Ethernet Virtual Circuits (EVC)
  • allow us to leverage existing 802.1q VLAN tags in a brand new way. Traditionally the VLAN

    EVC Ethernet Infrastructure Series Paper Technical White Paper

    Building Carrier Ethernet Services Using Cisco Ethernet Virtual Circuit (EVC) Framework

    What is Cisco EVC Framework
    • [li]Cisco Ethernet Virtual Circuit (EVC) is the next-generation cross-platform Carrier Ethernet Software Infrastructure[/li]
      [li]Addresses Flexible Ethernet Edge requirements[/li]
      [li]Supports service convergence over Ethernet[/li]
      [li]Complies with MEF, IEEE, IETF standards[/li]

    Flexible Ethernet Edge


    Introducing Cisco EVC Framework

    Functional Highlights


    Cisco EVC Building Blocks

    Cisco EVC Uses the Following New Concepts:
    • [li]Ethernet Service Instance
      Transport-agnostic abstraction of an Ethernet service on an interface[/li]
      [li]Ethernet Virtual Circuit (EVC)
      Device local object (container) for network-wide service parameters[/li]
      [li]Bridge Domain (BD)
      Ethernet Broadcast Domain local to a device[/li]
      [li]Bridge Domain Interface (BDI)
      Logical Layer 3 interface associated with a BD to perform integrated routing and bridging[/li]

    Ethernet Service Instance

    • [li]Instance of a MEF EVC on a port[/li]
      [li]Also defined as Ethernet Flow Point (EFP)[/li]
      [li]Classify frames belonging to a particular Ethernet Service[/li]
      [li]Apply features selectively to service frames[/li]
      [li]Define forwarding actions and behavior[/li]

    Ethernet Virtual Circuit

    • [li]Representation of a MEF EVC on the device[/li]
      [li]Management Plane container[/li]
      [li]Hosts global EVC attributes[/li]
      [li]One-to-many mapping from EVC to Service Instance[/li]

    Bridge Domain

    • [li]Broadcast Domain internal to the device[/li]
      [li]Allows decoupling broadcast domain from VLAN[/li]
      [li]Per port VLAN significance[/li]
      [li]One-to-many mapping from BD to Service Instances[/li]

    Bridge Domain vs. VLAN Bridge

    • [li]VLAN bridge has 1:1 mapping between VLAN and internal Broadcast Domain
      VLAN has global per-device significance[/li]
      [li]EVC bridge decouples VLAN from Broadcast Domain
      VLAN treated as encapsulation on a wire[/li]
      [li]VLAN on a wire mapped to internal Bridge Domain via Service Instances
      Net result: per-port VLAN significance[/li]

    Bridge Domain Interface

    • [li]Logical Layer 3 (routed) port associated with a Bridge Domain[/li]
      [li]Support termination of Ethernet traffic to IP / L3VPN (VRF aware)[/li]
      [li]Only a single BDI per Bridge Domain is allowed[/li]
      [li]Maintains Admin State (CLI) and Operational State (derived from BD)
      If all EFPs in BD are Down or Admin-Down, then BDI operational state will be Down[/li]

    Packet Flow Pipeline


    Flexible Service Mapping

    Single Tagged VLAN Matching

    • [li]Untagged traffic[/li]
      [li]Single VLAN ID value[/li]
      [li]Single VLAN ID Range (contiguous)[/li]
      [li]Single VLAN ID List[/li]
      [li]Single VLAN ID Range and List[/li]

    Double Tagged VLAN Matching

    • [li]Outer VLAN, Inner VLAN[/li]
      [li]Outer VLAN and Range of Inner VLANs (contiguous)[/li]
      [li]Outer VLAN and List of Inner VLANs[/li]
      [li]Outer VLAN and Range and List of Inner VLANs[/li]

    Header Matching

    • [li]Single VLAN, single 802.1p (COS) value[/li]
      [li]Single VLAN, COS List/Range[/li]
      [li]Outer VLAN, outer COS and Inner VLAN[/li]
      [li]Outer VLAN, Inner VLAN and inner COS[/li]
      [li]Single VLAN, Ethertype value (PPPoE, IPv4, IPv6)[/li]
      [li]Outer VLAN, Inner VLAN and Ethertype value (PPPoE, IPv4, IPv6)[/li]

