PlAwAnSaI
Administrator
allow us to leverage existing 802.1q VLAN tags in a brand new way. Traditionally the VLAN
Code:
https://supportforums.cisco.com/docs/DOC-21299
EVC Ethernet Infrastructure Series Paper Technical White Paper
Code:
http://wenku.baidu.com/view/e58775bec77da26925c5b044.html
Building Carrier Ethernet Services Using Cisco Ethernet Virtual Circuit (EVC) Framework
What is Cisco EVC Framework
[li]Cisco Ethernet Virtual Circuit (EVC) is the next-generation cross-platform Carrier Ethernet Software Infrastructure[/li]
[li]Addresses Flexible Ethernet Edge requirements[/li]
[li]Supports service convergence over Ethernet[/li]
[li]Complies with MEF, IEEE, IETF standards[/li][/list]
Flexible Ethernet Edge
Introducing Cisco EVC Framework
Functional Highlights
Cisco EVC Building Blocks
Cisco EVC Uses the Following New Concepts:
[li]Ethernet Service Instance
Transport-agnostic abstraction of an Ethernet service on an interface[/li]
[li]Ethernet Virtual Circuit (EVC)
Device local object (container) for network-wide service parameters[/li]
[li]Bridge Domain (BD)
Ethernet Broadcast Domain local to a device[/li]
[li]Bridge Domain Interface (BDI)
Logical Layer 3 interface associated with a BD to perform integrated routing and bridging[/li][/list]
Ethernet Service Instance
[li]Instance of a MEF EVC on a port[/li]
[li]Also defined as Ethernet Flow Point (EFP)[/li]
[li]Classify frames belonging to a particular Ethernet Service[/li]
[li]Apply features selectively to service frames[/li]
[li]Define forwarding actions and behavior[/li][/list]
Ethernet Virtual Circuit
[li]Representation of a MEF EVC on the device[/li]
[li]Management Plane container[/li]
[li]Hosts global EVC attributes[/li]
[li]One-to-many mapping from EVC to Service Instance[/li][/list]
Bridge Domain
[li]Broadcast Domain internal to the device[/li]
[li]Allows decoupling broadcast domain from VLAN[/li]
[li]Per port VLAN significance[/li]
[li]One-to-many mapping from BD to Service Instances[/li][/list]
Bridge Domain vs. VLAN Bridge
[li]VLAN bridge has 1:1 mapping between VLAN and internal Broadcast Domain
VLAN has global per-device significance[/li]
[li]EVC bridge decouples VLAN from Broadcast Domain
VLAN treated as encapsulation on a wire[/li]
[li]VLAN on a wire mapped to internal Bridge Domain via Service Instances
Net result: per-port VLAN significance[/li][/list]
Bridge Domain Interface
[li]Logical Layer 3 (routed) port associated with a Bridge Domain[/li]
[li]Support termination of Ethernet traffic to IP / L3VPN (VRF aware)[/li]
[li]Only a single BDI per Bridge Domain is allowed[/li]
[li]Maintains Admin State (CLI) and Operational State (derived from BD)
If all EFPs in BD are Down or Admin-Down, then BDI operational state will be Down[/li][/list]
Packet Flow Pipeline
Flexible Service Mapping
Single Tagged VLAN Matching
[li]Untagged traffic[/li]
[li]Single VLAN ID value[/li]
[li]Single VLAN ID Range (contiguous)[/li]
[li]Single VLAN ID List[/li]
[li]Single VLAN ID Range and List[/li][/list]
Double Tagged VLAN Matching
[li]Outer VLAN, Inner VLAN[/li]
[li]Outer VLAN and Range of Inner VLANs (contiguous)[/li]
[li]Outer VLAN and List of Inner VLANs[/li]
[li]Outer VLAN and Range and List of Inner VLANs[/li][/list]
Header Matching
[li]Single VLAN, single 802.1p (COS) value[/li]
[li]Single VLAN, COS List/Range[/li]
[li]Outer VLAN, outer COS and Inner VLAN[/li]
[li]Outer VLAN, Inner VLAN and inner COS[/li]
[li]Single VLAN, Ethertype value (PPPoE, IPv4, IPv6)[/li]
[li]Outer VLAN, Inner VLAN and Ethertype value (PPPoE, IPv4, IPv6)[/li][/list]
