Академический Документы
Профессиональный Документы
Культура Документы
com
Raisecom Technology Co., Ltd. provides customers with comprehensive technical support and services. For any assistance, please contact our local office or company headquarters. Website: http://www.raisecom.com Tel: 8610-82883305 Fax: 8610-82883056 Email: export@raisecom.com Address: Building 2, No. 28, Shangdi 6th Street, Haidian District, Beijing, P.R.China Postal code: 100085
-----------------------------------------------------------------------------------------------------------------------------------------
Notice
Copyright 2013 Raisecom All rights reserved. No part of this publication may be excerpted, reproduced, translated or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in Writing from Raisecom Technology Co., Ltd. is the trademark of Raisecom Technology Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders. The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute the warranty of any kind, express or implied.
Preface
Preface
Objectives
This guide introduces features and related configurations supported by the iTN165-CES, including basic principles and configuration procedures of Ethernet, clock synchronization, network reliability, DHCP Client, OAM, security, QoS, and system management and maintenance. In addition, this guide provides related configuration examples. The appendix of this guide provides terms and abbreviations involved in this guide. This guide help you master principles and configurations of the iTN165-CES systematically, as well as networking with the iTN165-CES.
Versions
The following table lists the product versions related to this document. Product name iTN165-4GE4E1 iTN165-4GE4E1-BL iTN165-4GEE1 iTN165-4GEV35 iTN165-4GE4E1S iTN165-4GE4E1S-BL iTN165-4GEE1S iTN165-4GEV35S Product version P100R001 P100R001 P100R001 P100R001 P100R001 P100R001 P100R001 P100R001 Hardware version A.00 or later A.00 or later A.00 or later A.00 or later A.00 or later A.00 or later A.00 or later A.00 or later
Conventions
Symbol conventions
The symbols that may be found in this document are defined as follows.
Preface
Symbol
Description Indicates a hazard with a medium or low level of risk which, if not avoided, could result in minor or moderate injury. Indicates a potentially hazardous situation that, if not avoided, could cause equipment damage, data loss, and performance degradation, or unexpected results. Provides additional information to emphasize or supplement important points of the main text. Indicates a tip that may help you solve a problem or save time.
General conventions
Convention Times New Roman Arial Boldface Italic Lucida Console Description Normal paragraphs are in Times New Roman. Paragraphs in Warning, Caution, Notes, and Tip are in Arial. Names of files, directories, folders, and users are in boldface. For example, log in as user root. Book titles are in italics. Terminal display is in Lucida Console.
Command conventions
Convention Boldface Italic [] { x | y | ... } [ x | y | ... ] { x | y | ... } * Description The keywords of a command line are in boldface. Command arguments are in italics. Items (keywords or arguments) in square brackets [ ] are optional. Alternative items are grouped in braces and separated by vertical bars. Only one is selected. Optional alternative items are grouped in square brackets and separated by vertical bars. One or none is selected. Alternative items are grouped in braces and separated by vertical bars. A minimum of one or a maximum of all can be selected.
ii
Preface
Convention [ x | y | ... ] *
Description Optional alternative items are grouped in square brackets and separated by vertical bars. A minimum of none or a maximum of all can be selected.
Change history
Updates between document versions are cumulative. Therefore, the latest document version contains all updates made to previous versions.
Issue 01 (2013-07-22)
Initial commercial release
iii
Contents
Contents
1 Basic configurations ..................................................................................................................... 1
1.1 CLI ................................................................................................................................................................... 1 1.1.1 Overview ................................................................................................................................................. 1 1.1.2 Levels ...................................................................................................................................................... 2 1.1.3 Modes...................................................................................................................................................... 2 1.1.4 Keystrokes............................................................................................................................................... 4 1.1.5 Flitering commands................................................................................................................................. 5 1.1.6 Viewing command history ...................................................................................................................... 6 1.1.7 Acquiring help ......................................................................................................................................... 6 1.2 Accessing device .............................................................................................................................................. 8 1.2.1 Accessing device through Console interface ........................................................................................... 8 1.2.2 Accessing device through Telnet ........................................................................................................... 10 1.2.3 Accessing device through SSHv2 ......................................................................................................... 12 1.2.4 Managing users ..................................................................................................................................... 13 1.2.5 Checking configurations ....................................................................................................................... 14 1.3 Zero-configuration ......................................................................................................................................... 14 1.3.1 Introduction ........................................................................................................................................... 14 1.3.2 Preparing for zero-configuration ........................................................................................................... 15 1.3.3 Configuring DHCP Client ..................................................................................................................... 15 1.3.4 (Optional) configuring zero-configuration polling ................................................................................ 16 1.3.5 Checking configurations ....................................................................................................................... 16 1.4 Configuring IP address of device ................................................................................................................... 17 1.4.1 Configuring IP address of device .......................................................................................................... 17 1.4.2 Checking configurations ....................................................................................................................... 17 1.5 Configuring time management ....................................................................................................................... 17 1.5.1 Configuring time and time zone ............................................................................................................ 17 1.5.2 Configuring DST .................................................................................................................................. 18 1.5.3 Configuring NTP/SNTP ........................................................................................................................ 18 1.5.4 Checking configurations ....................................................................................................................... 20 1.6 Configuring static routing .............................................................................................................................. 20 1.7 Configuring Ethernet interface ....................................................................................................................... 21 1.7.1 Configuring basic attributies of interfaces ............................................................................................ 21
iv
Contents
1.7.2 Configuring interface statistics ............................................................................................................. 21 1.7.3 Configuring flow control on interfaces ................................................................................................. 21 1.7.4 Opening/Shuting down interfaces ......................................................................................................... 22 1.7.5 Checking configurations ....................................................................................................................... 22 1.8 Configuring SNMP ........................................................................................................................................ 23 1.8.1 Configuring the IP address of SNMP interface ..................................................................................... 23 1.8.2 Configuring SNMP basic functions ...................................................................................................... 23 1.8.3 Configuring Trap ................................................................................................................................... 24 1.8.4 Checking configurations ....................................................................................................................... 24 1.9 Configuring Banner ........................................................................................................................................ 25 1.9.1 Preparing for configurations ................................................................................................................. 25 1.9.2 Configuring Banner............................................................................................................................... 25 1.9.3 Enabling Banner display ....................................................................................................................... 25 1.9.4 Checking configurations ....................................................................................................................... 26 1.10 Configuration examples ............................................................................................................................... 26 1.10.1 Examples for configuring SNMP ........................................................................................................ 26
2 Ethernet ......................................................................................................................................... 29
2.1 Introduction .................................................................................................................................................... 29 2.1.1 MAC address table ................................................................................................................................ 29 2.1.2 VLAN ................................................................................................................................................... 32 2.1.3 QinQ...................................................................................................................................................... 34 2.1.4 VLAN mapping..................................................................................................................................... 37 2.1.5 Loopback detection ............................................................................................................................... 37 2.1.6 Interface protection ............................................................................................................................... 38 2.1.7 Layer 2 protocol transparent transmission ............................................................................................ 39 2.1.8 ARP ....................................................................................................................................................... 39 2.1.9 Port mirroring........................................................................................................................................ 40 2.2 Configuring MAC address table..................................................................................................................... 41 2.2.1 Preparing for configurations ................................................................................................................. 41 2.2.2 Configuring static MAC address entries ............................................................................................... 42 2.2.3 Configuring dynamic MAC address entries .......................................................................................... 42 2.2.4 Configuring blackhole MAC address entries ........................................................................................ 42 2.2.5 Checking configurations ....................................................................................................................... 43 2.3 Configuring VLAN ........................................................................................................................................ 43 2.3.1 Preparing for configurations ................................................................................................................. 43 2.3.2 Configuring VLAN properties .............................................................................................................. 44 2.3.3 Configuring interface modes ................................................................................................................. 44 2.3.4 Configuring VLANs based on Access interfaces .................................................................................. 44 2.3.5 Configuring VLANs based on Trunk interfaces.................................................................................... 45 2.3.6 Checking configurations ....................................................................................................................... 46 2.4 Configuring basic QinQ ................................................................................................................................. 46
Contents
2.4.1 Preparing for configurations ................................................................................................................. 46 2.4.2 Configuring basic QinQ ........................................................................................................................ 47 2.4.3 Configuring egress interface to Trunk mode ......................................................................................... 47 2.4.4 Checking configurations ....................................................................................................................... 47 2.5 Configuring selective QinQ ........................................................................................................................... 47 2.5.1 Preparing for configurations ................................................................................................................. 47 2.5.2 Configuring selective QinQ .................................................................................................................. 48 2.5.3 Checking configurations ....................................................................................................................... 48 2.6 Configuring VLAN mapping ......................................................................................................................... 48 2.6.1 Preparing for configurations ................................................................................................................. 48 2.6.2 Configuring 1:1 VLAN mapping .......................................................................................................... 49 2.6.3 Checking configurations ....................................................................................................................... 49 2.7 Configuring loopback detection ..................................................................................................................... 49 2.7.1 Preparing for configurations ................................................................................................................. 49 2.7.2 Configuring loopback detection ............................................................................................................ 50 2.7.3 Checking configurations ....................................................................................................................... 50 2.8 Configuring interface protection .................................................................................................................... 51 2.8.1 Preparing for configurations ................................................................................................................. 51 2.8.2 Configuring interface protection ........................................................................................................... 51 2.8.3 Checking configurations ....................................................................................................................... 51 2.9 Configuring Layer 2 protocol transparent transmission ................................................................................. 52 2.9.1 Preparing for configurations ................................................................................................................. 52 2.9.2 Configuring transparent transmission parameters ................................................................................. 52 2.9.3 Checking configurations ....................................................................................................................... 53 2.10 Configuring ARP .......................................................................................................................................... 53 2.10.1 Preparing for configurations ............................................................................................................... 53 2.10.2 Configuring ARP address entries ........................................................................................................ 53 2.10.3 Checking configurations ..................................................................................................................... 54 2.11 Configuring port mirroring ........................................................................................................................... 54 2.11.1 Preparing for configurations ................................................................................................................ 54 2.11.2 Configuring port mirroring .................................................................................................................. 55 2.11.3 Checking configurations ..................................................................................................................... 55 2.12 Maintenance ................................................................................................................................................. 56 2.13 Configuration examples ............................................................................................................................... 56 2.13.1 Examples for configuring MAC address table .................................................................................... 56 2.13.2 Example for configuring VLAN and interface protection ................................................................... 58 2.13.3 Examples for configuring basic QinQ ................................................................................................. 62 2.13.4 Examples for configuring selective QinQ ........................................................................................... 64 2.13.5 Examples for configuring VLAN mapping ......................................................................................... 67 2.13.6 Examples for configuring loopback detection..................................................................................... 70 2.13.7 Examples for configuring Layer 2 protocol transparent transmission ................................................ 71 2.13.8 Examples for configuring ARP ........................................................................................................... 73 Raisecom Technology Co., Ltd. vi
Contents
4 MPLS-TP ....................................................................................................................................... 84
4.1 Introduction .................................................................................................................................................... 84 4.1.1 Network structure .................................................................................................................................. 84 4.1.2 Basic concepts ....................................................................................................................................... 85 4.1.3 Static LSP ............................................................................................................................................. 89 4.1.4 MPLS forwarding process .................................................................................................................... 90 4.1.5 MPLS L2VPN ....................................................................................................................................... 93 4.1.6 MPLS-TP OAM .................................................................................................................................... 97 4.1.7 MPLS-TP linear protection switching ................................................................................................... 98 4.2 Configuring basic functions of MPLS .......................................................................................................... 100 4.2.1 Preparing for configurations ............................................................................................................... 100 4.2.2 Configuring basic functions of MPLS ................................................................................................ 101 4.2.3 Checking configurations ..................................................................................................................... 101 4.3 Configuring static LSP ................................................................................................................................. 101 4.3.1 Preparing for configurations ............................................................................................................... 101 4.3.2 Configuring static LSP ........................................................................................................................ 102 4.3.3 Configuring static bidirectional corouted LSP .................................................................................... 102 4.3.4 Configuring Tunnel ............................................................................................................................. 104 4.3.5 Checking configurations ..................................................................................................................... 104 4.4 Configuring MPLS L2VPN ......................................................................................................................... 105 4.4.1 Preparing for configurations ............................................................................................................... 105 4.4.2 Configuring MPLS L2VPN ................................................................................................................ 105 4.4.3 Checking configurations ..................................................................................................................... 106 4.5 Configuring MPLS-TP OAM ....................................................................................................................... 106 4.5.1 Preparing for configurations ............................................................................................................... 106 4.5.2 Enabling MPLS-TP CFM ................................................................................................................... 107 4.5.3 Configuring MPLS-TP CFM .............................................................................................................. 107 4.5.4 Configuring fault detection ................................................................................................................. 109 4.5.5 Configuring fault acknowledgement ................................................................................................... 110 Raisecom Technology Co., Ltd. vii
Contents
4.5.6 Configuring fault location ................................................................................................................... 110 4.5.7 Configuring AIS .................................................................................................................................. 111 4.5.8 Configuring LCK ................................................................................................................................ 111 4.5.9 Configuring basic information about MPLS-TP SLA operation ......................................................... 112 4.5.10 Configuring SLA shceduling information and enabling SLA operation scheduling ......................... 113 4.5.11 Checking configurations ................................................................................................................... 113 4.6 Configuring MPLS-TP linear protection switching ..................................................................................... 114 4.6.1 Preparing for configurations ............................................................................................................... 114 4.6.2 Configuring MPLS-TP linear protection switching ............................................................................ 114 4.6.3 Checking configurations ..................................................................................................................... 115 4.7 Maintenance ................................................................................................................................................. 115 4.8 Configuration examples ............................................................................................................................... 116 4.8.1 Examples for configuring bidirectional static LSP ............................................................................. 116 4.8.2 Examples for configuring static LSP to carry static L2VC ................................................................. 119 4.8.3 Examples for configuring MPLS-TP linear protection switching ....................................................... 124
Contents
6.1 Introduction .................................................................................................................................................. 154 6.1.1 Link aggregation ................................................................................................................................. 154 6.1.2 Interface backup .................................................................................................................................. 156 6.1.3 ELPS ................................................................................................................................................... 158 6.1.4 ERPS ................................................................................................................................................... 161 6.1.5 Failover ............................................................................................................................................... 167 6.2 Configuring link aggregation ....................................................................................................................... 167 6.2.1 Preparing for configurations ............................................................................................................... 167 6.2.2 Configuring manual link aggregation ................................................................................................. 167 6.2.3 Configuring static LACP link aggregation .......................................................................................... 168 6.2.4 Checking configurations ..................................................................................................................... 170 6.3 Configuring interface backup ....................................................................................................................... 170 6.3.1 Preparing for configurations ............................................................................................................... 170 6.3.2 Configuring basic functions of interface backup ................................................................................ 170 6.3.3 (Optional) configuring interface forced switch ................................................................................... 171 6.3.4 Checking configurations ..................................................................................................................... 172 6.4 Configuring ELPS ........................................................................................................................................ 172 6.4.1 Preparing for configurations ............................................................................................................... 172 6.4.2 Creating protection lines ..................................................................................................................... 172 6.4.3 Configuring ELPS fault detection modes............................................................................................ 173 6.4.4 (Optional) configuring ELPS switching control ................................................................................. 174 6.4.5 Checking configurations ..................................................................................................................... 175 6.5 Configuring ERPS ........................................................................................................................................ 175 6.5.1 Preparing for configurations ............................................................................................................... 175 6.5.2 Creating ERPS protection ring ............................................................................................................ 176 6.5.3 (Optional) creating ERPS protection sub-ring .................................................................................... 177 6.5.4 Configuring ERPS fault detection modes ........................................................................................... 178 6.5.5 (Optional) configuring ERPS switching control ................................................................................. 179 6.5.6 Checking configurations ..................................................................................................................... 179 6.6 Configuring failover ..................................................................................................................................... 179 6.6.1 Preparing for configurations ............................................................................................................... 179 6.6.2 Configuring failover ............................................................................................................................ 180 6.6.3 Checking configurations ..................................................................................................................... 180 6.7 Maintenance ................................................................................................................................................. 180 6.8 Configuration examples ............................................................................................................................... 181 6.8.1 Examples for configuring manual link aggregation ............................................................................ 181 6.8.2 Examples for configuring static LACP link aggregation .................................................................... 183 6.8.3 Examples for configuring interface backup ........................................................................................ 185 6.8.4 Examples for configuring 1:1 ELPS ................................................................................................... 188 6.8.5 Examples for configuring single-ring ERPS ....................................................................................... 190 6.8.6 Examples for configuring intersecting-ring ERPS .............................................................................. 194
ix
Contents
Contents
8.4.4 Configuring basic ETH-Test throughput test operation information and enabling operation scheduling ..................................................................................................................................................................... 232 8.4.5 Checking configurations ..................................................................................................................... 233 8.5 Configuring RFC2544 .................................................................................................................................. 234 8.5.1 Preparing for configurations ............................................................................................................... 234 8.5.2 Configuring RFC2544 basic information ............................................................................................ 235 8.5.3 Configuring RFC2544 throughput test ................................................................................................ 236 8.5.4 Configuring RFC2544 latency test ...................................................................................................... 236 8.5.5 Configuring RFC2544 frame loss rate test .......................................................................................... 237 8.5.6 Checking configurations ..................................................................................................................... 237 8.6 Maintenance ................................................................................................................................................. 238 8.7 Configuration examples ............................................................................................................................... 238 8.7.1 Examples for configuring EFM .......................................................................................................... 238 8.7.2 Examples for configuring CFM .......................................................................................................... 240 8.7.3 Examples for configuring SLA ........................................................................................................... 243 8.7.4 Examples for configuring ETH-Test throughput test .......................................................................... 245 8.7.5 Examples for configuring RFC2544 throughput test .......................................................................... 248
9 Security........................................................................................................................................ 251
9.1 Introduction .................................................................................................................................................. 251 9.1.1 ACL..................................................................................................................................................... 251 9.1.2 RADIUS.............................................................................................................................................. 252 9.1.3 TACACS+ ........................................................................................................................................... 252 9.1.4 Storm control ...................................................................................................................................... 252 9.2 Configuring ACL ......................................................................................................................................... 253 9.2.1 Preparing for configurations ............................................................................................................... 253 9.2.2 Configuring IP ACL ............................................................................................................................ 253 9.2.3 Configuring MAC ACL ...................................................................................................................... 254 9.2.4 Configuring MAP ACL ....................................................................................................................... 254 9.2.5 Applying ACL to device ...................................................................................................................... 256 9.2.6 Checking configurations ..................................................................................................................... 258 9.3 Configuring RADIUS .................................................................................................................................. 258 9.3.1 Preparing for configurations ............................................................................................................... 258 9.3.2 Configuring RADIUS authentication .................................................................................................. 258 9.3.3 Configuring RADIUS accounting ....................................................................................................... 259 9.3.4 Checking configurations ..................................................................................................................... 260 9.4 Configuring TACACS+ ................................................................................................................................ 260 9.4.1 Preparing for configurations ............................................................................................................... 260 9.4.2 Configuring TACACS+ authentication ............................................................................................... 260 9.4.3 Checking configurations ..................................................................................................................... 261 9.5 Configuring storm control ............................................................................................................................ 261 9.5.1 Preparing for configurations ............................................................................................................... 261 9.5.2 Configuring storm control ................................................................................................................... 261 Raisecom Technology Co., Ltd. xi
Contents
9.5.3 Checking configurations ..................................................................................................................... 262 9.6 Maintenance ................................................................................................................................................. 262 9.7 Configuration examples ............................................................................................................................... 262 9.7.1 Examples for configuring ACL ........................................................................................................... 262 9.7.2 Examples for configuring RADIUS .................................................................................................... 263 9.7.3 Examples for configuring TACACS+ ................................................................................................. 265 9.7.4 Examples for configuring storm control ............................................................................................. 266
xii
Contents
10.5.4 Checking configurations ................................................................................................................... 285 10.6 Configuring rate limiting based on interface and VLAN ........................................................................... 285 10.6.1 Preparing for configurations ............................................................................................................. 285 10.6.2 Configuring interface-based rate limiting ......................................................................................... 286 10.6.3 Configuring VLAN-based/QinQ-based rate limiting ........................................................................ 286 10.6.4 Configuring rate limiting based on interface+VLAN ....................................................................... 286 10.6.5 Checking configurations ................................................................................................................... 286 10.7 Maintenance ............................................................................................................................................... 287 10.8 Configuration examples ............................................................................................................................. 287 10.8.1 Examples for configuring rate limiting based on traffic policy ......................................................... 287 10.8.2 Examples for configuring queue scheduling and congestion avoidance ........................................... 290 10.8.3 Examples for configuring interface-based rate limiting .................................................................... 293
xiii
Contents
11.5 Configuring alarm management ................................................................................................................. 319 11.5.1 Preparing for configurations .............................................................................................................. 319 11.5.2 Configuring basic functions of alarm management ........................................................................... 320 11.5.3 Configuring hardware monitoring alarm output ................................................................................ 321 11.5.4 Configuring Layer 3 dying-gasp and link-fault alarms ..................................................................... 322 11.5.5 Checking configurations ................................................................................................................... 322 11.6 Configuring CPU protection....................................................................................................................... 323 11.6.1 Preparing for configurations .............................................................................................................. 323 11.6.2 Configuring CPU protection ............................................................................................................. 323 11.6.3 Checking configurations ................................................................................................................... 324 11.7 Configuring CPU monitoring ..................................................................................................................... 324 11.7.1 Preparing for configurations .............................................................................................................. 324 11.7.2 Viewing CPU monitoring information .............................................................................................. 325 11.7.3 Configuring CPU monitoring alarm .................................................................................................. 325 11.7.4 Checking configruations ................................................................................................................... 325 11.8 Configuring RMON ................................................................................................................................... 326 11.8.1 Preparing for configurations .............................................................................................................. 326 11.8.2 Configuring RMON statistics ............................................................................................................ 326 11.8.3 Configuring RMON historical statistics ............................................................................................ 326 11.8.4 Configuring RMON alarm group ...................................................................................................... 326 11.8.5 Configuring RMON event group ...................................................................................................... 327 11.8.6 Checking configurations ................................................................................................................... 327 11.9 Configuring optical module DDM ............................................................................................................. 327 11.9.1 Preparing for configurations .............................................................................................................. 327 11.9.2 Enabling optical module DDM ......................................................................................................... 327 11.9.3 Enabling optical module parameter anomaly Trap ............................................................................ 328 11.9.4 Checking configurations ................................................................................................................... 328 11.10 Configuring Loopback ............................................................................................................................. 328 11.10.1 Preparing for configurations ............................................................................................................ 328 11.10.2 Configuring parameters of interface loopback rules ....................................................................... 329 11.10.3 Configuring source/destination MAC address translation ............................................................... 329 11.10.4 Configuring destination IP address translation ................................................................................ 330 11.10.5 Enabling loopback by selecting loopback rule ................................................................................ 331 11.10.6 Checking configurations ................................................................................................................. 331 11.11 Configuring extended OAM ..................................................................................................................... 331 11.11.1 Preparing for configurations ............................................................................................................ 331 11.11.2 Establishing OAM links .................................................................................................................. 332 11.11.3 Checking configurations .................................................................................................................. 332 11.12 Configuring LLDP ................................................................................................................................... 332 11.12.1 Preparing for configurations............................................................................................................ 332 11.12.2 Enabling global LLDP .................................................................................................................... 332 11.12.3 Enabling interface LLDP ................................................................................................................ 333 Raisecom Technology Co., Ltd. xiv
Contents
11.12.4 Configuring basic functions of LLDP ............................................................................................. 333 11.12.5 Configuring LLDP alarm ................................................................................................................ 334 11.12.6 Checking configurations ................................................................................................................. 334 11.13 Configuring fault detection....................................................................................................................... 334 11.13.1 Viewing device status ...................................................................................................................... 334 11.13.2 Configuring task scheduling ............................................................................................................ 335 11.13.3 PING and Traceroute....................................................................................................................... 335 11.14 Maintenance ............................................................................................................................................. 336 11.15 Configuration examples............................................................................................................................ 336 11.15.1 Examples for configuring RMON alarm group ............................................................................... 336 11.15.2 Examples for configuring LLDP basic functions ............................................................................ 338 11.15.3 Examples for outputting system logs to log host ............................................................................. 341 11.15.4 Examples for configuring hardware monitoring alarm output ........................................................ 343
xv
Figures
Figures
Figure 1-1 Logging in to the iTN165-CES through the Console interface ............................................................ 9 Figure 1-2 Configuring parameters for Hyper Terminal ...................................................................................... 10 Figure 1-3 The iTN165-CES working as the Telnet Server ................................................................................. 11 Figure 1-4 The iTN165-CES working as the Telnet Client .................................................................................. 11 Figure 1-5 Realizing zero-configuration through a local device, such as the iTN2100 ....................................... 15 Figure 1-6 Configuring SNMP ............................................................................................................................. 26 Figure 2-1 MAC address entries .......................................................................................................................... 30 Figure 2-2 Partitioning VLANs ............................................................................................................................ 32 Figure 2-3 Format of the 802.1Q-based VLAN frame ......................................................................................... 32 Figure 2-4 Structure of QinQ packet .................................................................................................................... 35 Figure 2-5 Structure of TCI in S-TAG and C-TAG .............................................................................................. 35 Figure 2-6 Typical networking application with basic QinQ ............................................................................... 36 Figure 2-7 1:1 VLAN mapping ............................................................................................................................ 37 Figure 2-8 Loopback detection ............................................................................................................................ 38 Figure 2-9 Structure of ARP frame ...................................................................................................................... 39 Figure 2-10 Principle of port mirroring ................................................................................................................ 41 Figure 2-11 Configuring MAC address table ....................................................................................................... 57 Figure 2-12 Configuring VLAN........................................................................................................................... 59 Figure 2-13 Configuring basic QinQ.................................................................................................................... 62 Figure 2-14 Configuring selective QinQ .............................................................................................................. 65 Figure 2-15 Configuring VLAN mapping ............................................................................................................ 68 Figure 2-16 Configuring loopback detection ....................................................................................................... 70 Figure 2-17 Configuring Layer 2 protocol transparent transmission ................................................................... 71 Figure 2-18 Configuring ARP .............................................................................................................................. 74 Figure 2-19 Configuring port mirroring ............................................................................................................... 75 Figure 3-1 Principles of synchronous Ethernet .................................................................................................... 78
xvi
Figures
Figure 3-2 Configuring clock synchronization based on synchronous Ethernet .................................................. 81 Figure 4-1 MPLS network structure ..................................................................................................................... 85 Figure 4-2 Structure and encapsulation position of the label ............................................................................... 86 Figure 4-3 Structure of the label stack ................................................................................................................. 87 Figure 4-4 Operation process of a label ............................................................................................................... 87 Figure 4-5 Label distribution................................................................................................................................ 88 Figure 4-6 Networking with static LSP ................................................................................................................ 89 Figure 4-7 Structure of the Tunnel ID .................................................................................................................. 90 Figure 4-8 Forwarding process of MPLS packets ................................................................................................ 92 Figure 4-9 CE accessing the network through Ethernet AC ................................................................................. 93 Figure 4-10 MPLS L2VPN model ....................................................................................................................... 94 Figure 4-11 MPLS L2VPN label stack processing process .................................................................................. 94 Figure 4-12 CCC MPLS L2VPN topology .......................................................................................................... 95 Figure 4-13 Martini MPLS L2VPN topology ...................................................................................................... 96 Figure 4-14 Packet format when the GACH is used as the control channel of the PW layer............................... 97 Figure 4-15 Packet format when the GACH is used as the control channel of the LSP layer .............................. 98 Figure 4-16 Packet format when the GACH is used as the control channel of the Section layer......................... 98 Figure 4-17 ACH packet format ........................................................................................................................... 98 Figure 4-18 1+1 protection switching structure ................................................................................................... 99 Figure 4-19 1:1 protection switching structure .................................................................................................. 100 Figure 4-20 Configuring the bidirectional static LSP ........................................................................................ 116 Figure 4-21 Configuring the static LSP to carry the static L2VC ...................................................................... 120 Figure 4-22 Configuring MPLS-TP linear protection switching ........................................................................ 124 Figure 5-1 Principles of PWE3 .......................................................................................................................... 131 Figure 5-2 TDMoP circuit emulation protocol stack .......................................................................................... 132 Figure 5-3 SAToP encapsulation principles ........................................................................................................ 133 Figure 5-4 Structure of the SAToP control word ................................................................................................ 133 Figure 5-5 Structure of RTP packet header ........................................................................................................ 134 Figure 5-6 CESoPSN encapsulation principles .................................................................................................. 136 Figure 5-7 Structure of the CESoPSN control word .......................................................................................... 136 Figure 5-8 Format for CESoPSN encapsulation of basic NxDS0 data .............................................................. 138 Figure 5-9 Format for CESoPSN encapsulation of basic NxDS0 signaling....................................................... 138 Figure 5-10 Format for CESoPSN encapsulation of basic NxDS0 and signaling .............................................. 138
xvii
Figures
Figure 5-11 Principle of self-adaptive clock recovery ....................................................................................... 139 Figure 5-12 Principle of differential clock recovery .......................................................................................... 140 Figure 5-13 Principle of external clock input ..................................................................................................... 140 Figure 5-14 Principle of link loopback clock ..................................................................................................... 140 Figure 5-15 Configuring CESoPSN emulation services .................................................................................... 148 Figure 5-16 Configuring SAToP emulation services .......................................................................................... 151 Figure 6-1 Link aggregation ............................................................................................................................... 155 Figure 6-2 Principles of interface backup .......................................................................................................... 157 Figure 6-3 Principles of VLAN-based interface backup .................................................................................... 158 Figure 6-4 Structure of APS packet .................................................................................................................... 159 Figure 6-5 ELPS 1+1 and 1:1 protection switching modes ................................................................................ 160 Figure 6-6 Unidirectional protection switching ................................................................................................. 161 Figure 6-7 Structure of the R-APS packet .......................................................................................................... 162 Figure 6-8 ERPS ring network ........................................................................................................................... 163 Figure 6-9 Idle state of Ethernet ring network ................................................................................................... 165 Figure 6-10 Protection state of Ethernet ring network ....................................................................................... 165 Figure 6-11 Sub-ring model ............................................................................................................................... 166 Figure 6-12 Interface-to-interface failover ......................................................................................................... 167 Figure 6-13 Configuring manual link aggregation ............................................................................................. 181 Figure 6-14 Configuring static LACP link aggregation ..................................................................................... 183 Figure 6-15 Configuring interface backup ......................................................................................................... 186 Figure 6-16 Configuring 1:1 ELPS .................................................................................................................... 188 Figure 6-17 Configuring single-ring ERPS ........................................................................................................ 191 Figure 6-18 Configuring intersecting-ring ERPS ............................................................................................... 195 Figure 7-1 Typical DHCP application ................................................................................................................ 202 Figure 7-2 Structure of DHCP packet ................................................................................................................ 203 Figure 7-3 DHCP Client ..................................................................................................................................... 205 Figure 7-4 Configuring DHCPv4 Client ............................................................................................................ 207 Figure 8-1 Architecture of Ethernet OAM ......................................................................................................... 209 Figure 8-2 OAM remote loopback ..................................................................................................................... 211 Figure 8-3 MEP and MIP ................................................................................................................................... 212 Figure 8-4 Throughput test ................................................................................................................................. 215 Figure 8-5 Frame loss rate test ........................................................................................................................... 216
xviii
Figures
Figure 8-6 Latency test ....................................................................................................................................... 216 Figure 8-7 RFC2544 test .................................................................................................................................... 217 Figure 8-8 Configuring EFM ............................................................................................................................. 238 Figure 8-9 Configuring CFM ............................................................................................................................. 240 Figure 8-10 Configuring SLA ............................................................................................................................ 244 Figure 8-11 Configuring ETH-Test throughput test ........................................................................................... 246 Figure 8-12 Configuring RFC2544 throughput test ........................................................................................... 248 Figure 9-1 Configuring ACL .............................................................................................................................. 262 Figure 9-2 Configuring RADIUS ....................................................................................................................... 264 Figure 9-3 Configuring TACACS+ .................................................................................................................... 265 Figure 9-4 Configuring storm control ................................................................................................................ 266 Figure 10-1 Application of QoS ......................................................................................................................... 269 Figure 10-2 Traffic classification process .......................................................................................................... 270 Figure 10-3 Structure of IP packet header .......................................................................................................... 271 Figure 10-4 Structures of ToS priority and DSCP priority ................................................................................. 271 Figure 10-5 Structure of VLAN packet .............................................................................................................. 271 Figure 10-6 Structure of CoS priority ................................................................................................................ 271 Figure 10-7 SP scheduling ................................................................................................................................. 272 Figure 10-8 WRR scheduling ............................................................................................................................. 273 Figure 10-9 DRR scheduling.............................................................................................................................. 273 Figure 10-10 Configuring rate limiting based on traffic policy ......................................................................... 288 Figure 10-11 Configuring queue scheduling ...................................................................................................... 291 Figure 10-12 Configuring interface-based rate limiting ..................................................................................... 294 Figure 11-1 Interface loopback .......................................................................................................................... 305 Figure 11-2 The iTN165-CES working as a managed remote device ................................................................ 307 Figure 11-3 Structure of LLDPDU packet ......................................................................................................... 308 Figure 11-4 Structure of TLV packet .................................................................................................................. 308 Figure 11-5 Principle of PING ........................................................................................................................... 310 Figure 11-6 Principle of Traceroute ................................................................................................................... 310 Figure 11-7 Configuring RMON alarm group ................................................................................................... 337 Figure 11-8 Configuring LLDP basic functions ................................................................................................. 338 Figure 11-9 Outputting system logs to log host ................................................................................................. 341 Figure 11-10 Configuring hardware monitoring alarm output ........................................................................... 343
xix
Tables
Tables
Table 2-1 Interfaces modes and packet forwarding modes .................................................................................. 33 Table 2-2 Structure of TCI in the S-TAG and C-TAG.......................................................................................... 35 Table 5-1 Fields of the SAToP control word ..................................................................................................... 134 Table 5-2 Fields of the RTP packet header ......................................................................................................... 135 Table 5-3 Fields of the CESoPSN control word ................................................................................................ 136 Table 6-1 Values of fields in APS specific information ...................................................................................... 159 Table 6-2 Fields in the R-APS specific information........................................................................................... 162 Table 7-1 Fields of DHCP packet ....................................................................................................................... 203 Table 10-1 Mapping relationship between local priority and DSCP priority ..................................................... 270 Table 10-2 Mapping relationship between local priority and CoS priority ........................................................ 270 Table 11-1 Alarm fields ..................................................................................................................................... 300 Table 11-2 Alarm levels ..................................................................................................................................... 300 Table 11-3 TLV types ......................................................................................................................................... 308
xx
1 Basic configurations
Basic configurations
This chapter describes basic information and configuration procedures of the iTN165-CES, as well as related configuration examples, including following sections:
CLI Accessing device Zero-configuration Configuring IP address of device Configuring time management Configuring static routing Configuring Ethernet interface Configuring SNMP Configuring Banner Configuration examples
1.1 CLI
1.1.1 Overview
The Command-line Interface (CLI) is a medium for you communicating with the iTN165CES. You can configure, monitor, and manage the iTN165-CES through the CLI. You can log in to the iTN165-CES through the terminal equipment or through a computer that runs the terminal emulation program. Enter commands at the system prompt. The CLI supports following features:
Configure the iTN165-CES locally through a console. Configure the iTN165-CES locally or remotely through Telnet/ Secure Shell v2 (SSHv2). Commands are classified into different levels. You can execute the commands that correspond to your level only. The commands available to you depend on which mode you are currently in. Keystrokes can be used to execute commands.
1 Basic configurations
Check or execute a historical command by checking command history. The last 20 historical commands can be saved on the iTN165-CES. Enter a question mark (?) at the system prompt to obtain a list of commands available for each command mode. The iTN165-CES supports multiple intelligent analysis methods, such as fuzzy match and context association.
1.1.2 Levels
The iTN165-CES classifies CLI into 15 levels in a descending order:
14: checking level. You can execute basic commands, such as ping, clear, and history, to perform network diagnostic function, clear system information and show command history. 510: monitoring level. You can execute these commands, such as show, for system maintenance. 1114: configuration level. You can execute these commands for configuring services, such as Virtual Local Area Network (VLAN) and Internet Protocol (IP) route. 15: management level. You can execute these commands for running systems.
1.1.3 Modes
The command mode is an environment where a command is executed. A command can be executed in one or multiple certain modes. The commands available to you depend on which mode you are currently in. After connecting the iTN165-CES, enter the user name and password to enter the user EXEC mode, where the following command is displayed:
Raisecom>
Enter the enable command and press Enter. Then enter the correct password, and press Enter to enter privileged EXEC mode. The default password is raisecom.
In privileged EXEC mode, enter the config command to enter global configuration mode.