    Comprehensive Matching Capabilities

    • [li]Service Instance construct classifies L2 flows on Ethernet interfaces[/li]
      [li]Single Tagged[/li]
      [li]Double Tagged[/li]

    Loose Match Classification Rule
    • [li]Cisco EVC follows a Loose Match classification model[/li]
      [li]Unspecified fields are treated as wildcard[/li]
      [li]encap dot1q 10 matches any frame with outer tag equal to 10
      [li]encap dot1q 10 sec 50 matches any frame with outer-most tag as 10 and second tag as 50


    Longest Match Classification Rule
    • [li]Cisco EVC follows a Longest Match classification model[/li]
      [li]Frames are mapped to Service Instance with longest matching set of classification fields[/li]


    Service Instance with 'Default' Encapsulation
    • [li]Matches all frames unmatched by any other EFP on a port

      [li]If default Service Instance is the only one configured on a port, it matches all traffic on the port (tagged and untagged)


    Advanced Frame Manipulation

    PUSH Operations
    • [li]Add one VLAN tag[/li]
      [li]Add two VLAN tags[/li]


    POP Operations
    • [li]Remove one VLAN tag[/li]
      [li]Remove two VLAN tags[/li]


    Translation Operations
    • [li]1:1 VLAN Translation[/li]
      [li]1:2 VLAN Translation[/li]
      [li]2:1 VLAN Translation[/li]
      [li]2:2 VLAN Translation[/li]


    VLAN Tag Manipulation
    • [li]PUSH operations[/li]
      [li]POP operations[/li]
      [li]TRANSLATION operations[/li]


    Encapsulation Adjustment Considerations

    PW VC Type and EVC VLAN Rewrites

    • [li]VC label imposition and service delimiter tag are independent from EVC VLAN tag operations[/li]
      [li]Any VLAN tag, if retained, will appear as payload to the VC[/li]
      [li]VLAN tags can be added, removed or translated prior to VC label imposition or after disposition[/li]
      [li]VC Service Delimiter VLAN-ID is removed before passing packet to Attachment Circuit processing[/li]

    Multiplexed Forwarding Services
    • [li]Cisco EVC supports flexible access VLAN to forwarding service mapping
      1-to-1 access VLAN to a service
      Same port, multiple access VLANs to a service
      Multiple ports, multiple access VLANs to a service[/li]
      [li]Forwarding services include:
      L2 point-to-point local connect
      L2 point-to-point xconnect
      L2 multipoint bridging
      L2 multipoint VPLS
      L2 point-to-multipoint bridging
      L3 termination[/li]

    Local and Bridged P2P and MP Forwarding Services

    • [li]Layer 2 P2P local services
      No MAC learning
      Two Service Instances (EFP) on same interface (hair-pin)
      Two EFPs on different interfaces[/li]
      [li]Layer 2 MP bridged services
      MAC based fwd and learning
      Local VLAN significance
      Bridge Domain (BD) - different access VLANs in the same broadcast domain
      Split-horizon - prevent communication between service instances[/li]

    MPLS-Based P2P and MP Forwarding Services

    • [li]Layer 2 P2P services using Ethernet over MPLS
      EFP to EoMPLS PW[/li]
      [li]Layer 2 MP services using VPLS
      Extends ethernet multipoint bridging over a full mesh of PWs
      Split horizon support over attachment circuits (configurable) and PWs[/li]

    Rooted-Multipoint Forwarding Services (E-TREE)

    • [li]BD with Split Horizon Group can be used to implement rooted-multipoint forwarding service:
      Place all Leaf EFPs in Split Horizon Group
      Keep Root EFP outside the Split Horizon Group[/li]
      [li]Net effect:
      Bidirectional connectivity between Root and all Leaf EFPs
      Leaf EFPs cannot communicate to each other[/li]

    Layer 3 Forwarding Services

    • [li]Co-existence with Routed sub-interfaces[/li]
      [li]Layer 3 termination through SVI/BDI interface[/li]
      [li]Layer 3 termination through Routed sub-interfaces[/li]

    Putting It All Together

    • [li]Multiplexed Service Interface[/li]
      [li]Mix of L2 and L3 services on same port[/li]
      [li]Different types of L2 services