Comprehensive Matching Capabilities
[li]Service Instance construct classifies L2 flows on Ethernet interfaces[/li]
[li]Single Tagged[/li]
[li]Double Tagged[/li]
[li]Header/Payload[/li][/list]
Loose Match Classification Rule
[li]Cisco EVC follows a Loose Match classification model[/li]
[li]Unspecified fields are treated as wildcard[/li]
[li]encap dot1q 10 matches any frame with outer tag equal to 10
[/list]
[/li]
[li]encap dot1q 10 sec 50 matches any frame with outer-most tag as 10 and second tag as 50
[/li]
Longest Match Classification Rule
[li]Cisco EVC follows a Longest Match classification model[/li]
[li]Frames are mapped to Service Instance with longest matching set of classification fields[/li][/list]
Service Instance with 'Default' Encapsulation
[li]Matches all frames unmatched by any other EFP on a port
[/list]
[/li]
[li]If default Service Instance is the only one configured on a port, it matches all traffic on the port (tagged and untagged)
[/li]
Advanced Frame Manipulation
PUSH Operations
[li]Add one VLAN tag[/li]
[li]Add two VLAN tags[/li][/list]
POP Operations
[li]Remove one VLAN tag[/li]
[li]Remove two VLAN tags[/li][/list]
Translation Operations
[li]1:1 VLAN Translation[/li]
[li]1:2 VLAN Translation[/li]
[li]2:1 VLAN Translation[/li]
[li]2:2 VLAN Translation[/li][/list]
VLAN Tag Manipulation
[li]PUSH operations[/li]
[li]POP operations[/li]
[li]TRANSLATION operations[/li][/list]
Encapsulation Adjustment Considerations
PW VC Type and EVC VLAN Rewrites
[li]VC label imposition and service delimiter tag are independent from EVC VLAN tag operations[/li]
[li]Any VLAN tag, if retained, will appear as payload to the VC[/li]
[li]VLAN tags can be added, removed or translated prior to VC label imposition or after disposition[/li]
[li]VC Service Delimiter VLAN-ID is removed before passing packet to Attachment Circuit processing[/li][/list]
Multiplexed Forwarding Services
[li]Cisco EVC supports flexible access VLAN to forwarding service mapping
1-to-1 access VLAN to a service
Same port, multiple access VLANs to a service
Multiple ports, multiple access VLANs to a service[/li]
[li]Forwarding services include:
L2 point-to-point local connect
L2 point-to-point xconnect
L2 multipoint bridging
L2 multipoint VPLS
L2 point-to-multipoint bridging
L3 termination[/li][/list]
Local and Bridged P2P and MP Forwarding Services
[li]Layer 2 P2P local services
No MAC learning
Two Service Instances (EFP) on same interface (hair-pin)
Two EFPs on different interfaces[/li]
[li]Layer 2 MP bridged services
MAC based fwd and learning
Local VLAN significance
Bridge Domain (BD) - different access VLANs in the same broadcast domain
Split-horizon - prevent communication between service instances[/li][/list]
MPLS-Based P2P and MP Forwarding Services
[li]Layer 2 P2P services using Ethernet over MPLS
EFP to EoMPLS PW[/li]
[li]Layer 2 MP services using VPLS
Extends ethernet multipoint bridging over a full mesh of PWs
Split horizon support over attachment circuits (configurable) and PWs[/li][/list]
Rooted-Multipoint Forwarding Services (E-TREE)
[li]BD with Split Horizon Group can be used to implement rooted-multipoint forwarding service:
Place all Leaf EFPs in Split Horizon Group
Keep Root EFP outside the Split Horizon Group[/li]
[li]Net effect:
Bidirectional connectivity between Root and all Leaf EFPs
Leaf EFPs cannot communicate to each other[/li][/list]
Layer 3 Forwarding Services
[li]Co-existence with Routed sub-interfaces[/li]
[li]Layer 3 termination through SVI/BDI interface[/li]
