as mode network must be on an FP2 or greater forwarding plane. If one or more network ports are on an FP1 based forwarding plane, the allow-ip-int-bind flag cannot be set in a VPLS service context.
Once the allow-ip-int-bind flag is set on a VPLS service context, a port on an FP1 based forwarding plane cannot be placed in mode network.
When the allow-ip-int-bind flag is set on a VPLS service, the following features cannot be enabled The flag also cannot be enabled while any of these features are applied to the VPLS service.
Chassis -mode D is not required. While the system prevents a routing context from existing on FP1 based forwarding planes while a VPLS service is bound to the routing context, it is possible to create conditions using route leaking importing or exporting routes using routing policies where an FP1 based IP interface is asked to route to a routed VPLS next-hop. The system reacts to this condition by populating the next-hop in the FP1 forwarding plane with a null egress IP interface index.
This causes any packets that are associated with that next-hop on an FP1 forwarding plane to be discarded.
If ICMP destination unreachable messaging is enabled, unreachable messages will be sent. If the chassis is connected by LAG to an upstream router and the LAG is split between FP1 and FP2 forwarding plane ports while routes have been shared between routing contexts, flows that are sent to the FP2 ports by the upstream router are capable of reaching a next-hop in a routed VPLS while flows going to the FP1 ports cannot.
This does not apply to traffic that is only flooded within the VPLS service. This allows different filtering for routed packets and non-routed packets. A separate override filter may be specified for IPv4 and IPv6 packet types. The SAP egress QoS policy defined forwarding class and profile reclassification rules are not applied to egress routed packets. Both unicast directed and MAC unknown flooded traffic apply to this rule.
Instead, the actual QoS policy applied to the egress SAPs defines the egress policers and queues that will be used by both routed and non-routed egress packets. In situations 2 and 3 above, traffic encapsulated with tags for which there is no definition are discarded.
Ethertype of the inner tag will be preserved and all consecutive nodes will work with that value. Similarly, the dot1p bits value of outer-tag will not be preserved. The effective operation on VLAN tag is to drop inner tag at access side and push another tag at the aggregation side. With the exception of end-station components, a similar solution can be used to address a QinQ only or enterprise environments.
The above procedure may be used outside of the MVRP context to pre-provision a large number of VPLS contexts that share the same infrastructure and attributes.
The MVRP control of the auto-instantiated services can be enabled using the mvrp-contrl command under vpls-group:. In an MVRP end-station the attribute s registered on that interface have local significance:. The vpls-group command is replaced by the end-station command under the downwards SAPs as in the following example:.
This instance and associated trunk SAPs were instantiated using the procedures described in the previous sections. The following configuration steps are involved:. The trunks that experience MVRP declaration and registration in both directions will become active instantiating service connectivity as represented by the big and small yellow circles depicted in the picture.
The no shutdown option is automatically configured. When the active topology changes as a result of network failures, the time it takes for MVRP to bring up the optimal service connectivity may be added on top of the regular MSTP convergence time.
Full connectivity also depends on the time it takes for the system to complete flushing of bad MAC entries. When enabled the temporary flooding eliminates the time it takes to flush the MAC tables. A timer option is also available to configure a fixed amount of time, in seconds, during which all traffic is flooded BUM or known unicast.
Once the flood-time expires, traffic will be delivered according to the regular FIB content. The temporary flooding behavior applies to all VPLS types. Note that MAC learning continues during temporary flooding. This feature is based on IETF draft-ietf-l2vpn-vpls-pe-etree. A VPLS E-Tree service may support an arbitrary number of leaf access leaf-ac interfaces, root access root-ac interfaces and root-leaf tagged root-leaf-tag interfaces.
Leaf-ac to leaf-ac communication is not allowed. The diagram indicates two VIDs in use to each service within the service with no restrictions on the AC interfaces. The service guarantees no leaf-ac to leaf-ac traffic. Leaf-ac SAPs have restrictions; for example, a SAP is configured for a leaf-ac can never send frames to other leaf-ac directly local or through a remote node.
Untagged SDP binds for access can also be designated as root-ac or leaf-ac. This type of E-Tree interface is required for devices that do not support E-Tree, such as the SAS, to enable them to be connected with pseudo-wires. Such devices are root or leaf only and do not require having a tagged frame with a root or leaf indication. Figure 89 illustrates the behavior when a root-ac and leaf-ac exchange traffic over a root-leaf-tag SAP. The root-leaf-tag SAP performs all of the operations for egress and ingress traffic for both tags root and leaf :.
The root and leaf tags are a considered a global value and signaling is not supported. The vlan-vc-tag command will be blocked in root-leaf-tag SDP-binds.
Figure 90 illustrates the behavior when leaf-ac or root-ac interfaces exchange traffic over a root-leaf-tag SDP-binding. Some other particular feature interactions are described below:. VPLS Enhancements. Object Grouping and State Monitoring. Route Leaking Between Routing Contexts. SAP Encapsulations. There is no need to design, manage, configure, and maintain separate WAN access equipment, thus, eliminating the need to train personnel on WAN technologies such as Frame Relay.