    Service-Instance/Bridge Domain Features

    Security Features
    • [li]MAC Address Limiting on EVC Bridge Domain[/li]
      [li]MAC Security on Service Instance[/li]
      [li]MAC ACL on Service Instance[/li]
      [li]L3 / L4 ACL on Service Instance[/li]
      [li]Storm Control on Ports with EVCs[/li]
      [li]IP Source Guard for Service Instance[/li]
      [li]DHCP snooping with Option-82 on Service Instance[/li]
      [li]Dynamic ARP Inspection (DAI)[/li]

    Resiliency Features
    • [li]MST on EVC Bridge Domain[/li]
      [li]EVC "static" Etherchannel[/li]
      [li]EVC "LACP" Etherchannel[/li]
      [li]EVC Etherchannel Manual Load Balancing[/li]
      [li]EVC and FlexLink (backup interface) integration[/li]
      [li]Resilient Ethernet Protocol (REP) on EVC[/li]
      [li]Multi-Chassis LACP (mLACP)[/li]
      [li]MST Access Gateway[/li]
      [li]Pseudowire Redundancy[/li]

    OAM Features
    • [li]IEEE 802.1ag (CFM) on Service Instance with Bridge Domain[/li]
      [li]CFM on Service Instance with Xconnect[/li]
      [li]CFM on L2 VFI[/li]
      [li]CFM to Ethernet LMI (E-LMI) interworking[/li]
      [li]PW OAM to E-LMI Interworking[/li]
      [li]Link OAM to CFM Interworking[/li]
      [li]IP SLA for Metro Ethernet[/li]
      [li]ITU-T Y.1731 Performance Management[/li]

    Miscellaneous and Instrumentation Features
    • [li]Miscellaneous
      IEEE 802.1ah (Provider Backbone Bridging - PBB)
      IGMP Snooping
      UDLD on Service Instance
      Custom ether-type on Service Instance
      Static unicast / multicast MAC on Service Instance and VFI PW
      SPAN on EVC[/li]
      IF-MIB (extensions to support Service Instances)

    Deployment Use Cases
    Residential Access Models Implementation
    Residential UNI Standards
    • [li]DSL Forum 101 for residential services
      UNI exists between the access node and the CPE
      Trunk UNI means a different VLAN or VC per service
      Non-Trunk UNI means no VLAN to CPE
      1:1 means one VLAN per customer
      N:1 means multiple customers share a VLAN[/li]
      [li]Prevalent Residential service options
      Non-Trunk UNI, N:1 VLAN
      Trunk (Multi-VC) UNI, N:1 Service VLAN
      Trunk (Multi-VC) UNI, 1:1 Interface Access (HSI) VLAN[/li]

    Deployment Use Cases
    Residential use cases presented in the section:
    Access Node UNI Type = Trunk UNI
    • [li]N:1 Service VLANs for Voice, Video and Data[/li]
      [li]1:1 Dedicated VLAN for Data and N:1 Service VLANs for Voice and Video[/li]

    Implementation N:1 Service VLAN
    Residential Service Connectivity Overview

    • [li]Split Horizon Forwarding, locally significant VLAN ids combined into a per service 'Bridge Domains' (N:1)[/li]
      [li]Video routed (unnumbered) in Aggregation, other transported to Distribution[/li]

    Residential Service Use Case
    Trunk UNI, N:1 Data Service VLAN (PW Per AGG Node)


    Configuration Example
    • [li]interface TenGigabitEthernet2/1
      service instance 20 ethernet
        encapsulation dot1q 20
        rewrite ingress tag pop 1 symmetric
        xconnect 20 encapsulation mpls

      [li]interface TenGigabitEthernet2/1
      service instance 30 ethernet
        encapsulation dot1q 30
        rewrite ingress tag pop 1 symmetric
        bridge-domain 30
      interface Vlan30
      ip vrf forwarding l3vpn
      ip address

      [li]l2 vfi vpls manual
      vpn id 40
      neighbor encapsulation mpls
      interface TenGigabitEthernet2/1
      service instance 40 ethernet
        encapsulation dot1q 40
        rewrite ingress tag pop 1 symmetric
        bridge-domain 40 split-horizon
      interface Vlan40
      no ip address
      xconnect vfi vpls[/li]

    [center]Credit: P'Phong@AIT[/center] 8)
  • 1 Comment sorted by
  • #show ethernet service instance
    Identifier  Type      Interface                State     CE-Vlans
    9           Static    TenGigabitEthernet0/3    Up                                            
    23          Static    TenGigabitEthernet0/3    Up