THAI CPE

allow us to leverage existing 802.1q VLAN tags in a brand new way. Traditionally the VLAN


EVC Ethernet Infrastructure Series Paper Technical White Paper


Building Carrier Ethernet Services Using Cisco Ethernet Virtual Circuit (EVC) Framework

What is Cisco EVC Framework

• [li]Cisco Ethernet Virtual Circuit (EVC) is the next-generation cross-platform Carrier Ethernet Software Infrastructure[/li]
  [li]Addresses Flexible Ethernet Edge requirements[/li]
  [li]Supports service convergence over Ethernet[/li]
  [li]Complies with MEF, IEEE, IETF standards[/li]

Flexible Ethernet Edge



Introducing Cisco EVC Framework

Functional Highlights



Cisco EVC Building Blocks

Cisco EVC Uses the Following New Concepts:

• [li]Ethernet Service Instance
  Transport-agnostic abstraction of an Ethernet service on an interface[/li]
  [li]Ethernet Virtual Circuit (EVC)
  Device local object (container) for network-wide service parameters[/li]
  [li]Bridge Domain (BD)
  Ethernet Broadcast Domain local to a device[/li]
  [li]Bridge Domain Interface (BDI)
  Logical Layer 3 interface associated with a BD to perform integrated routing and bridging[/li]

Ethernet Service Instance

• [li]Instance of a MEF EVC on a port[/li]
  [li]Also defined as Ethernet Flow Point (EFP)[/li]
  [li]Classify frames belonging to a particular Ethernet Service[/li]
  [li]Apply features selectively to service frames[/li]
  [li]Define forwarding actions and behavior[/li]

Ethernet Virtual Circuit

• [li]Representation of a MEF EVC on the device[/li]
  [li]Management Plane container[/li]
  [li]Hosts global EVC attributes[/li]
  [li]One-to-many mapping from EVC to Service Instance[/li]

Bridge Domain

• [li]Broadcast Domain internal to the device[/li]
  [li]Allows decoupling broadcast domain from VLAN[/li]
  [li]Per port VLAN significance[/li]
  [li]One-to-many mapping from BD to Service Instances[/li]

Bridge Domain vs. VLAN Bridge

• [li]VLAN bridge has 1:1 mapping between VLAN and internal Broadcast Domain
  VLAN has global per-device significance[/li]
  [li]EVC bridge decouples VLAN from Broadcast Domain
  VLAN treated as encapsulation on a wire[/li]
  [li]VLAN on a wire mapped to internal Bridge Domain via Service Instances
  Net result: per-port VLAN significance[/li]

Bridge Domain Interface

• [li]Logical Layer 3 (routed) port associated with a Bridge Domain[/li]
  [li]Support termination of Ethernet traffic to IP / L3VPN (VRF aware)[/li]
  [li]Only a single BDI per Bridge Domain is allowed[/li]
  [li]Maintains Admin State (CLI) and Operational State (derived from BD)
  If all EFPs in BD are Down or Admin-Down, then BDI operational state will be Down[/li]

Packet Flow Pipeline



Flexible Service Mapping

Single Tagged VLAN Matching

• [li]Untagged traffic[/li]
  [li]Single VLAN ID value[/li]
  [li]Single VLAN ID Range (contiguous)[/li]
  [li]Single VLAN ID List[/li]
  [li]Single VLAN ID Range and List[/li]

Double Tagged VLAN Matching

• [li]Outer VLAN, Inner VLAN[/li]
  [li]Outer VLAN and Range of Inner VLANs (contiguous)[/li]
  [li]Outer VLAN and List of Inner VLANs[/li]
  [li]Outer VLAN and Range and List of Inner VLANs[/li]

Header Matching

• [li]Single VLAN, single 802.1p (COS) value[/li]
  [li]Single VLAN, COS List/Range[/li]
  [li]Outer VLAN, outer COS and Inner VLAN[/li]
  [li]Outer VLAN, Inner VLAN and inner COS[/li]
  [li]Single VLAN, Ethertype value (PPPoE, IPv4, IPv6)[/li]
  [li]Outer VLAN, Inner VLAN and Ethertype value (PPPoE, IPv4, IPv6)[/li]

Comprehensive Matching Capabilities

• [li]Service Instance construct classifies L2 flows on Ethernet interfaces[/li]
  [li]Single Tagged[/li]
  [li]Double Tagged[/li]
  [li]Header/Payload[/li]