Raisecom#config Raisecom(config)#
1 Basic configurations
The CLI prompts Raisecom is a default host name. You can modify it by executing the hostname string command in privileged EXEC mode. Command executed in global configuration mode can also be executed in other modes. The functions vary on command modes. You can enter the exit or quit command to return to upper command mode. However, in privileged EXEC mode, you need to execute the disable command to return to user EXEC mode. You can execute the end command to return to privileged EXEC mode from any modes but user EXEC mode and privileged EXEC mode. Command modes supported by the iTN165-CES are listed in the following table. Mode User EXEC Access mode Log in to the iTN165-CES, and then enter the correct user name and password. In user EXEC mode, enter the enable command and correct password. In privileged EXEC mode, enter the config command. In global configuration mode, enter the interface interface-type interface-number command. In global configuration mode, enter the interface tdm interface-number command. In global configuration mode, enter the cespw pw-name command. In global configuration mode, enter the interface ip if-number command. In global configuration mode, enter the vlan vlan-id command. In global configuration mode, enter the service cis-id level malevel command. In global configuration mode, enter the class-map class-mapname command. In global configuration mode, enter the policy-map policymap-name command. Prompt
Raisecom>
Privileged EXEC
Raisecom#
Global configuration Physical layer interface configuration TDM interface configuration PW configuration
Raisecom(config)#
Raisecom(config-port)#
Raisecom(config-tdmport)#
Raisecom(config-cespw)#
Layer 3 interface configuration VLAN configuration Service instance configuration Traffic classification configuration Traffic policy configuration
Raisecom(config-ip)#
Raisecom(config-vlan)#
Raisecom(configservice)#
Raisecom(config-cmap)#
Raisecom(config-pmap)#
1 Basic configurations
Mode Traffic policy bound with traffic classification configuration CoS-to-Pri configuration
Access mode In traffic policy configuration mode, enter the class-map classmap-name command. In global configuration mode, enter the mls qos mapping costo-local-priority profile-id command. In global configuration mode, enter the mls qos mapping dscp-to-local-priority profile-id command. In global configuration mode, enter the access-list-map aclnumber { deny | permit } command. In global configuration mode, enter the interface port-channel port-channel-number command. In global configuration mode, enter the clock-mgmt slot slotnumber command.
Prompt
Raisecom(config-pmap-c)#
Raisecom(cos-to-pri)#
DSCP-to-Pri configuration
Raisecom(dscp-to-pri)#
Raisecom(config-aclmap)#
Raisecom(configaggregator)#
Raisecom(config-clock)#
1.1.4 Keystrokes
The iTN165-CES supports following keystrokes. Keystroke Press the up arrow () key. Press the down arrow () key. Press the left arrow () key. Press the right arrow () key. Press the Backspace key. Description The previous command is displayed. The next command is displayed. Move the cursor back one character. Move the cursor forward one character. Erase the character to the left of the cursor.
1 Basic configurations
Description When you press it after entering a complete keyword, the cursor moves forward a space. When you press it again, the keywords matching the complete keyword are displayed. When you press it after entering an incomplete keyword, the system automatically executes some commands:
If the incomplete keyword matches a unique complete keyword, the unique complete keyword replaces the incomplete keyword, with the cursor forward a space from the unique complete keyword. If the incomplete keyword matches no or more complete keywords, the prefix is displayed. You can press the Tab key to alternate the matched complete keywords, with the cursor at the end of the matched complete keyword. Then, press the Space bar to enter the next keyword. If the incomplete keyword is wrong, you can press the Tab key to wrap, and then error information is displayed. However, the input incomplete keyword remains.
Press Ctrl + A. Press Ctrl + C. Press Ctrl + D or the Delete key. Press Ctrl + E. Press Ctrl + K. Press Ctrl + X. Press Ctrl + Z. Press the Space bar or y. Press the Enter key.
Move the cursor to the beginning of the command line. The ongoing command will be interrupted, such as ping, and traceroute. Delete the character at the cursor. Move the cursor to the end of the command line. Delete all characters from the cursor to the end of the command line. Delete all characters from the cursor to the beginning of the command line. Return to privileged EXEC mode from the current mode (excluding user EXEC mode). Scroll down one screen. Scroll down one line.
| begin string: show all commands which start from matched specific character string.
Raisecom Technology Co., Ltd. 5
1 Basic configurations
| exclude string: show all commands which do not match specific character string. | include string: show all commands which only match specific character string.
You can enter a question mark (?) at the system prompt to display a list of commands and brief descriptions available for each command mode.
Raisecom>?
Clear screen Turn on privileged mode command Exit current mode and down to previous mode Message about help Most recent history command Language of help message List command Exit current mode and down to previous mode Configure terminal
After you enter a keyword, press the Space and enter a question mark (?), all correlated commands and their brief descriptions are displayed if the question mark (?) matches another keyword.
Raisecom(config)#ntp?
peer Configure NTP peer refclock-master Set local clock as reference clock server Configure NTP server
1 Basic configurations
After you enter a parameter, press the Space and enter a question mark (?), associated parameters and descriptions of these parameters are displayed if the question mark (?) matches a parameter.
Raisecom(config)#interface client ?
Incomplete help
You can acquire incomplete help under following three conditions:
After you enter part of a particular character string and a question mark (?), a list of commands that begin with a particular character string is displayed.
Raisecom(config)#c?
cespw Connectivity fault management protocol Set class map Clear screen Clock management Log the command to the file Configure cpu parameters Create static VLAN
After you enter a command, press the Space, and enter a particular character string and a question mark (?), a list of commands that begin with a particular character string is displayed.
Raisecom(config)#show li?
link-aggregation link-fault
1 Basic configurations
After you enter a partial command name and press the Tab, the full form of the keyword is displayed if there is a unique match command.
Error messages
The following table lists some error messages that you might encounter while using the CLI to configure the iTN165-CES. Error information % " * " Incomplete command. % Invalid input at '^' marked. % Ambiguous input at '^' marked, follow keywords match it. % Unconfirmed command. % Unknown command. % You Need higher priority! Description The input command is incomplete. The keyword marked with "^" is invalid or does not exist. The keyword marked with "^" is unclear. The input command is not unique. The input command does not exist. You need more authority to exist the command.
Accessing the iTN165-CES through the Console Interface Accessing the iTN165-CES through Telnet Accessing the iTN165-CES through SSHv2
The Console interface of the iTN165-CES is a Universal Serial Bus (USB) A female interface, which is translated into a Universal Asynchronous Receiver/Transmitter (UART) in the device. The Console interface is used as an interface for the iTN165-CES being connected to a PC that runs the terminal emulation program. You can configure and manage the iTN165-CES through this interface. This management method does not involve network communication.
1 Basic configurations
You must log in to the iTN165-CES through the Console interface under the following 2 conditions:
The iTN165-CES is powered on for the first time. You cannot login through Telnet.
The process for logging in to the iTN165-CES is shown as follows: To log in to the iTN165-CES through the Console interface, follow these steps: Step 1 Download the USB_Console_Driver.zip file from http://www.raisecom.com/Drive/USB_Console_Driver.zip and then install it to the PC. Step 2 Right-click My Computer and then choose Manage from the right-click menu. Choose System Tools > Device Manager > Ports to view whether the USB driver program is installed successfully. Then record the COM interface to be used, such as RAISECOM Gazelle USB to UART Bridge (COM1). Step 3 Connect the Console interface of the iTN165-CES to the USB interface of the PC through a dual USM male interface cable, as shown in Figure 1-1. Figure 1-1 Logging in to the iTN165-CES through the Console interface
Step 4 Run the terminal emulation program on the PC, such as Hyper Terminal on Microsoft Windows XP. Enter the connection name at the Connection Description dialog box and then click OK. Step 5 Select COM 1 at the Connect To dialog box and then click OK. Step 6 Configure parameters as shown in Figure 1-2 and then click OK
1 Basic configurations
Step 7 Enter the configuration interface and then enter the user name and password to log in to the iTN165-CES. By default, both the user name and password are set to raisecom.
Hyper Terminal is not available on Windows Vista or later Windows Operating Systems (OSs). For these OSs, download Hyper Terminal package and install it. This program is free for personal application.
Telnet Server: as shown in Figure 1-3, connect the PC and the iTN165-CES and ensure that the route between them is reachable. You can log in to and configure the iTN165CES by running Telnet program on a PC. Now the iTN165-CES provides Telnet server service.
10
1 Basic configurations
Before logging in to the iTN165-CES through Telnet, you must log in to the iTN165CES through the Console interface, configure the IP address of the SNMP interface, and enable Telnet service. Step 1 2 3 4 5
Raisecom#config Raisecom(config)#management-port ip address ip-address [ ip-mask ] Raisecom(config)#telnet-server accept
Command
Description Enter global configuration mode. Configure the IP address of the SNMP interface. (Optional) configure the interface that supports Telnet. (Optional) close the specified Telnet session. (Optional) configure the maximum number of Telnet sessions supported by the iTN165CES. By default, up to 5 Telnet sessions are available.
interface-type interface-list
Raisecom(config)#telnet-server close terminal-telnet session-number Raisecom(config)#telnet-server maxsession session-number
Telnet Client: after connecting the iTN165-CES through the terminal emulation program or Telnet, you can log in to, manage, and configure another iTN165-CES through Telnet. As shown in Figure 1-4. The iTN165-CES provides both Telnet server and Telnet client services.
11
1 Basic configurations
Step 1
Command
Raisecom#telnet ip-address [ port port-number]
Description Enter global configuration mode. Generate local SSHv2 key pair and designate its length. By default, the length of the local SSHv2 key pair is set to 512 bits. Start SSHv2 server. By default, the iTN165-CES does not start the SSHv2 server. (Optional) configure SSHv2 authentication method. By default, the iTN165-CES adopts the password authentication mode. (Optional) when the rsa-key authentication method is adopted, type the public key of clients to the iTN165-CES. (Optional) configure SSHv2 authentication timeout. The iTN165-CES refuses to authenticate and open the connection when client authentication time exceeds the upper threshold. By default, the SSHv2 authentication timeout is set to 600s. (Optional) configure the allowable times for SSHv2 authentication failure. The iTN165-CES refuses to authenticate and open the connection when client authentication failure times exceed the upper threshold. By default, the allowable times for SSHv2 authentication failure are set to 20. (Optional) configure the SSHv2 listening port ID. By default, the SSHv2 listening port ID is set to 22.
3 4
Raisecom(config)#ssh2 server
Raisecom(config)#ssh2 server authentication { password | rsa-key } Raisecom(config)#ssh2 server authentication public-key Raisecom(config)#ssh2 server authentication-timeout period
5 6
When configuring the SSHv2 listening port ID, the input parameter cannot take effect immediately without reboot the SSHv2 service.
12
1 Basic configurations
Step 9
Command
Raisecom(config)#ssh2 server session session-list enable
By default, both the user name and password are raisecom If there is not any privilege restriction, any remote can log in to the iTN165-CES via Telnet when the Simple Network Management Protocol (SNMP) interface or other service interfaces of device are configured with IP addresses. This is unsafe to the iTN165-CES and network. Creating user and setting password and privilege helps to manage the login users and ensures network and device security. Step 1 2 3
password
Raisecom#user name user-name privilege
Command
Raisecom#user name user-name password
Description Create or modify the user name and password. Configure the level and privilege of the user. Configure the priority rule for the user to perform the command line. The allow-exec parameter will allow the user to perform commands higher than the current priority. The disallow-exec parameter disallows the user to perform commands that match the keyword.
Raisecom#user login { local-user | radius-user | local-radius | radius-local [ server-no-response ] } Raisecom#enable login { local-user | radius-user | local-radius | radius-local [ server-no-response ] } Raisecom#user login { local-user | tacacs-user | local-tacacs | tacacs-local [ server-no-response ] } Raisecom#enable login { local-user | tacacs-user | local-tacacs | tacacs-local [ server-no-response ] }
(Optional) configure the authentication mode for logging the iTN165-CES when the RADIUS service is adopted. (Optional) configure the authentication mode for entering privileged EXEC mode when the RADIUS service is adopted. (Optional) configure the authentication mode for logging the iTN165-CES when the TACACS+ service is adopted. (Optional) configure the authentication mode for entering privileged EXEC mode when the TACACS+ service is adopted.
13
1 Basic configurations
1.3 Zero-configuration
With wide application of the Packet Transport Network (PTN) technology in mobile backhaul and professional fields, a great number of the iTN200 and the iTN100 devices will be applied in a large scale. However, these devices are scattered at the remote end. When a project is to be implemented, the maintenance personnel must configure then manually. This consumes lots of time and effort. In addition, this may cause errors and influence the working efficiency. To resolve these problems, the local device automatically configures parameters, such as the IP address and default gateway, for remote devices to manage them. In addition, users can transmit/receive data quickly. That is why zero-configuration is introduced. With zero-configuration, developed by Raisecom, devices, which support this feature, can be discovered and managed by the NView NNM system once being installed and powered on, without being configured. This simplifies implementation, facilitates wide-scale deployment, and reduces operation and maintenance cost. In addition, it enables users to transmit/receive data quickly.
1.3.1 Introduction
As a remote device, the iTN165-CES realizes zero-configuration through a local device, such as the iTN2100. Figure 1-5 shows how the iTN165-CES realizes zero-configuration through a local device, such as the iTN2100. The iTN165-CES is a remote device at the PTN. The iTN2100 assigns parameters, such as the IP address and management VLAN to it. After being powered on, the iTN165-CES establishes an OAM link with the iTN2100 and obtains required parameters from it. And then the iTN165-CES updates its configurations automatically to realize the zero-configuration feature. Therefore, the iTN165-CES can be realized by the NView NNM system to realize the zeroconfiguration feature.
14
1 Basic configurations
Figure 1-5 Realizing zero-configuration through a local device, such as the iTN2100
By default, remote devices are enabled with zero-configuration. After being powered on, they will apply for IP addresses, VLAN IDs, and default gateways automatically. If a remote device is configured an IP address, it cannot perform zero-configuration.
Prerequisite
Both local and remote devices work in zero-configuration mode. IP 0 interface is related to an activated VLAN. The physical interface, connected to the zero-configuration server, is added to the VLAN. The uplink interface is UP.
1 Basic configurations
Step 2
Command
Raisecom(config)#ip dhcp client mode { zeroconfig | normal }
Description Configure the DHCP Client working as a zeroconfiguration remote device or a common client. By default, the DHCP Client works as a zero-configuration remote device.
3 4
Raisecom(config)#interface ip
if-number
Raisecom(config-ip)#ip address dhcp [ server-ip ip-address ]
Enter IP interface configuration mode. Only IP 0 interface supports being configured with DHCP Client. Enable zero-configuration. Meanwhile, you can specify the IP address of the local DHCP Server. If you specify the IP address of the DHCP Server, you can receive the IP address from the specified DHCP Server only. Configure information about the DHCP Client, including the hostname, Class ID, and Client ID. The information is included in the packet sent by the DHCP Client.
If the IP 0 interface of the remote device has obtained an IP address through DHCP, it is believed that the remote device has obtained the IP address successfully, regardless of whether the default gatway is configured successfully or not. The manually-configured IP address of IP 0 interface and the one automaticallyobtained through zero-configuration can be mutually overridden. IP address of other IP interfaces of the remote device cannot be at the same network segment with the one of the IP 0 interface. After the IP 0 interface of the remote device has obtained an IP address automatically, if you re-perform this command to make apply for an IP address from another DHCP Server, the remote device will release the original IP address.
Description Enter global configuration mode. Configure the zero-configuration polling period. It ranges from 1 to 24 hours. By default, it is set to 2 hours.
Description Show configurations and automatically-obtained information about the DHCP Client.
16
1 Basic configurations
By default, the system has a default VLAN 1. If you need to relate the IP address to another VLAN ID, you must create and activate it in advance. Step 1 2 3 4 Command
Raisecom#config Raisecom(config)#interface ip if-number Raisecom(config-ip)#ip address ipaddress [ ip-mask ] [ vlan-id ] Raisecom(config-ip))#ip address dhcp [ server-ip server-ip-address ]
Description Enter global configuration mode. Enter Layer 3 interface configuration mode. Configure an IP address and relate it to a VLAN. Get an IP address through DHCP Server.
Description Show basic configurations on the IP interface. Show detailed configurations on the IP interface. Show the IP address and its related VLAN. Show DHCP Client configurations.
17
1 Basic configurations
Step 1
Command
Raisecom#clock set hour minute
Description Configure the system time. By default, the system time is set to 8:00:00, Jan 1, 2000. Configuring system time zone. By default, it is GMT + 8:00.
Raisecom#clock summer-time recurring { start-week | last } { sun | mon | tue | wed | thu | fri | sat } startmonth hour minute { end-week | last } { sun | mon | tue | wed | thu | fri | sat } end-month hour minute offset
Configure the begin time and end time of DST. By default, the time offset is set to 60 minutes.
For example, if DST starts from 02:00 a.m. second Monday of April to 02:00 a.m. second Monday of September, the clock is moved ahead 60 minutes. Thus, the period between 02:00 and 03:00 second Monday of April does not exist. Configuring time during this period will fail. DST in the Southern Hemisphere is opposite to that in the Northern Hemisphere. It is from September this year to April next year. If the starting month is later than the ending month, the system judges that it is located in the Southern Hemisphere.
SNTP and NTP are mutually exclusive. If you have configured the IP address of the NTP server on the iTN165-CES, you cannot configure SNTP on the iTN165-CES, and vice versa. Network Time Protocol (NTP) is a time synchronization protocol defined by RFC1305. It is used to perform time synchronization between the distributed time server and clients. NTP transmits data based on UDP, using UDP port 123. NTP is used to perform time synchronization on all devices with clocks in the network. Therefore, these devices can provide various applications based on the uniformed time. In addition, NTP can ensure a very high accuracy with an error about 10ms.
18
1 Basic configurations
Devices, which support NTP, can both be synchronized by other clock sources and can synchronize other devices as the clock source. The iTN165-CES supports performing time synchronization through multiple NTP working modes:
Server/Client mode
In this mode, the client sends clock synchronization message to different servers. The servers work in server mode automatically after receiving the synchronization message and send response messages. The client receives response messages, performs clock filtering and selection, and is synchronized to the preferred server. In this mode, the client can be synchronized to the server but the server cannot be synchronized to the client.
In this mode, the device working in the symmetric active mode sends clock synchronization messages to the device working in the symmetric passive mode. The device that receives this message automatically enters the symmetric passive mode and sends a reply. By exchanging messages, the symmetric peer mode is established between the two devices. Then, the two devices can synchronize, or be synchronized by each other. Step 1 2 3 Command
Raisecom#config Raisecom(config)#ntp server ip-address [ version [ v1 | v2 | v3 ] ] Raisecom(config)#ntp peer ip-address [ version [ v1 | v2 | v3 ] ]
Description Enter global configuration mode. (Optional) configure the NTP server address for the client that works in server/client mode. (Optional) configure the NTP server address for the iTN165-CES that works in symmetric peer mode. Configure the NTP reference clock source in server/client mode.
If the iTN165-CES is configured as the NTP reference clock source, it cannot be configured as the NTP server or NTP symmetric peer; and vice versa.
SNTP
RFC1361 simplifies NTP and provides Simple Network Time Protocol (SNTP). Compared with NTP, SNTP supports the server/client mode only. In SNTP mode, the iTN165-CES only supports working as the SNTP client to be synchronized by the server. Step 1
Raisecom#config
Command
1 Basic configurations
Step 2
Command
Raisecom(config)#sntp server ip-address
Description (Optional) configure the SNTP server address for the device that works in symmetric peer mode.
Description Show configurations on the system time, time zone, and DST. Show SNTP configurations. Show NTP configurations. Show NTP association configurations.
Command
Description Enter global configuration mode. Configure the static routing to the destination network whose IP address is set to ip-address, Configure the default management distance of static routing. By default, the default management distance is set to 1.
next-hop-ip-address
Raisecom(config)#ip route static distance
distance
Raisecom(config)#show ip route [ dest-ipaddress | detail | ip-access-list acl-id | protocol { direct | static } | statistics ]
20
1 Basic configurations
Description Enter global configuration mode. Configure the Maximum Transmission Unit (MTU) for all interfaces. MTU is the maximum number of bytes allowed to pass through the interface (without fragment). When the length of the forward message exceeds the maximum value, the device will discard this message automatically. By default, the MTU of the interface is set to 1526 bytes.
3 4
Raisecom(config)#interface
interface-type interface-list
Raisecom(config-port)#duplex { auto | full | half } Raisecom(config-port)#speed { auto | 10 | 100 | 1000 }
Enter Ethernet electrical interface configuration mode. Configure the duplex mode of the interface. By default, the duplex mode is set to auto. Configure the speed of the interface. By default, the speed is automatically negotiated
Command
Description Enter global configuration mode. Configure the interval for interface dynamic statistics. By default, the interval is set to 2s.
period
21
1 Basic configurations
Half-duplex: back-pressure flow control is adopted to emulate collision in Ethernet. In half-duplex Ethernet, when a collision occurs, the Tx host will stop sending data. Emulation makes the host with a greater speed stop sending data to control the traffic. Back-pressure flow control is realized through hardware without being configured manually. Full duplex: IEEE 802.3x flow control is adopted. After the client sends a request to the server, when the Autonomous System (AS)/network is congested, the client will sends a PAUSE frame to the server to make the server stop sending data to the client. Command Description Enter global configuration mode. Enter physical layer interface configuration mode. Enable IEEE 802.3x flow control on interfaces. By default, IEEE 802.3x flow control is disabled on interfaces.
Step 1 2 3
Raisecom#config Raisecom(config)#interface
interface-type interface-number
Raisecom(config-port)#flowcontrol { receive | send } on
Description Enter global configuration mode. Enter physical layer interface configuration mode. Shut down the current interface. By default, the interface is open. You can use the no shutdown command to re-open an interface after it is shut down.
interface-type interface-number
Raisecom(config-port)#shutdown
Raisecom(config-port)#forcetransmit enable
Description Show interface status. Show the system MTU. Show interface statistics. Show interface flow control information. Show unicast forced transmission configurations,
22
1 Basic configurations
Description Enter global configuration mode. Configure the IP address of the SNMP interface. By default, it is set to 192.168.4.28 and the subnet mask is set to 255.255.255.0.
Command
Description Enter global configuration mode. Create the community name and configure the related view and authority. (Optional) configure the identifier and contact mode of the administrator. (Optional) configure the mapping relationship between the user and the access group. (Optional) specify the physical location of the iTN165-CES.
contact
Raisecom(config)#snmp-server group name user user { v1sm | v2csm | usm }
Raisecom(config)#snmp-server location
location
Configuring SNMP v3
Step 1 2
Raisecom#config Raisecom(config)#snmp-server access groupname [ read view-name ] [ write view-name ] [ notify view-name ] [ context context-name { exact| prefix } ] usm { authnopriv | authpriv | noauthnopriv }
Command
Description Enter global configuration mode. Create and configure the SNMP access group.
23
1 Basic configurations
Step 3 4 5
syscontact
Command
Raisecom(config)#snmp-server contact
Description (Optional) configure the identifier and contact mode of the administrator. (Optional) specify the physical location of the iTN165-CES. Create the user name and configure the authentication mode.
Raisecom(config)#snmp-server location
sysLocation
Raisecom(config)#snmp-server user user-name [ remote engine-id ] [ { authentication | authkey } { md5 | sha } password [ privacy password ] ] Raisecom(config)#snmp-server view view-name oid-tree [ mask ] { included | excluded }
Command
Description Enter global configuration mode. Configure SNMP v1-/SNMP v2c-based Trap target host.
(Optional) configure SNMP v3-based Trap target host.
Enable Trap.
Description Show the IP address of the SNMP interface. Show SNMP access group configurations. Show SNMP community configurations. Show SNMP basic configurations. Show the mapping relationship between SNMP users and the access group. Show Trap target host information. Show SNMP statistics.
24
1 Basic configurations
No. 8 9
Command
Raisecom#show snmp user Raisecom#show snmp view
Prerequisite
N/A
Command
message word
The word parameter is a 1-byte character. It is the beginning and end marker of the Banner contents. These 2 marks must be the identical character. The message parameter is the Banner contents. Up to 2560 characters are supported.
25
1 Basic configurations
Step 2
Command
Raisecom(config)#banner enable
Raisecom(config)#write
Save Banner configurations to ensure saving them after the iTN165-CES is rebooted.
Configuration steps
Step 1 Configure the IP address of the SNMP interface.
26
1 Basic configurations
Step 2 Configure the static route between the NView NNM system and the iTN.
Raisecom(config)#write
Checking results
Use the show ip route command to show static routing configurations.
Raisecom(config)#show ip route Codes: C - Connected, S - Static, R - RIP, O - OSPF ----------------------------------------------------------S 192.168.1.0[255.255.255.0],Via 192.168.2.2 C 192.168.18.0[255.255.255.0],is directly connected , Interface 0 Total route count: 2
Use show snmp community the command to show SNMP community configurations.
Raisecom#show snmp community Index Community Name View Name Permission -----------------------------------------------------------1 raisecom internet rw
27
1 Basic configurations
28
2 Ethernet
Ethernet
This chapter describes principles and configuration procedures of Ethernet, as well as related configuration examples, including following sections:
Introduction Configuring MAC address table Configuring VLAN Configuring basic QinQ Configuring selective QinQ Configuring VLAN mapping Configuring loopback detection Configuring interface protection Configuring Layer 2 protocol transparent transmission Configuring ARP Configuring port mirroring Maintenance Configuration examples
2.1 Introduction
2.1.1 MAC address table
MAC address entries
The MAC address table is a Layer 2 forwarding table recording related information about devices that are connected to the device. All packets received by the interface are forwarded based on the MAC address table. Based on the destination MAC address of the packet, the device queries the MAC address to locate the forwarding interface quickly.
29
2 Ethernet
MAC Address: destination MAC address Port: forwarding interface VLAN ID: VLAN ID of the interface Flags: Type of the MAC address table
Static MAC address entries The static MAC address table can be added/deleted manually and is not aged. The static MAC address table is reserved after the device is reset.
Dynamic MAC address entries The dynamic MAC address table is created by automatically learning the source MAC addresses of received packets. It can be aged based on the configured aging time. In general, the dynamic MAC address table is not reserved after the device is reset.
Black MAC address entries The blackhole MAC address table can be added/deleted manually and is not aged. The device will directly discard the packet whose source/destination MAC address is a blackhole MAC address.
Unicast: when a MAC address entry, which is related to the destination MAC address of a packet, is listed in the MAC address table, the device will directly forward the packet to the received interface through the egress interface of the MAC address entry.
30
2 Ethernet
Multicast: when receiving a packet whose destination address is a multicast MAC address, if the related destination address is listed in the MAC address table, the Ethernet device will forward the packet through the egress interface of the MAC address entry. Broadcast: when an Ethernet device receives an all-F packet, or when the Ethernet device receives a packet whose MAC address is not listed in the MAC address table, it will flood the packet to all interfaces in the same VLAN except for the interface that receives this packet.
Interface-based MAC address limit: learn source MAC addresses of packets in all VLANs received the interface. If the number of learned MAC addresses reaches the threshold, the device will not learn any MAC address. At this time, if the source MAC address of the packet received by the interface is unknown (the source MAC address is not listed in the learned MAC address table), the packet will be discarded. VLAN-based MAC address limit: learn source MAC addresses of packets in specified VLANs. If the number of learned MAC addresses reaches the threshold, the device will not learn any MAC address.
31
2 Ethernet
2.1.2 VLAN
Overview of VLAN
Virtual Local Area Network (VLAN) is a Layer 2 isolation technology that partitions devices in a LAN logically to different parts. These parts are independent and cannot communicate with each other. However, they can communicate through the router or Layer 3 switch. By partitioning VLANs, you can isolate broadcast domains and reduce broadcast storms. Figure 2-2Figure 2-2 shows how to partition a VLAN. Figure 2-2 Partitioning VLANs
Tag Protocol Identifier (TPID): it is a new frame type defined by the IEEE. It is a 2-byte field. When it is set to 0x8100, it indicates that the frame is an 802.1Q-Tag frame. The device, which does not support 802.1Q, will discard the 802.1Q-Tag packet.
Raisecom Technology Co., Ltd. 32
2 Ethernet
Priority: a 3-bit field which indicates the frame priority level. Values are from 0 (best effort) to 7 (highest). The bigger the number is, the higher the priority is. When the network is congested, the device sends packets with higher priorities first. Canonical Format Indicator (CFI): a 1-bit field used for identifying whether the MAC address is in classical format. It indicates a classical MAC address when the value is set to 0. It indicates a non-classical MAC address when the value is set to 1. It is used to distinguish the format of frames when the bus Ethernet and Fiber Distributed Digital Interface (FDDI)/Token Ring network exchange data. VLAN Identifier (VID): a 12-bit field specifying the VLAN to which the frame belongs. The value ranges from 1 to 4094. A Port VLAN ID (PVID) is a default VLAN ID. In a port-based VLAN, each port has a PVID. When an Untagged packet is sent to the port, the RC1108 will forward this packet according to the PVID Tag. VLANs supported by the RC1108 meet the IEEE 802.1Q standard. The iTN165-CES supports 4094 concurrent VLANs.
Tag packet If the VLAN ID of a packet is identical to the Access VLAN ID or the VLAN ID is in the allowed VLAN IDs of the interface, receive the packet. If the VLAN ID of a packet is not identical to the Access VLAN ID, or the VLAN ID is not in the allowed VLAN IDs of the interface, discard the packet.
Forwarding modes for egress packet If the VLAN ID of a packet is identical to the Access VLAN ID, send the packet after removing its Tag. If the VLAN ID of a packet is in the allowed VLAN ID list of the interface, send the packet after removing its Tag. If the VLAN ID of a packet is not in the allowed VLAN ID list of the interface, discard the packet.
33
2 Ethernet
Forwarding modes for ingress packet Untag packet Add the Native VLAN Tag to packets.
Tag packet If the VLAN ID of a packet is in the VLAN ID list of the interface, receive the packet. If the VLAN ID of a packet is not in the allowed VLAN ID list of the interface, discard the packet.
Forwarding modes for egress packet If the VLAN ID of a packet is identical to the native VLAN and the allowed VLAN ID is in the VLAN ID list of the interface , send the packet after removing its original Tag. If the VLAN ID of a packet is not identical to the native VLAN and VLAN ID is not in the allowed VLAN ID list of the interface, send the packet with taking its original Tag. If the VLAN ID of a packet is not identical to the native VLAN ID, or the VLAN ID is not in the allowed VLAN IDs of the interface, discard the packet.
2.1.3 QinQ
QinQ (also called Stacked VLAN or Double VLAN) is a Layer 3 tunnel technology based on IEEE 802.1Q. It is defined in 802.1ad standard. QinQ is a simple Layer 2 VPN tunnel technology. QinQ encapsulates an outer VLAN Tag for a private packet, so that the packet traverses the backbone network of the Internet service provider (ISP) carrying double VLAN tags. In the ISP, the packet is transmitted according to the outer VLAN Tag (public VLAN Tag). And the private VLAN Tag is transmitted as the data in the packet.
34
2 Ethernet
Structures of the S-VLAN and C-VLAN are similar. They are divided in to TPID and Tag Control Information (TCI). The TPID and TCI are 2-byte fields. The TPID is used to identify the VLAN tag type. The inner VLAN Tag is fixed to 0x8100 while the outer VLAN Tag can be configured.
The IEEE 802.1ad defines the TPID value of the S-VALN as 0x88a8. However, the value may vary on vendors. To ensure that these devices can communicate with each other, we recommend setting the identical TPID value. Figure 2-5 shows the structure of TCI in the S-TAG and C-TAG. Figure 2-5 Structure of TCI in S-TAG and C-TAG
Table 2-2 describes the structure of TCI in the S-TAG and C-TAG. Table 2-2 Structure of TCI in the S-TAG and C-TAG Field PCP CFI DEI Full form Priority Code Point Canonical Format Indicator Drop Eligible Indicator Length 3bit 1bit 1bit Description Priority Code Point Canonical Format Indicator Drop Eligible Indicator, cooperating with PCP to indicate the priority of the S-TAG frame
35
2 Ethernet
Field VID
Length 12bit
Basic QinQ
Basic QinQ is realized based on the interface. After an interface is enabled with basic QinQ, when it receives a Tag packet, the device adds the VLAN Tag of the interface to the packet. Therefore, the packet traverses the network with double Tags. If the interface receives an Untag packet, the device adds the VLAN Tag of the interface to the packet. Therefore, the packet traverses the network with the native VLAN Tag of the interface. Figure 2-6 shows the typical networking application with basic QinQ. Figure 2-6 Typical networking application with basic QinQ
A packet is sent to the PE by the customer equipment, and the packet carries a Tag VLAN 100. When passing through the Client interface of the PE, the packet is added with an outer Tag VLAN 200. And then the packet is sent to the Carrier network through the Line interface of the PE. When the packet with the outer Tag is sent to the other PE, this PE will remove the outer Tag from the packet and then send the packet to the other customer equipment. Now, the packet only carries the TAG VLAN 100.
Selective QinQ
Selective QinQ is an enhanced application for basic QinQ. It is realized based on the interface and VLAN. Based on some features, selective QinQ can perform traffic classification on users' data and encapsulate different data flows with different VLAN Tags. With selective QinQ, you can encapsulate different Tags for packets with different inner Tags based on the mapping rule. In addition to all functions realized by basic QinQ, selective QinQ can also perform different operations on packets received by the same interface based on different VLAN Tags.
Ingress interface: add different outer VLAN tags to packets based on the inner VLAN ID. Egress interface: identify the CoS priority of the outer VLAN based on the one of the inner VLAN.
Selective QinQ can isolate the Carrier network from the user network and provide a great number of features and more flexible networking capabilities. With selective QinQ, devices can classify customer devices on the interface that is connected to the access layer,
Raisecom Technology Co., Ltd. 36
2 Ethernet
encapsulating different outer Tag for various customer devices. In addition, selective QinQ adopts the outer Tag to configure the QoS policy in the public network, flexibly configure the data transmission priority, and provide related services for users.
37
2 Ethernet
Loopback types
In general, there are self-loopback, internal loopback, and external loopback, as shown in Figure 2-8.
Self-loopback: a loopback generated on the same Ethernet interface of a device, such as the one between Switch B and User network B Internal loopback: a loopback generated between different Ethernet interfaces of a device, such as the one between Switch C and User network A External loopback: a loopback generated between Ethernet interfaces of different devices, such as the one among Switch A, Switch B, Switch C, and User Network C
Self-loopback: shut down the interface if the ID of the interface for sending the packet is identical to the one of the interface for receiving the packet. Internal loopback: shut down the interface with a greater ID and keep the interface with a smaller ID UP if the ID of the interface for sending the packet and the one of the interface for receiving the packet are different. External loopback: in general, the device does not process the loopback. The device sends Trap only without blocking the interface. You can manually block one interface as required.
2 Ethernet
Encapsulation: on the ingress interface of the ISP, the device adopts a special multicast address (by default, it is 010E.5E00.0003) to modify the destination MAC address of the Layer 2 protocol packet. In the ISP, the modified packet is taken as a data to be forwarded in the VLAN where the user belongs. Intermediate processing: Layer 2 protocol transparent transmission can work with QinQ. In addition, Layer 2 protocol transparent transmission can be operated alone. In real, after the MAC address of a Layer 2 protocol packet is modified, the device decides whether to encapsulate the outer VLAN Tag for packets based on the configured transparent transmission mode to make packet traverse the Carrier network properly. Decapsulation: on the egress interface of the ISP, the device recognizes the specified multicast address (by default, it is 010E.5E00.0003) and restores it to the original destination MAC address of the Layer 2 protocol packet. And then the device decides whether to remove the outer VLAN Tag of packets based on the configured transparent transmission mode and then transmits it to the specified user network.
2.1.8 ARP
Address Resolution Protocol (ARP) is used for resolution of network layer IP addresses into data link layer hardware addresses.
39
2 Ethernet
The ARP frame size is 28 bytes, there is the sender hardware address in the Ethernet data frame header and ARP request data header, This field is required for all networks but Ethernet.
Hardware Type (HTYPE): it is a 2-byte field used to define the network type. 1 is Ethernet. Protocol Type (PTYPE): it is a 2-byte field used to define the ARP type. 0x0800 is IPv4. Hardware Length (HLEN): it is a 1-byte field used to define the length of a hardware address. Ethernet address size is 6. Protocol Length (PLEN): it is a 1-byte field used to define the length of a logical address. IPv4 address size is 4. Operation (OP): it is a 2-byte field used to define the ARP packet type. ARP request packet is 1 and ARP replay packet is 2. Sender Hardware Address (SHA): it is a 6-byte field used to define the MAC address of the sender. Sender Protocol Address (SPA): it is a 4-byte field used to define the IP address of the sender. Target Hardware Address (THA): it is a 6-byte field used to define the destination MAC address. Target Protocol Address (TPA): it is a 4-byte field used to define the destination IP address.
Static ARP address entry: static entry is used to perform static binding on an IP address and a MAC address. The iTN165-CES and router cannot adjust the secondary mapping relationship dynamically. It is used to prevent ARP dynamic learning fraud. Static ARP address entries should be manually added and deleted and are not aged. In addition, static ARP address entries are saved on all devices in a network. Dynamic ARP address entry: entries that are automatically learned through ARP. Dynamic ARP address entries are automatically generated by the iTN165-CES. You can adjust some parameters as required. You should not manually add or delete dynamic ARP address entries. However, you need to set the aging time for them. Aging is a dynamic update mechanism for ARP address entries. Because devices of the learned ARP address entry may fail or be removed after a period, aging can be used to detect the device periodically to enhance network reliability and stability.