[li]Layer 3 termination through Routed sub-interfaces[/li][/list]
Putting It All Together
[li]Multiplexed Service Interface[/li]
[li]Mix of L2 and L3 services on same port[/li]
[li]Different types of L2 services
Point-to-Point
Multipoint[/li][/list]
Service-Instance/Bridge Domain Features
Security Features
[li]MAC Address Limiting on EVC Bridge Domain[/li]
[li]MAC Security on Service Instance[/li]
[li]MAC ACL on Service Instance[/li]
[li]L3 / L4 ACL on Service Instance[/li]
[li]Storm Control on Ports with EVCs[/li]
[li]IP Source Guard for Service Instance[/li]
[li]DHCP snooping with Option-82 on Service Instance[/li]
[li]Dynamic ARP Inspection (DAI)[/li][/list]
Resiliency Features
[li]MST on EVC Bridge Domain[/li]
[li]EVC "static" Etherchannel[/li]
[li]EVC "LACP" Etherchannel[/li]
[li]EVC Etherchannel Manual Load Balancing[/li]
[li]EVC and FlexLink (backup interface) integration[/li]
[li]Resilient Ethernet Protocol (REP) on EVC[/li]
[li]Multi-Chassis LACP (mLACP)[/li]
[li]MST Access Gateway[/li]
[li]Pseudowire Redundancy[/li][/list]
OAM Features
[li]IEEE 802.1ag (CFM) on Service Instance with Bridge Domain[/li]
[li]CFM on Service Instance with Xconnect[/li]
[li]CFM on L2 VFI[/li]
[li]CFM to Ethernet LMI (E-LMI) interworking[/li]
[li]PW OAM to E-LMI Interworking[/li]
[li]Link OAM to CFM Interworking[/li]
[li]IP SLA for Metro Ethernet[/li]
[li]ITU-T Y.1731 Performance Management[/li][/list]
Miscellaneous and Instrumentation Features
[li]Miscellaneous
IEEE 802.1ah (Provider Backbone Bridging - PBB)
IGMP Snooping
UDLD on Service Instance
Custom ether-type on Service Instance
Static unicast / multicast MAC on Service Instance and VFI PW
SPAN on EVC[/li]
[li]Instrumentation
IF-MIB (extensions to support Service Instances)
CISCO-EVC-MIB
CISCO-BRIDGE-DOMAIN-MIB[/li][/list]
Deployment Use Cases
Residential Access Models Implementation
Residential UNI Standards
[li]DSL Forum 101 for residential services
UNI exists between the access node and the CPE
Trunk UNI means a different VLAN or VC per service
Non-Trunk UNI means no VLAN to CPE
1:1 means one VLAN per customer
N:1 means multiple customers share a VLAN[/li]
[li]Prevalent Residential service options
Non-Trunk UNI, N:1 VLAN
Trunk (Multi-VC) UNI, N:1 Service VLAN
Trunk (Multi-VC) UNI, 1:1 Interface Access (HSI) VLAN[/li][/list]
Deployment Use Cases
Residential use cases presented in the section:
Access Node UNI Type = Trunk UNI
Characteristics
[li]N:1 Service VLANs for Voice, Video and Data[/li]
[li]1:1 Dedicated VLAN for Data and N:1 Service VLANs for Voice and Video[/li][/list]
Implementation N:1 Service VLAN
Residential Service Connectivity Overview
[li]Split Horizon Forwarding, locally significant VLAN ids combined into a per service 'Bridge Domains' (N:1)[/li]
[li]Video routed (unnumbered) in Aggregation, other transported to Distribution[/li][/list]
Residential Service Use Case
Trunk UNI, N:1 Data Service VLAN (PW Per AGG Node)
Configuration Example
[li]interface TenGigabitEthernet2/1
service instance 20 ethernet
encapsulation dot1q 20
rewrite ingress tag pop 1 symmetric
xconnect 10.0.0.2 20 encapsulation mpls
[/li]
[li]interface TenGigabitEthernet2/1
service instance 30 ethernet
encapsulation dot1q 30
rewrite ingress tag pop 1 symmetric
bridge-domain 30
!
interface Vlan30
ip vrf forwarding l3vpn
ip address 192.168.1.1 255.255.255.0
[/li]
[li]l2 vfi vpls manual
vpn id 40
neighbor 10.0.0.2 encapsulation mpls
!
interface TenGigabitEthernet2/1
service instance 40 ethernet
encapsulation dot1q 40
rewrite ingress tag pop 1 symmetric
bridge-domain 40 split-horizon
!