Loose Match Classification Rule

• [li]Cisco EVC follows a Loose Match classification model[/li]
  [li]Unspecified fields are treated as wildcard[/li]
  [li]encap dot1q 10 matches any frame with outer tag equal to 10
  [/li]
  [li]encap dot1q 10 sec 50 matches any frame with outer-most tag as 10 and second tag as 50
  
  [/li]

Longest Match Classification Rule

• [li]Cisco EVC follows a Longest Match classification model[/li]
  [li]Frames are mapped to Service Instance with longest matching set of classification fields[/li]

Service Instance with 'Default' Encapsulation

• [li]Matches all frames unmatched by any other EFP on a port
  
  [/li]
  [li]If default Service Instance is the only one configured on a port, it matches all traffic on the port (tagged and untagged)
  
  [/li]

Advanced Frame Manipulation

PUSH Operations

• [li]Add one VLAN tag[/li]
  [li]Add two VLAN tags[/li]

POP Operations

• [li]Remove one VLAN tag[/li]
  [li]Remove two VLAN tags[/li]

Translation Operations

• [li]1:1 VLAN Translation[/li]
  [li]1:2 VLAN Translation[/li]
  [li]2:1 VLAN Translation[/li]
  [li]2:2 VLAN Translation[/li]

VLAN Tag Manipulation

• [li]PUSH operations[/li]
  [li]POP operations[/li]
  [li]TRANSLATION operations[/li]

Encapsulation Adjustment Considerations

PW VC Type and EVC VLAN Rewrites

• [li]VC label imposition and service delimiter tag are independent from EVC VLAN tag operations[/li]
  [li]Any VLAN tag, if retained, will appear as payload to the VC[/li]
  [li]VLAN tags can be added, removed or translated prior to VC label imposition or after disposition[/li]
  [li]VC Service Delimiter VLAN-ID is removed before passing packet to Attachment Circuit processing[/li]

Multiplexed Forwarding Services

• [li]Cisco EVC supports flexible access VLAN to forwarding service mapping
  1-to-1 access VLAN to a service
  Same port, multiple access VLANs to a service
  Multiple ports, multiple access VLANs to a service[/li]
  [li]Forwarding services include:
  L2 point-to-point local connect
  L2 point-to-point xconnect
  L2 multipoint bridging
  L2 multipoint VPLS
  L2 point-to-multipoint bridging
  L3 termination[/li]

Local and Bridged P2P and MP Forwarding Services

• [li]Layer 2 P2P local services
  No MAC learning
  Two Service Instances (EFP) on same interface (hair-pin)
  Two EFPs on different interfaces[/li]
  [li]Layer 2 MP bridged services
  MAC based fwd and learning
  Local VLAN significance
  Bridge Domain (BD) - different access VLANs in the same broadcast domain
  Split-horizon - prevent communication between service instances[/li]

MPLS-Based P2P and MP Forwarding Services

• [li]Layer 2 P2P services using Ethernet over MPLS
  EFP to EoMPLS PW[/li]
  [li]Layer 2 MP services using VPLS
  Extends ethernet multipoint bridging over a full mesh of PWs
  Split horizon support over attachment circuits (configurable) and PWs[/li]

Rooted-Multipoint Forwarding Services (E-TREE)

• [li]BD with Split Horizon Group can be used to implement rooted-multipoint forwarding service:
  Place all Leaf EFPs in Split Horizon Group
  Keep Root EFP outside the Split Horizon Group[/li]
  [li]Net effect:
  Bidirectional connectivity between Root and all Leaf EFPs
  Leaf EFPs cannot communicate to each other[/li]

Layer 3 Forwarding Services

• [li]Co-existence with Routed sub-interfaces[/li]
  [li]Layer 3 termination through SVI/BDI interface[/li]
  [li]Layer 3 termination through Routed sub-interfaces[/li]

Putting It All Together

• [li]Multiplexed Service Interface[/li]
  [li]Mix of L2 and L3 services on same port[/li]
  [li]Different types of L2 services
  Point-to-Point
  Multipoint[/li]