40
2 Ethernet
Basic principles for the port mirroring are displayed in Figure 2-10. PC 1 accesses the network through Client 1 of the iTN165-CES. PC 2 is the monitor PC and is connected to Client 2 of the iTN165-CES. When needing to monitor packets sent by PC 1, you need to configure Client 1 as the mirroring port and enable port mirroring for packets on the ingress port. Configure Client 2 as the monitor port, that is, the mirroring destination port. When forwarding a packet sent by PC 1, the iTN165-CES mirrors one to Client 2. Monitor devices connected to Client 2 receive and analyze this mirrored packet. The iTN165-CES supports port mirroring based on ingress and egress ports.
41
2 Ethernet
Prerequisite
N/A
Command
Description Enter global configuration mode. Configure static unicast MAC addresses.
Description Enter global configuration mode. Enable MAC address learning. By default, MAC address learning is enabled on the iTN165-CES. Configure the aging time of dynamic MAC addresses. By default, the aging time of dynamic MAC addresses is set to 300s. Configure VLAN-based MAC address limit threshold. By default, no VLAN-based MAC address limit threshold is configured. Enter physical layer interface configuration mode. Configure interface-based MAC address limit threshold. By default, no interface-based MAC address limit threshold is configured.
vlan-id
5 6
Raisecom(config)#interface
interface-type interface-number
Raisecom(config-port)#mac-addresstable threshold threshold-value
Command
Description Enter global configuration mode. Configure the blackhole MAC address.
42
2 Ethernet
Description Show static MAC addresses. Show all MAC addresses. Show the aging time of MAC addresses. Show MAC address limit configurations.
Small LAN: on one Layer 2 device, the LAN is carved up to several VLANs. Hosts that connect to the device are carved up by VLANs. So hosts in the same VLAN can communicate, but hosts between different VLANs cannot communicate. For example, the financial department needs to be separated from other departments and they cannot access each other. In general, the port connected to the host is in Access mode. Big LAN or enterprise network: Multiple Layer 2 devices connect to multiple hosts and these devices are concatenated. Packets take VLAN Tag for forwarding. Ports of multiple devices, which have identical VLAN, can communicate, but hosts between different VLANs cannot communicate. This mode is used for enterprises that have many people and need a lot of hosts, and the people and hosts are in the same department but different positions. Hosts in one department can access each other, so you has to carve up VLAN on multiple devices. Layer-3 devices like a router are required if you want to communicate among different VLANs. The concatenated ports among devices are in Trunk mode.
When you need to configure an IP address for a VLAN, you can relate a Layer 3 interface to the VLAN. Each Layer 3 interface corresponds to an IP address and is related to a VLAN.
Prerequisite
N/A
43
2 Ethernet
Command
Description Enter global configuration mode. Create one or more VLANs. Create a VLAN and enter the VLAN configuration mode. Enter VLAN configuration mode. (Optional) configure the VLAN name. Activate/Suspend the VLAN.
3 4 5
VLANs that are created by using the vlan vlan-id command are in Suspend status. If you need them to take effect, you need to use the state command to activate them. By default, there is a VLAN in the system, that is, the default VLAN (VLAN 1). All interfaces in Activate mode belong to default VLAN 1. By default, the default VLAN (VLAN 1) is named as "Default" and the cluster VLAN (VLAN 2) has no name. Other VLANs are named as VLAN+4-digit VLAN ID. For example VLAN 3 is names as VLAN0003 while VLAN4094 is named as VLAN4094. All configurations of a VLAN cannot take effect until the VLAN is activated. When a VLAN is in Suspend status, you can also configure the VLAN, such as deleting/adding interfaces. The system will save these configurations. Once the VLAN is activated, these configurations will take effect.
Command
Description Enter global configuration mode. Enter physical layer interface configuration mode. Set the interface mode to Access or Trunk.
interface-number
Raisecom(config-port)#switchport mode { access | trunk }
Command
44
2 Ethernet
Step 2 3
interface-number
Command
Raisecom(config)#interface interface-type
Description Enter physical layer interface configuration mode. Set the interface mode to Access and add Access interfaces to the VLAN. (Optional) configure the allowed VLANs of the Access interface.
vlan-id
The interface permits Access VLAN packets passing regardless of configurations for VLAN list on the Access interface. The forwarded packets do not carry VLAN TAG. When configuring Access VLAN, the system will automatically create and activate a VLAN if you do not create and activate the VLAN in advance. If you manually delete or suspend an Access VLAN, the system will automatically configure the Access VLAN as the default VLAN. When Access VLAN is configured as a non-default Access VLAN, the default Access VLAN 1 is the VLAN that is allowed to pass on Access egress interface. You can delete the Access VLAN 1 by deleting the VLAN from Allowed VLAN list on Access egress interface. If the configured Access VLAN is not the default VLAN and there is no default VLAN in the VLAN list on the Access interface, the interface does not permit default VLAN packets passing.
Command
Description Enter global configuration mode. Enter physical layer interface configuration mode. Set the interface mode to Trunk. Configure interface Native VLAN. (Optional) configure the allowed VLANs of the Trunk interface.
interface-number
Raisecom(config-port)#switchport mode trunk Raisecom(config-port)#switchport trunk native vlan vlan-list Raisecom(config-port)#switchport trunk allowed vlan { all | vlan-list } [ confirm ] Raisecom(config-port)#switchport trunk allowed vlan { add add-vlan-list | remove vlan-list } Raisecom(config-port)#switchport trunk untagged vlan { all | vlan-list } [ confirm ] Raisecom(config-port)#switchport trunk untagged vlan { add vlan-list | remove vlan-list }
(Optional) configure VLANs whose Tags can be deleted on the Trunk interface.
45
2 Ethernet
The Trunk interface permits Native VLAN packets passing regardless of configurations for Trunk Allowed VLAN list and Trunk Untagged VLAN list on the interface. And forwarded packets do not carry VLAN TAG. When configuring a Native VLAN, the system will automatically create and activate a VLAN if you do not create and activate the VLAN in advance. If you manually delete or suspend a Native VLAN, the system will automatically set the interface Trunk Native VLAN as the default VLAN. The interface permits Trunk Allowed VLAN packets passing. If the VLAN is a Trunk Untagged VLAN, the VLAN TAG of the packet is removed on the egress interface. Otherwise, the packet is not modified. If the configured Native VLAN is not the default VLAN and there is no default VLAN in the VLAN list on the Trunk interface, the interface will not permit default VLAN packets passing. When configuring a Trunk Untag VLAN list, the system automatically adds all Untagged VLAN to the Trunk allowed VLAN.
Prerequisite
Before configuring basic QinQ, you must finish following operations:
Connect interfaces and configure physical parameters of interfaces. Make the physical layer Up. Create a VLAN.
46
2 Ethernet
Command
Description Enter global configuration mode. Enter interface configuration mode. (Optional) configure the TPID value. Enable basic QinQ on the interface. Add the Access interface to the VLAN. Add the Trunk interface to the VLAN.
interface-number
Raisecom(config-port)#mls double-tagging tpid
tpid
Raisecom(config-port)#switchport qinq dot1qtunnel Raisecom(config-port)#switchport access vlan
vlan-id
Raisecom(config-port)#switchport trunk native vlan vlan-id
Command
Description Enter global configuration mode. Enter physical layer interface configuration mode. Configure the egress interface to Trunk mode, allowing double Tag packets to pass.
interface-number
Raisecom(config-port)#switchport mode trunk
2 Ethernet
Prerequisite
Before configuring selective QinQ, you must finish following operations:
Connect interfaces and configure physical parameters of interfaces. Make the physical layer Up. Create a VLAN.
Command
Description Enter global configuration mode. (Optional) configure the TPID value of the inner Tag. Enter interface configuration mode. Configure the TPID value of the outer VLAN Tag on the interface. Configure VLAN-based selective QinQ on ingress interface.
Raisecom(config)#interface interface-type
interface-number
Raisecom(config-port)#mls double-tagging tpid tpid
Raisecom(config-port)#switchport vlan-mapping cvlan vlan-list [ cos cos-value ] add-outer vlan-id [ cos cos-value ]
Description Show basic QinQ configurations. Show selective QinQ configurations on the interface.
Map user services into one carrier VLAN ID. Map multi-user services into one carrier VLAN ID.
48
2 Ethernet
Prerequisite
Before configuring VLAN mapping, you must finish following operations:
Connect interfaces and configure physical parameters of interfaces. Make the physical layer Up. Create a VLAN.
Command
Description Enter global configuration mode. Enter physical layer interface configuration mode. Configure interface-based 1:1 VLAN mapping rule.
interface-number
Raisecom(config-port)switchport vlanmapping { ingress | egress } [ outer ] vlan-list [ cos cos-value ] [ inner vlanlist ] [ cos cos-value ] translate [ outervid vlan-id ] [ outer-cos cos-value ] [ inner-vid vlan-id ] [ inner-cos cosvalue ]
Prerequisite
Before configuring loopback detection, you need to configure physical parameters on an interface and make the physical layer Up.
49
2 Ethernet
Loopback detection and STP are mutually exclusive. They cannot be enabled simultaneously. For directly connected devices, you cannot enable loopback detection on both ends simultaneously. Otherwise, interfaces on both ends will be blocked. Step 1 2 3 Command
Raisecom#config Raisecom(config)#loopback-detection enable interface-type interface-list Raisecom(config)#loopback-detection mode { port-based | vlan-based }
Description Enter global configuration mode. Enable loopback detection on an interface. (Optional) configure the loopback detection mode. By default, the loopback detection is set to VLAN-based loopback detection.
list
(Optional) configure the mode for an interface to process loopback detection packets from other interfaces.
To ensure that loopback detection runs properly, we recommend selecting the discarding mode. In addition, the iTN165CES supports up to 15 VLAN-based loopback detection. 5
Raisecom(config)#loopback-detection hello-time period
Configure the interval for sending loopback detection packet. By default, the interval is set to 4s.
(Optional) configure the time to automatically restore the blocked interface caused by loopback. By default, it is set to infinite.
(Optional) configure the processing mode of the uplink interface when it detects a loopback.
Description Show interface-based loopback detection configurations. Show loopback detection statistics.
50
2 Ethernet
No. 3
Command
Raisecom#show loopback-detection block-vlan [ interface-type interface-list ] Raisecom#show loopback-detection vlan-list vlan-list
Prerequisite
N/A
Command
Description Enter global configuration mode. Enter physical layer interface configuration mode. Enable interface protection. By default, downlink interfaces are isolated from each other.
interface-number
Raisecom(config-port)#switchport protect
51
2 Ethernet
Prerequisite
Before configuring the Layer 2 protocol f transparent transmission, you need to configure physical parameters on an interface and make the physical layer Up.
Description Enter global configuration mode. (Optional) configure the destination MAC address of a Layer 2 protocol packet. By default, the destination MAC address is set to 010E.5E00.0003. The multicast destination MAC address should not begin with 0180C2/010E5E. However, the default value (010E.5E00.0003) is excluded.
3 4 5
(Optional) configure the CoS value of a Layer 2 protocol packet. Enter interface configuration mode. (Optional) specify the egress interface for a Layer 2 protocol packet. By default, no egress interface is specified for a Layer 2 protocol packet. Other interfaces can transmit the Layer 2 protocol packet transparently.
Raisecom(config)#interface interface-
type interface-number
Raisecom(config-port)#relay
interface-type interface-number
Raisecom(config-port)#relay vlan
vlan-id
(Optional) specify a VLAN for a Layer 2 protocol packet. By default, no VLAN is specified for a Layer 2 protocol packet. All VLANs under the interface allow the Layer 2 protocol packet to pass.
52
2 Ethernet
Step 7
Command
Raisecom(config-port)#relay { all | cdp | dot1x | lacp | pvst | stp | vtp }
Description Configure transparent transmission packet types on an interface and disable related protocols.
Description Show Layer 2 protocol transparent transmission configurations. Show transparent transmission packet statistics.
Prerequisite
N/A
When you configure static ARP address entries, IP addresses of these static ARP address entries must be at the IP network of Layer 3 interfaces on the iTN165-CES. Step 1 2
Raisecom#config Raisecom(config)#arp ip-address mac-address
Command
Description Enter global configuration mode. Enter static ARP address entries.
53
2 Ethernet
Step 3
Command
Raisecom(config)#arp aging-time second
Description Configure the aging time of dynamic ARP address entries. By default, the aging time is set to 1200s.
Configure the ARP learning mode. By default, the ARP learning mode is set to learn-reply-only. Enter IP interface configuration mode. Enable ARP dynamic learning on the IP interface. By default, ARP dynamic learning is enabled.
5 6
Raisecom(config)#interface ip interface-
number
Raisecom(config-ip)#arp learning enable
Raisecom(config-ip)#arp max-learning-num
max-learning-num
Description Show configurations on all entries in the ARP address table. Show configurations on ARP address entries related to a specified IP address. Show configurations on ARP address entries related to Layer 3 interfaces, Show configurations on static ARP address entries.
Prerequisite
N/A
54
2 Ethernet
There can be multiple mirroring ports. However, there is only one monitor port. After port mirroring takes effect, packets on both ingress and egress ports will be copied to the monitor port. The mirroring port and the monitor port should not be the same one. Command Description Enter global configuration mode. Enable the port mirroring. By default, the port mirroring is disabled.
Step 1 2
Raisecom#config
Raisecom(config)#mirror enable
Raisecom(config)#mirror monitor-port
interface-type interface-number
Configure the monitor port. By default, the monitor port index is set to 1.
Packets that are mirrored to the monitor port will not follow VLAN configurations on the mirroring port and all packets can pass the interface. 4
Raisecom(config)#mirror source-port-list { both | ingress | egress } interface-
type interface-list
Configure the mirroring port and the mirroring rules. By default, there is no mirroring port.
When a mirroring port list is configured on the ingress or egress port, the mirroring port list on the other port will be automatically cleared. 5
Raisecom(config)#mirror monitor-cpu
55
2 Ethernet
2.12 Maintenance
Command
Raisecom(config)#clear mac-addresstable { all | dynamic | static } Raisecom(config)#search mac-address mac-address { all | dynamic | static } [ interace-type interface-number ] [ vlan vlan-id ] Raisecom(config)#clear relay statistics [ interface-type interfacelist ] Raisecom(config-port)#clear loopbackdetection statistic
Clear Layer 2 transparent transmission packet statistics. Clear loopback detection statistics.
On Client 1 of the iTN, configure a static MAC address entry that is related to the MAC address of PC 1 and disable dynamic MAC address learning. On Client 2 of the iTN, set the MAC address of PC 2 to a blackhole MAC address and enable dynamic MAC address learning. Set the aging time to 400s.
56
2 Ethernet
Configuration steps
Step 1 Create VLAN 10 and then add interfaces to VLAN 10.
Raisecom#config Raisecom(config)#create vlan 10 active Raisecom(config)#interface client 1 Raisecom(config-port)#switchport mode access Raisecom(config-port)#switchport access vlan 10 Raisecom(config-port)#exit Raisecom(config-port)#interface client 2 Raisecom(config-port)#switchport mode access Raisecom(config-port)#switchport access vlan 10 Raisecom(config-port)#exit
Step 2 On Client 1, configure a static unicast MAC address (000e.5e01.0105), which belongs to VLAN 10 and disable dynamic MAC address learning.
Raisecom(config)#mac-address-table static unicast 000e.5e01.0105 vlan 10 client 1 Raisecom(config)#mac-address-table learning disable client 1
Step 3 On Client 1, configure a blackhole MAC address (000e.5e02.0207), which belongs to VLAN 10, enable dynamic MAC address learning, and set the aging time to 400s.
57
2 Ethernet
Raisecom#write
Checking results
Use the show mac-address-table l2-address command to show MAC address configurations.
Raisecom#show mac-address-table l2-address Aging time:400 seconds Mac Address Port Vlan Flags ---------------------------------------------000E.5E01.0105 client1 10 static 000E.5E02.0207 -10 blackhole
58
2 Ethernet
Configuration steps
Step 1 Create and activate VLAN 10 and VLAN 20 on iTN A and iTN B respectively.
Configure iTN A.
Configure iTN B.
Step 2 Add client 1 (Access) and client 2 (Access) of iTN B to VLAN 10. Add client 3 (Access) to VLAN 20. The line1 interface is in Trunk mode and allows packets of VLAN 10 to pass.
iTNB(config)#interface client 1 iTNB(config-port)#switchport mode access iTNB(config-port)#switchport access vlan 10 iTNB(config-port)#exit iTNB(config)#interface client 2 iTNB(config-port)#switchport mode access iTNB(config-port)#switchport access vlan 10 iTNB(config-port)#exit iTNB(config)#interface client 3
59
2 Ethernet
Step 3 Add client 2 (Access) of iTN A to VLAN 10. Add client 1 (Trunk) to VLAN 20. The line1 interface is in Trunk mode and allows packets of VLAN 10 to pass.
iTNA(config)#interface client 2 iTNA(config-port)#switchport mode access iTNA(config-port)#switchport access vlan 10 iTNA(config-port)#exit iTNA(config)#interface client 1 iTNA(config-port)#switchport mode trunk iTNA(config-port)#switchport trunk native vlan 20 iTNA(config-port)#exit iTNA(config)#interface line 1 iTNA(config-port)#switchport mode trunk iTNA(config-port)#switchport trunk allow vlan 10
Step 5 Save configurations of iTN A and iTN B, taking iTN A for an example.
iTNA#write
Checking results
Use the show vlan command to show VLAN configurations. Take iTN B for an example.
iTNB#show vlan VLAN Name State Status Port Untag-Port Priority Create-Time ---------------------------------------------------------------------
60
2 Ethernet
0:0:15 0:0:17 1:0:50 0:0:26
Use the show interface interface-type interface-number switchport command to show VLAN configurations on an interface. Take iTN B for an example.
iTNB#show interface client 1 switchport Interface: client 1 Administrative Mode: access Operational Mode: access Access Mode VLAN: 10 Administrative Access Egress VLANs: 1 Operational Access Egress VLANs: 1,10 Trunk Native Mode VLAN: 1 Administrative Trunk Allowed VLANs: 1-4094 Operational Trunk Allowed VLANs: n/a Administrative Trunk Untagged VLANs: 1 Operational Trunk Untagged VLANs: 1
Use the show switchport protect command to show interface protection configuration. Take iTN B for an example.
iTNB#show switchport protect Port Protected State -------------------------L:1 disable L:2 disable C:1 enable C:2 enable C:3 disable
By executing the ping command between PC 1 and PC 5, PC 2 and PC 5, PC 3 and PC 4 to check VLAN configurations on the Trunk interface.
If PC1 can ping through PC 5, VLAN 10 communicates properly. If PC 2 can ping through PC 5, VLAN 10 communicates properly. If PC 3 cannot ping through PC 4, VLAN 20 communicates improperly.
By executing the ping command between PC 1 and PC 2, check interface protection configurations.
61
2 Ethernet
Configuration steps
Step 1 Create and activate VLAN 100, VLAN 200, and VLAN 1000.
Configure iTN A.
Configure iTN B.
62
2 Ethernet
Configure iTN A.
iTNA(config)#interface client 2 iTNA(config-port)#switchport mode access iTNA(config-port)#switchport access vlan 1000 iTNA(config-port)#switchport qinq dot1q-tunnel iTNA(config-port)#exit iTNA(config)#interface client 3 iTNA(config-port)#switchport mode access iTNA(config-port)#switchport access vlan 1000 iTNA(config-port)#switchport qinq dot1q-tunnel iTNA(config-port)#exit
Configure iTN B.
iTNB(config)#interface client 2 iTNB(config-port)#switchport mode access iTNB(config-port)#switchport access vlan 1000 iTNB(config-port)#switchport qinq dot1q-tunnel iTNB(config-port)#exit iTNB(config)#interface client 3 iTNB(config-port)#switchport mode access iTNB(config-port)#switchport access vlan 1000 iTNB(config-port)#switchport qinq dot1q-tunnel iTNB(config-port)#exit
Step 3 Configure line 1 allowing packets with double Tag to pass. Set the TPID value to 0x9100.
Configure iTN A.
iTNA(config)#interface line 1 iTNA(config-port)#switchport mode trunk iTNA(config-port)#mls double-tagging tpid 9100 iTNA(config-port)#switchport trunk allowed vlan 1000 iTNA(config-port)#exit
Configure iTN B.
63
2 Ethernet
Step 4 Save configurations of iTN A and iTN B, taking iTN A for an example.
iTNA#write
Checking results
Use the show switchport qinq command to show QinQ configurations. Take iTN A for an example.
iTNA#show switchport qinq Inner TPID:: 0x8100 Port QinQ Status Outer TPID on port ---------------------------------------------------L:1 -0x9100 L:2 -0x8100 C:1 -0x8100 C:2 Dot1q-tunnel 0x8100 C:3 Dot1q-tunnel 0x8100 C:4 -0x8100 C:5 -0x8100 C:6 -0x8100
64
2 Ethernet
Configuration steps
Step 1 Create and activate VLANs.
Configure iTN A.
Configure iTN B.
Configure iTN A.
65
2 Ethernet
iTNA(config-port)#switchport vlan-mapping cvlan 100-150 add-outer 1000 iTNA(config-port)#switchport trunk untagged vlan 1000,2000 confirm iTNA(config-port)#exit iTNA(config)#interface client3 iTNA(config-port)#switchport mode trunk iTNA(config-port)#switchport vlan-mapping cvlan 300-400 add-outer 2000 iTNA(config-port)#switchport trunk untagged vlan 1000,2000 confirm iTNA(config-port)#exit
Configure iTN B.
iTNB(config)#interface client 2 iTNB(config-port)#switchport mode trunk iTNB(config-port)#switchport vlan-mapping cvlan 100-150 add-outer 1000 iTNB(config-port)#switchport trunk untagged vlan 1000,2000 confirm iTNB(config-port)#exit iTNB(config)#interface client 3 iTNB(config-port)#switchport mode trunk iTNB(config-port)#switchport vlan-mapping cvlan 300-400 add-outer 2000 iTNB(config-port)#switchport trunk untagged vlan 1000,2000 confirm iTNB(config-port)#exit
Step 3 Configure client 1 allowing packets with double Tag to pass. Set the TPID value rto 0x9100.
Configure iTN A.
iTNA(config)#interface client 1 iTNA(config-port)#switchport mode trunk iTNA(config-port)#mls double-tagging tpid 9100 iTNA(config-port)#switchport trunk allowed vlan 1000,2000 confirm iTNA(config-port)#exit
Configure iTN B.
iTNB(config)#interface client 1 iTNB(config-port)#switchport mode trunk iTNB(config-port)#mls double-tagging tpid 9100 iTNB(config-port)#switchport trunk allowed vlan 1000,2000 confirm iTNB(config-port)#exit
Step 4 Save configurations of iTN A and iTN B, taking iTN A for an example.
iTNA#write
66
2 Ethernet
Checking results
Use the show interface interface-type [ interface-number ] vlan-mapping add-outer command to show QinQ configurations. Take iTN A for an example.
iTNA#show interface client 2 vlan-mapping add-outer Based outer VLAN QinQ mapping rule: Original Original Add-outer Add-outer Hardware Hardware Port Outer VLAN COS VLAN COS Status ID ------------------------------------------------------------------------C2 100-150 -1000 -Enable 1 iTNA#show interface client 3 vlan-mapping add-outer Based outer VLAN QinQ mapping rule: Original Original Add-outer Add-outer Hardware Hardware Port Outer VLAN COS VLAN COS Status ID ------------------------------------------------------------------------C3 300-400 -2000 -Enable 2
67
2 Ethernet
Configuration steps
Configurations on iTN A and iTN B are identical. Therefore, only configurations on iTN A are described. Step 1 Create and activate VLANs.
Step 2 Configure line 1 working in Trunk mode, allowing packets of VLAN 100, VLAN 200, VLAN 1000, and VLAN 2008 to pass. Enable VLAN mapping on line 1.
iTNA(config)#interface line 1 iTNA(config-port)#switchport mode trunk iTNA(config-port)#switchport trunk allowed vlan 100,200,1000,2008 iTNA(config-port)#switchport vlan-mapping egress 100 translate 1000 iTNA(config-port)#switchport vlan-mapping egress 200 translate 2008 iTNA(config-port)#exit
68
2 Ethernet
Step 3 Configure client 2 working in Access mode, allowing packets of VLAN 100 and VLAN 1000 to pass. Enable VLAN mapping on client 2.
iTNA(config)#interface client 2 iTNA(config-port)#switchport mode access iTNA(config-port)#switchport access vlan 100 iTNA(config-port)#switchport access vlan 1000 iTNA(config-port)#switchport vlan-mapping egress 1000 translate 100 iTNA(config-port)#exit
Step 4 Configure client 3 working in Trunk mode, allowing packets of VLAN 200 and VLAN 2008 to pass. Enable VLAN mapping on client 3.
iTNA(config)#interface client 3 iTNA(config-port)#switchport mode trunk iTNA(config-port)#switchport trunk allowed vlan 200,2008 iTNA(config-port)#switchport vlan-mapping egress outer 2008 outer translate 200 iTNA(config-port)#exit
Step 5 Save configurations of iTN A and iTN B, taking iTN A for an example.
iTNA#write
Checking results
Use the show interface interface-type interface-number vlan-mapping egress translate command to show 1:1 VLAN mapping configurations.
iTNA(config)#show interface client 2 vlan-mapping egress translate Direction: Egress Based outer-inner VLAN QinQ mapping rule: ----------------------------------------Interface : C2 Hardware-ID: 5 Original Outer VLANs: 1000 Original Outer COS: -Original Inner VLANs: -Original Inner COS: -Outer-tag Mode: Translate New Outer-VID: 100 New Outer-COS: -Inner-tag Mode: -New Inner-VID: -New Inner-COS: --
69
2 Ethernet
Configuration steps
Step 1 Create VLAN 3 and add client 1 and client 2 to VLAN 3.
Raisecom(config)#create vlan 3 active Raisecom(config)#interface client 1 Raisecom(config-port)#switchport access vlan 3 Raisecom(config-port)#exit Raisecom(config)#interface client 2 Raisecom(config-port)#switchport access vlan 3 Raisecom(config-port)#exit
70
2 Ethernet
Checking results
Use the show loopback-detection command to show loopback detection status on client 2.
Raisecom#show loopback-detection client 2 Destination address: ffff.ffff.ffff Mode:Vlan-based Period of loopback-detection:3s Restore time:infinite Port PortState State Status loop vlanlist --------------------------------------------------------------------C2 Down Ena no trap-only --
Configuration steps
Step 1 Create and activate VLAN 100 and VLAN 200.
Configure iTN A.
71
2 Ethernet
Configure iTN B.
Step 2 Configure client 1 working in Access mode; set the Access VLAN to 100; enable STP.
Configure iTN A.
iTNA(config)#interface client 1 iTNA(config-port)#switchport mode access iTNA(config-port)#switchport access vlan 100 iTNA(config-port)#relay stp iTNA(config-port)#relay line 1 iTNA(config-port)#exit
Configure iTN B.
iTNB(config)#interface client 1 iTNB(config-port)#switchport mode access iTNB(config-port)#switchport access vlan 100 iTNB(config-port)#relay stp iTNB(config-port)#relay line 1 iTNB(config-port)#exit
Step 3 Configure client 2 working in Access mode; set the Access VLAN to 200; enable STP.
Configure iTN A.
iTNA(config)#interface client 2 iTNA(config-port)#switchport mode access iTNA(config-port)#switchport access vlan 200 iTNA(config-port)#relay stp iTNA(config-port)#relay line 1 iTNA(config-port)#exit
Configure iTN B.
iTNB(config)#interface client 2 iTNB(config-port)#switchport mode access iTNB(config-port)#switchport access vlan 200 iTNB(config-port)#relay stp iTNB(config-port)#relay line 1 iTNB(config-port)#exit
72
2 Ethernet
Configure iTN A.
Configure iTN B.
Step 5 Save configurations of iTN A and iTN B, taking iTN A for an example.
iTNA#write
Checking results
Use the show relay command to show Layer 2 protocol transparent transmission configurations on client 1. Take iTN A for an example.
iTNA#show relay COS for Encapsulated Packets: 5 Destination MAC Address for Encapsulated Packets: 010E.5E00.0003 Port vlan Egress-Port Protocol Drop-Threshold Shutdown-Threshold --------------------------------------------------------------------C1(up) -line1 stp(enable) --dot1x --lacp --cdp --vtp --pvst ---
2 Ethernet
Set the aging time of dynamic ARP address entries to 600s. To improve the security on communication between the iTN device and Router, you need to configure the related static ARP entry on the iTN device. Figure 2-18 Configuring ARP
Configuration steps
Step 1 Add a static ARP entry.
Step 2 Set the aging time of dynamic ARP address entries to 600s.
Raisecom#write
Checking results
Use the show arp command to show all entries in the ARP address mapping table.
74
2 Ethernet
Configuration steps
Step 1 Enable port mirroring.
75
2 Ethernet
Step 3 Set Client 1 to the mirroring port and set the mirroring rule to both.
Raisecom(config)#write
Checking results
Use the show mirror command to show port mirroring configurations.
Raisecom(config)#show mirror Mirror: Enable Monitor port: client 3 -----------the ingress mirror rule----------Mirrored ports: client 1 -----------the egress mirror rule----------Mirrored ports: client 1
76
3 Clock synchronization
Clock synchronization
This chapter describes principles and configuration procedures of clock synchronization, as well as related configuration examples, including following sections:
Introduction Configuring clock synchronization based on synchronous E thernet Maintenance Configuration examples
3.1 Introduction
Physical-layer synchronization technologies are widely used in the traditional TDM network. Each node can extract clock signals from the physical link or the exterior synchronization interface. It selects the clock source with best quality from multiple clock sources, takes it as the local clock, and transmits it to the downstream devices. Therefore, it synchronizes clocks of all devices to the master reference clock by locking the host. The synchronous Ethernet technology adopted by the PTN has the similar principle, as shown in Figure 3-1. Step 1 iTN B outputs the clock with high precision to the physical-layer chip. Step 2 The physical-layer chip uses the clock to transmit the data. Step 3 Based on the clock data recovery technology integrated in the physical-layer chip, iTN A recovers the clock signals from the serial data flow and then transmits the clock signals to the clock sub-card. Step 4 After being processed by the clock sub-card, these clock signals are sent to other clocks through interfaces. Therefore, upstream clocks and downstream clocks are concatenated and clock synchronization is realized in PTN.
77
3 Clock synchronization
The clock synchronization mechanism of the synchronous Ethernet is mature and reliable. It can meet timing interface metrics defined by International Telecommunications Union Telecommunication Standardization Sector (ITU-T) G.832. In addition, it cannot be influenced by network load changes. However, because clock signals are transmitted along the clock link, the synchronous Ethernet technology asks all paths of the clock link to have the synchronous Ethernet feature. The iTN165-CES supports the synchronous Ethernet technology.
Prerequisite
N/A
78
3 Clock synchronization
Description Enter global configuration mode. Enable synchronous Ethernet. By default, synchronous Ethernet is disabled on the iTN165-CES.
Raisecom(config)#synce source { line interface-number | external 2m interface-number | internal | pdh interface-number } priority
Configure the priority of the clock source. By default, the local crystal oscillator has the lowest priority and other clock sources are not configured with priority. (Optional) enable SSM quality level. By default, the iTN165-CES uses the standard SSM quality level to select the clock source. Configure the clock source management quality level. By default, no clock source management quality level is configured. Configure the mode for selecting the clock source. By default, the iTN165-CES selects the forced-free run mode. It means the iTN165-CES uses the local crystal oscillator as the clock source. Configure the iTN165-CES to search a line clock source from the outside of the ring network. By default, the iTN165-CES does not search a line clock source from the outside of the ring network.
priority
Raisecom(config)#synce source { line interface-number | external 2m interface-number | internal | pdh interface-number } qualitylevel quality-level Raisecom(config)#synce operationtype { auto-select | forcedfreerun }
Raisecom(config)#synce revertive enable Raisecom(config)#synce source { line interface-number | external 2m interface-number | pdh interface-number } wait-to-restoretime minutes Raisecom(config)#synce source { line interface-number | external 2m interface-number | pdh interface-number } hold-off-time
Enable auto reverse mode. By default, auto reverse mode is enabled. Configure the Wait To Restore (WTR) time of the clock source. By default, the WTR time of the clock source is set to 5 minutes. Configure the hold-off time of the clock source. By default, the hold-off time of the clock source is set to 1800ms. Configure the quality level threshold of the synchronous Ethernet packets. By default, the quality level threshold of the synchronous Ethernet packets is set to 0.
10
time
11
12
79
3 Clock synchronization
Command
Description Enter global configuration mode. Switch the clock source manually.
Description Enter global configuration mode. Enter clock configuration mode. (Optional) enable 2 Mbit/s clock signal input and configure its mode. By default, 2 Mbit/s clock signal input is enabled on the iTN165-CES. Configure the quality level threshold of output 2 Mbit/s clock signals. By default, no threshold is configured.
slot-number
Raisecom(config-clock)#external2m interface-number mode { { e1 | e1-crc } [ sa sa-value ] | 2mhz } Raisecom(config-clock)# external-2m interface-number output shutdown-threshold quality-level quality-level
Description Show configurations on clock synchronization based on synchronous Ethernet. Show synchronization status message based on synchronous Ethernet. Show clock signal configurations. Show extended SSM information of the synchronous Ethernet clock source.
Raisecom#show synce ssm [ source | statistic ] Raisecom#show clock-mgmt slot slot-id Raisecom#show synce source extend-ssm
80
3 Clock synchronization
3.3 Maintenance
Command
Raisecom(config)#clear synce ssm statistic Raisecom(config)#clock-mgmt trap enable
Description Clear synchronization status statistics of synchronous Ethernet. Enable clock sub-card Trap.
Configuration steps
Step 1 Configure clock source properties.
Configure iTN A.
Raisecom#hostname iTNA iTNA#config iTNA(config)#synce enable iTNA(config)#synce operation-type auto-select iTNA(config)#synce source line 1 priority 1
81
3 Clock synchronization
Configure iTN B.
Raisecom#hostname iTNB iTNB#config iTNB(config)#synce enable iTNB(config)#synce operation-type auto-select iTNB(config)#synce source external 2m 1 priority 1 iTNB(config)#synce source external 2m 1 wait-to-restore-time 0 iTNB(config)#synce source external 2m 1 quality-level 0
Step 2 Save configurations of iTN A and iTN B, taking iTN A for an example.
iTNA#write
Checking results
Use the show synce command to show clock synchronization configurations of the synchronous Ethernet. Show clock synchronization configurations on iTN A.
iTNA#show synce Synce : enable Synce running status(PLL): freerun(forced) Current clock source: line 1(Ql:0) Previous clock source: internal(Ql:8) Synce trap : enable Revertive mode : enable Transmit quality level threshold: 0 Latest switch time : 2011-08-18,15:38:21.381
iTNB#show synce Synce : enable Synce running status(PLL):lockedauto-select Current clock source: ext 2m 1(Ql:0) Previous clock source: internal(Ql:8) Synce trap : enable Revertive mode : enable Transmit quality level threshold: 0 Latest switch time : 2011-08-18,15:38:21.381
82
3 Clock synchronization
Use the show synce ssm command to show SSM status of the synchronous Ethernet. Show SSM status on iTN A.
iTNA#show synce ssm Quality level mode : enable Ssm source name : line 1 Ssm state : locked Ssm quality level : 0
iTNB#show synce ssm Quality level mode : enable Ssm source name : external 2m 1 Ssm state : locked Ssm quality level : 0
83
4 MPLS-TP
MPLS-TP
This chapter describes principles and configuration procedures of MPLS-TP, as well as related configuration examples, including following sections:
Introduction Configuring basic functions of MPLS Configuring static LSP Configuring MPLS L2VPN Configuring MPLS-TP OAM Configuring MPLS-TP linear protection switching Maintenance Configuration examples
4.1 Introduction
4.1.1 Network structure
The MPLS-TP network structure is identical to the MPLS network structure, as shown in Figure 4-1. The MPLS network is composed by the Label Switching Router (LSR). The network area composed by the LSR is called MPLS domain. The LSP locates at the edge of the MPLS domain and connects other networks is called Label Edge Router (LER). The LSR in the MPLS domain can also be called the Core LSR. If a LSR has one or more neighbouring nodes that do not operate MPLS, this LSR is a LER. The LSR, whose neighbouring nodes operate MPLS, is a core LSR.
84
4 MPLS-TP
FEC
Forwarding Equivalence Class (FEC) is a term used to describe a set of packets with similar and/or identical characteristics (destination IP address, forwarding path, and Class of Service). Packets in the same FEC may be forwarded the same way in the MPLS network.
Label
The label is a short fixed length physically contiguous identifier which is used to identify a FEC, usually of local significance. In some case, such as performing load sharing, a FEC may have multiple labels simultaneously. However, a label belongs to a FEC only. Each label is represented by 4 bytes, as shown in Figure 4-2. Each label is broken down the following fields:
Label: this 20-bit field carries the actual value of the label. It is used to identify a FEC. Exp: Experimental Use. This 3-bit filed is used to experimental use. In general, it is used to identify the Class of Service (CoS). S: Bottom of Stack. It is a 1-bit field. MPLS supports multiple labels. This bit is set to 1 for the last entry in the label stack (i.e., for the bottom of the stack). Time To Live (TTL): This 8-bit field is used to encode a time-to-live value. Whenever a packet passes through a router, its TTL gets decremented by 1; if the TTL reaches 0 before the packet has reached its destination, the packet gets discarded.