PE-Router-A Figure All core routers are unaware that this traffic is associated with a VPLS service. Known MAC address Figure The egress Q tag may be different than the ingress Q tag. Filters can be applied on a per SAP basis.
Configurable FIB size limit. MAC learning disable. Ingress rate limiting for broadcast, multicast, and destination unknown flooding on a per SAP basis. Negotiating per-service VC labels using draft-Martini encapsulation. The configuration of vc-type vlan and force-vlan-vc-forwarding is mutually exclusive. The following are not supported with force-qinq-vc-forwarding configured under the mesh or spoke SDP, or in the related pw-template :.
Figure DE Bit in the Refer to the IEEE Pseudo-wire Control Word The control word command enables the use of the control word individually on each mesh SDP or spoke sdp. There are two sophisticated control mechanisms that allow blocking of ports in a sequential order: Configuration capabilities to group VPLS ports and to define the order they should be blocked.
Auto-Learn MAC Protect This section provides information about auto-learn-mac-protect and restrict-protected-src discard-frame features.
An optimized alarm mechanism is used to generate alarms related to these discards. The frequency of alarm generation is fixed to be at most one alarm per MAC address per forwarding complex per 10 minutes in a given VPLS service.
Automatically learned protected MACs are subject to normal removal, aging unless disabled and flushing at which time the associated entries are removed from the FDB. Operation Figure 61 shows a specific configuration using auto-learn-mac-protect and restrict-protected-src discard-frame in order to describe their operation for the SR, ESS, or XRS. This mode of operation is only supported in an mVPLS.
The RSTP mode implements the improved convergence over shared media feature, for example, RSTP will transition from discarding to forwarding in 4 seconds when operating over shared media.
The comp-dot1w mode does not implement this This would result in a slow transition to a forwarding state 30 seconds. For this reason, in the comp-dot1w mode, these BPDUs contain the port's port priority vector conforms to Figure Access Resiliency.
The existing L2PT limitations apply. The protocols apply only to VPLS. Egress Multicast Groups Efficient multicast replication is a method of increasing egress replication performance by combining multiple destinations into a single egress forwarding pass. SAP Port Dot1Q EtherType The access port dot1q-etype parameter defines which EtherType will be expected in ingress dot1q encapsulated frames and the EtherType that will be used to encapsulate egress dot1q frames on the port.
All SAPs that are members of the same egress-multicast-groups must have the same encapsulation type as defined by encap-type qinq statement. All SAP members of the given multicast group, port, or multicast-group must have the same inner Ethertype as well as outer Ethertype. Mirroring and Efficient Multicast Replication As previously stated, efficient multicast replication affects the ability to perform mirroring decisions in the egress forwarding plane. Port Mirroring A SAP created on an access port that is currently defined as an egress mirror source may not be defined into an egress multicast group.
Filter Mirroring An IP or MAC filter that is currently defined on an egress multicast group as a common required parameter may not have an entry from the list defined as a mirror source. A specific chain cannot be longer than the defined dest-chain-limit parameter for the egress multicast group to which the SAPs belong.
IOM Mode B Capability Efficient multicast replication for the ESS or SR uses an egress forwarding plane that supports chassis mode b due to the expanded memory requirements to store the replication chain information. Multi-chassis protocol used to perform the following functions:.
Fast detection of peer failure or communication loss between MC-EP peers using either centralized BFD if configured or its own keep-alive mechanism. Pseudo-wire data plane — Represented by the four pseudo-wires inter-connecting the gateway PEs.
In case of a tie the pseudo-wire located on the master chassis will be chosen. In order to minimize operational mistakes and wrong peer interpretation for the loss of BFD session, the following additional rules are enforced when the MC-EP is registering with a certain BFD session: Only the centralized BFD sessions using system or loopback IP interfaces source-ip parameter are accepted in order for MC-EP to minimize the false indication of peer loss.
If one of these action is required under the interface, the operator needs to disable BFD using the following procedures:. As a backup - if the BFD session does not come up or is disabled, the MC-EP protocol will use its own keep-alives for failure detection. To ensure the database is cleared if the remote MC-EP peer is shutdown or miss-configured each x seconds — one second suggested as default.
This is done to avoid wrong interpretation of BFD session loss. Remote peer acknowledges reception indicating through the same peer-config-TLV fields that it is de-registering with the BFD session. Both MC-EP peers de-register and are going to use only keep-alives for failure detection. The following rules apply for suppress-standby-signaling and ignore-standby parameters: Regular MC-EP mode non-passive will follow the suppress-standby-signaling and ignore-standby settings from the related endpoint configuration.
For MC-EP configured in passive mode, the following settings will be used, regardless of previous configuration: suppress-standby-sig and no ignore-standby-sig. It is expected that when passive mode is used at one side that the regular MC-EP side will activate signaling with no suppress-stdby-sig. When passive mode is configured in just one of the nodes in the MC-EP peering, the other node will be forced to change to passive mode.