Service-Instance/Bridge Domain Features

Security Features

• [li]MAC Address Limiting on EVC Bridge Domain[/li]
  [li]MAC Security on Service Instance[/li]
  [li]MAC ACL on Service Instance[/li]
  [li]L3 / L4 ACL on Service Instance[/li]
  [li]Storm Control on Ports with EVCs[/li]
  [li]IP Source Guard for Service Instance[/li]
  [li]DHCP snooping with Option-82 on Service Instance[/li]
  [li]Dynamic ARP Inspection (DAI)[/li]

Resiliency Features

• [li]MST on EVC Bridge Domain[/li]
  [li]EVC "static" Etherchannel[/li]
  [li]EVC "LACP" Etherchannel[/li]
  [li]EVC Etherchannel Manual Load Balancing[/li]
  [li]EVC and FlexLink (backup interface) integration[/li]
  [li]Resilient Ethernet Protocol (REP) on EVC[/li]
  [li]Multi-Chassis LACP (mLACP)[/li]
  [li]MST Access Gateway[/li]
  [li]Pseudowire Redundancy[/li]

OAM Features

• [li]IEEE 802.1ag (CFM) on Service Instance with Bridge Domain[/li]
  [li]CFM on Service Instance with Xconnect[/li]
  [li]CFM on L2 VFI[/li]
  [li]CFM to Ethernet LMI (E-LMI) interworking[/li]
  [li]PW OAM to E-LMI Interworking[/li]
  [li]Link OAM to CFM Interworking[/li]
  [li]IP SLA for Metro Ethernet[/li]
  [li]ITU-T Y.1731 Performance Management[/li]

Miscellaneous and Instrumentation Features

• [li]Miscellaneous
  IEEE 802.1ah (Provider Backbone Bridging - PBB)
  IGMP Snooping
  UDLD on Service Instance
  Custom ether-type on Service Instance
  Static unicast / multicast MAC on Service Instance and VFI PW
  SPAN on EVC[/li]
  [li]Instrumentation
  IF-MIB (extensions to support Service Instances)
  CISCO-EVC-MIB
  CISCO-BRIDGE-DOMAIN-MIB[/li]

Deployment Use Cases
Residential Access Models Implementation
Residential UNI Standards

• [li]DSL Forum 101 for residential services
  UNI exists between the access node and the CPE
  Trunk UNI means a different VLAN or VC per service
  Non-Trunk UNI means no VLAN to CPE
  1:1 means one VLAN per customer
  N:1 means multiple customers share a VLAN[/li]
  [li]Prevalent Residential service options
  Non-Trunk UNI, N:1 VLAN
  Trunk (Multi-VC) UNI, N:1 Service VLAN
  Trunk (Multi-VC) UNI, 1:1 Interface Access (HSI) VLAN[/li]

Deployment Use Cases
Residential use cases presented in the section:
Access Node UNI Type = Trunk UNI
Characteristics

• [li]N:1 Service VLANs for Voice, Video and Data[/li]
  [li]1:1 Dedicated VLAN for Data and N:1 Service VLANs for Voice and Video[/li]

Implementation N:1 Service VLAN
Residential Service Connectivity Overview

• [li]Split Horizon Forwarding, locally significant VLAN ids combined into a per service 'Bridge Domains' (N:1)[/li]
  [li]Video routed (unnumbered) in Aggregation, other transported to Distribution[/li]

Residential Service Use Case
Trunk UNI, N:1 Data Service VLAN (PW Per AGG Node)



Configuration Example

• [li]interface TenGigabitEthernet2/1
  service instance 20 ethernet
    encapsulation dot1q 20
    rewrite ingress tag pop 1 symmetric
    xconnect 10.0.0.2 20 encapsulation mpls
  
  [/li]
  [li]interface TenGigabitEthernet2/1
  service instance 30 ethernet
    encapsulation dot1q 30
    rewrite ingress tag pop 1 symmetric
    bridge-domain 30
  !
  interface Vlan30
  ip vrf forwarding l3vpn
  ip address 192.168.1.1 255.255.255.0
  
  [/li]
  [li]l2 vfi vpls manual
  vpn id 40
  neighbor 10.0.0.2 encapsulation mpls
  !
  interface TenGigabitEthernet2/1
  service instance 40 ethernet
    encapsulation dot1q 40
    rewrite ingress tag pop 1 symmetric
    bridge-domain 40 split-horizon
  !
  !
  interface Vlan40
  no ip address
  xconnect vfi vpls[/li]

[center]Credit: P'Phong@AIT[/center] 8)