!
interface Vlan40
no ip address
xconnect vfi vpls[/li][/list]
Credit: P'Phong@AIT
Code:
https://supportforums.cisco.com/docs/DOC-21299
EVC Ethernet Infrastructure Series Paper Technical White Paper
Code:
http://wenku.baidu.com/view/e58775bec77da26925c5b044.html
Building Carrier Ethernet Services Using Cisco Ethernet Virtual Circuit (EVC) Framework
What is Cisco EVC Framework
[li]Cisco Ethernet Virtual Circuit (EVC) is the next-generation cross-platform Carrier Ethernet Software Infrastructure[/li]
[li]Addresses Flexible Ethernet Edge requirements[/li]
[li]Supports service convergence over Ethernet[/li]
[li]Complies with MEF, IEEE, IETF standards[/li][/list]
Flexible Ethernet Edge
Introducing Cisco EVC Framework
Functional Highlights
Cisco EVC Building Blocks
Cisco EVC Uses the Following New Concepts:
[li]Ethernet Service Instance
Transport-agnostic abstraction of an Ethernet service on an interface[/li]
[li]Ethernet Virtual Circuit (EVC)
Device local object (container) for network-wide service parameters[/li]
[li]Bridge Domain (BD)
Ethernet Broadcast Domain local to a device[/li]
[li]Bridge Domain Interface (BDI)
Logical Layer 3 interface associated with a BD to perform integrated routing and bridging[/li][/list]
Ethernet Service Instance
[li]Instance of a MEF EVC on a port[/li]
[li]Also defined as Ethernet Flow Point (EFP)[/li]
[li]Classify frames belonging to a particular Ethernet Service[/li]
[li]Apply features selectively to service frames[/li]
[li]Define forwarding actions and behavior[/li][/list]
Ethernet Virtual Circuit
[li]Representation of a MEF EVC on the device[/li]
[li]Management Plane container[/li]
[li]Hosts global EVC attributes[/li]
[li]One-to-many mapping from EVC to Service Instance[/li][/list]
Bridge Domain
[li]Broadcast Domain internal to the device[/li]
[li]Allows decoupling broadcast domain from VLAN[/li]
[li]Per port VLAN significance[/li]
[li]One-to-many mapping from BD to Service Instances[/li][/list]
Bridge Domain vs. VLAN Bridge
[li]VLAN bridge has 1:1 mapping between VLAN and internal Broadcast Domain
VLAN has global per-device significance[/li]
[li]EVC bridge decouples VLAN from Broadcast Domain
VLAN treated as encapsulation on a wire[/li]
[li]VLAN on a wire mapped to internal Bridge Domain via Service Instances
Net result: per-port VLAN significance[/li][/list]
Bridge Domain Interface
[li]Logical Layer 3 (routed) port associated with a Bridge Domain[/li]
[li]Support termination of Ethernet traffic to IP / L3VPN (VRF aware)[/li]
[li]Only a single BDI per Bridge Domain is allowed[/li]
[li]Maintains Admin State (CLI) and Operational State (derived from BD)
If all EFPs in BD are Down or Admin-Down, then BDI operational state will be Down[/li][/list]
Packet Flow Pipeline
Flexible Service Mapping
Single Tagged VLAN Matching
[li]Untagged traffic[/li]
[li]Single VLAN ID value[/li]
[li]Single VLAN ID Range (contiguous)[/li]
[li]Single VLAN ID List[/li]
[li]Single VLAN ID Range and List[/li][/list]
Double Tagged VLAN Matching
[li]Outer VLAN, Inner VLAN[/li]
[li]Outer VLAN and Range of Inner VLANs (contiguous)[/li]
[li]Outer VLAN and List of Inner VLANs[/li]
[li]Outer VLAN and Range and List of Inner VLANs[/li][/list]
Header Matching
[li]Single VLAN, single 802.1p (COS) value[/li]
[li]Single VLAN, COS List/Range[/li]
[li]Outer VLAN, outer COS and Inner VLAN[/li]
[li]Outer VLAN, Inner VLAN and inner COS[/li]
[li]Single VLAN, Ethertype value (PPPoE, IPv4, IPv6)[/li]
[li]Outer VLAN, Inner VLAN and Ethertype value (PPPoE, IPv4, IPv6)[/li][/list]
Comprehensive Matching Capabilities