85
4 MPLS-TP
LSR
The LSR is a network device for switching and forwarding MPLS labels. It is also called a MPLS node. LSR is the basic element of the MPLS network. All LSRs support the MPLS.
LER
The LSR locating at the edge of the MPLS domain is called a LER. If a LSR has one or more neighbouring nodes that do not operate MPLS, this LSR is a LER. LER is responsible for assigning FECs for packets entering the MPLS domain and pushing labels for these FECs to forward packets. When packets leave from the MPLS domain, the labels are popped out and then packets are forwarded.
LSP
The path along which the same FEC traverses the MPLS network is called the LSP. In terms of function, LSP acts as the virtual circuit of the ATM and Frame Relay (FR). It is a unidirectional path from the ingress interface to the egress interface.
Ingress node: the begin mode of the LSP. One LSP has an Ingress node only. The Ingress node is responsible for pushing labels for packets to encapsulate them into MPLS packets for forwarding. Transit node: middle node of the LSP. One LSP may have multiple Transit Nodes. The Transit node is responsible for looking up the label forwarding table to forward MPLS packets by switching labels. Egress node: the end node of the LSP. One LSP has an Egress node only. The Egress node is responsible for popping out the label and recovering the packets to the original ones for forwarding.
Label space
The label space is the mode used to specify the label distribution and assignment. It is divided into the following 2 types:
Per-Platform Label Space: the whole LSR can only generate a unique label for the specified FEC. Per-Interface Label Space: each interface of the LSR can generate a label for a specified FEC.
86
4 MPLS-TP
Label stack
The label stack is an ordered set of labels. MPLS packets support carrying multiple labels simultaneously. The label closer to the Layer 2 header is called a top label or an outer label. The label closer to the IP header is called a bottom label or an inner label. Theoretically, the MPLS label can be embedded infinitely. Figure 4-3 Structure of the label stack
The label stack organizes labels in a Last In First Out form. It processes labels from the top of the stack.
Operations of label
Operations of a label include push, swap, and pop. They are basic actions for label forwarding and components of the label forwarding table.
Push: when an IP packet enters the MPLS network, the MPLS edge device inserts a new label between the Layer 2 header and the IP header of the IP packet. Or the MPLS middle device adds a new label on the top of the stack (embed and encapsulate the label) as required. Swap: when the MPLS packet is forwarded across the MPLS network, based on the label forwarding table, the top label of the MPLS packet is deleted and a label assigned by the next-hop device is added. Pop: when the MPLS packet leaves form the MPLS network, the label is removed.
4 MPLS-TP
Step 2 Get a label from the MPLS label pool and distribute it to the FEC. Step 3 The LSR records the relationship between the label and the FEC and encapsulates it to a message. And then it sends the message to the upstream LSR, As shown in Figure 4-5, LSR-C groups packets, to be sent to 192.168.1.0/24, into a FEC. And then it distributes a label to the FEC and notifies the upstream LSR. Therefore, the label is distributed by the downstream LSR. Figure 4-5 Label distribution
There are 2 modes for distributing labels: Downstream Unsolicited (DU) and Downstreamon-Demand (DoD).
DU: after the LDP session is established successfully. The downstream LSP sends a Label Mapping Message (LMM) to the upstream LSR automatically. The upstream LSR saves the LMM and processes it based on the routing table. DoD: the upstream LSR sends a Label Request Message (LRM) to the downstream LSR, which includes descriptions about the FEC. The downstream LSR distributes a label to the FEC and sends the LMM to the upstream LSR. The time for the downstream LSR sending LMM depends on the label distribution control mode used by the downstream LSR. There are Ordered and Independent label distribution control modes.
Ordered label distribution control mode: a LSR cannot send the LMM to the upstream LSR unless it receives the LMM sent by the downstream LSR. Independent label distribution control mode: a LSR sends LMM to the upstream LSR immediately regardless of whether it receives a LMM sent by the downstream LSR.
In general, the upstream LSR selects its downstream LSR based on the routing information, as shown in Figure 4-5. LSRs on LSP 1 use the Ordered label distribution control mode while LSR E on LSP 2 uses the Independent label distribution control mode. Label retention refers to a mode for a current LMM that is received but not used by a LSR. There are 2 label retention modes: liberal label retention and conservative label retention.
Liberal label retention: the device reserves the LMM sent by the neighbor LSR regardless of whether the neighbor LSP is the next-hop address of the specified FEC. In this mode, the device can adapt to the network topology change quickly. It reduces the convergence time of LSP when the routing converged or the next-hop address is changed.
88
4 MPLS-TP
Conservative label retention: the device reserves the LMM sent by the neighbor LSR only when the neighbor LSP is the next-hop address of the specified FEC. In this mode, memory and label space are saved.
Static LSP: manually configured by the administrator Dynamic LSP: dynamically established by using the routing protocol and the label distribution protocol
At present, the iTN165-CES supports the static LSP only. The static LSP is established by the administrator by manually assigning labels for all FECs. To manually assign labels, the egress label value of the last node is the ingress label value of the next mode. For the static LSP, all LSRs cannot sense each other and then learn status of the whole LSP. Therefore, the static LSP is of local significance.
Configure the Ingress node of the static LSP and enable MPLS on the egress interface. If there is the Address Resolution Protocol (ARP) information of the next-hop device on the iTN165-CES, the static LSP is in UP status regardless of whether it has the Transit/Egress node. If the Ingress node needs to push the label correctly, there must be a routing entry (including the destination address, next-hop address, and mask) in the local routing table, which is accurately matched with the specified destination IP address. Configure the Transit node of the static LSP and enable MPLS on both ingress and egress interfaces. If the physical layer and protocol layer of ingress and egress interfaces are in UP status and there is the Address Resolution Protocol (ARP) information of the
89
4 MPLS-TP
next-hop device on the iTN165-CES, the static LSP is in UP status regardless of whether it has the Ingress /Egress/other Transit nodes.
Configure the Egress node of the static LSP and enable MPLS on the ingress interface. If the physical layer and protocol layer of the ingress interface are in UP status and there is the Address Resolution Protocol (ARP) information of the next-hop device on the iTN165-CES, the static LSP is in UP status regardless of whether it has the Ingress/Transit nodes.
The static LSP does not use the label distribution protocol and does not exchange the control packet. Therefore, it consumes fewer resources. It is suitable for simple and stable small-size network. However, the LSP, established by statically assigning labels, cannot be dynamically adjusted according to the network topology changes. The administrator needs to manually adjust the static LSP.
Token: an index used to search the MPLS forwarding information in the MPLS forwarding table Sequence-number: sequence number of the Tunnel ID Slot-number: slot ID of the egress interface, specifying the slot for sending packets Tunnel Type: Tunnel type, including the following types:
LSP: LSP Tunnel dynamically established through LDP and without no restriction CRLSP: LSP Tunnel dynamically established through CR-LDP/RSVP-TP with restrictions MPLS Local IGNET: in Option B/Option C inter-Autonomous System (inter-AS) VPN, the VPN routing information (including the L2VPN label block) notified to the BGP symmetric peer by ASBR must include the Tunnel information. However, no Tunnel is configured between ASBRs. To transmit information of extra-AS VPN to the BGP symmetric peer in the inter-AS VPN, the EBGP of the ASBR generates a MPLS Local IFNET Tunnel for the MPLS interface between ASBRs. Global: all Tunnels share a public global space. The Token value is unique. Global with reserved tokens: be similar to the Global mode. In this mode, some Token values are reserved. The Token value begins with a specified one. Per slot: each slot has an independent Token space. Token values for the same slot must be different. However, Token values may be identical for different slots. Per slot with reserved slot: be similar to the Per slot mode. In this mode, some Token values are reserved. The Token value begins with a specified one.
90
4 MPLS-TP
Per slot with different avail value: be similar to the Per slot mode. Token value ranges of slots are different. Mixed: both the global space and slot space are created. The device selects a mode based on the egress interface. Mixed with 2 global space: global space 1, global space 2, and slot space are created. 2 global space: global space 1 and global space 2 are created.
NHLFE
Next Hop Label Forwarding Entry (NHLFE) describes operations performed on a label and directs how to forward MPLS packets. The NHLFE includes the Tunnel ID, egress interface ID, next-hop address, outgoing label, and label operation type.
ILM
Incoming Label Map (ILM) maps incoming labels to a group NHLFEs to form the mapping relationship between labels and NHLFEs. After receiving a packet with a label, the LSR searches the related ILM entry. If the Token value of the ILM entry is not null, the LSR will search the NHLFE related to the Token value to confirm the label operation to be performed. The ILM entry including the Tunnel ID, incoming label, and egress interface ID.
FTN
FEC-to-NHLFE (FTN) maps the FEC to a NHLFE on the Ingress node. After receiving a packet without a label, the LSR searches the related forwarding entry. If the Token value of the forwarding entry is not null, forward the packet through MPLS. Otherwise, the LSR will search the NHLFE related to the Token value to confirm the label operation to be performed.
91
4 MPLS-TP
The forwarding process of MPLS packets is shown as below: After a packet enters the MPLS domain, the system will check whether the Token value related to the destination address of the packet is set to 0x0 in the FIB table. If yes, the packet enters IP forwarding process. Otherwise, the packet enters MPLS forwarding process. During the MPLS forwarding process, perform the following operations on the Ingress node: 1. 2. 3. 4. View the FIB table and find the Tunnel ID based on the destination IP address. Fine the NHLFE based on the Tunnel ID and relate the FIB entry to the NHLFE. View the NHLFE to learn the egress interface ID, next-hop address, outgoing label, and label operation type. The label operation type is set to Push. Encapsulate the label into the IP packet, process the EXP field based on the QoS policy, process TTL field, and then send the encapsulated MPLS packet to the next-hop address.
Perform the following operation on the Transit node: 1. 2. 3. 4. Search the ILM table based on the label value of the MPLS packet to find the Token value. Find the NHLFE based on the Token value. View the NHLFE to learn the egress interface ID, next-hop address, outgoing label, and label operation type. The label operation type is set to Swap. Replace the old label of the MPLS packet with a new one, process the EXP and TTL fields, and then send the MPLS packet to the next-hop address.
After receiving the MPLS packet, the Egress node will directly pop the label out if the label value is set to 0 or 2. In addition, it will process the EXP and TTL fields and then forward the packet through IP.
When the label value is set to 3, it indicates that the EXP and TTL fields have been processed at the second hop address. There is no need to process them at the last hop address.
92
4 MPLS-TP
If no PHP is configured, view the ILM table to learn that the Token value is null. It indicates finishing label forwarding to pop the label out directly. And then it will process the EXP and TTL fields. At this time, it there is no label in the label stack, perform IP forwarding. Otherwise, perform next-layer label forwarding.
Depend on specified medium (such as ATM/FR): to provide ATM-based VPN services, the Carrier must establish an ATM network that covers all service ranges. To provide FRbased VPN services, the Carrier must establish a FR network that covers all service ranges. It wastes a lot of resources. Complex deployment: especially when adding a new site to an existing VPN, you need to modify positions of all edge nodes that access the VPN site.
Because of the above disadvantages, new VPN schemes are introduced. MPLS L2VPN is one of them. MPLS L2VPN provides Layer 2 VPN services based on the MPLS network. Therefore, the Carrier can provide Layer 2 VPN service based on different data link layer protocol on a uniform MPLS network, including ATM, FR, VLAN, Ethernet, and PPP. Simply, MPLS L2VPN transmits Layer 2 data transparently across the MPLS network. In terms of user, the MPLS network is a Layer 2 switching network where you can establish Layer 2 connection between different nodes. As shown in Figure 4-9, taking Ethernet for an example, each Customer Edge (EC) device is configured with an Ethernet Attachment Circuit (AC) and is connected to the remote CE device through the MPLS network. This is similar to the connection realized through the Ethernet. Figure 4-9 CE accessing the network through Ethernet AC
93
4 MPLS-TP
Network model
Figure 4-10 shows the MPLS L2VPN model, which composed by 6 parts. Figure 4-10 MPLS L2VPN model
CE device: it has an interface to directly connect to the Internet Service Provider (ISP) network. The CE device can be a router, switch, or a PC. The CE device does not sense the VPN and does not need to support MPLS. Provider Edge (PE) device: the edge device of the ISP network. It is connected to the user's CE device. In the MPLS network, packets entering or leaving from the VPN are processed on the PE device. Provider (P) device: the backbone router in the ISP network. It is not directly connected to the CE device. The P device just needs to provide basic MPLS forwarding capability. AC: it is an independent link or circuit used to connect the CE device and the PE device. The AC properties include the encapsulation type, Maximum Transmission Unit (MTU) and interface parameters of specified links. Virtual Circuit (VC): it is a logical connection between 2 PE nodes identified by the VC label. After performing the neighboring discovery work, 2 opposite unidirectional VCs are established between a pair of PEs. These 2 VCs and the Tunnel form a bidirectional Pseudo Wire (PW). Tunnel: it is used to carry the VC and transmit user data transparently.
MPLS L2VPN transparently transmits user packets in the MPLS network through the label stack.
Outer label (Tunnel label): transmits packets from one PE device to another PE device. Inner label (VC label): differentiate connections in different VPNs. The Rx PE device decides the CE device to which packets are forwarded.
Figure 4-11 shows the changes of the label stack during the MPLS L2VPN forwarding process. Figure 4-11 MPLS L2VPN label stack processing process
Layer2 Protocol Data Unit (L2PDU): the link-layer packet T: Tunnel label V: VC label T': the outer label is replaced during the forwarding process.
Raisecom Technology Co., Ltd. 94
4 MPLS-TP
As shown in Figure 4-11, the packet sent by CE 1 is added with 2 labels by PE 1 and then is transmitted to PE 2. PE 2 removes the labels and then forwards the packet to CE 2.
Implementation modes
MPLS L2VPN is realized through the following 3 modes:
Circuit Cross Connect (CCC): MPLS L2VPN is realized by manually configuring the circuit cross connection. It fits for a small and simple MPLS network. This mode consumes fewer resources and is easy for configuration because no signaling negotiation is performed and no control packet is exchanged. The connection mode is divided into local connection and remote connection.
Local connection: a connection established between 2 local CEs. These 2 CEs are connected to the same PE. The PE works as a Layer 2 switching. In this mode, packets can be exchanged directly without configuring the static LSP. Remote connection: a connection established between the local and remote CEs. These 2 CEs are connected to different PEs. You need to configure a static LSP to transmit the packet from one PE to the other one.
CCC MPLS L2VPN supports local and remote connections. Figure 4-12 shows the CCC MPLS L2VPN topology. Figure 4-12 CCC MPLS L2VPN topology
Site 1 and Site 2 of VPN 1 are connected through CCC remote connection (displayed with blue dotted line). There must be 2 static LSPs between Site 1 and Site 2. One static LSP is from PE 1 to PE 3, referring to the LSP from Site 1 to Site 2. The other one is from PF 3 to PE 1, referring the LSP from Site 2 to Site 1. The 2 blue dotted lines are VCs (CCC remote connections), providing L2VPN connection. Site 1 and Site 2 of VPN 2 are connected through CCC local connection (displayed with black dotted line). The PE 2 to which that access acts as a Layer 2 switch. There is no need to establish a LSP between CEs. CEs can directly exchange link-type data, such as VLAN and Ethernet. In this mode, no label or signaling is needed to transmit L2VPN information so long as the ISP network supports MPLS forwarding. In addition, it can provide QoS guarantee because the CCC LSP is private.
Martini: use the LDP as the signaling for transmitting VC information. In Martini mode, inner and outer labels are used. The inner label uses the extended LDP as the signaling to exchange packet and the outer label is the Tunnel label.
Raisecom Technology Co., Ltd. 95
4 MPLS-TP
In Martini mode, a LSP between PEs can be shared by multiple VCs. In addition, only the PEs need to save the mapping relationship between VC Labels and LSPs. The P device has a great expansibility because it does not save any L2VPN information. When needing to add a VC, configure a unidirectional VC on related 2 PEs only without influencing network performance. In Martini mode, the VC Type + VC ID between 2 CEs is used to identify a VC.
VC Type: identify the encapsulation type of the VC, such as the VLAN. VC ID: identify the VC uniquely. For all VCs of a VC Type, their VC IDs must be unique on all PEs.
The PE, connected to 2 CEs, exchanges the VC label through the LDP. In addition, it binds the related CEs based on the VC ID. To successfully establish a VC for transmitting Layer 2 data, perform the following operations:
AC interfaces are Up. The Tunnel between PEs is established successfully. Labels are exchanged and bound.
In Martini mode, the outer label is used to transmit the data of all VCs across the ISP network. The inner VC label is used to distinguish user data. Therefore, a LSP can be shared by multiple VCs in the ISP network. To deploy Martini MPLS L2VPN, you must ensure that the ISP network can establish the LSP Tunnel automatically. Therefore, the LSP network should forward MPLS forwarding and MPLS LDP. The Martini MPLS L2VPN supports Graceful Restart (GR). After data is switched, the VC label is not changed. During protection switching, VCs are Up. Packets are transmitted through VCs without being influenced. The Martini MPLS L2VPN supports remote connection only. Figure 4-13 shows the Martini MPLS L2VPN topology. Figure 4-13 Martini MPLS L2VPN topology
Site 1 and Site 2 of VPN 1 are connected through Martini remote connection (black dotted line) while Site 1 and Site 2 of VPN 2 are connected through Martini remote connection (blue dotted line). In the ISP network, VPN 1 and VPN 2 can be connected through 2 different LSPs. In addition, they can be connected by sharing one LSP.
Static Virtual Circuit (SVC): be similar to the Martini mode. However, it does not use the LDP as the signaling for transmitting the VC label and link information. Instead, it configures the VC label manually.
96
4 MPLS-TP
The establishment mode of the SVC outer label (private Tunnel) is identical to the one in Martini mode. The inner label is manually specified when you configure the VC. No signaling is needed to transmit label information between PEs. Therefore, the SVC network topology and packet exchange process are identical to the ones in the Martini mode. At present, the iTN165-CES supports SVC MPLS L2VPN only.
Effectively detect, identify, and locate MPLS user layer faults. Effectively measure network utilization rate and network performance. Perform protection switching quickly when the link/node fails to reduce fault dwell time and improve network reliability.
On the iTN165-CES, MPLS-TP OAM cooperates with the Generic Associated Channel (GACH) defined in RFC5586 and OAM technology defined in G.8113.1. For related contents about Y.1731, see sections 8.1.2 CFM and 8.1.3 SLA.
GACH
OAM packet types used in the MPLS-TP are similar to the ones defined in Ethernet OAM. In the MPLS-TP network, GACH is used as the control channel of the PW layer (VC+Tunnel), LSP layer, and Section layer (physical link). By encapsulating and transmitting OAM packets defined in Y.1731 through GACH, you can realize MPLS-TP-based OAM. When the GACH is used as the control channel of the above mentioned layers, it packet formats are shown in Figure 4-14, Figure 4-15, and Figure 4-16. Figure 4-14 Packet format when the GACH is used as the control channel of the PW layer
97
4 MPLS-TP
Figure 4-15 Packet format when the GACH is used as the control channel of the LSP layer
Figure 4-16 Packet format when the GACH is used as the control channel of the Section layer
Generic Associated Channel Label (GAL): is a reserved label assigned to the MPLS-TP by the IANA. It is used to distinguish OAM packets from other common service packets. It is a 10-bit label. The label ID is fixed to 13. Associated Channel Header (ACH): it is used to indicate the control channel, as shown in Figure 4-17. It is designed to transmit OAM, Automatic Protection Switching (APS), Signalling Communication Channel (SCC) packets.
The first 4 bits are fixed to 0001. It indicates an ACH channel. The Version is a 4-bit field. It indicates the channel version. At present, it is unified to 0. The Reserved field occupies 8 bits. It is used as a reserved bit for further extension. The Channel Type is a 16-bit field. It indicates the channel type.
ACH can carry one or more Type Length Value (TLV). The channel type decides whether the ACH carries TLV and which TLV are carried.
4 MPLS-TP
bidirectional protection switching. 1:1 protection switching is bidirectional protection switching. At present, the iTN165-CES supports 1:1 protection switching only.
The sender sends packets through both the working link and the protection link. The receiver receives packets from the working link and detects the status of working and protection links between the sender and receiver. When the receiver detects that the working link fails and the protection link works normally, it switches services to the protection link.
99
4 MPLS-TP
The sender sends packets through the configured working link and the receiver receives packets from the working link. When a fault occurs on the working link between the sender and receiver, it is detected at the receiver. And then 1:1 protection switching is triggered through APS protocol. The whole process is shown as below: Step 1 The receiver detects a fault. Step 2 The receiver exchanges packets with the sender through both the working link and the protection link and sends the APS command for requesting protection switching. Step 3 The sender sends the APS command to confirm the protection switching request. Meanwhile, it sends packets to the receiver through the working link and protection link. Step 4 The sender and receiver switch services to the protection link for transmission.
Prerequisite
MPLS on an interface cannot take effect unless global MPLS is enabled and the IP interface is configured with an IP address and is related to a VLAN.
100
4 MPLS-TP
Description Enter global configuration mode. Configure the LSR ID. In general, the IP address of some IP interface is taken as the LSR ID. By default, no LSR ID is configured.
Raisecom(config)#mpls enable
4 5
Enter Layer 3 interface configuration mode. Enable MPLS on the Layer 3 interface. By default, MPLS is enabled on the Layer 3 interface.
Prerequisite
Before configuring the static LSP, you need to configure basic functions of MPLS.
101
4 MPLS-TP
Command
Description Enter global configuration mode. Configure the static LSP on the Ingress node.
Command
Description Enter global configuration mode. Configure the static LSP on the Transit node.
Description Enter global configuration mode. Configure the static LSP on the Egress node.
After configuring the static bidirectional corouted LSP, you need to configure the forward LSP and backward LSP on the Ingress and Egress nodes in bidirectional corouted LSP configuration mode. On the Ingress node, the received MPLS packets carry the incoming label. On the Egress node, the transmitted MPLS packets carry the outgoing label.
102
4 MPLS-TP
Command
Description Enter global configuration mode. Create a static bidirectional corouted LSP on the Ingress node and enter bidirectional Ingress configuration mode. Configure the forward egress LSP without IP capability in directional Ingress configuration mode. Configure the backward ingress LSP in directional Ingress configuration mode.
tunnel-id
Raisecom(config-ingress-lsp)#forward destnetwork [ mask ] nexthop-mac mac-address vlan vlan-id interface-type interface-number outlabel out-label Raisecom(config-ingress-lsp)#backward in-label
in-label
Command
Description Enter global configuration mode. Create a static bidirectional corouted LSP on the Transit node and enter bidirectional Transit configuration mode. Configure the forward LSP without IP capability in directional Transit configuration mode. Configure the backward LSP without IP capability in directional Transit configuration mode.
Raisecom(config-transit-lsp)#forward in-label in-label nexthop-mac mac-address vlan vlan-id interface-type interface-number out-label out-
label
Raisecom(config-transit-lsp)#backward in-label in-label nexthop-mac mac-address vlan vlan-id interface-type interface-number out-label out-
label
Command
Description Enter global configuration mode. Create a static bidirectional corouted LSP on the Ingress node and enter bidirectional Egress configuration mode. Configure the forward ingress LSP in directional Egress configuration mode.
label
103
4 MPLS-TP
Step 4
Command
Raisecom(config-egress-lsp)#backward dest-network [ mask ] nexthop-mac mac-address vlan vlan-id interface-type interface-number out-label out-
Description Configure the backward egress LSP in bidirectional Egress configuration mode.
label
Description Enter global configuration mode. Configure the static MPLS TE Tunnel. By default no static MPLS TE Tunnel is configured. Configure the destination IP address.
tunnel-number
Raisecom(configtunnelif)#destination destination-
ip-address
Description Show LSP statistics. Show bidirectional LSP configurations. Show MPLS packet statistics of the bidirectional LSP. Show static LSP configurations. Show LSP-based MPLS packet statistics. Show information about assigned MPLS label or status about a specified label. Show Tunnel configurations.
104
4 MPLS-TP
Prerequisite
At present, the iTN165-CES does not support dynamic routing. When the iTN165-CES communicates with the device that supports dynamic routing, you need to add a route to the iTN165-CES on the device.
Description Enter global configuration mode. Enable global MPLS L2VPN. By default, global MPLS L2VPN is enabled.
3 4
Raisecom(config)#interface
interface-type interface-number
Raisecom(config-port)#mpls l2vpn
Enter physical layer interface configuration mode. Enable MPLS L2VPN on an interface. By default, MPLS L2VPN on an interface is enabled.
Raisecom(config-port)#mpls static-l2vc [ vlan vlan-id ] destination ip-address { raw | tagged } vc-id vc-id { in-label in-label out-label out-label | vc-label label-id } [ no-controlword ] [ mtu value ] [ tpid { 0x8100 | 0x88a8 | 0x9100 } ]
When the existing service is bound to other VPN Tunnels, you cannot configure MPLS L2VPN on it. When the encapsulation mode of a packet is set to raw, in the ingress PW direction, if the TPID of the packet received by the PE is identical to the VLAN ID of the interface, the VLAN Tag is automatically deleted. Otherwise, no change is made. In the egress PW direction, the PE directly sends the packet to the AC. When the encapsulation mode of a packet is set to tagged, in the ingress PW direction, if the TPID of the packet received by the PE is identical to the VLAN ID
Raisecom Technology Co., Ltd. 105
4 MPLS-TP
of the interface, sustain the VLAN Tag. Otherwise, add the default VLAN Tag of the interface to the packet. In the egress PW direction, the PE directly sends the packet to the AC.
Fault detection (Continuity Check, CC) Fault acknowledgement (LoopBack, LB) Fault location (LinkTrace, LT) Alarm Indication Signal (AIS) Client Signal Fail (CSF) Lock (LCK) Packet Delay and Packet Delay Variation Measurements (DM) Frame Loss Measurements (LM)
The principle of MPLS-TP OAM is similar to the one of Ethernet-based OAM. Only the carrying modes of related packets are different. To ensure that users can get qualified network services. The Carrier and users sign a Service Level Agreement (SLA). To effectively fulfil the SLA, the Carrier needs to deploy the SLA feature on the device to measure the network performance and takes the measurement result as the basis for ensuring the network performance. SLA selects 2 detection points, configures, and schedules the SLA operation on one detection point to detect the network performance between the 2 detection points. The SLA feature counts the round-trio packet loss ratio, round-trip/unidirectional (SD/DS) delay, jitter, jitter variance, and jitter distribution and reports them to the upper monitoring
106
4 MPLS-TP
software (such as the NView NNM system). And then the upper monitoring software analyses the network performance to get a data meeting users' requirements.
Prerequisite
Before configuring MPLS-TP OAM, perform the following operations:
Connect the interface and configure physical parameters of the physical. Make the physical layer Up. Configure basic functions of MPLS. Before configuring SLA, you need to deploy CFM between devices that need to detect the network performance.
The fault detection and fault location cannot take effect unless CFM is enabled. Before enabling the CFM packet delivery feature, you should configure the relationship between the service instance and static L2VC. Command Description Enter global configuration mode. Enable global MPLS-TP CFM. By default, global MPLS-TP CFM is disabled. Enter physical layer interface configuration mode. (Optional) enable CFM on an interface. By default, CFM is enabled on an interface.
Step 1 2
3 4
interface-type interface-number
Raisecom(config-port)#cfm enable
Description Enter global configuration mode. (Optional) configure the MPLS-TP CFM control channel type. By default, the MPLS-TP CFM control channel type is set to 0x7ffa.
Modifying the control channel type is only for the device communicating with devices from other vendors.
107
4 MPLS-TP
Step 3 4 5
Command
Raisecom(config)#mpls-tp cfm domain level level Raisecom(config)#mpls-tp service cis-id level level Raisecom(config-service)#service lsp { bidirection lsp-name | ingress in-lsp-name [ egress out-lsp-name ] | egress out-lspname } Raisecom(config-service)#service lsp transit forward lsp-in backward lsp-out ttl ttl Raisecom(config-service)#service lsp transit bidirection lsp-name lsr-id lsr-id ttl ttl Raisecom(config-service)#service pw transit forward vc-id vc-id destination ip-address backward vc-id vc-id destination ip-
Description Create a MPLS-TP Maintenance Domain (MD). Create a service instance and enter service instance configuration mode. (Optional) associate the service instance to a static LSP based on the static bidirectional LSP, ingress static LSP, or egress static LSP.
(Optional) configure the server instance connected by the subnet based on the ingress static LSP or egress static LSP. Configure the service instance based on the subnet connection of the bidirectional LSP. (Optional) associate the service instance to the Transit PW.
address
10
Raisecom(config-service)#service section { interface-type interface-number | port-channel port-channel } Raisecom(config-service)#service section dest-mac mac-address
Command
Description Enter global configuration mode. Create a MPLS-TP MD. Create a service instance and enter service instance configuration mode. Configure the VC ID associated to the service instance. Configure a MEP based on the service instance.
level
Raisecom(config)#mpls-tp service csi-id level level Raisecom(config-service)#service vc-id vc-id destination ip-address Raisecom(config-service)#service mep mpid
mep-id
Before enabling the CFM packet delivery feature, you should configure the relationship between the service instance and static L2VC.
Raisecom Technology Co., Ltd. 108
4 MPLS-TP
Description Enter global configuration mode. (Optional) configure the aging time of the Remote MEP (RMEP). By default, the aging time of the learned RMEP is set to 100min.
(Optional) configure the hold time of error CC packets. By default, the hold time of error CC packets is set to 100min. When the new hold time is configured, the system will check the database immediately. If any data exceeds the hold time, it will be deleted from the database. Enter service instance configuration mode. (Optional) configure the interval for sending service instance CC packet. By default, the interval for sending service instance CC packet is set to 1s. When the CC packet delivery is enabled, the interval for sending CC packet cannot be modified. Enable MEP sending CC packet. By default, the MEP does not send CC packet. You can use the service cc disable mep { mepid-list | all } command to disable CC packet delivery.
4 5
Raisecom(config)#mpls-tp service cis-id level level Raisecom(configservice)#service cc interval { 1 | 10 | 60 | 600 | 3ms | 10ms | 100ms }
(Optional) configure the static RMEP. It cooperates with CC packet detection feature.
(Optional) enable REMP CC packet check. After REMP CC packet check is enabled, once receiving the CC packet, the service instance will check whether the dynamically learned RMEP ID is identical to the staticallyconfigured one. If they are inconsistent, the service instance takes the CC packet as an errored one. By default, REMP CC packet check is disabled.
(Optional) enable RMEP learning dynamic import. After RMEP learning dynamic import is enabled, once receiving the CC packet, the service instance will automatically translate the learned dynamic RMEP into static RMEP. By default, RMEP learning dynamic import is disabled.
109
4 MPLS-TP
Step 10
Command
Raisecom(configservice)#service priority
Description (Optional) configure CFM OAM packet priority. After the CFM OAM packet priority is configured, CCM, LBM, LTM, DDM packets sent by all MEPs in a service instance will use the specified priority. By default, the CFM OAM packet priority is set to 6.
priority
Command
Description Enter global configuration mode. Enter service instance configuration mode. Execute MPLS-TP layer Ping to acknowledge the fault. By default, the number of transmitted LBM packets is set to 5. The packet TLV is set to 64. In addition, the service instance automatically searches for an available source MEP.
Before executing this command, you must ensure that the global CFM is enabled. Otherwise, the Ping operation fails. If no MEP is configured for the service instance, the Ping operation will fails because no source MEP is found. The Ping operation will fail if the specified source MEP is invalid. For example, the specified source MEP does not exist or CFM is disabled on the interface where the specified source MEP is. The Ping operation will fail if another user is using the specified source MEP to initiate the Ping operation.
Description Enter global configuration mode. Enter service instance configuration mode. Execute MPLS-TP layer Traceroute to locate the fault. By default, the packet TLV is set to 64. In addition, the service instance automatically searches for an available
110
4 MPLS-TP
Step
Command
Raisecom(configservice)#traceroute mip icc icc node-id [ interface-num number ] [ ttl ttl ] [ timeout time ] Raisecom(configservice)#traceroute ttl ttl [ interface-mode ] [ timeout time ]
Before executing this command, you must ensure that the global CFM is enabled. Otherwise, the Traceroute operation fails. The Traceroute operation will fail if the specified source MEP is invalid. For example, the specified source MEP does not exist or CFM is disabled on the interface where the specified source MEP is. The Traceroute operation will fail if another user is using the specified source MEP to initiate the Ping operation.
Description Enter global configuration mode. Enter service instance configuration mode. Enable AIS delivery. By default, AIS delivery is disabled. You can use the service ais disable command to disable AIS delivery.
Raisecom(config-service)#service ais period { 1 | 60 } Raisecom(config-service)#service ais level level [ vlan vlan-id ] Raisecom(config-service)#service suppress-alarms enable mep { all | mep-list }
Configure the AIS delivery period. By default, the AIS delivery period is set to 1s. Configure the level of client-layer MD to which the AIS is sent. Enable MEP alarm inhibition.
5 6
111
4 MPLS-TP
Step 2 3
Command
Raisecom(config)#mpls-tp service cis-id level level Raisecom(config-service)#service lck start mep { mep-id | all } Raisecom(config-service)#service lck period { 1 | 60 } Raisecom(config-service)#service lck lsp lsp-name
Description Enter service instance configuration mode. Enable LCK packet delivery. By default, LCK packet delivery is disabled. Configure the LCK packet delivery period. By default, the LCK packet delivery period is set to 1s. Configure the relationship between the LCK and the LSP layer.
Command
Description Enter global configuration mode. Configure mpls-y1731-echo PW-layer operations based on the destination MEP ID. Configure mpls-y1731-echo LSP-layer operations based on the destination MEP ID. Configure mpls-y1731-jitter PW-layer operations based on the destination MEP ID. Configure mpls-y1731-jitter LSP-layer operations based on the destination MEP ID. Configure mpls-y1731-loss PW-layer operations based on the destination MEP ID. Configure mpls-y1731-loss LSP-layer operations based on the destination MEP ID. Create mpls-y1731-echo PWlayer operations quickly. Create mpls-y1731-echo LSPlayer operations quickly. Create mpls-y1731-jitter PWlayer operations quickly.
Raisecom(config)#sla oper-num mpls-y1731-echo remotemep mep-id level level l2vc l2vc-id [ tc tc-id ]
Raisecom(config)#sla oper-num mpls-y1731-echo remotemep mep-id level level lsp-ingress lsp-egress-name lsp-egress lsp-ingress-name [ tc tc-id ] Raisecom(config)#sla oper-num mpls-y1731-jitter remote-mep mep-id level level l2vc l2vc-id [ tc tcid ] [ interval period ] [ packets packets-num ] Raisecom(config)#sla oper-num mpls-y1731-jitter remote-mep mep-id level level lsp-ingress lsp-egressname lsp-egress lsp-ingress-name [ tc tc-id ] [ interval period ] [ packets packets-num ] Raisecom(config)#sla oper-num mpls-y1731-pkt-loss remote-mep mep-id level level l2vc l2vc-id [ tc tcid ] [ interval period ] [ packets packets-num ] Raisecom(config)#sla oper-num mpls-y1731-pkt-loss remote-mep mep-id level level lsp-ingress lsp-egressname lsp-egress lsp-ingress-name [ tc tc-id ] [ interval period ] [ packets packets-num ] Raisecom(config)#sla mpls-y1731-echo quick-input level level l2vc l2vc-id Raisecom(config)#sla mpls-y1731-echo quick-input level level lsp-ingress lsp-egress-name lsp-egress lsp-
8 9
ingress-name
10
112
4 MPLS-TP
Step 11
Command
Raisecom(config)#sla mpls-y1731-jitter quick-input level level lsp-ingress lsp-egress-name lsp-egress
Description Create mpls-y1731-jitter LSPlayer operations quickly. Configure SLA scheduling information and enable SLA operation scheduling. By default, SLA operation scheduling is disabled.
lsp-ingress-name
12
4.5.10 Configuring SLA shceduling information and enabling SLA operation scheduling
Step 1 2 Command
Raisecom#config Raisecom(config)#sla schedule opernum [ life { forever | life-time } ] [ period period ]
Description Enter global configuration mode. Configure SLA scheduling information and enable SLA operation scheduling. By default, SLA operation scheduling is disabled.
Description Show MPLS-TP CFM global configurations. Show MD and service instance configurations. Show error CCM database information. Show AIS configurations. Show LCK configurations. Show local MEP configurations.
7 8
9 10
113
4 MPLS-TP
No. 11 12
Command
Raisecom#show sla { all | oper-num } result Raisecom#show sla { all | oper-num } statistic
Description Show the last test information of the operation. Show operation scheduling statistics. Statistics of an operation (differed by the operation ID) is recorded up to 5 groups. If the number exceeds 5, the most aged (calculated based on the begin time of the operation scheduling) statistics will be aged.
Prerequisite
Configure MPLS basic functions. Configure the static LSP. Configure MPLS-TP OAM.