A trap is sent to the operator to signal the wrong configuration. If the local PW2 becomes active on PE Note that when MC-EP is in passive mode and the first spoke becomes active, a no mac flush-all-but-mine message will be generated. The default is no block-on-mesh-failure to allow for easy migration from previous releases.
For a spoke SDP to be added under an endpoint, the setting for its block-on-mesh-failure parameter must be in synchronization with the endpoint parameter. After the spoke SDP is added to an endpoint, the configuration of its block-on-mesh-failure parameter is disabled.
A change in endpoint configuration for the block-on-mesh-failure parameter is propagated to the individual spoke SDP configuration. When a spoke SDP is removed from the endpoint group, it will inherit the last configuration from the endpoint parameter.
Adding an MC-EP under the related endpoint configuration does not affect in any way the above behavior. Prior to Release 7. Then, the configuration of block-on-mesh-failure under a spoke SDP is blocked. PE3 and PE3 should consider the pseudo-wire status signaling from remote PE1 and PE2 when making the selection of the active pseudo-wire. Switches and trunks that do not carry that VLAN operate normally. If the spanning-tree failure has created a bridging loop, traffic increases exponentially.
The switches then flood the broadcasts out multiple ports. This creates copies of the frames every time the switches forward them. When control plane traffic for example, routing messages starts entering the loop, the devices that are running these protocols quickly start getting overloaded.
Their CPUs approach percent utilization while they are trying to process an ever-increasing load of control plane traffic. In many cases, the earliest indication of this broadcast storm in progress is that routers or Layer 3 switches report control plane failures and that they are running at a high CPU load.
The switches experience frequent MAC address table changes. If a loop exists, a switch may see a frame with a certain source MAC address coming in on one port and then see another frame with the same source MAC address coming in on a different port a fraction of a second later.
One way to correct spanning-tree failure is to manually remove redundant links in the switched network, either physically or through configuration, until all loops are eliminated from the topology. When the loops are broken, the traffic and CPU loads should quickly drop to normal levels, and connectivity to devices should be restored. Although this intervention restores connectivity to the network, it is not the end of the troubleshooting process.
All redundancy from the switched network has been removed, and now the redundant links must be restored. If the underlying cause of the spanning-tree failure has not been fixed, chances are that restoring the redundant links will trigger a new broadcast storm.
Before restoring the redundant links, determine and correct the cause of the spanning-tree failure. Carefully monitor the network to ensure that the problem is fixed. The focus of this topic is to explain the value of switch stacking and chassis aggregation in a small switched LAN.
A switch stack can consist of up to nine Catalyst switches connected through their StackWise ports. One of the switches controls the operation of the stack and is called the stack master. The stack master and the other switches in the stack are stack members. Figure shows the backplane of four Catalyst switches and how they are connected in a stack.
Every member is uniquely identified by its own stack member number. All members are eligible masters. If the master becomes unavailable, there is an automatic process to elect a new master from the remaining stack members. One of the factors is the stack member priority value. The switch with the highest stack member priority value becomes the master. Layer 2 and Layer 3 protocols present the entire switch stack as a single entity to the network.
One of the primary benefits of switch stacks is that you manage the stack through a single IP address. The IP address is a system-level setting and is not specific to the master or to any other member.
You can manage the stack through the same IP address even if you remove the master or any other member from the stack. Figure Cisco Catalyst Switch Stack. The master contains the saved and running configuration files for the stack. Therefore, there is only one configuration file to manage and maintain. The configuration files include the system-level settings for the stack and the interface-level settings for each member.
Each member has a current copy of these files for backup purposes. The switch is managed as a single switch, including passwords, VLANs, and interfaces.
Example shows the interfaces on a switch stack with four port switches. Notice that the first number after the interface type is the stack member number. Another benefit to switch stacking is the ability to add more switches to a single STP instance without increasing the STP diameter. The diameter is the maximum number of switches that data must cross to connect any two switches.
For example, in Figure , the diameter from S to S is nine switches. This design violates the IEEE recommendation. Figure Diameter Greater Than 7. Forward Delay Timer 15 seconds —The time spent in the listening and learning states. The formulas used to calculate the diameter are beyond the scope of this course. Refer to the following Cisco document for more information: www. Switch stacks help maintain or reduce the impact of diameter on STP reconvergence. In a switch stack, all switches use the same bridge ID for a given spanning-tree instance.
This means that, if the switches are stacked, as shown in Figure , the maximum diameter becomes 3 instead of 9. I would like to receive exclusive offers and hear about products from Cisco Press and its family of brands.
I can unsubscribe at any time. Pearson Education, Inc. This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site.
Please note that other Pearson websites and online products and services have their own separate privacy policies. To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:.
For inquiries and questions, we collect the inquiry or question, together with name, contact details email address, phone number and mailing address and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes. Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites.
Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.
Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing.
Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law. If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information ciscopress. On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email.
Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature. We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form. Pearson automatically collects log data to help ensure the delivery, availability and security of this site.
We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.
Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site.
While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson but not the third party web trend services to link information with application and system log data.
0コメント