[li]Service Instance construct classifies L2 flows on Ethernet interfaces[/li]
[li]Single Tagged[/li]
[li]Double Tagged[/li]
[li]Header/Payload[/li][/list]
Loose Match Classification Rule
[li]Cisco EVC follows a Loose Match classification model[/li]
[li]Unspecified fields are treated as wildcard[/li]
[li]encap dot1q 10 matches any frame with outer tag equal to 10
[/list]
[li]encap dot1q 10 sec 50 matches any frame with outer-most tag as 10 and second tag as 50
Longest Match Classification Rule
[li]Cisco EVC follows a Longest Match classification model[/li]
[li]Frames are mapped to Service Instance with longest matching set of classification fields[/li][/list]
Service Instance with 'Default' Encapsulation
[li]Matches all frames unmatched by any other EFP on a port
[/list]
[li]If default Service Instance is the only one configured on a port, it matches all traffic on the port (tagged and untagged)
Advanced Frame Manipulation
PUSH Operations
[li]Add one VLAN tag[/li]
[li]Add two VLAN tags[/li][/list]
POP Operations
[li]Remove one VLAN tag[/li]
[li]Remove two VLAN tags[/li][/list]
Translation Operations
[li]1:1 VLAN Translation[/li]
[li]1:2 VLAN Translation[/li]
[li]2:1 VLAN Translation[/li]
[li]2:2 VLAN Translation[/li][/list]
VLAN Tag Manipulation
[li]PUSH operations[/li]
[li]POP operations[/li]
[li]TRANSLATION operations[/li][/list]
Encapsulation Adjustment Considerations
PW VC Type and EVC VLAN Rewrites
[li]VC label imposition and service delimiter tag are independent from EVC VLAN tag operations[/li]
[li]Any VLAN tag, if retained, will appear as payload to the VC[/li]
[li]VLAN tags can be added, removed or translated prior to VC label imposition or after disposition[/li]
[li]VC Service Delimiter VLAN-ID is removed before passing packet to Attachment Circuit processing[/li][/list]
Multiplexed Forwarding Services
[li]Cisco EVC supports flexible access VLAN to forwarding service mapping
1-to-1 access VLAN to a service
Same port, multiple access VLANs to a service
Multiple ports, multiple access VLANs to a service[/li]
[li]Forwarding services include:
L2 point-to-point local connect
L2 point-to-point xconnect
L2 multipoint bridging
L2 multipoint VPLS
L2 point-to-multipoint bridging
L3 termination[/li][/list]
Local and Bridged P2P and MP Forwarding Services
[li]Layer 2 P2P local services
No MAC learning
Two Service Instances (EFP) on same interface (hair-pin)
Two EFPs on different interfaces[/li]
[li]Layer 2 MP bridged services
MAC based fwd and learning
Local VLAN significance
Bridge Domain (BD) - different access VLANs in the same broadcast domain
Split-horizon - prevent communication between service instances[/li][/list]
MPLS-Based P2P and MP Forwarding Services
[li]Layer 2 P2P services using Ethernet over MPLS
EFP to EoMPLS PW[/li]
[li]Layer 2 MP services using VPLS
Extends ethernet multipoint bridging over a full mesh of PWs
Split horizon support over attachment circuits (configurable) and PWs[/li][/list]
Rooted-Multipoint Forwarding Services (E-TREE)
[li]BD with Split Horizon Group can be used to implement rooted-multipoint forwarding service:
Place all Leaf EFPs in Split Horizon Group
Keep Root EFP outside the Split Horizon Group[/li]
[li]Net effect:
Bidirectional connectivity between Root and all Leaf EFPs
Leaf EFPs cannot communicate to each other[/li][/list]
Layer 3 Forwarding Services
[li]Co-existence with Routed sub-interfaces[/li]
[li]Layer 3 termination through SVI/BDI interface[/li]
[li]Layer 3 termination through Routed sub-interfaces[/li][/list]
Putting It All Together