Description Enter global configuration mode. Configure the information about service instance associated to MPLS-TP APS. Create association information about service instances and APS of working line and protection line. Create MPLS-TP linear protection switching lines.
level ma-name
114
4 MPLS-TP
Step 5
Command
Raisecom(config)#mpls-tp lineprotection aps-id { working | protection } failure-detect [ cc ] [ phisycal-link ] [ sd ] Raisecom(config)#mpls-tp lineprotection trap enable Raisecom(config)#mpls-tp lineprotection aps-id force-switch Raisecom(config)#mpls-tp lineprotection aps-id hold-off-timer hold-off-timer Raisecom(config)#mpls-tp lineprotection aps-id lockout Raisecom(config)#mpls-tp lineprotection aps-id manual-switch Raisecom(config)#mpls-tp lineprotection aps-id manual-switchto-work Raisecom(config)#mpls-tp lineprotection aps-id wtr-timer wtr-
Description Configure the fault detection modes of MPLS-TP working/protection line, including CC fault detection, physical-link fault detection, and SD fault detection. Enable MPLS-TP linear protection switching Trap. Switch the traffic from the working line to the protection line forcibly. Configure the Hold OFF timer. It ranges from 0 to 100 ms. By default, the Hold OFF timer is set to 0. Lock out MPLS-TP linear protection switching. Switch the traffic from the working line to the protection line manually. Switch the traffic from the protection line to the working line manually. Configure the WTR timer. It ranges from 1 to 12min. By default, the WTR timer is set to 5min.
6 7 8
9 10 11
12
timer
Description Show APS association information of MPLSTP linear protection switching. Show MPLS-TP linear protection switching configurations. Show MPLS-TP linear protection switching statistics. Show APS information of MPLS-TP linear protection switching.
4.7 Maintenance
Command
Raisecom(config)#clear cfm errors [ level md-level ]
115
4 MPLS-TP
Command
Raisecom(config)#clear cfm remote-mep [ level md-level ] Raisecom(config)#clear mpls statistics lsp Raisecom(config)#clear mpls aps aps-id command
Description Clear information about the found RMEP. Clear static LSP statistics. Clear all commands except for commands related to APS policy association and binding. Clear APS policy statistics.
Configuration steps
Step 1 Configure MPLS basic functions.
Configure iTN A.
116
4 MPLS-TP
Configure iTN B.
Configure iTN C.
Step 2 Configure the bidirectional static LSP between iTN A and iTN B.
Configure iTN A.
iTNA(config)#mpls bidirectional static-lsp ingress lspAB lsr-id 192.168.4.2 tunnel-id 1 iTNA(config-ingress-lsp)#forward 192.168.4.0 nexthop-mac 000e.5e11.1113 vlan 1 line 1 out-label 1001 iTNA(config-ingress-lsp)#backward in-label 2001
Configure iTN C.
iTNC(config)#mpls bidirectional static-lsp transit lspAB lsr-id 192.168.1.1 192.168.4.2 tunnel-id 1 iTNC(config-transit-lsp)#forward in-label 1001 nexthop-mac 000e.5e11.1112 vlan 1 line 2 out-label 1002 iTNC(config-transit-lsp)#backward in-label 2002 nexthop-mac 000e.5e11.1111 vlan 1 line 1 out-label 2001
Configure iTN B.
iTNB(config)#mpls bidirectional static-lsp egress lspAB lsr-id 192.168.1.1 tunnel-id 1 iTNB(config-egress-lsp)#forward in-label 1002 iTNB(config-egress-lsp)#backward 192.168.1.0 nexthop-mac 000e.5e11.1113 vlan 1 line 1 out-label 2002
Checking results
Use the show mpls bidirectional static-lsp command to show bidirectional static LSP configurations on iTN A, iTN B, and iTN C.
117
4 MPLS-TP
iTNA(config)#show mpls bidirectional static-lsp lspAB LSP-Index: 1 LSP-Name: lspAB LSR-Role: Ingress LSP-Flag: Working Ingress-Lsr-Id: 1.1.1.1 Egress-Lsr-Id: 192.168.4.2 Forward Destination: 192.168.4.0 Forward In-Label: -Forward Out-Label: 1001 Forward In-Interface: -Forward Out-Interface: line 1 Forward Next-Hop: -Forward Next-Mac: 000E.5E11.1113 Forward Vlan-Id: 1 Backward Destination: -Backward In-Label: 2001 Backward Out-Label: -Backward In-Interface: all interfaces Backward Out-Interface: -Backward Next-Hop: -Backward Next-Mac: -Backward Vlan-Id: -Tunnel-Id: 1 LSP Status: Up
iTNB(config)#show mpls bidirectional static-lsp lspAB LSP-Index: 2 LSP-Name: lspAB LSR-Role: Egress LSP-Flag: Working Ingress-Lsr-Id: 192.168.1.1 Egress-Lsr-Id: 1.1.1.1 Forward Destination: -Forward In-Label: 1002 Forward Out-Label: -Forward In-Interface: all interfaces Forward Out-Interface: -Forward Next-Hop: -Forward Next-Mac: -Forward Vlan-Id: -Backward Destination: 192.168.1.0 Backward In-Label: -Backward Out-Label: 2002 Backward In-Interface: -Backward Out-Interface: line 1 Backward Next-Hop: --
118
4 MPLS-TP
iTNC(config)#show mpls bidirectional static-lsp lspAB LSP-Index: 3 LSP-Name: lspAB LSR-Role: Transit LSP-Flag: Working Ingress-Lsr-Id: 192.168.1.1 Egress-Lsr-Id: 192.168.4.2 Forward Destination: -Forward In-Label: 1001 Forward Out-Label: 1002 Forward In-Interface: all interfaces Forward Out-Interface: line 2 Forward Next-Hop: -Forward Next-Mac: 000E.5E11.1112 Forward Vlan-Id: 1 Backward Destination: -Backward In-Label: 2002 Backward Out-Label: 2001 Backward In-Interface: all interfaces Backward Out-Interface: line 1 Backward Next-Hop: -Backward Next-Mac: 000E.5E11.1111 Backward Vlan-Id: 1 Tunnel-Id: 1 LSP Status: Up
119
4 MPLS-TP
Figure 4-21 Configuring the static LSP to carry the static L2VC
Configuration steps
Step 1 Configure CE A. Create VLANs and add the specified interface to VLANs. Configure the IP address. Configurations on CE B are identical to the ones on CE A.
Raisecom#hostname CEA CEA#config CEA(config)#create vlan 2-4 active CEA(config)#interface ip 0 CEA(config-ip)#ip address 10.0.0.1 3 CEA(config-ip)#exit CEA(config)#interface line 1 CEA(config-port)#switchport mode trunk
Step 2 Configure IP addresses for PE A and PE B and create VLANs for PE A, PE B, and P.
Configure PE A.
Raisecom#hostname PEA PEA#config PEA(config)#create vlan 2-4 active PEA(config)#interface ip 0 PEA(config-ip)#ip address 10.0.0.2 4 PEA(config-ip)#exit PEA(config)#interface line 1 PEA(config-port)#switchport mode trunk PEA(config-port)#interface line 2 PEA(config-port)#switchport mode trunk PEA(config-port)#exit
Configure PE B.
120
4 MPLS-TP
Configure P.
Raisecom#hostname P P#config P(config)#create vlan 2-4 active P(config)#interface line 1 P(config-port)#switchport mode trunk P(config-port)#interface line 2 P(config-port)#switchport mode trunk P(config-port)#exit
Step 3 Enable MPLS on PE A, PE B, and P and configure the static LSP. Create the Tunnel between PE A and PE B and configure the static L2VC.
Configure PE A.
PEA(config)#mpls lsr-id 10.0.0.2 PEA(config)#mpls enable PEA(config)#mpls static-lsp ingress a2b 20.0.0.2 255.255.255.255 nexthopmac 000e.5e11.1113 vlan 4 line 2 out-label 301 lsr-id 20.0.0.2 tunnel-id 1 PEA(config)#mpls static-lsp egress b2a in-label 201 lsr-id 20.0.0.2 tunnel-id 2 PEA(config)#mpls l2vpn PEA(config)#interface line 1 PEA(config-port)#mpls static-l2vc destination 20.0.0.2 raw vc-id 1 vclabel 301 tunnel-interface 1 PEA(config-port)#exit
Configure PE B.
PEB(config)#mpls lsr-id 20.0.0.2 PEB(config)#mpls enable PEB(config)#mpls static-lsp egress a2b in-label 302 lsr-id 10.0.0.2 tunnel-id 1 PEB(config)#mpls static-lsp ingress b2a 10.0.0.2 255.255.255.255 nexthopmac 000e.5e11.1113 vlan 4 line 1 out-label 202 lsr-id 10.0.0.2 tunnel-id 2 PEB(config)#mpls l2vpn
121
4 MPLS-TP
PEB(config)#interface line 1 PEB(config-port)#mpls static-l2vc destination 10.0.0.2 raw vc-id 1 vclabel 201 tunnel-interface 2 PEB(config-port)#exit
Configure P.
lsr-id 10.0.0.3 enable static-lsp transit a2b in-label 301 nexthop-mac vlan 4 line 2 out-label 302 lsr-id 10.0.0.2 20.0.0.2 static-lsp transit b2a in-label 202 nexthop-mac vlan 4 line 1 out-label 201 lsr-id 20.0.0.2 10.0.0.2
Checking results
Use the show mpls static-lsp command to show static LSP configurations, taking PE A for an example.
PEA(config)#show mpls static-lsp LSP-Index: 2 LSP-Name: b2a LSR-Role: Ingress LSP-Flag: Working Ingress-Lsr-Id: 10.0.0.2 Egress-Lsr-Id: 20.0.0.2 FEC: 20.0.0.2 In-Label: -Out-Label: 203 In-Interface: -Out-Interface: line 1 Next-Hop: -Next-Mac: 000E.5E12.1113 Vlan-Id: 4 Tunnel-Id: 2 LSP Status: Down LSP-Index: 3 LSP-Name: a2b LSR-Role: Egress LSP-Flag: Working Ingress-Lsr-Id: 20.0.0.2 Egress-Lsr-Id: 10.0.0.2 FEC: -In-Label: 303 Out-Label: -In-Interface: all interfaces Out-Interface: --
122
4 MPLS-TP
Use the show interface tunnel command to show whether the Tunnel is created successfully, taking PE A for an example.
PEA(config)#show interface tunnel Interface tunnel 1 Encapsulation is MPLS Tunnel source 10.0.0.2, destination 20.0.0.2, Tunnel protocol static, tunnel id 1 ,explicit-path:--, Tunnel related LSP Type: Unidirectinal, LSP-name: a2b, Tunnel current state : UP Last up time: 2013-3-16, 12:26:17
Use the show mpls l2vc command to show static L2VC configurations, taking PE A for an example.
PEA(config-port)#show mpls l2vc Client Interface : line 1 Client Vlan : All VC ID : 1 Encapsulation Type: raw Tunnel Type : mplsNonTe Destination : 20.0.0.2 Tunnel Policy : -Tunnel Number : 1 Local VC Label : 201 Remote VC Label : 201 AC Status : down VC State : lowerLayerDown VC Signal : manual PW Control Word : enable Local VC MTU : 1500 Remote VC MTU : -TPID : 0x8100 SVLAN : -Create Time : 1970-01-01,09:02:37 Up Time : 0 days, 0 hours, 0 minutes 0.0 second Last Change Time : 1970-01-01,09:02:37 ---------------------------------------Total l2vc : 1 0 up 1 down
123
4 MPLS-TP
The static LSP among PE A, P A, and PE B is named as a2bA. The static LSP among PE A, P B, and PE B is named as a2bB. The static LSP among PE B, P A, and PE B is named as b2aA. The static LSP among PE B, P B, and PE A is named as b2aB.
Configuration steps
Step 1 Configure VLANs and add specified interfaces to VLANs. Configure IP addresses and static routings. Configurations on CE devices are not described in this guide.
Configure PE A.
Raisecom#hostname PEA PEA#config PEA(config)#create vlan 20,30,40,50 active PEA(config)#interface ip 0 PEA(config-ip)#ip address 20.0.0.1 20 PEA(config-ip)#interface ip 1 PEA(config-ip)#ip address 50.0.0.1 50 PEA(config-ip)#exit PEA(config)#interface line 1 PEA(config-port)#switchport access vlan 20
124
4 MPLS-TP
Configure PE B.
Raisecom#hostname PEB PEB#config PEB(config)#create vlan 20,30,40,50 active PEB(config)#interface ip 0 PEB(config-ip)#ip address 30.0.0.1 30 PEB(config-ip)#interface ip 1 PEB(config-ip)#ip address 40.0.0.1 40 PEB(config-ip)#exit PEB(config)#interface line 1 PEB(config-port)#switchport access vlan 30 PEB(config-port)#interface line 2 PEB(config-port)#switchport access vlan 40 PEB(config-port)#exit
Configure P A.
Raisecom#hostname PA PA#config PA(config)#create vlan 20,30,40,50 active PA(config)#interface ip 0 PA(config-ip)#ip address 20.0.0.2 20 PA(config)#interface line 1 PA(config-port)#switchport mode trunk PA(config-port)#switchport trunk allowed vlan 20-50 PA(config-port)#interface line 2 PA(config-port)#switchport mode trunk PA(config-port)#switchport trunk allowed vlan 20-50 PA(config-port)#exit
Configure P B.
Raisecom#hostname PB PB#config PB(config)#create vlan 20-70 active PB(config)#interface ip 0 PB(config-ip)#ip address 50.0.0.2 50 PB(config-ip)#exit PB(config)#interface line 1 PA(config-port)#switchport mode trunk PA(config-port)#switchport trunk allowed vlan 20-50 PB(config-port)#interface line 2
125
4 MPLS-TP
Step 2 Enable MPLS on PE A, PE B, P A, and P B. Configure static LSPs from PE A to PE B, as well as from PE B to PE A. Create Tunnels between PE A and PE B and configure the static L2VC.
Configure PE A.
PEA(config)#mpls lsr-id 20.0.0.1 PEA(config)#mpls enable PEA(config)#interface ip 0 PEA(config-ip)#mpls enable PEA(config-ip)#interface ip 1 PEA(config-ip)#mpls enable PEA(config-ip)#exit PEA(config)#mpls static-lsp ingress a2bA 30.0.0.1 nexthop-mac 000e.5e11.1113 vlan 20 line 1 out-label 103 lsr-id 40.0.0.1 tunnel-id 1 PEA(config)#mpls static-lsp egress b2aA in-label 301 lsr-id 40.0.0.1 tunnel-id 2 PEA(config)#mpls static-lsp ingress a2bB 40.0.0.1 nexthop-mac 000e.5e11.1114 vlan 50 line 2 out-label 104 lsr-id 40.0.0.1 tunnel-id 3 PEA(config)#mpls static-lsp egress b2aB in-label 401 lsr-id 40.0.0.1 tunnel-id 4 PEA(config)#mpls l2vpn PEA(config)#interface line 1 PEA(config-port)#mpls l2vpn PEA(config-port)#mpls static-l2vc destination 30.0.0.1 raw vc-id 1 vclabel 100 tunnel-interface 1 PEA(config-port)#exit
Configure PE B.
PEB(config)#mpls lsr-id 60.0.0.1 PEB(config)#mpls enable PEB(config)#interface ip 0 PEB(config-ip)#mpls enable PEB(config-ip)#interface ip 1 PEB(config-ip)#mpls enable PEB(config-ip)#exit PEB(config)#mpls static-lsp egress a2bA in-label 302 lsr-id 20.0.0.1 tunnel-id 1 PEB(config)#mpls static-lsp ingress b2aA 20.0.0.1 nexthop-mac 000e.5e11.1113 vlan 30 line 1 out-label 203 lsr-id 20.0.0.1 tunnel-id 2 PEB(config)#mpls static-lsp egress a2bB in-label 402 lsr-id 20.0.0.1 tunnel-id 3 PEB(config)#mpls static-lsp ingress b2aB 50.0.0.1 nexthop-mac 000e.5e11.1114 vlan 40 line 2 out-label 204 lsr-id 20.0.0.1 tunnel-id 4 PEB(config)#mpls l2vpn
126
4 MPLS-TP
PEB(config)#interface line 2 PEB(config-port)#mpls static-l2vc destination 50.0.0.1 raw vc-id 2 vclabel 200 tunnel-interface 2 PEB(config-port)#exit
Configure P A.
PA(config)#mpls lsr-id 20.0.0.2 PA(config)#mpls enable PA(config)#interface ip 0 PA(config-ip)#mpls enable PA(config-ip)#exit PA(config)#mpls static-lsp transit a2bA 000e.5e11.1112 vlan 30 line 2 out-label tunnel-id 1 PA(config)#mpls static-lsp transit b2aA 000e.5e11.1111 vlan 20 line 1 out-label tunnel-id 2
in-label 103 nexthop-mac 302 lsr-id 20.0.0.1 40.0.0.1 in-label 203 nexthop-mac 301 lsr-id 40.0.0.1 20.0.0.1
Configure P B.
PB(config)#mpls lsr-id 50.0.0.2 PB(config)#mpls enable PB(config)#interface ip 0 PB(config-ip)#mpls enable PB(config-ip)#exit PB(config)#mpls static-lsp transit a2bB 000e.5e11.1112 vlan 40 line 2 out-label tunnel-id 3 PA(config)#mpls static-lsp transit b2aB 000e.5e11.1111 vlan 50 line 1 out-label tunnel-id 4
in-label 103 nexthop-mac 302 lsr-id 20.0.0.1 40.0.0.1 in-label 203 nexthop-mac 301 lsr-id 40.0.0.1 20.0.0.1
Configure PE A.
PEA(config)#mpls-tp cfm domain level 7 PEA(config)#mpls-tp service ma1 level 7 PEA(config-service)#service lsp ingress a2bA egress b2aA PEA(config-service)#service mep down mpid 1 line 1 PEA(config-service)#service cc enable mep 1 PEA(config-service)#service remote-mep 2 line 1 PEA(config-service)#mpls-tp service ma2 level 7 PEA(config-service)#service lsp ingress a2bB egress b2aB PEA(config-service)#service mep down mpid 3 line 2 PEA(config-service)#service cc enable mep 3 PEA(config-service)#service remote-mep 4 line 2
127
4 MPLS-TP
Configure PE B.
PEB(config)#mpls-tp cfm domain level 7 PEB(config)#mpls-tp service ma1 level 7 PEB(config-service)#service lsp ingress b2aA egress a2bA PEB(config-service)#service mep down mpid 2 line 1 PEB(config-service)#service cc enable mep 2 PEB(config-service)#service remote-mep 1 line 1 PEB(config-service)#mpls-tp service ma2 level 7 PEB(config-service)#service lsp ingress b2aB egress a2bB PEB(config-service)#service mep down mpid 4 line 2 PEB(config-service)#service cc enable mep 4 PEB(config-service)#service remote-mep 3 line 2 PEB(config-service)#exit PEB(config)#cfm enable
Configure PE A.
PEA(config)#mpls-tp line-protection association 1 apsab1 7 ma1 PEA(config)#mpls-tp line-protection association 1 apsab2 7 ma2 PEA(config)#mpls-tp line-protection 1 lsp working apsa2b1 apsab1 protection apsa2b2 apsab2 one-to-one
Configure PE B.
PEB(config)#mpls-tp line-protection association 2 apsba1 7 ma1 PEB(config)#mpls-tp line-protection association 2 apsba2 7 ma2 PEB(config)#mpls-tp line-protection 2 lsp working apsba1 apsba1 protection apsba2 apsba2 one-to-one
Checking results
Use the show mpls-tp line-protection status command to show the MPLS-TP linear protection group status, taking PE A for an example.
PEA(config)#show mpls-tp line-protection status Id Type Direction(Configured) Direction(Negotiated) Revert Aps State Signal(Requested/Bridged)
128
4 MPLS-TP
-------------------------------------------------------------------------------
129
5 TDMoP
TDMoP
This chapter describes principles and configuration procedures of Time Division Multiplex over Packet (TDMoP), as well as related configuration examples, including following sections:
Introduction Configuring TDM interfaces Configuring PW Configuring TDMoP clock Maintenance Configuration examples
5.1 Introduction
5.1.1 Principles of TDMoP technology
With TDMoP, TDM CS service can be transparently transmitted on a PSN. TDMoP is the combination of traditional CS network and PSN and can share resources and support network expansion. Based on this, multiple international standardization organizations draft standards for TDMoP, among which the IETF PWE3 working team releases the most complete TDMoP standard and solution. This becomes dominant among all standards and solutions. The TDMoP services supported by the iTN165-CES are PWE3-based circuit emulation.
Overview of PWE3
PWE3 is a protocol structure for end-to-end tunnel transmission Layer 2 emulation services. For details, see RFC3985. Figure 5-1 shows the principle of PWE3. Step 1 CE 1 transmits TDM service data to PE 1 through AC. Step 2 PE1 encapsulates TDM service data to PW messages through related protocols to form one or multiple PWs.
130
5 TDMoP
Step 3 PW messages are carried through the Tunnel defined by a PSN protocol, such as MPLS, Metro Ethernet Forum (MEF), or UDP/IP, traverse the PSN, and reach PE 2. Step 4 PE 2 removes headers of PW messages at the egress interface, decapsulates and transmits TDM service data to CE 2 through AC. Figure 5-1 Principles of PWE3
CE: connected to the ISP network through the TDM interface. A CE may be a TDM device or router. The CE cannot sense the PSN. AC: an E1/T1 link that connects a CE and a PE. PE: a device at the edge of ISP network, connected to a CE through its downlink interface and the PSN through its uplink interface. In uplink direction, the PE encapsulates received TDM service data into emulation messages and then transmits emulation messages to the PTN through the uplink interface. In downlink direction, the PE decapsulates received emulation messages to TDM service data, and transmits TDM service data to the CE. Tunnel: a tunnel transparently transmitting TDM emulation messages across the PSN
TDM interface
At present, TDMoP is used to emulate low-speed PDH services and transparently transmit E1/T1 services on a PSN. E1/T1, early used in voice communication, is widely used in data communication now. The E1 interface, a physical layer interface, can connect Public Switched Telephone Network (PSTN) devices, private network devices, and user access network devices. It carries Layer 2 services, such as TDM, frame relay, and ATM services. The E1 interface has following features:
Be used in European and China, etc. The E1 interface speed is 2.048 Mbit/s. An E1 frame is composed of 32 timeslots, numbering TS0 through TS31. The speed of each timeslot is 64 Kbit/s. An E1 frame is 256 bits long, and takes 125 s to be transmitted. Each timeslot is 8 bits long. E1 data is in three modes: framed, multiframed, and unframed. In a multiframed E1, TS0 carries Frame Alignment Signal (FAS), CRC-4, and peer alarm indicator, and TS16 carries Channel Associated Signaling (CAS), multi-FAS, and multiframe peer alarm indicator. In a framed E1, TS0 carries FAS and uses out-of-band Common Channel Signaling (CCS), and TS16 carries service data. Namely, TS1 through TS31 carry service data. Unframed E1 is used on the 2.048 Mbit/s private network, and has no timeslots.
Raisecom Technology Co., Ltd. 131
5 TDMoP
Tunnel
Tunnel is a tunnel that carries TDM service to traverse the PSN. It is a path used to transparently transmit data between the local PE and peer PE. TDM service data is encapsulated in PW emulation messages, and thus is invisible to the Tunnel. A Tunnel can carry one or multiple PWs. When the PSN is a MPLS network, the Tunnel is defined by the MPLS outer label. The position of the Tunnel in the TDMoP protocol stack is shown in Figure 5-2. The PW demultiplexing layer and PSN layer define the Tunnel. The PW de-multiplexing layer belongs to the PWE3 data layer. It cooperates with the PSN layer to transparently transmit emulation packets. Figure 5-2 TDMoP circuit emulation protocol stack
PW
PW is a mechanism that encapsulates TDM service data into PW emulation messages and then uses the Tunnel to carry these PW emulation messages to traverse the PSN. PW supports the following functions:
Encapsulate TDM service data into PW emulation messages. Provide a Tunnel that can carry a PW emulation message to traverse the PSN. Establish PW connection, distribute and exchange PW labels at the Tunnel ends. Sort PW messages and extract clock signals. Manage data status and alarms of TDMoP circuit emulation services.
With distribution and exchange of PW labels, TDMoP circuit emulation services can be forwarded among different nodes in the PSN. The PW label is used to identify PW emulation message flows in the same channel, so same PW labels cannot coexist in a Tunnel. The PW label is defined by the innermost label of the MPLS protocol. The iTN165-4GEE1 provides up to 31 PWs. The iTN165-4GE4E1/iTN165-4GE4E1-BL provides up to 64 PWs. The iTN165-4GEV35 provides up to 1 PW.
132
5 TDMoP
TDM services are grouped into 2 types based on the structure: encapsulation protocols are divided into structured and unstructured protocols, including:
Structure-Agnostic TDM over Packet (SAToP) Structure-Aware TDM Circuit Emulation Service over Packet-Switched Network (CESoPSN)
SAToP
SAToP provides emulation for low-speed PDH circuit services, such as E1, T1, E3, and T3 services. It encapsulates unstructured services only. It takes TDM services as a serial data flow, fragments and encapsulates it into PW packets for transmission. SAToP is defined by the RFC4553. SAToP encapsulation principles of MPLS-based TDM data are shown in Figure 5-3. E1/T1 data flow is taken as binary codes to be fragmented into data packets with a fixed length and then be encapsulated into TDM payload. The outer lay is encapsulated by the Real-time Transport Protocol (RTP) header, SAToP control word, and MPLS label. Therefore, a PW emulation message is composed.
Varying on protocols used in the PSN, positions of the SAToP control word in the emulation packets are different. For details, see RFC4553. Figure 5-3 SAToP encapsulation principles
An emulation message encapsulated by the SAToP protocol contains a 4-byte control word, as shown in Figure 5-4. Figure 5-4 Structure of the SAToP control word
133
5 TDMoP
Table 5-1 Fields of the SAToP control word Field 0000 Length (bit) 4 Description Provide the necessary MPLS payload discrimination. By default, the value is set to 0. L 1 If the value is set to 1, it indicates the TDM link fails. That is, the TDM data encapsulated by SAToP is incorrect. If the value is set to 1, it indicates the PSN-side packet loss ratio exceeds the preconfigured threshold, notifying the peer that the local is in the packet loss status. By default, the value is set to 0. Indicate the packet is encapsulated in fragment. By default, the value is set to 0. Indicate the size of SAToP packet (defined as SAToP overhead size + TDM payload size). The value must be set to 0 if the length is more than 64 bytes. Indicate the serial number for the SAToP encapsulated packet, used for detecting packet loss ratio.
2 2 6
Sequence number
16
RTP
RTP supports end-to-end transmission of real-time data across a network, such as unicastbased and multicast-based voice, video, and emulation services. Varying on protocols adopted by the PSN, positions of the RTP field in emulation messages are different. The RTP field precedes the SAToP control word for UDP/IP PSN, while the RTP field follows the SAToP control word in other PSN networks. The RTP field is an optional 12byte filed in an encapsulation protocol header. RTP provides a sequence number for identifying the emulation packet, whose function is similar to the sequence number of the SAToP control word. However, the RTP sequence number does not coexist with the sequence number of the SAToP control word. The RTP structure is shown in Figure 5-5. Figure 5-5 Structure of RTP packet header
134
5 TDMoP
Table 5-2 Fields of the RTP packet header Field V P Length (bit) 2 1 RTP protocol version Padding flag If the value is set to 1, it indicates that one or more extra 8bit are padded at the end of the message. The padding is not valid payload. X 1 Extended flag If the value is set to 1, it indicates that an extended packet header is padded after the RTP packet header. CC 4 Contributing Sources (CSRC) counter It indicates the number of CSRC identifiers. M 1 Marker Different payloads have different markers. PT Sequence number 7 16 Valid information carried in the payload Sequence number of a RTP packet It grows by 1 when a packet is sent. With it, the receiver detects packet loss ratio and resorts packets. Timestamp 32 Time index for the first sample of the RTP packet It has two modes: absolute mode and differentiated mode. With it, the receiver calculates delay and jitter. SSRC CSRC 32 32 Synchronization Source (SSRC) Identifier, used to detect error connection Contributing Source (CSRC) Identifier, used to identify all contributing sources contained in the valid payload of the RTP packet Description
TDM payload
In SAToP encapsulation mode, TDM frame structure and its internal signaling are not identified and processed. Instead, TDM service data is fragmented and encapsulated, and then transparently transmitted.
The length of SAToP encapsulation packet takes byte as the unit. After a PW connection is established, the length of SAToP encapsulation packets is fixed accordingly. For a PW, the length in both two directions must be identical and keeps fixed in the whole working period. The length of SAToP encapsulation packets cannot exceed the MTU between 2 PEs.
135
5 TDMoP
CESoPSN
CESoPSN, defined by the RFC5086, emulates low-speed PDH circuit services, such as E1, T1, E3, and T3 services. It provides structured TDM emulation service transmission, has a frame structure, and can recognize and process TDM internal frame signaling. CESoPSN discards idle timeslots and encapsulates timeslots in use, thus improving bandwidth utilization. Figure 5-6 shows CESoPSN encapsulation principle for MPLS-based TDM data. Frame structure of E1/T1 specified timeslot is encapsulated into the TDM payload. The outer lay is encapsulated by the RTP header, CESoPSN control word, and MPLS label. Therefore, a PW emulation message is composed. The length of the TDM payload in the packet is a multiple of the length of E1/T1 frame structure (125 s).
Varying on protocols used in the PSN, positions of the CESoPSN control word in the emulation packets are different. For details, see RFC5086. Figure 5-6 CESoPSN encapsulation principles
The CESoPSN encapsulation protocol contains a 4-byte control word, whose format is shown in Figure 5-7. Figure 5-7 Structure of the CESoPSN control word
Table 5-3 describes fields of the CESoPSN control word. Table 5-3 Fields of the CESoPSN control word Field 0000 Length (bit) 4 Description Provide the necessary MPLS payload discrimination. By default, the value is set to 0. L 1 If the value is set to 1, it indicates the TDM link fails. That is, the TDM data encapsulated by CESoPSN is incorrect.
136
5 TDMoP
Field R
Length (bit) 1
Description If the value is set to 0, it indicates the PSN-side packet loss ratio exceeds the preconfigured threshold, notifying the peer that the local is in the packet loss status. It indicates signaling detection at the AC side. Combination of M and L indicates that packet received from the PSN side is a signaling packet or a service packet. Indicate the packet is encapsulated in fragment. By default, the value is set to 0. Indicate the size of CESoPSN packet (defined as CESoPSN overhead size + TDM payload size). The value must be set to 0 if the length is more than 64 bytes. Indicate the serial number for the SAToP encapsulated packet, used for detecting packet loss ratio.
Fragmentation Length
2 6
Sequence number
16
RTP
The RTP field precedes the CESoPSN control word for UDP/IP PSN, while the RTP field follows the CESoPSN control word in other PSN networks. The RTP field is an optional 12byte filed in an encapsulation protocol header, whose structure and function are identical to ones of SAToP protocol.
TDM payload
The payload of a CESoPSN encapsulation packet is a basic NxDS0 data queue with or without signaling. Signaling and basic NxDS0 data can be encapsulated independently or together. There are three encapsulation modes: encapsulation of basic NxDS0 data, encapsulation of NxDS0 signaling, and encapsulation of NxDS0 data and signaling.
After a PW connection is established, the length of a CESoPSN encapsulation packet is fixed accordingly. The length value is related to the delay of the encapsulation packet. The delay of the emulation packet is consistent, which can simplify compensation mechanism of PW packet loss. The delay of the CESoPSN encapsulation packet ranges from 1ms to 5ms, with its unit of 125 s. After a PW is established, the length of a CESoPSN encapsulation packet is fixed accordingly. The length of PW encapsulation packets in all directions must be identical. CESoPSN encapsulation packet discards invalid TDM service data and then the L field of the CESoPSN control word is set to 1. Encapsulation of basic NxDS0 data
As shown in Figure 5-8, the payload of a CESoPSN encapsulation packet consists of M frames (Frame 1 to Frame M). A frame has N timeslots in use (that is, NxDS0 carrying data). When the CESoPSN encapsulation packet is forwarded through the PW, Frame 1 of the payload will be forwarded first. The length of the CESoPSN encapsulation packet is a multiple of a frame, and is related to the delay.
Raisecom Technology Co., Ltd. 137
5 TDMoP
As shown in Figure 5-9, the payload of the CESoPSN packet consists of N signaling codes of DS0 channel, which means the payload of the CESoPSN packet only contains DS0 signaling. This encapsulation mode is a supplement of basic NxDS0 encapsulation mode. Figure 5-9 Format for CESoPSN encapsulation of basic NxDS0 signaling
A signaling encapsulation packet uses an independent sequence number. Values of some bits in the control word of the signaling encapsulation packet are set as follows: L = 0, M = 11, and R = 0. If the RTP header exists in the signaling encapsulation packet, a PT mark is assigned specially to the packet with independent SSRC. Encapsulation of basic NxDS0 and signaling
As shown in Figure 5-10, a CESoPSN encapsulation packet consists of M frames (Frame 1 to Frame M). A frame contains N NxDS0 with data. The signalling also contains signalling codes corresponding to NxDS0. Each signaling code occupies 4 bits. A byte is composed of 2 DS0 signaling codes or a DS0 signaling code and padding bits (if not adequate for a byte). Figure 5-10 Format for CESoPSN encapsulation of basic NxDS0 and signaling
138
5 TDMoP
The process for self-adaptive clock recovery is shown as follows: Step 1 A source Inter-Working Function (IWF) device sends its source clock signals to the destination IWF device. Step 2 The destination IWF device buffers all received signals in a queue, and then sends local clock signals out. Step 3 If the source IWF clock is not synchronized with the destination IWF clock, the length of the buffering queue on the destination IWF changes. Detailed descriptions are shown as follows:
If the length increases, the destination clock runs slower than the source clock; thus advance the destination clock. If the length decreases, the destination clock runs faster than the source clock; thus slow down the destination clock.
Self-adaptive clock recovery is a passive feedback mechanism. When the clock is adjusted properly, clock synchronization between the source IWF device and the destination IWF device on the PSN is complete.
139
5 TDMoP
140
5 TDMoP
Prerequisite
N/A
These configurations are available for the device whose TDM interface is an E1 interface. Step 1 Command
Raisecom#config
5 TDMoP
Step 2 3
Command
Raisecom(config)#interface tdm
Description Enter TDM interface configuration mode. Configure the link type of the TDM interface (E1 interface). By default, the link type is set to E1 unframed mode. Configure the code of idle timeslots for the TDM interface (E1 interface). By default, the code is set to 0x7e.
interface-number
Raisecom(config-tdm-port)#tdm-type { e1-unframed | e1-framed | e1-crcframed | e1-framed-cas | e1-crcframed-cas | t1-unframed | t1-d4 | t1-d4-cas | t1-esf | t1-esf-cas } Raisecom(config-tdm-port)#ts-idlecode ts-code
These configurations are available for the device whose TDM interface is a V.35 interface. Step 1 2 3 4 Command
Raisecom#config Raisecom(config)#interface tdm 1 Raisecom(config-tdm-port))# bandwidth-speed N Raisecom(config-tdm-port))#clockpolarity { normal | invert } Raisecom(config-tdm-port))#cts { on | rts } Raisecom(config-tdm-port))#dcd { on | off }
Description Enter global configuration mode. Enter TDM interface configuration mode. Configure the speed of the V.35 interface. By default, the speed is set to 2048 Kbit/s. Configure the clock polarity of the V.35 interface. By default, the clock polarity is set to normal. Configure Clear to Send (CTS) on the V.35 interface. By default, CTS is enabled. Configure Data Carrier Detect (DCD) on the V.35 interface. By default, CTS is enabled.
Description Show configurations of the current TDM interface. Show the status of the PW associated to the current TDM interface.
142
5 TDMoP
5.3 Configuring PW
5.3.1 Preparing for configurations
Scenario
TDM service data flow is received by the TDM interface and then is encapsulated to PW packets via a protocol. PW packets of the same type form the PW service flow, which is transmitted through the Tunnel to traverse the PSN. After reaching the peer device, PW service flow is de-capsulated to the original TDM service data flow and the TDM service data flow is forwarded through the TDM interface. The iTN165-CESsupports MPLS-/MEF-/IP-based PSN. Therefore, Tunnels are grouped in these 3 types. Properties of a MPLS Tunnel are defined by the LSP and L2VPN of the MPLS protocol. For details about how to create a MPLS Tunnel, see related configurations. MPLS/IP-based PW packets select a transport path based on the IP address. The source IP address of a PW packet is the IP address of the TDMoP sub-card.
Prerequisite
N/A
The IP address of the TDMoP sub-card and the management IP address of the iTN165-CES should be in different network segments. Step 1 2 Command
Raisecom#config Raisecom(config)#tdmop-ip-address ip-address [ ip-mask ]
Description Enter global configuration mode. Configure the IP address of the TDMoP sub-card.
When Tunnel packets are Tag ones, CVLAN ID and priority are required parameters while SVLAN ID and priority are optional parameters. When Tunnel packets are Double-tag ones, CVLAN ID, SVLAN ID, and priority are required parameters. When Tunnel packets are Untag ones, you do not need to configure the CVLAN ID and SVLAN ID.
143
5 TDMoP
Step 1 2
Command
Raisecom#config Raisecom(config)#mef tunnel tunnel-name dest-mac-address mac-address tag-vlan-mode { double-tag | tag | untag } [ cvlan-id vlan-id pri privalue ] [ svlan-id vlan-id pri pri-value ]
Description Enter global configuration mode. Create a MEF Tunnel and configure basic properties of the Tunnel, including the destination MAC address, VLAN mode, VLAN ID, and priority.
The destination MAC address of a MEF Tunnel is the MAC address of the TDMoP sub-card on the remote device. Create an IP Tunnel and configure basic properties of the Tunnel, including the destination IP address, TTL, ToS, next-hop address and type, VLAN mode, VLAN ID, and priority. You can use the no tunnel tunnel-name command to delete a created Tunnel.
Raisecom(config)#ip tunnel tunnel-name slot-id dest-ipaddress ip-address [ ip-ttl ttlvalue ] [ ip-tos tos-value ] [ nexthop-type { ip nexthop-addr ip-address | mac nexthop-addr mac-address } ] tag-vlan-mode { double-tag | tag | untag } [ cvlan-id vlan-id pri privalue ] [ svlan-id vlan-id pri pri-value ]
The destination IP address of an IP Tunnel is the IP address of the TDMoP sub-card on the remote device.
Description Enter global configuration mode. Create a MPLS PW and configure basic properties of the PW, including the encapsulation protocol type, in-label value, out-label value, related TDM interface ID, timeslot ID, and destination IP address.
Create a MEF PW and configure basic properties of the PW, including the encapsulation protocol type, related TDM interface ID, bound timeslot ID, in-label value, outlabel value, and bound Tunnel name.
Create an IP PW and configure basic properties of the PW, including the encapsulation protocol type, related TDM interface ID, bound timeslot ID, in-label value, out-label value, and bound Tunnel name.
144
5 TDMoP
Step 3 4
Command
Raisecom(config)#cespw pw-name Raisecom(config-pw)#load-time
Description Enter PW configuration mode. Configure the PW packet encapsulation time, the PW packet encapsulation time is a multiple of 125 s. By default, the PW packet encapsulation time is 1000 s.
load-time
Raisecom(config-pw)#frame-size
size-value
The function of this command is identical to the one of the load-time load-time command. The latter configured one takes effect. 6
Raisecom(config-pw)#jitterbuffer jitter-buffer Raisecom(config-pw)#rtp-header enable
Configure the PW Jitter Buffer size. By default, the PW Jitter Buffer size is set to 8000 s. Enable RTP of the PW packet header.
When the TDMoP system adopts the differential clock mechanism, you must enable RTP of the PW packet header. 8
Raisecom(config-pw)#sesthreshold ses-threshold
Configure the packet loss ratio threshold for a PW entering Severely Errored Second (SES) status. By default, the packet loss ratio threshold for a PW entering SES status is set to 30%.
Configure the EXP priority of the PW packets. By default, the PW EXP priority is set to 0. Configure the Out of Service (OOS) action of a PW. By default, the PW OOS action is set to not-care. Configure the sequential frame loss threshold. By default, the sequential frame loss threshold is set to 15. Enable PW connection. Services cannot be transmitted unless the PW connection is created. By default, PW connection is disabled.
10
11
12
Values of the in-label and out-label of a PW must be different. The PW Jitter Buffer size must be equal to or greater than the PW packet encapsulation time.
145
5 TDMoP
Description Show PW interface configurations and status. Show Tunnel configurations. Show TDMoP global configurations.
Prerequisite
Create a PW.
Command
Description Enter global configuration mode. Enter TDM interface configuration mode. Configure the recovery clock source PW.
number
Raisecom(config-tdm-port)#adaptive-pwname
pw-name
When the Rx clock source of a TDM interface is an Ethernet recovery clock source or a differential clock source, you need to configure a PW as the recovery clock source in advance.
146
5 TDMoP
Step 4
Command
Raisecom(config-tdm)#tx-clock-src { adaptive | differential | external | loopback | system }
Description Configure the clock source of a TDM interface (E1 interface). By default, the clock source of the TDM interface is set to system clock. Configure the clock source of a TDM interface (V.35 interface). By default, the clock source of the TDM interface is set to system clock.
5.5 Maintenance
Command
Raisecom(config-tdm-port)#loopback { internal | external | bidirectional }
Description Configure loopback mode of a TDM interface. By default, no loopback is configured the TDM interface. Clear TDM interface statistics. Clear PW statistics.
Raisecom(config-tdm-port)#clearstatistics Raisecom(config-cespw)#clearstatistics
Site A:
Raisecom Technology Co., Ltd. 147
5 TDMoP
Occupied timeslots: TS6TS10 and TS17TS31 Idle timeslots: TS1TS5 and TS11TS15 Occupied timeslots: TS6TS10 and TS17TS31 Idle timeslots: TS1TS5 and TS11TS15
Site B:
MAC address of iTN B: 192.168.10.1 (configured on the iTN A) Encapsulation protocol: CESoPSN protocol LSR ID of iTN A: 10.1.1.1
Configuration steps
Configuration steps of iTN A are identical to the ones of iTN B. In this guide, only configurations on iTN A are described. Step 1 Configure the TDM interface.
Raisecom(config)#mpls lsr-id 10.1.1.1 Raisecom(config)#mpls enable Raisecom(config)#mpls static-lsp ingress lsp-1 192.168.10.1 255.255.255.255 nexthop-mac 192.168.27.1 out-label 2000 Raisecom(config)#mpls tunnel tunnel-a static-lsp lsp-1
148
5 TDMoP
Raisecom(config)#mpls cespw 100 type cesop tdmport 1 timeslot 6-10,1731 in-label 100 out-label 200 destination 192.168.10.1 Raisecom(config)#cespw 100 Raisecom(config-cespw)#load-time 1000 Raisecom(config-cespw)#jitter-buffer 8000 Raisecom(config-cespw)#rtp-header enable Raisecom(config-cespw)#ses-threshold 35 Raisecom(config-cespw)#oos-act oos-suppression Raisecom(config-cespw)#out-synch-threshord 10 Raisecom(config-cespw)#exit
Raisecom#write
Checking results
Use the show tdm interface command to show TDM interface configurations.
Raisecom(config-tdm-port)#show tdm port tdm type line coding loopback idle code tx clock source alarm Statistics: ES SES UAS
tdm interface ...1 ...(e1-crc-framed-cas) ...(HDB3) ...(no loopback) ...(0x20) ...(differential) ...( los lof ) ...(10) ...(10) ...(18887)
149
5 TDMoP
Raisecom(config-cespw)#show pw id pw name pw payload type TDM port index TDM ds0 number 1 2 3 4 5 6 9 10 11 12 13 14 17 18 19 20 21 22 25 26 27 28 29 30 pw in label pw out label pw load time jitter buffer ses threshold pw exp pw rtp-header out-synch-threshold pw oos-act pw connection config pw oper status pw local status RX PKTS TX PKTS
cespw interface ...(1) ...(100) ...(cesop) ...(1) ...(4) 7 8 15 16 23 24 31 ...(100) ...(200) ...(1000) ...(8000) ...(35%) ...(0) ...(enable) ...(10) ...(oos-suppression) ...(enable) ...(up) ...(normal) ...(167) ...(167)
150
5 TDMoP
Configuration steps
Configuration steps of iTN A are identical to the ones of iTN B. In this guide, only configurations on iTN A are described. Step 1 Configure the TDM interface (this step can be ignored).
Raisecom(config)#mpls lsr-id 10.1.1.1 Raisecom(config)#mpls enable Raisecom(config)#mpls static-lsp ingress lsp-2 192.168.11.1 255.255.255.255 nexthop 92.168.27.1 out-label 2000 Raisecom(config)#mpls tunnel tunnel-a static-lsp lsp-2 Raisecom(config)#mpls pw 60 satop tdmport 1/4 timeslot all in-label 100 out-label 200 destination 192.168.11.1 Raisecom(config)#pw 60 Raisecom(config-pw)#load-time 1500 Raisecom(config-pw)#jitter-buffer 6000 Raisecom(config-pw)#rtp-header enable Raisecom(config-pw)#ses-threshold 40 Raisecom(config-pw)#oos-act oos-suppression Raisecom(config-pw)#out-synch-threshord 10 Raisecom(config-pw)#exit
151
5 TDMoP
Raisecom#write
Checking results
Use the show tdm interface command to show TDM interface configurations.
Raisecom(config-tdm-port)#show tdm port tdm type line coding loopback tx clock source alarm Statistics: ES SES UAS
tdm interface ...(1) ...(e1-unframed) ...(HDB3) ...(no loopback) ...(differential) ...( los ) ...(10) ...(10) ...(19472)
Raisecom(config-cespw)#show cespw interface pw id ...(65) pw name ...(60) pw payload type ...(satop) TDM port index ...(1) pw in label ...(100) pw out label ...(200) pw load time ...(1500) jitter buffer ...(6000) ses threshold ...(40%) pw exp ...(0) pw rtp-header ...(enable) out-synch-threshold ...(10) pw oos-act ...(oos-suppression) pw connection config ...(enable) pw oper status ...(up) pw local status ...(normal) RX PKTS ...(0)
152
5 TDMoP
153
6 Network reliability
Network reliability
This chapter describes principles and configuration procedures of network reliability, as well as related configuration examples, including following sections:
6.1 Introduction
To enhance the reliability of Ethernet and to meet the requirements on the Telecom network, you can deploy specified reliability technology in the Ethernet. Network reliability technologies supported by the iTN165-CES include link aggregation, interface backup, Ethernet Linear Protection Switching (ELPS), Ethernet Ring Protection Switching (ERPS), and failover.
154
6 Network reliability
As shown in Figure 6-1, iTN A and iTN B are connected through 2 Ethernet physical links. You can bind these 2 links to form a logical link Aggregation 1. This logical link has the following advantages:
Improving link reliability: members in the link aggregation group can back up data for each other dynamically. When a link fails, the other links can replace it to improve link reliability effectively. Increasing link capacity: by binding multiple physical links, you can get greater bandwidth without upgrading the existing device. The capacity of a physical link equals to the sum capacity of all physical links. Sharing load: traffic are distributed to different members based on some algorithm, to realize link-level load-sharing. Optimizing network management: member interfaces in a LAG are managed as a logical interface. Saving IP addresses: only one IP address is required for a LAG without configuring IP addresses for member interfaces in the LAG.
In link aggregation, multiple Ethernet interfaces are bound to a LAG. These Ethernet interfaces are called member interfaces and the logical interface is named as the Trunk interface, The number of LAGs supported by devices is different. In addition, the number of member interfaces supported by the LAG varies on the device. The iTN165-CES supports up to 3 LAGs and each LAG supports up to 4 member interfaces. At least one active interface and up to 5 interfaces support the LAG.
Manual aggregation mode In this mode, multiple physical interfaces are added to a LAG to form a logical interface. Links connected to the logical interface share the traffic.
Static LACP aggregation mode It is a mode of the LACP. In this mode, you must enable LACP in advance. The Selection Logic of the LACP decides how to select the Trunk interface,
Dynamic LACP aggregation mode In this mode, you must enable LACP in advance. The system creates and delete the LAG and member interfaces automatically. Interfaces cannot be aggregated dynamically unless the following requirements are met:
Basic configurations of interfaces are identical. Speed and duplex configurations of interfaces are identical. Interfaces are connected to the same device. The peer interfaces meet these requirements.
The iTN165-CES supports manual aggregation and static LACP aggregation modes.
155
6 Network reliability
Load-sharing
Load-sharing is a cluster technology used to enhance the capability for processing services and ensure service reliability by sharing traffic among multiple devices/links. If an interface meets all requirements for an active interface, the interface will be the active interface of a LAG. Therefore, the interface can share traffic with other active ones based on the link aggregation load-sharing mode or load-sharing algorithm, The load-sharing algorithm is realized by directly mapping or mapping based on the CRC Hash value of the MAC address. With different load-sharing modes and their combination, interfaces can share traffic in a LAG. There are 6 load-sharing modes:
Load-sharing based on the source MAC address Load-sharing based on the destination MAC address Load-sharing based on the OR result of the source and destination MAC addresses Load-sharing based on the source IP address Load-sharing based on the destination IP address Load-sharing based on the OR result of the source and destination IP addresses
Interface backup is another resolution of STP. You can achieve link redundancy by manually configuring interface backup when STP is disabled. If the device is enabled with STP, you need to disable interface backup. STP provides functions similar to the ones realized by interface backup. Interface backup is realized by configuring the interface backup group. An interface backup group contains a pair of interfaces, where an interface is the primary interface and the other interface is a backup interface. The link, where the primary interface is, is called a primary link. The link, where the backup interface is, is called a backup link. In general, the backup interface is blocked, used for redundancy backup.
Raisecom Technology Co., Ltd. 156
6 Network reliability
Member interfaces in the interface backup group supports physical interfaces and Link Aggregation Group (LAG) but do not support Layer 3 interfaces. In the interface backup group, when an interface is in Up status, the other interface is in standby status. Only one interface can be in Up status. When the interface in Up status fails, the standby interface can be switched to Up status to sustain a normal link.
As shown in Figure 6-2, Line 1 and Line 2 on iTN A are connected to their uplink devices respectively. The interface forwarding status is as below:
Under normal conditions, Line 1 is the primary interface while Line 2 is the backup interface. Line 1 and its uplink device forward packet while Line 2 and its uplink device do not forward packets. When Line 1 fails or the link between Line 1 and its uplink device fails, Line 2 and its uplink device forward packets. When Line 1 restores normally and keeps Up for a period (restore-delay), Line 1 restores to forwarding packets and Line 2 restores to standby status.
When a switching between the primary interface and the backup interface occurs, the iTN A sends a Trap to the NView NNM system. By applying interface backup to different VLANs, you can make 2 interfaces forward packets simultaneously in different VLANs. As shown in Figure 6-3, by configuring a VLAN and adding interfaces to the VLAN, you can realize VLAN-based interface backup.
157
6 Network reliability
Under normal conditions, in VLANs 10001500, Line 1 is the primary interface and Line 2 is the backup interface. In VLANs 15012000, Line 2 is the primary interface and Line 1 is the backup interface. Therefore, Line 1 forwards traffic of VLANs 10001500, and Line 2 forwards traffics of VLANs 15012000. When Line 1 fails or the link between Line 1 and its uplink device fails, Line 2 forwards traffic of VLANs 10002000. When Line 1 restores normally and keeps Up for a period (restore-delay), Line 1 forwards traffic of VLANs 10001500, and Line 2 forwards traffics of VLANs 1501 2000.
VLAN-based interface backup can be used for load-sharing. In addition, it does not depend on configurations of the uplink device. It facilitates operations.
6.1.3 ELPS
Overview of ELPS
Ethernet Linear Protection Switching (ELPS) is an end-to-end protection technology based on Automatic Protection Switching (APS) protocol of the ITU-TG.8031 recommendation. It is used to protect an Ethernet connection. It can be applied to various network structures, such as the ring network. APS packet is a kind of Connectivity Fault Management (CFM) packet. It is an APS packet when the OpCode value in the CFM packet is set to 0x39. The outer structure of the APS packet is defined by the ITU-T Y.1731. Based on this, the G.8031 defines APS specific information by using 4 bytes. Figure 6-4 shows the structure of the APS packet.
158
6 Network reliability
As shown in Figure 6-4, the MEL field is inserted with the Maintenance Entity Group (MEG) level of the APS packet. For descriptions about the Version, OpCode, Flags, and END TLV, see ITU-T Y.1731 and their values are listed in Figure 6-4. Table 6-1 describes fields in the APS specific information. Table 6-1 Values of fields in APS specific information Field Request/State Value 1111 1110 1101 1011 1001 0111 0110 0101 0100 0010 0001 0000 Others Protection Type A 0 1 B 0 1 D 0 Description Lockout of protection (LO) with highest priority Signal fail for protection (SF-P) Forced switch (FS) Signal fail for working (SF-W) Signal degradation (SD) Manual switch (MS) Depreciated Wait to restore (WTR) Exercise (EXER) Reverse request (RR) Do not revert (DNR) No request (NR) Reserved No APS channel APS channel 1+1 protection switching (with fixed bridge) 1:1 protection switching (with fixed bridge) Unidirectional protection switching
159
The request type, indicating the condition signal, command signal, and status signal of the protection line. Priorities of these 3 signals are descending.
6 Network reliability
Field
Value 1 R 0 1
Description Bidirectional protection switching Non-revertive mode Revertive mode No signal Normal service signals Reserved No signal Normal service signals Reserved The local request signals carried by the protection line Signals of bridge connection in the protection line
Requested signal
0 1 2255
Bridged signal
0 1 2255
Reserved
All 0
The G.8031 defines 1+1 protection switching and 1:1 protection switching. ELPS technology takes a simple, fast, and predictable mode to realize network resource switching, easier for Carrier to plan network more efficiently and learn network active status.
1+1 protection switching: each working line is assigned with a protection line. In general, in the protection domain, the source end sends traffic through the working and protection lines while the destination end receives the traffic from one line. The destination end selects the working/protection line based on some pre-configured standard, such as the server failure indication. Services are switched to the protection line directly when the working line fails.
1:1 protection switching: each working line is assigned with a protection line. The source end sends traffic through the working/protection line. In general, the source sends traffic through the working line. The protection line is a backup line. When the working line
160
6 Network reliability
fails, the source end and destination end communicate through APS protocol to switch traffic to the protection line simultaneously. Based on whether the source end and destination end switch traffic simultaneously, ELPS is divided into unidirectional switching and bidirectional switching:
Unidirectional switching: as shown in Figure 6-6, when one direction of a line fails, one end can receive the traffic while the other end fails to receive the traffic. The end failing to receive the traffic detects a fault and switches the traffic. And the other end does not detect the fault and switch traffic. Therefore, both ends may receive the traffic through different lines.
Bidirectional switching: when a line fails, even in one direction, both ends communicate through APS protocol to switch traffic to the protection line. Therefore, both ends receive and send the traffic through the same line.
1+1 protection switching is divided into unidirectional switching and bidirectional switching. 1:1 protection switching supports bidirectional switching only. ELPS provides 3 modes to detect a fault.
Detect faults based on the physical interface status: learning link fault quickly and switching services immediately, suitable for detecting the fault between neighbor devices. Detect faults based on CFM: suitable for multi-device crossing detection. Detect faults based on the physical interface and CFM: sending Trap when detecting a fault on the physical link/CFM.
The iTN165-CES supports 1:1 bidirectional protection switching and the 3 fault detection modes.
6.1.4 ERPS
Overview of ERPS
Ethernet Ring Protection Switching (ERPS) is a protection switching technology based on the Ring Automatic Protection Switching (R-APS) protocol of the ITU-TG.8032 recommendation. It is used in Ethernet rings. Generally, ERPS can avoid broadcast storm caused by data loopback in Ethernet rings. When a link/device on the Ethernet ring fails, traffic can be quickly switched to the backup link to ensure restoring services quickly.
161
6 Network reliability
Similar to the ELPS APS packet, R-APS packet is a CFM packet, which is defined by the Y.1731 and G.8032. Figure 6-7 shows the structure of the R-APS packet. Figure 6-7 Structure of the R-APS packet
Table 6-2 describes items in the R-APS specific information. Table 6-2 Fields in the R-APS specific information Field Request/State Value 1011 Description Signal fail. It is a R-APS packet which is sent by the node that detects the link fault. It is used to identify the local SF event. No request (NR), which is sent by the node that detects the link fault. It is used to identify that the generated SF event is cleared. Reserved The RPL is blocked. For all non RPL Owner nodes, the value is set to 0. The blocked RPL is released. FDB refresh by be triggered. The FDB refresh is not trigged. The MAC address of the node, which is unique. Reserved field. This filed should be ignored when being received.
0000
162
6 Network reliability
Filtering DataBase (FDB) clearing refers to removing MAC addresses of learned FDBs of the node. ERPS adopts advantages of multiple ring network technologies, such as Ethernet Automatic Protection Switching (EAPS), Resilient Packet Ring (RPR), Synchronous Digital Hierarchy (SDH), and STP. It is the newest mature standard of the Ethernet ring protection switching technology, providing the following functions:
Optimizing the detection mechanism Detecting bidirectional faults Support multi-network and multi-domain structures Realizing 50ms protection switching performance Supporting multiple working modes, such as primary-to-backup and load-sharing modes
ERPS uses the control VLAN in the ring network to transmit ring network control information. Meanwhile, combining with the topology feature of the ring network, it discovers link fault quickly and enable the backup link to restore service fast.
Ring Protection Link (RPL): it is a link between RPL nodes. In normal status, the interface of the link is blocked to avoid a loopback. One Ethernet ring has a RPL only. RPL Owner: it is a node connected to the RPL. It is specified by the user, used to block/release the RPL interface. In normal status, it blocks the RPL interface to avoid a loopback. RPL Neighbor: it is the other node connected to the RPL. It cooperates with the RPL Owner to provide protection switching. Control VLAN: it is an independent VLAN channel used by ERPS to carry R-APS packets. It is identical to the VLAN monitored in the CFM domain. However, the control VLAN ID should not be identical to the service VLAN ID.
163
6 Network reliability
Properties (level, domain name, MA name, and VLAN ID) of all CFM domains must be identical. Otherwise, ERPS ring fails to be established. During ERPS protection switching process, 3 timers are used.
Guard Timer: it is used to filter outdated R-APS packets to avoid error protection switching actions on the node. When the Guard Timer is running, received R-APS packets will be discarded. WTR Timer: the WTR Timer on the RPL Owner begins to time when the working line recovers from a fault. In addition, a WTR running signal is output during the WTR Timer running process. Services are switched back to the working line when the WTR Timer times out. The WTR Timer is used to avoid frequent switching caused by unstable working line. Holdoff Timer: it is used to coordinate other protection switching coexisting with the link protection. When one or more new faults are detected, the Holdoff Timer is triggered. During the Holdoff Timer running process, the system will detect the link status regardless of whether the fault that triggers the Holdoff Timer exists. The system will report the fault to ERPS if it exists.
Idle state: the normal working state without no fault Protection state: the state to which services are switched after a fault is detected. The APS process is triggered by the fault detected by the Continuity Check Message (CCM) of Ethernet Operation, Administration and OAM (OAM). Pending state: the state before a fault is resolved FS state: the state when a FS command is being applied MS state: the state when a FS command is being applied
To ensure the protection switching stability, the G.8032 defines a WTR timer. After the RPL Owner receives a fault recovery signal, services cannot be switched back to the working line after the WTR timer times out. Figure 6-9 and Figure 6-10 show the basic protection mechanism of ERPS.
164
6 Network reliability
As shown in Figure 6-9, when the Ethernet ring network is in idle state, links have the following features:
All nodes are connected to form a ring. The ERPS protocol sends NR,/RB signals continuously through the RPL Owner. The NR/RB signal indicates that no fault is generated. The RPL is blocked to avoid a loopback. Connected nodes use the OAM CCM packet to monitor links. When a fault is generated during on the Ethernet ring, the ERPS protocol uses the Y.1731 SF type to trigger protection switching.
As shown in Figure 6-10, when a fault is detected, the system enables APS to enter the protection state.
After the Holdoff Timer times out, the node connected to the failed link blocks the link and sends the SF signal to notify other nodes of the fault. As shown in Figure 6-10, when the link between Nodes D and E fails, the Nodes D and E send the SF signal to other nodes respectively.
Raisecom Technology Co., Ltd. 165
6 Network reliability
The SF signal triggers the RPL Owner to open the RPL interface and triggers all nodes to clear the MAC address table. And then the link enters the protection state.
Nodes connected to the failed link are stilled blocked. After the Guard Timer times out. Nodes D and E send R-APS NR signals, which indicates no local fault request. When receiving the first NR signal, the RPL Owner enables the WTR timer immediately. After the WTR Timer times out. The RPL Owner blocks the RPL and sends the R-APS signal (NR/RB), which indicates no local fault request. The RPL link is blocked. After receiving the R-APS signal (NR/RB), other nodes refresh the FDB. The Node sending the NR signal will stop sending the packet periodically and release the blocked interface. All nodes on the link return to the idle state.
Sub-ring
The revision of the G.8032 provides the protection mechanism of Ethernet multi-ring. The sub-ring is an attached ring of the existing ring. It is connected with other rings/network through an interconnected node (node connecting multiple rings). The sub-ring is not closed. And interconnected node does not belong to the sub-ring. Figure 6-11 Sub-ring model
As shown in Figure 6-11, nodes B and C are interconnected nodes. The channel connected to the 2 interconnected nodes is called R-APS virtual channel. The R-APS virtual channel is used for the intersecting node on the intersecting ring. If an intersection ring has a R-APS virtual channel, the primary ring provides a virtual channel for APS packets of the sub-ring. It means that APS packets of the sub-ring will be transmitted to the primary ring. Otherwise, the primary ring does not provide a virtual channel for ARP packets of the sub-ring and APS packets of the sub-ring are terminated at the intersecting node. The primary ring and sub-ring are 2 rings. Each ring is configured with a RPL Owner. Protection switching mechanism is similar to the one of the single ring. Each ring processes its own fault. When a shared link fails, the primary ring is switched to the protection state while no action is performed on the sub-ring.
166
6 Network reliability
6.1.5 Failover
Failover provide an interface linkage scheme to expand the range of link backup. By monitoring the uplinks and synchronizing downlinks, the fault generated on the uplink device can be transmitted to downlink devices to trigger switching. This helps avoid traffic loss when downlink devices cannot sense faults of uplinks. As shown in Figure 6-12, Line 1 is the primary interface and Line 2 is the backup interface. The upstream interfaces (Line 1 and Line 2) and downstream interface (Client 1) are added to a failover group. Once upstream interfaces fail, the downstream interface is in Down statue. The downlink interface returns to Up status once one or both uplink interfaces recover. Therefore, the uplink link status is notified to the downstream devices immediately. Uplink interfaces work properly when the downlink interface fails. Figure 6-12 Interface-to-interface failover
Prerequisite
Before configuring link aggregation, you need to configure physical parameters of the interface and make the physical layer Up.
Description Enter global configuration mode. Enter aggregation group configuration mode. Configure manual link aggregation. Return to global configuration mode.
167
port-channel-number
Raisecom(config-aggregator)#mode manual Raisecom(config-aggregator)#exit
6 Network reliability
Step 5 6 7 8 9
Command
Raisecom(config)#interface interface-
Description Enter physical layer configuration mode. Add member interfaces to the LAG. Exit from global configuration mode. (Optional) enable link aggregation. By default, link aggregation is enabled. (Optional) configuring the load-sharing mode of the LAG. By default, load sharing mode is set to sxordmac, which means selecting the forwarding interface according to OR operation result of source MAC address and destination MAC address.
type interface-number
Raisecom(config-port)#channel group
port-channel-number
Raisecom(config-port)#exit Raisecom(config)#link-aggregation enable Raisecom(config)#link-aggregation loadsharing mode { dip | dmac | smac | sip | sxordip | sxordmac }
In a LAG, member interfaces that share loads must be identically configured. Otherwise, data cannot be forwarded properly. These configurations include STP, QoS, QinQ, VLAN, interface properties, and MAC address learning. STP status on the interface, properties (point-to-point/non point-to-point) of the link connected to the interface, path cost of the interface, STP priority, packet Tx speed limit, whether the interface is configured with loopback protection, root protection, and whether the interface is an edge interface. QoS: traffic policing, traffic shaping, congestion avoidance, rate limiting, SP queue, WRR queue scheduling, WFQ queue, interface priority, and interface trust mode. QinQ: QinQ status on the interface, added outer VLAN tag, policies for adding outer VLAN Tags for different inner VLAN IDs. VLAN: the allowed VLAN, default VLAN, and the link type (Trunk and Access) on the interface, and whether VLAN packets carry Tag. Interface properties: speed, duplex mode, and link Up/Down status. MAC address learning: MAC address learning status and MAC address limit.
168
6 Network reliability
Step 2
Command
Raisecom(config)#lacp system-priority
Description (Optional) configure the system LACP priority. By default, the system LACP priority is set to 32768.
system-priority
The smaller the value is, the higher the system LACP priority is. The end with a higher system LACP priority is the active end. LACP selects the active interface and standby interface based on configurations on the active end. If the system LACP priorities are identical, select the one with a smaller MAC address as the active end. 3 4 5 6 7 8 9 10
Raisecom(config)#lacp timeout { fast | slow } Raisecom(config)#interface port-channel
(Optional) configure the LACP timeout mode. Enter aggregation group configuration mode. Configure the static LACP LAG. (Optional) configure the maximum/minimum number of active links in the LACP LAG. Return to global configuration mode. Enter physical layer configuration mode. Add member interfaces to the LACP LAG. (Optional) configure the LACP mode of member interfaces. By default, the LACP mode is set to active. LACP connection fails if both ends of a link are in passive mode. (Optional) configure the interface LACP priority. Return to global configuration mode. (Optional) enable link aggregation. By default, link aggregation is enabled.
port-channel-number
Raisecom(config-aggregator)#mode lacpstatic Raisecom(config-aggregator)#{ maxactive | min-active } links threshold Raisecom(config-aggregator)#exit Raisecom(config)#interface interface-
type interface-number
Raisecom(config-port)#channel group
port-channel-number
Raisecom(config-port)#lacp mode { active | passive }
11 12 13
In a static LACP LAG, a member interface can be an active/standby one. Both the active interface and standby interface can receive and send LACPDU. However, the standby interface cannot forward user packets. The system selects a default interface based on the following conditions in order: whether the neighbour is discovered, maximum interface speed, highest interface LACP priority, smallest interface ID. The default interface is in active status. Interfaces, which have the same speed, peer device, and operation key of the
169
6 Network reliability
operation key with the default interface, are in active status. Other interfaces are in standby status.
Description Show local system LACP configurations. Show the neighbour LACP configurations Show interface LACP statistics. Show local system LACP global enabling status, device ID. Show whether the current system is enabled with link aggregation, link aggregation load-sharing mode, member interfaces and currently-active member interfaces in all current aggregation groups.
Prerequisite
Before configuring interface backup, perform the following operations:
Description Enter global configuration mode. Enter physical layer interface configuration mode. The interface is the primary interface for interface backup.
type primary-interface-number
170
6 Network reliability
Step 3
Command
Raisecom(config-port)#switchport backup interface-type backupinterface-number [ vlanlist vlanlist ] Raisecom(config-port)#exit Raisecom(config)#switchport backup restore-delay period Raisecom(config)#switchport backup restore-mode { disable | neighbordiscover | port-up }
Description Configure the interface backup group. If the interface backup group specifies no VLAN list, VLAN IDs ranges from 1 to 4094 by default. Return to global configuration mode. (Optional) configure the restore-delay. By default, the restore-delay is set to 15s. (Optional) configure the restore mode.
4 5
port-up: the link recovers once the interface in Up status. neighbor-discover: the link recovers once the interface discovers the neighbour through Raisecom Neighbour Discover Protocol (RNDP). disable: disable backup restore.
In an interface backup group, an interface is a primary interface or a backup interface. In a VLAN, an interface/LAG is a member of only one interface backup group. If you set a LAG to a member of the interface backup group, you need to set the interface with the smallest interface ID in the LAG to the member of the interface backup interface. When the member interface is in Up status, all interfaces in the aggregation group are in Up status. When the member interface is in Down status, all interfaces in the aggregation group are in Down status.
After forced switch is successfully configured, the primary and backup links will be switched. The working link is switched to the protection link. For example, when both the primary and backup interfaces are in Up status, if the data is being transmitted through the primary link, data will be transmitted to the primary link to the backup link after forced switch is performed. In the CLI, the backup interface ID is an optional parameter. If the primary interface is configured with multiple interface backup pairs, you should input the backup interface ID. Command Description Enter global configuration mode. Enter physical layer interface configuration mode. The interface is the primary interface for interface backup.
171
Step 1 2
Raisecom#config
Raisecom(config)#interface interface-type
primary-interface-number
6 Network reliability
Step 3
Command
Raisecom(config-port)#switchport backup [ interface-type backup-interfacenumber ] force-switch
Prerequisite
Before configuring ELPS, perform the following operations:
Connect interfaces and configure physical parameters for them. Make the physical layer Up. Create the management VLAN and VLANs of the working and protection interfaces. Configure CFM detection between devices (preparing for CFM detection mode).
172
6 Network reliability
Step 2
Command
Raisecom(config)#ethernet lineprotection line-id working
Description Create the ELPS protection line and configure the protection mode. The protection group is in non-revertive mode if you configure the non-revertive parameter.
In revertive mode, when the working line recovers from a fault, traffic is switched from the protection line to the working line. In non-revertive mode, when the working line recovers from a fault, traffic is not switched from the protection line to the working line.
(Optional) configure a name for the ELPS protection line. (Optional) configure the WTR timer. In revertive mode, when the working line recovers from a fault, traffic is not switched to the working line unless the WTR timer times out. By default the WTR time value is set to 5min.
timer
We recommend that WTR timer configurations on both ends keep consistent. Otherwise, we cannot ensure 50ms quick switching. 5
Raisecom(config)#ethernet lineprotection line-id hold-off-timer
holdoff-timer
(Optional) configure the HOLDOFF timer. Hold-off timer configurations on both ends should be consistent. By default, the HOLDOFF timer value is set to 0.
If the HOLDOFF timer value is over great, it may influence 50ms switching performance. Therefore, we recommend setting the HOLDOFF timer value to 0. 6
Raisecom(config)#ethernet lineprotection trap enable
Fault detection modes of the working line and protection line can be different. However, we recommend that fault detection mode configurations of the working line and protection line keep consistent.
Raisecom Technology Co., Ltd. 173
6 Network reliability
Step 1 2
Raisecom#config
Command
Description Enter global configuration mode. Set the fault detection mode of the working line/protection line to failure-detect physical-link. By default, the fault detection mode is set to failure-detect physical-link.
Raisecom(config)#ethernet line-protection line-id { working | protection } failuredetect cc [ md md-name ] ma ma-name level level mep local-mep-id remote-mep-id
Set the fault detection mode of the working line/protection line to failure-detect cc. This fault detection mode cannot take effect unless you finish related configurations on CFM. Set the fault detection mode of the working line/protection line to failure-detect physical-link-or-cc. In this mode, a Trap is reported when a fault is detected on the physical link/CC. This fault detection mode cannot take effect unless you finish related configurations on CFM.
Raisecom(config)#ethernet line-protection line-id { working | protection } failuredetect physical-link-or-cc [ md md-name ] ma ma-name level level mep local-mep-id
remote-mep-id
By default, traffic is automatically switched to the protection line when the working line fails. Therefore, you need to configure ELPS switching control in some special cases. Step 1 2
Raisecom#config Raisecom(config)#ethernet lineprotection line-id lockout
Command
Description Enter global configuration mode. Lock protection switching. After this configuration, the traffic is not switched to the protection line even the working line fails. Switch the traffic from the working line to the protection line forcedly. Switch the traffic from the working line to the protection line manually. Its priority is lower than the one of forced switch and APS. In non-revertive mode, switch the traffic from the protection line to the working line.
3 4
174
6 Network reliability
Description Show protection line configurations. Show protection line statistics. Show APS information.
Detect faults based on the physical interface status: learning link fault quickly and switching services immediately, suitable for detecting the fault between neighbor devices. Detect faults based on CFM: suitable for unidirectional detection or multi-device crossing detection.
Prerequisite
Before configuring ERPS, perform the following operations:
Connect interfaces and configure physical parameters for them. Make the physical layer Up. Create the management VLAN and VLANs of the working and protection interfaces. Configure CFM detection between devices (preparing for CFM detection mode).
175
6 Network reliability
Only one device on the protection ring can be set to the Ring Protection Link (RPL) Owner and one device is set to RPL Neighbour. Other devices are set to ring forwarding nodes. In actual, the tangent ring consists of 2 independent single rings. Configurations on the tangent ring are identical to the ones on the common single ring. The intersecting ring consists of a master ring and a sub-ring. Configurations on the master ring are identical to the ones on the common single ring. For details about configurations on the sub-ring, see section 6.5.3 (Optional) creating ERPS protection sub-ring. Step 1 2
Raisecom#config Raisecom(config)#ethernet ring-protection ring-id east interface-type interfacenumber west interface-type interfacenumber node-type rpl-owner rpl { east | west } [ not-revertive ] [ protocol-vlan vlan-id ] [ block-vlanlist vlanlist ]
Command
Description Enter global configuration mode. Create a protection ring and set the node to the RPL Owner. By default, the protocol VLAN is set to 1. Blocked VLANs ranges from 1 to 4094.
Create a protection ring and set the node to the RPL Neighbour.
Create a protection line and set the node to the protection forwarding node.
3 4 5
(Optional) configure a name for the protection ring. Up to 32 bytes are supported. (Optional) configure the protocol version. (Optional) after the ring Guard timer is configured, the failed node does not process APS packets during a period. By default, the ring Guard timer is set to 500ms. (Optional) configure the ring WTR timer. In revertive mode, when the working line recovers from a fault, traffic is not switched to the working line unless the WTR timer times out. By default the ring WTR time value is set to 5min.
176
6 Network reliability
Step 7
Command
Raisecom(config)#ethernet ring-protection ring-id holdoff-time holdoff-time
Description (Optional) configure the ring HOLDOFF timer. Hold-off timer configurations on both ends should be consistent. By default, the ring HOLDOFF timer value is set to 0.
If the ring HOLDOFF timer value is over great, it may influence 50ms switching performance. Therefore, we recommend setting the ring HOLDOFF timer value to 0. 8
Raisecom(config)#ethernet ring-protection trape nable
Only the intersecting ring consists of a master ring and a sub-ring. Configurations on the master ring are identical to the ones on the single ring/tangent ring. For details, see section 6.5.2 Creating ERPS protection ring. Configurations of non-intersecting nodes of the intersecting ring are identical to the ones on on the single ring/tagent ring. For details, see section 6.5.2 Creating ERPS protection ring. Command Description Enter global configuration mode. Create the sub-ring on the intersecting node and set the intersecting node to the RPL Owner. By default, the protocol VLAN is set to 1. Blocked VLANs ranges from 1 to 4094.