[li]Multiplexed Service Interface[/li]
[li]Mix of L2 and L3 services on same port[/li]
[li]Different types of L2 services
Point-to-Point
Multipoint[/li][/list]
Service-Instance/Bridge Domain Features
Security Features
[li]MAC Address Limiting on EVC Bridge Domain[/li]
[li]MAC Security on Service Instance[/li]
[li]MAC ACL on Service Instance[/li]
[li]L3 / L4 ACL on Service Instance[/li]
[li]Storm Control on Ports with EVCs[/li]
[li]IP Source Guard for Service Instance[/li]
[li]DHCP snooping with Option-82 on Service Instance[/li]
[li]Dynamic ARP Inspection (DAI)[/li][/list]
Resiliency Features
[li]MST on EVC Bridge Domain[/li]
[li]EVC "static" Etherchannel[/li]
[li]EVC "LACP" Etherchannel[/li]
[li]EVC Etherchannel Manual Load Balancing[/li]
[li]EVC and FlexLink (backup interface) integration[/li]
[li]Resilient Ethernet Protocol (REP) on EVC[/li]
[li]Multi-Chassis LACP (mLACP)[/li]
[li]MST Access Gateway[/li]
[li]Pseudowire Redundancy[/li][/list]
OAM Features
[li]IEEE 802.1ag (CFM) on Service Instance with Bridge Domain[/li]
[li]CFM on Service Instance with Xconnect[/li]
[li]CFM on L2 VFI[/li]
[li]CFM to Ethernet LMI (E-LMI) interworking[/li]
[li]PW OAM to E-LMI Interworking[/li]
[li]Link OAM to CFM Interworking[/li]
[li]IP SLA for Metro Ethernet[/li]
[li]ITU-T Y.1731 Performance Management[/li][/list]
Miscellaneous and Instrumentation Features
[li]Miscellaneous
IEEE 802.1ah (Provider Backbone Bridging - PBB)
IGMP Snooping
UDLD on Service Instance
Custom ether-type on Service Instance
Static unicast / multicast MAC on Service Instance and VFI PW
SPAN on EVC[/li]
[li]Instrumentation
IF-MIB (extensions to support Service Instances)
CISCO-EVC-MIB
CISCO-BRIDGE-DOMAIN-MIB[/li][/list]
Deployment Use Cases
Residential Access Models Implementation
Residential UNI Standards
[li]DSL Forum 101 for residential services
UNI exists between the access node and the CPE
Trunk UNI means a different VLAN or VC per service
Non-Trunk UNI means no VLAN to CPE
1:1 means one VLAN per customer
N:1 means multiple customers share a VLAN[/li]
[li]Prevalent Residential service options
Non-Trunk UNI, N:1 VLAN
Trunk (Multi-VC) UNI, N:1 Service VLAN
Trunk (Multi-VC) UNI, 1:1 Interface Access (HSI) VLAN[/li][/list]
Deployment Use Cases
Residential use cases presented in the section:
Access Node UNI Type = Trunk UNI
Characteristics
[li]N:1 Service VLANs for Voice, Video and Data[/li]
[li]1:1 Dedicated VLAN for Data and N:1 Service VLANs for Voice and Video[/li][/list]
Implementation N:1 Service VLAN
Residential Service Connectivity Overview
[li]Split Horizon Forwarding, locally significant VLAN ids combined into a per service 'Bridge Domains' (N:1)[/li]
[li]Video routed (unnumbered) in Aggregation, other transported to Distribution[/li][/list]
Residential Service Use Case
Trunk UNI, N:1 Data Service VLAN (PW Per AGG Node)
Configuration Example
[li]interface TenGigabitEthernet2/1
service instance 20 ethernet
encapsulation dot1q 20
rewrite ingress tag pop 1 symmetric
xconnect 10.0.0.2 20 encapsulation mpls
[/li]
[li]interface TenGigabitEthernet2/1
service instance 30 ethernet
encapsulation dot1q 30
rewrite ingress tag pop 1 symmetric
bridge-domain 30
!
interface Vlan30
ip vrf forwarding l3vpn
ip address 192.168.1.1 255.255.255.0
[/li]
[li]l2 vfi vpls manual
vpn id 40
neighbor 10.0.0.2 encapsulation mpls
!
interface TenGigabitEthernet2/1
service instance 40 ethernet
encapsulation dot1q 40
rewrite ingress tag pop 1 symmetric
bridge-domain 40 split-horizon
!
!
interface Vlan40
no ip address
xconnect vfi vpls[/li][/list]
Credit: P'Phong@AIT