Step 1 2
Raisecom#config Raisecom(config)#ethernet ringprotection ring-id { east interfacetype interface-number | west interface-type interface-number } node-type rpl-owner [ not-revertive ] [ protocol-vlan vlan-id ] [ blockvlanlist vlanlist ]
The links between 2 intersecting nodes belong to the master ring. Therefore, when you configure the sub-ring on the intersecting node, you can only configure the west or east interface.
Raisecom(config)#ethernet ringprotection ring-id { east interfacetype interface-number | west interface-type interface-number } node-type rpl-neighbour [ notrevertive ] [ protocol-vlan vlan-id ] [ block-vlanlist vlanlist ]
Create the sub-ring on the intersecting node and set the intersecting node to the RPL Neighbour.
177
6 Network reliability
Step
Command
Raisecom(config)#ethernet ringprotection ring-id { east interfacetype interface-number | west interface-type interface-number } [ not-revertive ] [ protocol-vlan vlan-id ] [ block-vlanlist vlanlist ] Raisecom(config)#ethernet ringprotection ring-id raps-vc { with | without }
Description Create the sub-ring on the intersecting node and set the intersecting node to the protection forwarding node.
(Optional) configure the sub-ring virtual channel mode on the intersecting node. By default, the subring virtual channel adopts the with mode.
Enable the ring Propagate switch on the intersecting node. By default, the ring Propagate switch is disabled.
Command
Description Enter global configuration mode. Set the ERPS fault detection mode to failuredetect physical-link. By default, the ERPS fault detection mode is set to failure-detect physical-link. Set the ERPS fault detection mode to failuredetect cc. This ERPL fault detection mode cannot take effect unless you finish related configurations on CFM. If you configure the MD, the MA should be below the configured md-level.
Raisecom(config)#ethernet ring-protection ring-id { east | west } failure-detect cc [ md md-name ] ma ma-name level level mep
local-mep-id remote-mep-id
Raisecom(config)#ethernet ring-protection ring-id { east| west } failure-detect physical-link-or-cc [ md md-name] ma maname level level mep local-mep-id remote-
Set the ERPS fault detection mode to failuredetect physical-link-or-cc. In this mode, a Trap is reported when a fault is detected on the physical link/CC. This ERPL fault detection mode cannot take effect unless you finish related configurations on CFM. If you configure the MD, the MA should be below the configured md-level.
mep-id
178
6 Network reliability
By default, traffic is automatically switched to the protection line when the working line fails. Therefore, you need to configure ERPS switching control in some special cases. Step 1 2 Command
Raisecom#config Raisecom(config)#ethernet ringprotection ring-id force-switch { east | west }
Description Enter global configuration mode. Switch the traffic on the protection ring to the west/east interface forcedly.
east: block the east interface and switch the traffic to the west interface forcedly. west: block the west interface and switch the traffic to the east interface forcedly.
Switch the traffic on the protection ring to the west/east interface manually. Its priority is lower than the one of forced switch and APS.
Description Show ERPS ring configurations. Show ERPS ring status. Show ERPS statistics.
179
6 Network reliability
Therefore, faults of the uplinks can be notified to the downstream devices in time. If downstream interfaces fail, upstream interfaces still work properly.
Prerequisite
Before configuring failover, you need to connect interfaces, configure physical parameters of the interfaces and make the physical layer Up.
Description Enter global configuration mode. Create the interface-based failover group.
interface-list
Raisecom(config)#fault-tracking group group-number upstream channel-group
group-id
interface-list
Raisecom(config)#fault-tracking group group-number action { delete-vlan vlan-id | suspend-vlan vlan-id }
interface-type interface-list
Raisecom(config)#fault-tracking group group-number action shutdown channelgroup group-id Raisecom(config)#fault-tracking group group-number trap enable
Configure fault processing actions of the LACPbased failover group. Enable the failover group sending Trap to the NView NNM system.
6.7 Maintenance
180
6 Network reliability
Command
Raisecom(config)#clear ethernet line-protection ring-id end-to-end command
Description Clear end-to-end protection switching commands, including the lockout, forceswitch, manual-switch, and manualswitch-to-work commands. Clear protection line statistics, including the number of Tx APS packets, Rx APS packets, last switching time, and last status switching time. Clear protection switching commands, including the force-switch and manualswitch commands. Clear protection ring statistics.
Configuration steps
Step 1 Create a manual LAG.
Configure iTN A.
181
6 Network reliability
Configure iTN B.
Configure iTN A.
iTNA(config)#interface line 1 iTNA(config-port)#channel group 1 iTNA(config-port)#exit iTNA(config)#interface line 2 iTNA(config-port)#channel group 1 iTNA(config-port)#exit
Configure iTN B.
iTNB(config)#interface line 1 iTNB(config-port)#channel group 1 iTNB(config-port)#exit iTNB(config)#interface line 2 iTNB(config-port)#channel group 1 iTNB(config-port)#exit
Step 3 Configure the load-sharing mode of the LAG and enable link aggregation, taking iTN A for an example.
182
6 Network reliability
Checking results
Use the showlink-aggregation command to show global configurations on manual link aggregation.
iTNA#show link-aggregation Link aggregation status:Enable Load sharing mode:SMAC Load sharing ticket generation algorithm:Direct-map M - Manual S - Static-Lacp D - Dynamic-Lacp GroupID Mode MinLinks MaxLinks UpLinks Member Port List Efficient Port List ------------------------------------------------------------------------1 M 1 1 2 line 1-2 client 1 line 1
Configuration steps
Step 1 Configure the static LACP LAG on iTN A and set iTN A to the active end.
183
6 Network reliability
Raisecom#hostname iTNB iTNB#config iTNB(config)#interface port-channel 1 iTNB(config-aggregator)#mode lacp-static iTNB(config-aggregator)#exit iTNB(config)#interface line 1 iTNB(config-port)#channel group 1 iTNB(config-port)#exit iTNB(config)#interface line 2 iTNB(config-port)#channel group 1 iTNB(config-port)#exit iTNB(config)#link-aggregation enable
iTNA#write
Checking results
Use the showlink-aggregation command on iTN A to show global configurations on static LACP link aggregation.
iTNA#show link-aggregation Link aggregation status:Enable Load sharing mode:SXORDMAC Load sharing ticket generation algorithm:Direct-map M - Manual S - Static-Lacp D - Dynamic-Lacp GroupID Mode MinLinks MaxLinks UpLinks Member Port List Efficient Port List ------------------------------------------------------------------------1 S 1 6 0 1-2
184
6 Network reliability
Use the show lacp internal command on iTN A to show the local system LACP interface status, flag, interface priority, administration key, operation key, and interface state machine satus.
iTNA#show lacp internal Flags: S - Device is requesting Slow LACPDUs F - Device is requesting Fast LACPDUs A - Device in Active mode P - Device in Passive mode MP - MLACP Peer Port Interface State Flag Port-Priority Admin-key Oper-key Port-State ------------------------------------------------------------------------L1 Active SA 1000 1 1 0x45 L2 Standby SA 32768 1 1 0x45
Use the show lacp neighbor command on iTN A to show the remote system LACP interface status, flag, interface priority, administration key, operation key, and interface state machine satus.
In VLANs 100150, set Line 1 of iTN A to the primary interface and Line 2 of iTN A to the backup interface. In VLANs 151200, set Line 2 of iTN A to the primary interface and Line 1 of iTN A to the backup interface.
When Line 1 fails, the traffic is switched to Line 2 to keep the link normal. The iTN A should support interface backup while iTN B, iTN C, and iTN D do not need to support interface backup.
185
6 Network reliability
Configuration steps
Step 1 Creates VLANs 100200 and add Line 1 and Line 2 to VLANs 100200.
Raisecom#config Raisecom(config)#create vlan 100-200 active Raisecom(config)#interface line 1 Raisecom(config-port)#switchport mode trunk Raisecom(config-port)#switchport trunk allowed vlan 100-200 confirm Raisecom(config-port)#exit Raisecom(config)#interface line 2 Raisecom(config-port)#switchport mode trunk Raisecom(config-port)#switchport trunk allowed vlan 100-200 confirm Raisecom(config-port)#exit
Step 2 In VLANs 100150, set Line 1 to the primary interface and Line 2 to the backup interface.
Step 3 In VLANs 151200, set Line 2 to the primary interface and Line 1 to the backup interface.
186
6 Network reliability
Raisecom#write
Checking results
Use the show switchport backup command to show interface backup configurations in normal state and in link-failure state. When both Line 1 and Line 2 are in Up status, Line 1 forwards the traffic in VLANs 100150 and Line 2 forwards the traffic in VLANs 151200.
Raisecom#show switchport backup Restore delay: 15s. Restore mode: port-up. Active Port(State) Backup Port(State) Vlanlist --------------------------------------------------------line1 (Up) line2 (Standby) 100-150 line2 (Up) line1 (Standby) 151-200
Manually break the link between iTN A and iTN B to emulate a fault. At this time, Line 1 is in Down status and Line 2 is responsible for forwarding the traffic in VLANs 100200.
Raisecom#show switchport backup Restore delay: 15s Restore mode: port-up Active Port(State) Backup Port(State) Vlanlist ----------------------------------------------------------------line1 (Down) line2 (Up) 100-150 line2 (Up) line1 (Down) 151-200
When Line 1 recovers from a fault, during the WTR time, Line 1 is the standby interface and Line 2 is responsible for forwarding the traffic in VLANs 100200.
Raisecom#show switchport backup Restore delay: 15s. Restore mode: port-up. Active Port(State) Backup Port(State) Vlanlist ------------------------------------------------------------line1(Standby) line2(Up) 100-150 line2(Up) line1(Standby) 151-200
When Line 1 recovers to the Up status and keeps for 15s (restore-delay), Line 1 forwards the traffic in VLANs 100150 and Line 2 forwards the traffic in VLANs 151200.
Raisecom Technology Co., Ltd. 187
6 Network reliability
Raisecom#show switchport backup Restore delay: 15s. Restore mode: port-up. Active Port(State) Backup Port(State) Vlanlist ---------------------------------------------------------------------line1(Up) line2(Standby) 100-150
line2(Up)
line1(Standby)
151-200
Configuration steps
Step 1 Creates VLANs 100200 and add line 1 and line 2 to VLANs 100200.
Configure iTN A.
Raisecom#hostname iTNA iTNA#config iTNA(config)#create vlan 100-200 active iTNA(config)#interface line 1 iTNA(config-port)#switchport mode trunk iTNA(config-port)#switchport trunk allowed vlan 100-200 confirm iTNA(config-port)#exit iTNA(config)#interface line 2 iTNA(config-port)#switchport mode trunk iTNA(config-port)#switchport trunk allowed vlan 100-200 confirm iTNA(config-port)#exit
Configure iTN B.
188
6 Network reliability
iTNB(config)#interface line 1 iTNB(config-port)#switchport mode trunk iTNB(config-port)#switchport trunk allowed vlan 100-200 confirm iTNB(config-port)#exit iTNB(config)#interface line 2 iTNB(config-port)#switchport mode trunk iTNB(config-port)#switchport trunk allowed vlan 100-200 confirm iTNB(config-port)#exit
Configure iTN A.
iTNA(config)#ethernet line-protection 1 working line 1 1,100-200 protection line 2 1,100-200 one-to-one 150
Configure iTN B.
iTNB(config)#ethernet line-protection 1 working line 1 1,100-200 protection line 2 1,100-200 one-to-one 150
Configure iTN A.
iTNA(config)#ethernet line-protection 1 working failure-detect physicallink iTNA(config)#ethernet line-protection 1 protection failure-detect physical-link
Configure iTN B.
iTNB(config)#ethernet line-protection 1 working failure-detect physicallink iTNB(config)#ethernet line-protection 1 protection failure-detect physical-link
iTNA#write
189
6 Network reliability
Checking results
Use the show ethernet line-protection command to show 1:1 ELPS configurations, taking iTN A for an example.
iTNA#show ethernet line-protection 1 Id:1 Name:-ProtocolVlan: 150 Working Entity Information: Port: line1 Vlanlist: 100-200 FaiureDetect:physical MAID: -MdLevel: 0 LocalMep: 0 RemoteMep:0 State/LCK:Active/N Protection Entity Information: Port: line2 Vlanlist: 100-200 FaiureDetect:physical MAID: -MdLevel: 0 LocalMep: 0 RemoteMep:0 State/F/M:Standby/N/N Wtr(m):5 Holdoff(100ms):0
Use the show ethernet line-protection aps command to show 1:1 ELPS APS information, taking iTN A for an example.
iTNA#show ethernet line-protection 1 aps Id Type Direction Revert Aps State Signal(Requested/Bridged) ----------------------------------------------------------------------1-Local 1:1 bi yes yes NR-W null/null 1-Remote 1:1 bi yes yes NR-W null/null
190
6 Network reliability
The fault detection mode on the link between iTN A and iTN D is set to physical-link-or-cc. The default detection mode on other links is set to physical-link. The default value of protocol VLAN is set to 1. Blocked VLAN IDs ranges from 1 to 4094. Figure 6-17 Configuring single-ring ERPS
Configuration steps
Step 1 Add interfaces to VLANs 14094.
Configure iTN A.
Raisecom#hostname iTNA iTNA#config iTNA(config)#interface line 1 iTNA(config-port)#switchport mode trunk iTNA(config-port)#exit iTNA(config)#interface line 2 iTNA(config-port)#switchport mode trunk iTNA(config-port)#exit
Configure iTN B.
Raisecom#hostname iTNB iTNB#config iTNB(config)#interface line 1 iTNB(config-port)#switchport mode trunk iTNB(config-port)#exit iTNB(config)#interface line 2 iTNB(config-port)#switchport mode trunk iTNB(config-port)#exit
191
6 Network reliability
Configure iTN C.
Raisecom#hostname iTNC iTNC#config iTNC(config)#interface line 1 iTNC(config-port)#switchport mode trunk iTNC(config-port)#exit iTNC(config)#interface line 2 iTNC(config-port)#switchport mode trunk iTNC(config-port)#exit
Configure iTN D.
Raisecom#hostname iTND iTND#config iTND(config)#interface line 1 iTND(config-port)#switchport mode trunk iTND(config-port)#exit iTND(config)#interface line 2 iTND(config-port)#switchport mode trunk iTND(config-port)#exit
Configure iTN A.
iTNA(config)#cfm domain md-name md1 level 7 iTNA(config)#service ma1 level 7 iTNA(config-service)#service vlan-list 1 iTNA(config-service)#service mep down mpid 1 line 2 iTNA(config-service)#service remote-mep 2 iTNA(config-service)#service cc enable mep 1 iTNA(config-service)#exit iTNA(config)#cfm enable
Configure iTN D.
iTND(config)#cfm domain md-name md1 level 7 iTND(config)#service ma1 level 7 iTND(config-service)#service vlan-list 1 iTND(config-service)#service mep down mpid 2 line 1 iTND(config-service)#service remote-mep1 iTND(config-service)#service cc enable mep 2 iTND(config-service)#exit iTND(config)#cfm enable
192
6 Network reliability
Configure iTN A.
iTNA(config)#ethernet ring-protection 1 east line 1 west line 2 node-type rpl-owner rpl east
Configure iTN B.
Configure iTN C.
Configure iTN D.
Configure iTN A.
Configure iTN D.
iTNA#write
193
6 Network reliability
Checking results
Use the show ethernet ring-protection status command to show ERPS protection ring configurations, taking iTN A for an example. RPLs are blocked to avoid a loop.
iTNA#show ethernet ring-protection status Id/Name Bridge-State Last Occur(ago) East-State West-State sc Trafficvlanlist ------------------------------------------------------------------------1 idle 0 day 0050750 block forwarding 1 1-4094
Manually break the link between iTN B and iTN C to emulate a fault. Use the show ethernet ring-protection status command on iTN A again to show ERPS protection ring status. RPLs are in forwarding status.
iTNA#show ethernet ring-protection status Id/Name Bridge-State Last Occur(ago) East-State West-State sc Trafficvlanlist ------------------------------------------------------------------------1 Protection0 day 0055950 forwardingforwarding 1 1-4094
194
6 Network reliability
Configuration steps
Step 1 Add interfaces to VLANs 14094.
Configure iTN A.
Raisecom#hostname iTNA iTNA#config iTNA(config)#interface line 1 iTNA(config-port)#switchport mode trunk iTNA(config-port)#exit iTNA(config)#interface line 2 iTNA(config-port)#switchport mode trunk iTNA(config-port)#exit iTNA(config)#interface client 1 iTNA(config-port)#switchport mode trunk iTNA(config-port)#exit
Configure iTN B.
Raisecom#hostname iTNB iTNB#config iTNB(config)#interface line 1 iTNB(config-port)#switchport mode trunk iTNB(config-port)#exit iTNB(config)#interface line 2 iTNB(config-port)#switchport mode trunk iTNB(config-port)#exit iTNB(config)#interface client 1 iTNB(config-port)#switchport mode trunk iTNB(config-port)#exit
195
6 Network reliability
Configure iTN C.
Raisecom#hostname iTNC iTNC#config iTNC(config)#interface line 1 iTNC(config-port)#switchport mode trunk iTNC(config-port)#exit iTNC(config)#interface line 2 iTNC(config-port)#switchport mode trunk iTNC(config-port)#exit
Configure iTN D.
Raisecom#hostname iTND iTND#config iTND(config)#interface line 1 iTND(config-port)#switchport mode trunk iTND(config-port)#exit iTND(config)#interface line 2 iTND(config-port)#switchport mode trunk iTND(config-port)#exit
Configure iTN E.
Raisecom#hostname iTNE iTNE#config iTNE(config)#interface client 1 iTNE(config-port)#switchport mode trunk iTNE(config-port)#exit iTNE(config)#interface client 2 iTNE(config-port)#switchport mode trunk iTNE(config-port)#exit
Configure iTN F.
Raisecom#hostname iTNF iTNF#config iTNF(config)#interface client 1 iTNF(config-port)#switchport mode trunk iTNF(config-port)#exit iTNF(config)#interface client 2 iTNF(config-port)#switchport mode trunk iTNF(config-port)#exit
6 Network reliability
Configure iTN A.
iTNA(config)#cfm domain md-name md1 level 7 iTNA(config)#service ma1 level 7 iTNA(config-service)#service vlan-list 1 iTNA(config-service)#service mep down mpid 1 line 1 iTNA(config-service)#service mep down mpid 2 line 2 iTNA(config-service)#service cc enable mep 1 iTNA(config-service)#service cc enable mep 2 iTNA(config-service)#exit iTNA(config)#cfm enable
Configure iTN B.
iTNB(config)#cfm domain md-name md1 level 7 iTNB(config)#service ma1 level 7 iTNB(config-service)#service vlan-list 1 iTNB(config-service)#service mep down mpid 3 line 1 iTNB(config-service)#service mep down mpid 4 line 2 iTNB(config-service)#service cc enable mep 3 iTNB(config-service)#service cc enable mep 4 iTNB(config-service)#exit iTNB(config)#cfm enable
Configure iTN C.
iTNC(config)#cfm domain md-name md1 level 7 iTNC(config)#service ma1 level 7 iTNC(config-service)#service vlan-list 1 iTNC(config-service)#service mep down mpid 5 line 1 iTNC(config-service)#service mep down mpid 6 line 2 iTNC(config-service)#service cc enable mep 5 iTNC(config-service)#service cc enable mep 6 iTNC(config-service)#exit iTNC(config)#ethernet cfm enable
Configure iTN D.
iTND(config)#cfm domain md-name md1 level 7 iTND(config)#service ma1 level 7 iTND(config-service)#service vlan-list 1 iTND(config-service)#service mep down mpid 7 line 1 iTND(config-service)#service mep down mpid 8 line 2 iTND(config-service)#service cc enable mep 7 iTND(config-service)#service cc enable mep 8 iTND(config-service)#exit
197
6 Network reliability
Configure iTN A.
Configure iTN B.
Configure iTN C.
iTNC(config)#ethernet ring-protection 1 east line 1 west line 2node-type rpl-neighbour rpl west
Configure iTN D.
iTND(config)#ethernet ring-protection 1 east line 1 west line 2 node-type rpl-owner rpl east
Configure iTN A.
iTNA(config)#ethernet ring-protection 1 east failure-detect physicallink-or-cc md md1 ma ma1 level 7 mep 18 iTNA(config)#ethernet ring-protection 1 west failure-detect physicallink-or-cc md md1 ma ma1 level 7 mep 23
Configure iTN B.
iTNB(config)#ethernet ring-protection 1 east failure-detect physicallink-or-cc md md1 ma ma1 level 7 mep 32 iTNB(config)#ethernet ring-protection 1 west failure-detect physicallink-or-cc md md1 ma ma1 level 7 mep 45
Configure iTN C.
Raisecom Technology Co., Ltd. 198
6 Network reliability
iTNC(config)#ethernet ring-protection 1 east failure-detect physicallink-or-cc md md1 ma ma1 level 7 mep 54 iTNC(config)#ethernet ring-protection 1 west failure-detect physicallink-or-cc md md1 ma ma1 level 7 mep 67
Configure iTN D.
iTND(config)#ethernet ring-protection 1 east failure-detect physicallink-or-cc md md1 ma ma1 level 7 mep 76 iTND(config)#ethernet ring-protection 1 west failure-detect physicallink-or-cc md md1 ma ma1 level 7 mep 81
Configure iTN A.
iTNA(config)#ethernet ring-protection 2 east client 1 node-type rplneighbour protocol-vlan 4094 iTNA(config)#ethernet ring-protection 2 propagate enable
Configure iTN B.
iTNB(config)#ethernet ring-protection 2 east client 1 protocol-vlan 4094 iTNB(config)#ethernet ring-protection 2 propagate enable
Configure iTN E.
Configure iTN F.
iTNF(config)#ethernet ring-protection 2 east client 1 west client 2 nodetype rpl-owner rpl east protocol-vlan 4094
iTNA#write
199
6 Network reliability
Checking results
Use the show ethernet ring-protection status command on iTN A, iTN D, and iTN F to show ERPS protection ring configurations.
iTNA#show ethernet ring-protection status Id/Name Bridge-State Last Occur(ago)East-State West-State sc Trafficvlanlist ----------------------------------------------------------------------1 idle 0 day 0050750 forwarding forwarding 1 1-4094 Id/Name Status Last Occur(ago)East-State West-State sc Trafficvlanlist ----------------------------------------------------------------------2 idle 0 day 0050750 forwarding forwarding 1 1-4094 iTND#show ethernet ring-protection status Id/Name Bridge-State Last Occur(ago) East-State West-State sc Trafficvlanlist ----------------------------------------------------------------------1 idle 0 day 0050750 block forwarding 1 1-4094 iTNF#show ethernet ring-protection status Id/Name Bridge-State Last Occur(ago) East-State West-State sc Trafficvlanlist ----------------------------------------------------------------------2 idle 0 day 0050750 block forwarding 1 1-4094
200
7 DHCP Client
DHCP Client
This chapter describes principles and configuration procedures of DHCP Client, as well as related configuration examples, including following sections:
7.1 Introduction
With continuous extension of network scale and improvement of network complexity, the number of PCs always exceeds the one of available IP addresses. In addition, with wide application of Laptops and wireless network, positions of PCs are changed frequently. Therefore, IP addresses must be updated frequently. This may lead to more complex network configurations. Dynamic Host Configuration Protocol (DHCP) is developed to resolve these problems. With continuous extension of network scale, it is more complex to manage IP addresses.
With the number of PCs in the network increasing continuously, it is the heavy work to configure and modify IP address manually. There are many laptops in the network, whose physical locations are changed frequently. Therefore, you need to modify IP addresses frequently. To improve management efficiency of IP addresses, you should perform centralized management on IP addresses.
To resolve these problems, Dynamic Host Configuration Protocol (DHCP) is introduced. DHCP can automatically assign IP addresses, gateways, IP addresses of Domain Name System (DNS) server for all clients on the network. This helps reduce workload of the administrator and realize centralized management on IP addresses.
7 DHCP Client
When 50% lease period expires, the DHCP Client sends a DHCPRequest packet to the DHCP Server for renewing the lease. If successful, the lease period is changed to a complete one. Otherwise, the DHCP Client sends a DHCPRequest packet when 87.5% lease period expires. When 87.5% lease period expires, the DHCP Client sends a DHCPRequest packet again to the DHCP Server for renewing the lease. If successful, the lease period is changed to a complete one. Otherwise, the DHCP Server will withdraw the IP address.
Applications of DHCP
In general, the DHCP Server can assign IP addresses in the following scenarios:
The network scale is large. In addition, it is the heavy workload to configure IP addresses manually.
202
7 DHCP Client
The number of hosts in the network is greater than the number of IP addresses. You cannot assign a fixed IP address for each host. In addition, the number of host in the network is limited. Only a few hosts in the network need a fixed IP address while most hosts do not need a fixed IP address.
Table 7-1 describes fields of the DHCP packet. Table 7-1 Fields of DHCP packet Name op 1 Length (B) Packet type
Description
1 1 1
Hardware address type of a DHCP Client Hardware address length of a DHCP Client Number of DHCP relays that DHCP request packet pass The value is added by 1 once the DHCP request packet passes through a DHCP relay.
xid
Transaction ID, a random number chosen by the DHCP Client. It is used to identify an address request process. Time elapsed since the DHCP Client initiates a DHCP request. At present, it is not used and is set to 0.
secs
203
7 DHCP Client
Name flags 2
Length (B)
Description The first bit is a broadcast response identifier, which is used to identify that the DHCP Server sends the response packet in the unicast/broadcast mode
0: unicast 1: broadcast
Other bits are reserved. ciaddr 4 IP address of the DHCP Client, which is padded when the DHCP Client is being bound, updated, or rebounded. In addition, this IP address can be used to respond the ARP request. IP address of the DHCP Client allocated by the DHCP Server IP address of the DHCP Server IP address of the first DHCP relay where the DHCP request packet pass Hardware address of the DHCP Client Name of the DHCP Server Startup configuration file name and route information of the DHCP Client specified by the DHCP Server Optional variable length fields, including the packet type, valid lease, IP address of the Domain Name System (DNS) server, and IP address of the Windows Internet Name Server (WINs)
204
7 DHCP Client
Prerequisite
The iTN165-CES is not enabled with DHCP Server.
Description Enter global configuration mode. Enter Layer 3 interface configuration mode.
205
7 DHCP Client
Step 3
Command
Raisecom(config-ip)#ip dhcp client { class-id class-id | client-id client-id | hostname hostname }
Description Configure DHCPv4 Client information, including class identifier, client identifier, and host name.
If the iTN165-CES is enabled with DHCPv4 Client, you cannot configure the DHCPv4 Client information.
Description Enter global configuration mode. Enter Layer 3 interface configuration mode. Enable DHCPv4 Client and specify the DHCPv4 Server address. It means enabling DHCPv4 Client applying for the IP address.
Command
Description Enter global configuration mode. Enter Layer 3 interface configuration mode. Renew the IPv4 address.
206
7 DHCP Client
Configuration steps
Step 1 Configure DHCP Client (the iTN device) information.
Raisecom#write
207
7 DHCP Client
Checking results
Use the show ip dhcp client command to show DHCP Client configurations.
Raisecom#show ip dhcp client Hostname: raisecom Class-ID: Raisecom-ROS_iTN165_2.0.8.20120809 Client-ID: Raisecom-ff00537bc000-IF0 DHCP Client is requesting for a lease. Assigned IP Addr: 0.0.0.0 Subnet mask: 0.0.0.0 Default Gateway: -Client lease Starts: Jan-01-2010 08:00:00 Client lease Ends: Jan-01-2011 08:00:00 Client lease duration: 0(sec) DHCP Server: 192.168.1.1 Tftp server name: -Tftp server IP Addr: -Startup_config filename: -NTP server IP Addr: -Root path: -
208
8 OAM
OAM
This chapter describes principles and configuration procedures of OAM, as well as related configuration examples, including following sections:
Introduction Configuring EFM Configuring CFM Configuring SLA Configuring RFC2544 Maintenance Configuration examples
8.1 Introduction
In aspects of functionality and scale, the Carrier-grade Ethernet OAM can be divided into UNI-to-UNI service-layer OAM for ISP, connectivity OAM for the Carrier, link-level OAM for physical link monitoring, and Ethernet local management interface E-LMI. Figure 8-1 shows the architecture of Ethernet OAM. Figure 8-1 Architecture of Ethernet OAM
209
8 OAM
The iTN165-CES provides multiple hierarchical OAM management and maintenance functions, helping manage and control devices in the network.
8.1.1 EFM
Complying with IEEE 802.3ah protocol, Ethernet in the First Mile (EFM) is a link-level Ethernet OAM technology, used for the Ethernet physical link between two directly connected devices. It provides OAM discovery, OAM link monitoring, remote fault notification, and OAM remote loopback functions.
OAM discovery
The Ethernet OAM connection process is the discovery phase. At this phase, the active OAM entity initiates the OAM connection. Both ends inform each other of their Ethernet OAM configurations and Ethernet OAM capabilities supported by the local node by exchanging the Information OAMPDU. Ain addition, they decide whether to establish OAM connection. If both ends agree on establishment of the OAM connection, Ethernet OAM protocol will work on the link layer. After the OAM connection is established, both ends keep connected by exchanging the Information OAMPDU. If an OAM entity does not receive the Information OAMPDU within 5s, it is believed that connection expires and connection re-establishment is required.
Error frame event: the number of error frames exceeds the threshold in a time unit. Error frame period event: the number of error frames exceeds the threshold in a period (specified N frames). Error frame second event: the number of error frames in M seconds exceeds the threshold. Error symbol period event: the number of error symbols exceeds the threshold in a period.
Link fault: the peer link signal is lost. The OAM entity sends the OAMPDU every a second. Dying Gasp: a fault that cause system crash is generated. For example, the power is off. The OAM entity sends the OAMPDU immediately and continuously. Critical event: a critical event is generated. For example, the voltage exceeds the threshold. The OAM entity sends the OAMPDU immediately and continuously.
8 OAM
During OAM remote loopback test process, the local OAM entity sends a loopback packet to the remote end to enable it to enter the loopback status. At this time. all packets except for the OAMPDU packet is sent back by the peer OAM entity, as shown in Figure 8-2. The local OAM entity confirms the link quality based on the returned packets. Figure 8-2 OAM remote loopback
8.1.2 CFM
Connectivity Fault Management (CFM) is a network-level Ethernet OAM technology, providing end-to-end connectivity fault detection, fault notification, fault judgement, and fault location. It is used to diagnose fault actively for Ethernet Virtual Connection (EVC), provide cost-effective network maintenance solution, and improve network maintenance via the fault management function. Both ITU-Y.1731 and IEEE 802.1ag can realize CFM and provide end-to-end Ethernet management, including connectivity detection, loopback, and link tracing. In addition, ITUY.1731 can measure the frame loss ratio and frame delay while IEEE 802.1ag provides AIS and LCK features. The iTN165-CES provides CFM that is compatible with both ITU-Y.1731 and IEEE 802.1ag standards.
MD
Maintenance Domain (MD), also called Maintenance Entity Group (MEG), is a network that runs CFM. It defines network range of OAM management. MD has a level property, with 8 levels (level 0 to level 7). The bigger the number is, the higher the level is and the larger the MD range is. Protocol packets in a lower-level MD will be discarded after entering a higherlevel MD. If no Maintenance association End Point (MEP) but a Maintenance association Intermediate Point (MIP) is in a high-level MD, the protocol can traverse the higher-level MD. However, packets in a higher-level MD can traverse lower-level MDs. In the same VLAN range, different MDs can be adjacent, embedded, but not crossed.
MA
The Maintenance Association (MA) is also called service instance. It is a part of a MD. One MD can be divided into one or multiple service instances. One service instance corresponds to one service and is mapped to a group of VLANs. VLANs of different service instances cannot
Raisecom Technology Co., Ltd. 211
8 OAM
cross. Though a service instance can be mapped to multiple VLANs, one service instance can only use a VLAN for sending or receiving OAM packets.
MEP
As shown in Figure 8-3, the MEP is an edge node of a service instance. MEPs can be used to send and process CFM packets. The service instance and the MD where the MEP locates decide VLANs and levels of packets received and sent by the MEP. For any device that runs CFM in the network, the MEP is called local MEP. For MEPs on other devices of the same service instance, they are called Remote Maintenance association End Points (RMEP). Multiple MEPs can be configured in a service instance. Packets sent by MEPs in one instance take identical S-VLAN TAG, priority, and C-VLAN TAG. A MEP can receive OAM packets sent by other MEPs in the instance, intercept packets which at the same or lower level, and forward packets of higher level. Figure 8-3 MEP and MIP
MIP
As shown in Figure 8-3, the MIP is the internal node of a service instance, which is automatically created by the device. MIP cannot actively send CFM packets but can process and response to LinkTrace Message (LTM) and LoopBack Message (LBM) packets.
MP
Functions of CFM
CFM can provide the following OAM functions:
Fault detection refers to using the Connectivity Check (CC) to detect the connectivity of the Ethernet virtual connection for confirming the connection status between MPs. The function is realized by periodically sending Continuity Check Messages (CCMs). One MEP sends CCM and other MEPs in the same service instance can verify the RMEP status when receiving this packet. If the iTN165-CES fails or a link is incorrectly configured, MEPs cannot properly receive or process CCMs sent by RMEPs. If no CCM is received by a MEP
212
8 OAM
during 3.5 CCM intervals, it is believed that the link fails. Then a fault Trap will be sent according to configured alarm priority.
Fault acknowledgement is realized through LoopBack (LB). This function is used to verify the connectivity between two MPs through the source MEP sending LoopBack Message (LBM) and the destination MP sending LoopBack Reply (LBR). The source MEP sends a LBM to a MP who needs to acknowledge a fault. When receiving the LBM, the MP sends a LBR to the source MEP. If the source MEP receives this LBR, it is believed that the route is reachable. Otherwise, a connectivity fault occurs.
Fault location is realized through LinkTrace (LT). The source MEP sends LinkTrace Message (LTM) to the destination MP and all MPs on the LTM transmission route will send a LinkTrace Reply (LTR) to the source MEP. By recording valid LTR and LTM, this function can be used to locate faults.
This function is used to inhibit alarms when a fault is detected at the server layer (sub-layer). When detecting a fault, the MEP (including the server MEP) sends an AIS frame to the clientlayer MD. By transmitting ETH-AIS frames, the device can inhibit or stop an alarm on MEP (or server MEP). When receiving an AIS frame, the MEP must inhibit alarms for all peer MEPs regardless of connectivity, because this frame does not include information about MEPs that are at the same level with the failed MEP. With AIS, the device can inhibit the alarm information at client level when the server layer (sub-layer) fails. Therefore, the network is easy for maintenance and management.
This function is used to notify managed lock and service interruption of server layer (sublayer) MEPs. The data traffic is sent to a MEP that expects to receive it. This function helps the MEP that receives ETH-LCK frame to identify a fault. It is a managed lock action for server layer (sub-layer) MEP. Lock is an optional OAM management function. One typical scenario for applying this function is to perform detection when services are interrupted. In general, CFM is an end-to-end OAM technology at the server layer. It helps reduce operation and maintenance cost. In addition, it improves the competitiveness of service providers.
8.1.3 SLA
SLA is an agreement between users and a service provider about the service quality, priority, and responsibility. It is a telecommunication service evaluating standard negotiated by the service provider and users. In technology, SLA is a real-time network performance detection and statistic technology, which can collect statistics on responding time, network jitter, delay, packet loss ratio, and throughput, etc. SLA can be used to monitor related metrics by selecting different tasks for different applications. Ethernet throughput test (ETH-Test involved in this guide) is used for diagnostic test on continuous services. It is a part of ETH-Test technology defined by Y.1731. You can test the Layer 2 network throughput by configuring the test operation and enabling scheduling.
213
8 OAM
Operation
It is a static concept. It is a point-to-point SLA network performance test task, including Layer 2 network delay/jitter test (y1731-echo/y1731-jitter) and Layer 3 network delay/jitter test (icmp-echo/icmp-jitter).
Test
Detection
It is a dynamic concept. It is used to describe a procedure for sending-receiving detection packets in a test. According to the definition of operation, one test can contain multiple detections (For an Echo operation, one test contains one detection only).
Scheduling
It is a dynamic concept. It is used to describe a scheduling of one operation. One scheduling contains multiple periodical tests.
When configuring SLA on the iTN165-CES, note the following items: Up to 16 operations can be configured and scheduled simultaneously. Before performing operation scheduling, configure CFM, You cannot modify the scheduling information or re-schedule an operation before the operation scheduling is finished. Up to 20 detections are sent and 5 pieces of statistics are displayed for a test.
8.1.4 RFC2544
With widely application of Ethernet, more and more users perform data communicate through Ethernet. Ethernet services are configured and established based on SLA signed by the Carrier and users. Users care whether the Carrier can provide trusted service type and QoS. At this time, you can evaluate the network stability by testing the throughput, frame loss rate, and latency. RFC2544 is a network benchmarking test process and test method defined by Internet Engineering Task Force (IETF). It is used to test, evaluate, and analyze network quality or device performance. Therefore, the Carrier, vendors, and users can test the network quality/device performance at the same benchmarking level to reach an agreement on the test method, test process, and test result. RFC2544 defines how to provide the test method and test report of the following performance parameters:
The iTN165-CES supports test the throughput, frame loss rate, and latency based on RFC2544.
214
8 OAM
Throughput
Throughput refers to the maximum data flow to be forwarded when no frame is lost. In general, it is measured by the maximum number of frames/bits forwarded every second. This metric reflects the maximum data flow that can be processed when no frame is lost. Figure 8-4 shows a throughput test application, The Tester is a RFC2544-based tester. You can configure test parameters and view test results through the terminal. The Device Under Test (DUT) is an Ethernet device where the throughput test is to be performed. Figure 8-4 Throughput test
The throughput test process and calculation method are shown as below:
Begin to test the throughput from the maximum frame rate supported by the DUT. Reduce the frame rate to Y when the DUT begins to loss a frame. Increase the frame rate to Y when the DUT does not loss a frame. Use the dichotomy to test the maximum frame rate when the frame rate is equal to Y. The DTU throughput is equals to Y/Xmax 100%. Change the Ethernet frame size and then repeat the above test process to get DUT throughputs of different frame sizes.
215
8 OAM
The test process and calculation method of the frame loss rate are shown as below:
The Tester sends X frames at the maximum frame rate supported by the DTU. The Tester receives Y frames after the frames are forwarded by the DTU. The DTU frame loss rate is equal to (X-Y)/X 100%.
Latency
For a storage and forwarding device, the time, when the last Bit of the input data frame reach the input interface, is defined as the begin time. The time, when the first Bit of the input data frame reaches to the output interface, is defined as the end time. The difference between the begin time and end time is the latency. For a Bit and forwarding device, the time, when the first Bit of the input data frame reach the input interface, is defined as the begin time. The time, when the first Bit of the input data frame reaches to the output interface, is defined as the end time. The difference between the begin time and end time is the latency. This metric reflects the speed for a tested device/network processing data frames. Figure 8-6 shows a latency test application. The Tester is a RFC2544-based tester. You can configure the test parameters and view test results through the terminal. The Device Under Test (DUT) is an Ethernet device where the latency test is to be performed. Figure 8-6 Latency test
216
8 OAM
The latency test process and calculation method are shown as below:
The Tester sends data at a frame rate that is lower than the DUT throughput. Insert Tagged frames into the data flow. Test and calculate the latency for the DUT forwarding Tagged frames.
Back-to-back
Back-to-back refers to the maximum burst data flow size that can be received by the device when no frame is lost under at maximum rate and minimum packet interval. This metric reflects the capability of tested device/network for processing burst data traffic.
Test conditions
When performing RFC2544-based tests on a device or network, you must ensure that the DUT bears different loads to test performance parameters in a normal status or under the extra data traffic condition.
Use data frames with different sizes to perform the test. The Ethernet frame size can be 64/128/256/512/1024/1208/1518/1536 bytes. The test packet encapsulated by the Ethernet frame is the Y.1731 OAM packet. We recommend that the period for throughput and frame loss rate tests should not be shorter than 60s and the period for latency test should not be shorter than 120s. We recommend that the retry times should not be smaller than 20s and you should get the average value of test results.
Test methods
RFC2544-based test methods include the following types:
For a single device: test device performance parameters through the tester that supports RFC2544 standard. For the network: test network performance parameters through the tester or through the device in the network that supports RFC2544. The iTN165-CES is embedded with RFC2544 and can be used to test network performance.
As shown in Figure 8-7, iTN A sends test data frames at a specified frame rate. The test data frames are forwarded by the DUT to iTN B, where interface loopback is enabled. The test data frame are sent back to iTN A. iTN A counts, calculates, and analyzes received test data frames to get related performance. Figure 8-7 RFC2544 test
217
8 OAM
In Figure 8-7, iTN B must supports interface loopback. It is not required that iTN B supports RFC2544 or iTN B is identical to iTN A.
Test applications
RFC2544 test may involve into the following phases of Ethernet operation:
Ethernet design and construction phase Ethernet test and acceptance phase Ethernet service debugging and connection Ethernet routine maintenance and fault diagnostics
Differences between RFC2544 and ETH-Test Ethernet throughput test are shown as below: RFC2544 needs an independent test environment and is used to test network performance before services are activated. ETH-Test is used to test network performance when services are running.
Prerequisite
Before configuring EFM, you need to connect interfaces and configure physical parameters of interfaces. Make the physical layer Up.
Description Enter global configuration mode. (Optional) OAM link connection is established by both ends sending INFO packet to each other. You can use this command to set the interval for sending INFO packets to control the communicate period of the link. By default, the interval is set to 1s (10 100ms).
coefficient
218
8 OAM
Step 3
second
Command
Raisecom(config)#oam timeout
Description (Optional) set the OAM link timeout. When the time for both ends on the OAM link failing to receive OAM packets exceeds the timeout, it believes that the OAM link is broken. The unit is set to second. By default, the PAM link timeout is set to 5s.
4 5
Raisecom(config)#interface
interface-type interface-number
Raisecom(config-port)#oam { active | passive }
Enter physical layer interface configuration mode. Configure a working mode of EFM. When configuring EFM OAM, you must ensure that at least one end is in active mode. Otherwise, you cannot successfully detect a link. Enable OAM on An interface. By default, OAM is disabled on the interface.
Raisecom(config-port)#oam enable
Active functions of EFM must be configured when the iTN165-CES is in active mode.
You
can discover network faults in time by periodically detecting loopbacks. By detecting loopbacks in segments, you can locate exact areas where faults occur and you can troubleshoot these faults. When a link is in a remote loopback status, the iTN165-CES returns all packets but OAM packets received by the link to the peer. At this time, the user data packet cannot be forwarded properly. Therefore, disable this function immediately when detection is not required. Step 1 2 3 Command
Raisecom#config Raisecom(config)#interface
Description Enter global configuration mode. Enter physical layer interface configuration mode. Initiate EFM remote loopback on an interface. The remote loopback can be initiated only when EFM connection is established. In addition, only the active end can initiate EFM remote loopback. (Optional) disable EFM remote loopback immediately after EFM loopback detection is finished.
interface-type interface-number
Raisecom(config-port)#oam remoteloopback
219
8 OAM
Description Enter global configuration mode. Enter physical layer interface configuration mode. Enable peer OAM event Trap to report link monitoring events to the NView NNM system immediately. By default, peer OAM event Trap is disabled.
interface-type interface-number
Raisecom(config-port)#oam peer event trap enable
After EFM connection is established, you can get current link status by getting the current variable values of the peer. Step 1 Command
Raisecom#show oam peer [ link-statistic | oaminfo ] interface-type interface-number-list
Description Get OAM information or variable values about the peer device.
The passive functions of EFM can be configured regardless of the iTN165-CES is in active or passive mode.
The peer EFM remote loopback will not take effect until the remote loopback response is configured on the local device. Step 1 2 3 Command
Raisecom#config Raisecom(config)#interface
Description Enter global configuration mode. Enter physical layer interface configuration mode. Ignore/respond to EFM remote loopback. By default, the iTN165-CES responds to EFM remote loopback.
interface-type interface-number
Raisecom(config-port)#oam loopback { ignore | process }
220
8 OAM
OAM link monitoring is used to detect and report link errors in different conditions. When detecting a fault on a link, the iTN165-CES provides the peer with the generated time, window, and threshold, etc. by OAM event notification packets. The peer receives event notification and reports it to the NView NNM system via SNMP Trap. Besides, the local device can directly report events to the NView NNM system via SNMP Trap. By default, the system sets default value for error generated time, window, and threshold. Step 1 2 3
Raisecom#config Raisecom(config)#interface interface-
Command
Description Enter global configuration mode. Enter physical layer interface configuration mode. Configure the monitor window and threshold for an error frame event. By default, the monitor window is set to 1s and the threshold is set to 1 error frame.
type interface-number
Raisecom(config-port)#oam errored-frame window window threshold threshold
Configure the monitor window and threshold for an error frame period event. By default, the monitor window is set to 100ms and the threshold is set to 1 error frame.
threshold
Configure the monitor window and threshold for an error frame seconds event. By default, the monitor window is set to 60s and the threshold is set to 1s. Configure the monitor window and threshold for an error symbol event. By default, the monitor window is set to 60s and the threshold is set to 1s.
threshold
Description Enter global configuration mode. Enter physical layer interface configuration mode. Enable OAM fault indication mechanism, which is used to inform the peer when the local device fails. By default, OAM fault indication is enabled.
interface-type interface-number
Raisecom(config-port)#oam notify { critical-event | dying-gasp | errored-frame | errored-symbolperiod | errored-frame-seconds | errored-frame-period } enable
221
8 OAM
Description Enter global configuration mode. Enter physical layer interface configuration mode. Enable local OAM event Trap to report link monitoring events to the NView NNM system immediately. By default, local OAM event Trap is disabled.
interface-type interface-number
Raisecom(config-port)#oam event trap enable
Description Enter global configuration mode. Enter physical layer interface configuration mode. Configure OAM loopback timeout. By default, OAM loopback timeout is set to 3s. Configure OAM loopback packet retry times. By default, OAM loopback packet retry times are set to 2. (Optional) ignore/respond to the peer OAM loopback establishment request. By default, the peer OAM loopback establishment request is ignored.
interface-type interface-number
Raisecom(config-port)#oam loopback timeout second Raisecom(config-port)#oam loopback retry retry-number Raisecom(config-port)#oam loopback { ignore | process }
Description Show EFM basic configurations. Show EFM remote loopback configurations. Show OAM link monitoring and fault indication configurations. Show OAM statistics. Show OAM event Trap configurations. Show local OAM link events detected on an interface.
222
8 OAM
Prerequisite
Before configuring CFM, you should finish following operations:
Connect interfaces and configure physical parameters of the interfaces. Make the physical layer Up. Create a VLAN. Add interfaces to the VLAN.
CFM fault detection and CFM fault location functions cannot take effect until the CFM is enabled. Step 1 2 3 4 Command
Raisecom#config Raisecom(config)#ethernet cfm enable Raisecom(config)#interface
Description Enter global configuration mode. Enable global CFM. By default, global CFM is disabled. Enter physical layer interface configuration mode. (Optional) enable CFM on an interface. By default, CFM is enabled on the interface.
interface-type interface-number
Raisecom(config-port)#ethernet cfm enable
223
8 OAM
Step 2
Command
Raisecom(config)#ethernet cfm domain [ md-name domain-name ] level level
Description Create a MD. If a MD name is assigned by the md-name parameter, it indicates that the MD is in IEEE 802.1ag style. And all MAs and CCMs in the MD are in 802.1ag style. Otherwise, the MD is in Y.1731 style and all MAs and CCMs in the MD are in Y.1731 style. If a name is specified for a MD, the name must be unique in global. Otherwise the MD is configured unsuccessfully.
Levels of different MDs must be different. Otherwise the MD is not successfully configured. 3
Raisecom(config)#service cisid level level
Create a service instance and enter service instance configuration mode. Character strings composed by MD name/service instance name are unique in global. If a service instance existed, you can use this command to enter service instance configuration mode directly. Configure VLAN mapping based on the service instance. The VLAN list contains up to 32 VLANs. If you do not use the primary-vlan parameter to specify the primary VLAN, the minimum VLAN is taken as the primary VLAN of the service instance. All MEPs in the service instance send and receive packets through this primary VLAN.
The primary VLAN is used to send and receive packets. Therefore, all non-primary VLANs are mapped to the primary VLAN in logical. This logical VLAN mapping relationship is global, but VLANs cannot be crossed. For example, service instance 1 is mapped to VLANs 1220 and service instance 2 is mapped to VLANs 1530. Therefore, VLANs 15 20 are crossed. This configuration is illegal. 5
Raisecom(configservice)#service mep [ up | down ] mpid mep-id interface-
Configure MEPs based on a service instance. When configuring a MEP based on a service instance, you must ensure that the service instance is mapped to a VLAN. By default, the MEP is Up. It indicates detecting the fault in uplink direction.
type interface-number
224
8 OAM
Step 2
Command
Raisecom(config)#ethernet cfm remote mep age-time minute Raisecom(config)#ethernet cfm errors archive-hold-time minute
Description (Optional) configure the aging time of RMEP. By default, the aging time of RMEP is set to 100min. (Optional) configure the hold time of error CCMs. Fault information reported by all MEPs is saved on the iTN165CES. By default, the hold time OF error CCMs is 100min. When a new holdtime is configured, the system will detect the database immediately. The data will be removed if exceeds the time.
4 5
Raisecom(config)#service cis-id level level Raisecom(configservice)#service cc interval { 1 | 10 | 60 | 600 | 3ms | 10ms | 100ms }
Enter service instance configuration mode. (Optional) configure the interval for sending CCMs. By default, the interval for sending CCMs is 10s. The interval for sending CCM packets cannot be modified when CCM delivery is enabled.
Only when hardware CC is performed during the device sends packets in Down direction, Parameters 3ms | 10ms | 100ms are available. These parameters are not available when software CC is performed. 6
Raisecom(configservice)#service cc enable mep { mep-id-list | all } Raisecom(configservice)#service remote-mep mep-id [ remote-mac macaddress ] [ interface-type interface-number ] Raisecom(configservice)#service remote-mep learning active
Enable MEPs sending CCMs. By default, MEPs do not sending CCMs. (Optional) configure the static RMEP, which cooperates with cc check. The remote-mac mac-address parameter is used to specify the MAC address of the RMEP. (Optional) configure REMP learning dynamic import. After REMP learning dynamic import is enabled, when receiving a CCM, the service instance will automatically translate the dynamically-learned REMP into the staticallyconfigured RMEP. By default, REMP learning dynamic import is disabled.
10
(Optional) enable cc check of the REMP. By default, cc check of the RMEP is disabled. (Optional) configure the CVLAN of a CFM OAM packet, which needs to be configured only in QinQ networking environment. By default, the CFM OAM packet does not carry the CTAG. After the CVLAN is configured for a service instance, CCMs, LBMs, LTMs, and DMMs sent by MEPs in the service instance will carry double TAG, where the CT-TAG is the CVLAN configured by this command.
225
8 OAM
Step 11
Command
Raisecom(configservice)#service priority
Description (Optional) configure the priority of CFM OAM packet. After the priority is configured, CCMs, LBMs, LTMs, and DMMs sent by MEPs in a service instance will use the assigned priority. By default, the priority is set to 7.
priority
Description Enter global configuration mode. Enter service instance configuration mode. Perform Layer 2 Ping for acknowledging faults. By default, 5 LBMs are sent. The TLV length of a packet is set to 64. The iTN165-CES automatically looks for an available source MEP. If Layer 2 Ping is performed by specifying the destination MEP ID, CFM cannot finish Ping operation unless it finds the MAC address of the destination MEP based on the MEP ID. The source MEP will save RMEP data in the source MEP database after discovering and stabilizing the RMEP. And then according to MEP ID, the source MEP can find the MAC address of the RMEP in the RMEP database.
Before executing this command, ensure that global CFM is enabled. Otherwise, the Ping operation fails; If there is no MEP in a service instance, Ping operation will fail because of failing to find source MEP; Ping operation will fail if the specified source MEP is invalid. For example, the specified source MEP does not exist or CFM is disabled on the interface where the specified source MEP is; Ping operation will fail if the Ping operation is performed based on the specified destination MEP ID and the MAC address of destination is not found based on the MEP ID; Ping operation will fail if other users are using the specified source MEP to perform Ping operation.
Raisecom Technology Co., Ltd. 226
8 OAM
Description Enter global configuration mode. (Optional) enable the traceroute cache switch. When the traceroute cache switch is disabled, the result will be automatically erased by the traceroute command. By default, the traceroute cache switch is disabled.
minute
(Optional) configure the hold time of data in the traceroute cache. You can configure the hold time when the traceroute cache is enabled. By default, the hold time is set to 100min.
(Optional) configure the traceroute cache size. You can configure the traceroute cache size when the traceroute cache is enabled. By default, the traceroute cache size is set to 100. The data are not saved when the traceroute cache is disabled.
5 6
Raisecom(config)#service cis-id level level Raisecom(config-service)# traceroute { mac-address [ ttl ttl ] [ source mep-id ] | mep mep -id [ ttl ttl ] [ source mep-id ] [ interface-mode ] [ timeout second ] | mip icc icc-code node-id [ ttl ttl ] [ interface-num interface-num ] [ timeout second ] | ttl ttl [ interface-mode ] [ timeout second ] }
Enter service instance configuration mode. Perform Layer 2 Traceroute for locating faults. By default, the TLV length of a packet is set to 64. The iTN165-CES automatically looks for an available source MEP.
Before executing this command, ensure that global CFM is enabled. Otherwise, the Traceroute operation fails; If there is no MEP in a service instance, Traceroute operation will fail because of failing to find source MEP; Traceroute operation will fail if the specified source MEP is invalid. For example, the specified source MEP does not exist or CFM is disabled on the interface where the specified source MEP is; Traceroute operation will fail if the Ping operation is performed based on the specified destination MEP ID and the MAC address of destination is not found based on the MEP ID; If the CC feature is invalid, you can ensure Layer 2 Traceroute operation works normally by configuring static RMEP and specifying MAC address. Traceroute operation will fail if other users are using the specified source MEP to perform Traceroute operation.
227
8 OAM
8.3.7 ConfiguringAIS
Configuring AIS on server-layer devices
Step 1 2 3 Command
Raisecom#config Raisecom(config)#service cis-id level level Raisecom(config-service)#service ais enable Raisecom(config-service)#service ais period { 1 | 60 } Raisecom(config-service)#service ais level level
Description Enter global configuration mode. Enter service instance configuration mode. Enable AIS delivery. By default, AIS delivery is disabled. Configure the AIS delivery period. By default, the AIS delivery period is set to 1s. Configure the level of the customer-layer MD to which AIS is sent.
4 5
Description Enter global configuration mode. Enter service instance configuration mode. Enable alarm inhibition. By default, alarm inhibition is enabled.
Description Enter global configuration mode. Enter service instance configuration mode. Enable LCK delivery. By default, LCK delivery is disabled. Configure the LCK delivery period. By default, the LCK delivery period is set to 1s. Configure the level of the customer-layer MD to which LCK is sent.
4 5
228
8 OAM
Command
Description Enter global configuration mode. Enter service instance configuration mode. Enable alarm inhibition. By default, alarm inhibition is enabled.
Description Show CFM global configurations. Show configurations on MDs and service instances. Show error CCM database information. Show ETH-LCK signals. Show local MEP configurations.
6 7
8 9
Show CFM alarm inhibition configurations. Show Link-Trace cache route discovery information.
229
8 OAM
By selecting two detection points (source and destination iTN devices), SLA configures and schedules SLA operations on a detection point. Therefore, network performance between this 2 detection points can be detected. SLA makes a statistics on round-trip packet loss ratio, round-trip/unidirectional (SD/DS) delay, jitter, jitter variance, jitter distribution, throughput, and LM packet loss test. In addition, it reports these data to the upper monitoring software (such as the NView NNM system) to help analyze network performance for getting an expected result.
Prerequisite
Before configuring SLA, you should finish following operations:
When you configure Layer 2 test operations, deploy CFM between local and remote devices that need to be detected. Layer 2 Ping operation succeeds between local and remote devices. When you configure Layer 3 test operations (icmp-echo and icmp-jitter), Layer 3 Ping operation succeeds between local and remote devices.
Command
Description Enter global configuration mode. Configure the SLA y1731-echo operation based on the destination MEP ID. Configure the SLA y1731-echo operation based on the destination MAC address. Configure the SLA y1731-jitter operation based on the destination MEP ID. Configure the SLA y1731-jitter operation based on the destination MAC address. Configure basic information of the SLA icmp-echo operation. Configure basic information of the SLA icmp-jitter operation.
6 7
230
8 OAM
Step 8
Command
Raisecom(config)#sla oper-num y1731-pkt-loss remote-mep mep-id level level svlan vlan-id [ cvlan cvlan-id ] [ cos cos-id ] [ interval interval-num ] [ packets packet-num ]
Description Configure the SLA y1731-pkt-loss packet loss test operation based on the MEP ID.
When you perform packet loss ratio test based on the MEP ID, we recommend specifying the MAC address when you use the service remote-mep command to configure the RMEP. 9
Raisecom(config)#sla oper-num y1731-pkt-loss remote-mac mac-address level level svlan vlan-id [ cvlan cvlan-id ] [ cos cos-id ] [ interval interval-num ] [ packets packet-num ] Raisecom(config)#sla y1731-echo quick-input [ level level [ svlan vlan-id ] ] [ dm ] Raisecom(config)#sla y1731-jitter quick-input [ level level [ svlan vlan-id ] ] [ dm ] Raisecom(config)#sla private-tlv enable
Configure the SLA y1731-pkt-loss packet loss test operation based on the destination MAC address. Create the y1731-echo operation quickly. Create the y1731-jitter operation quickly. (Optional) configure whether the SLA operation is padded with the private TLV. By default, the SLA operation is not padded with the private TLV. Configure the delay threshold, jitter threshold, and packet loss ratio threshold. Enable sending Trap when the test result exceeds the threshold.
10 11 12
13
threshold-value
14
Raisecom(config)#sla oper-num loss-pkt-trap { current | average } enable Raisecom(config)#sla oper-num { delay-trap | jitter-trap } { current | average } [ ds | sd | two-way ] enable
After configuring one operation (differed by operation ID), you cannot modify or configure it again. You need to delete the operation in advance if you need to configure it again. SLA supports scheduling up to 100 operations at one time. Before you stop scheduling the same operation, you cannot modify scheduling information or reschedule the operation. If you need to reschedule the operation, you need to finish the scheduling (reach scheduling life time or stop scheduling) before performing the next scheduling. The private TLV is designed for Raisecom devices. When SLA operations are padded with the private TLV, you can configure and schedule any operations. When SLA operations are not padded with the private TLV, VLANs of DMs and
231
8 OAM
LMs should be different. In addition, LB packets cannot be co-scheduled with DMs and LMs. If SLA operations are padded with the private TLV, if may influence communicated with devices from other vendors.
Command
Description Enter global configuration mode. Configure SLA scheduling information, including the life time and execution interval. Enable SLA operation scheduling. By default, operation scheduling is disabled.
The operation life time should not be smaller than the interval for performing SAL operations. The interval for performing SLA operations should not be smaller than 20s.
8.4.4 Configuring basic ETH-Test throughput test operation information and enabling operation scheduling
The prerequisites for configuring throughput test are shown as below: CFM is deployed on local and remote devices. Ping operation succeeds between local and remote devices. Step 1 2
Raisecom#config Raisecom(config)#sla y1731-throughput enable
Command
Description Enter global configuration mode. Enable ETH-Test throughput test. By default, ETH-Test throughput test is disabled.
Raisecom(config)#sla y1731-throughput oper-id { local-mep mep-id remote-mep mep-id | remote-mac mac-address } level level-id svlan vlan-id [ cvlan vlan-id ] [ cos cos-id ]
Create the ETH-Test throughput test operation, including the test operation ID, local MEP ID, remote MEP ID, remote MAC address, MEG level, SVLAN ID, CVLAN ID, and CoS priority.
232
8 OAM
Step 4
Command
Raisecom(config)#sla y1731-throughput oper-id { one-way | two-way } object band-width packet-size pkt-length pattern { null | nullcrc | prbs | prbs-crc } duration lasting-time
Description (Optional) configure parameters of the ETH-Test throughput test operation, including the test operation ID, test direction (unidirectional/bidirectional), destination test bandwidth, test packet size, padding mode of the test packet payload, and hold time. By default, the test operation is a unidirectional one.
Destination test bandwidth: 100 Mbit/s Test packet size: 1024 bytes Padding mode of the test packet payload: null Hold time: 30s.
oper-id
Enable ETH-Test throughput test operation scheduling. By default, ETH-Test throughput test operation scheduling is disabled.
ETH-Test does not support testing multiple operations at one time. If multiple operations are scheduled, they are tested in order based on the scheduling time. Up to 10 ETH-Test test operations are supported. Operations are distinguished by the operation ID.
Description Show SLA configurations. Show the last test information of an operation. Show operation scheduling statistics. Show ETH-Test throughput test operation configurations. Show test result of the ETH-Test throughput test operation. Show operation scheduling threshold configurations and Trap status.
Raisecom#show sla { all | oper-num } statistic Raisecom#show sla y1731-throughput oper-id configuration Raisecom#show sla y1731-throughput oper-id result Raisecom#show sla { all | oper-num } threshold
233
8 OAM
The show sla y1731-throughput oper-id result command can be used to show statistics of ETH-Test throughput test operation test results. For an operation, up to 5 groups of statistics are supported. If it is over 5, the oldest statistics (from the starting time of the scheduling) will be aged.
Configuring related parameters of the test operation, including global parameters, test frame size, test speed, and test retry times. Scheduling the test operation. Performing the test operation. Reporting test results.
The iTN165-CES schedules and tests the operation by following the following rules:
After a test operation is scheduled, you cannot re-schedule or delete it before the test process is finished. A scheduling command can be used to schedule multiple test operations with same type. These operations are scheduled based on the creation time. Schedule multiple different test operations based on the scheduling time. The result of a performed test operation is saved in the related result table. When Trap is enabled, the NView NNM system can manage the test operation. If a performed test operation is re-scheduled, the original test result table will be cleared.
The iTN165-CES supports scheduling up to 24 operations simultaneously. Only one operation is being scheduled while the others wait for being scheduled.
Prerequisite
The remote device, participating in RFC2544 test, is enabled with interface loopback. When the remote device is enabled with SMAC-based interface loopback, the SMAC should be the MAC address of the local device whose third byte is replaced with the 5F. For example, if the MAC address of the local device is set to 000E.5E12.1212, the SMAC of the loopback packet should be set to 000E.5F12.1212. We recommend that the MTU size of devices, participating in RFC2544 test, is greater than 1540 bytes. OAM remote loopback, MPLS-TP OAM, interface loopback, and ETH-Test are disabled on the iTN165-CES.
Raisecom Technology Co., Ltd. 234
8 OAM
VLANs are created on the iTN165-CES. In addition, the interfaces are in Trunk mode.
Description Enter global configuration mode. Enable RFC2544 benchmarking test. By default, RFC2544 benchmarking test is disabled.
Enable RFC2544 Trap. By default, RFC2544 Trap is enabled. Configure the RFC2544 remote device loopback MAC address. By default, the remote device loopback MAC address is set to 0000.0000.0000.
mac-address
(Optional) enable RFC2544 SVLAN (outer VLAN)/CVLAN (inner VLAN). By default, SVLAN is enabled while CVLAN is disabled.
(Optional) configure the TPID of SVLAN/CVLAN. By default, the TPID of SVLAN/CVLAN is set to 0x8100. (Optional) configure the VLAN ID of SVLAN/CVLAN. By default, the VLAN ID of SVLAN/CVLAN is set to 1. (Optional) configure the CoS value of SVLAN/CVLAN. By default, the CoS value of SVLAN/CVLAN is set to 0. (Optional) configure the Y.1731 MEG level of the RFC2544 test packet. By default the MEG level is set to 7.
Raisecom(config)#rfc2544 { svlan | cvlan } vlanid vlan-id Raisecom(config)#rfc2544 { svlan | cvlan } cos cos-value Raisecom(config)#rfc2544 meglevel meg-level
10
Configure the padding mode of the RFC2544 test packet payload, including fixed and increasing. By default, the padding mode of the RFC2544 test packet payload is set to fixed. (Optional) configure the padding value of RFC2544 test packet payload in fixed mode. By default, the padding value of the payload is set to 0x12345678.
11
Related configurations of RFC2544 do not take effect unless RFC2544 benchmarking test is enabled. If only SVLAN is enabled, the test packet carries one VLAN Tag.
Raisecom Technology Co., Ltd. 235
8 OAM
If both SVLAN and CVLAN are enabled, the test packet carries double VLAN Tags. The SVLAN is the outer Tag and the CVLAN is the inner Tag. To enable CVLAN, you must enable SVLAN in advance. In addition, the SVLAN is the outer Tag and the CVLAN is the inner Tag. If SVLAN and CVLAN are disabled, the test packet does not carry the VLAN Tag. CoS priority and VLAN ID configurations do not take effect unless the related VLAN is enabled. VLAN configurations of the test packet have nothing with the ones of the forwarding interface.
Command
Description Enter global configuration mode. Configure public parameters of RFC2544 throughput test. The default configurations are shown as below:
Maximum speed: 1000 Mbit/s Minimum speed: 1 Mbit/s Speed change granularity: 10 Mbit/s Tolerable test frame loss rate: 0 Test period: 60s Test result precision: 1 Mbit/s Test retry times: 20
Raisecom(config)#rfc2544 throughput testid frame-size { 64 | 128 | 256 | 512 | 1024 | 1280 | 1518 | 1536 } Raisecom(config)#rfc2544 schedule throughput [ all | test-id ]
Configure a throughput test operation, including the operation ID and test frame size. Schedule a RFC2544 throughput test operation.
Command
Description Enter global configuration mode. Configure public parameters of RFC2544 latency test. The default configurations are shown as below:
trial-value
Maximum speed: 1000 Mbit/s Initial speed: 1000 Mbit/s Speed change granularity: 10 Mbit/s Test period: 60s Test retry times: 20
Raisecom(config)#rfc2544 latency test-id frame-size { 64 | 128 | 256 | 512 | 1024 | 1280 | 1518 | 1536 }
Configure a latency test operation, including the operation ID and test frame size.
236
8 OAM
Step 4
Command
Raisecom(config)#rfc2544 schedule latency [ all | test-id ]
Command
Description Enter global configuration mode. Configure public parameters of RFC2544 frame loss rate test. The default configurations are shown as below:
Raisecom(config)#rfc2544 frame-loss testid rate rate-value frame-size { 64 | 128 | 256 | 512 | 1024 | 1280 | 1518 | 1536 } Raisecom(config)#rfc2544 schedule frameloss [ all | test-id ]
Configure a frame loss rate test operation, including the operation ID and test frame size. Schedule a RFC2544 frame loss rate test operation.
Description Show RFC2544 basic configurations. Show public parameter configurations of throughput test. Show public parameter configurations of latency test. Show public parameter configurations of frame loss rate test. Show throughput test operation configurations. Show latency test operation configurations. Show frame loss rate test operation configurations. Show throughput test results. Show latency test results. Show frame loss rate test results.
237
8 OAM
8.6 Maintenance
Command
Raisecom(config-port)#clear oam { event | statistics } Raisecom(config)#clear oam config
Description Clear EFM OAM interface link statistics/OAM frame statistics. Clear EFM OAM configurations to return to Passive and Disable status. Clear CCM error database information. Clear RMEPs. Clear traceroute cache database.
Raisecom(config)#clear ethernet cfm errors [ level level ] Raisecom(config)#clear ethernet cfm remote-mep [ level level ] Raisecom(config)#clear ethernet cfm traceroute-cache
Configuration steps
Step 1 Configure iTN A.
Raisecom#hostname iTNA iTNA#config iTNA(config)#oam active iTNA(config)#interface line 1 iTNA(config-port)#oam enable iTNA(config-port)#oam event trap enable iTNA(config-port)#oam peer event trap enable
238
8 OAM
iTNA#write
iTNB#write
Checking results
Use the show oam command on iTN A to show EFM configurations.
iTNA#show oam line 1 Port: line 1 Mode: Active Administrate state: Enable Operation state: Operational Max OAMPDU size: 1518 Send period: 1000 ms Link timeout : 10 s Config revision: 1 Supported functions: Loopback, Event, Variable
Use the show oam trap command on iTN A to show OAM event Trap configurations.
iTNA#show oam trap line 1 Port:line 1 Event trap:Enable Peer event trap:Enable Discovery trap total:0 Discovery trap timestamp:0 days, 0 hours, 0 minutes Lost trap total:0 Lost trap timestamp:0 days, 0 hours, 0 minutes
239
8 OAM
Configuration steps
Step 1 Add interfaces to the VLAN.
Configure iTN A.
Raisecom#hostname iTNA iTNA#config iTNA(config)#create vlan 100 active iTNA(config)#interface client 1 iTNA(config-port)#switchport access vlan 100 iTNA(config-port)#exit iTNA(config)#interface line 1 iTNA(config-port)#switchport mode trunk iTNA(config-port)#switchport trunk allowed vlan 100 iTNA(config-port)#exit
Configure iTN B.
240
8 OAM
Configure iTN C.
Raisecom#hostname iTNC iTNC#config iTNC(config)#create vlan 100 active iTNC(config)#interface client 1 iTNC(config-port)#switchport access vlan 100 iTNC(config-port)#exit iTNC(config)#interface line 1 iTNC(config-port)#switchport mode trunk iTNC(config-port)#switchport trunk allowed vlan 100 iTNC(config-port)#exit
Configure iTN A.
iTNA(config)#ethernet cfm domain level 3 iTNA(config)#service ma1 level 3 iTNA(config-service)#service vlan-list 100 iTNA(config-service)#service mep up mpid 301 client 1 iTNA(config-service)#service remote-mep learning active iTNA(config-service)#service cc enable mep all iTNA(config-service)#exit iTNA(config)#ethernet cfm enable iTNA(config)#interface line 1 iTNA(config-port)#ethernet cfm enable iTNA(config-port)#interface client 1 iTNA(config-port)#ethernet cfm enable
Configure iTN B.
iTNB(config)#ethernet cfm domain level 3 iTNB(config)#service ma1 level 3 iTNB(config-service)#service vlan-list 100 iTNB(config-service)#exit iTNB(config)#ethernet cfm enable iTNB(config)#interface line 1
241
8 OAM
Configure iTN C.
iTNC(config)#ethernet cfm domain level 3 iTNC(config)#service ma1 level 3 iTNC(config-service)#service vlan-list 100 iTNC(config-service)#service mep up mpid 302 client 1 iTNC(config-service)#service remote-mep learning active iTNC(config-service)#service cc enable mep all iTNC(config-service)#exit iTNC(config)#ethernet cfm enable iTNC(config)#interface line 1 iTNC(config-port)#ethernet cfm enable iTNC(config-port)#interface client 1 iTNC(config-port)#ethernet cfm enable
iTNA(config)#service ma1 level 3 iTNA(config-service)#ping mep 302 source 301 Sending 5 Ethernet CFM loopback messages to 000E.5E00.0002, timeout is 2.5 seconds: !!!!! Success rate is 100 percent (5/5). Ping statistics from 000E.5E00.0002: Received loopback replys<5 /0 /0 > (In order/Out of order/Error)
iTNA(config)#service ma1 level 3 iTNA(config-service)#traceroute mep 302 source 301 TTL: <64> Tracing the route to 000E.5E00.0002 on level 3, service ma1. Traceroute send via client1. ------------------------------------------------------------------------Hops HostMac Ingress/EgressPort IsForwarded RelayAction NextHop ------------------------------------------------------------------------1 000E.5E00.0003 C1/L1 Yes rlyFdb 000E.5E00.0003 2 000E.5E00.0003 L1/L2 Yes rlyFdb 000E.5E00.0001 !3 000E.5E00.0001 L1/No rlyHit 000E.5E00.0002
242
8 OAM
Checking configurations
Use the show ethernet cfm command on iTN devices to show CFM configurations, taking iTN A for an example.
iTNA#show ethernet cfm Port cfm enabled portlist:line:1-4 client:1-12 PC:1-8 Global cfm status: Enable Archive hold time of error CCMs: 100(Min) Remote mep aging time: 100(Min) Device mode: Slave
Operation ID: 2 RMEP ID: 2 MD level: 3 VLAN ID: 100 CoS priority: 0 Scheduling lifetime: 20s Test period: 10s
243
8 OAM
Configuration steps
Step 1 Configure CFM on iTN devices. For detailed configurations, see section 8.7.2 Examples for configuring CFM. Step 2 Configure the y1731-echo operation on iTN C and enable operation scheduling.
iTNC#config iTNC(config)#sla 2 y1731-echo remote-mep 2 level 3 svlan 100 cos 0 iTNC(config)#sla schedule 2 life 20 period 10
iTNC#write
Checking results
Use the show sla configuration command on iTN C to show SLA configurations.
244
8 OAM
StartTime: 0 days, 0 : 0 : 50 -----------------------------------------------------------------------Cos: 0 Service Vlan ID: 100 Customer Vlan ID: 0 MD Level: 3 Remote MEP ID: 2 Timeout(sec): 5 Schedule Life(sec): 20 Schedule Period(sec): 10 Schedule Status: active
Use the show sla result command on iTN C to show SLA scheduling results.
iTNC(config)#show sla 2 result -----------------------------------------------------------------------Operation <1026>: Success Info of Latest Test: TWO-WAY ONE-WAY(SD) ONE-WAY(DS) -----------------------------------------------------------------------Delay(usec): < 1 -----
MEP ID of iTN A: 1 MEP ID of iTN B: 2 MD level: 2 SVLAN ID: 100 CVLAN ID: 200 CoS priority: 3 Destination test bandwidth: 100 Mbit/s Duration time: 60s Other parameters: default values
245
8 OAM
Configuration steps
Step 1 Configure iTN A and iTN B respectively. Set iTN A and iTN B to different MEPs in a service instance. In addition, iTN A and iTN B can discover each other. For detailed configurations, see section 8.7.2 Examples for configuring CFM. Step 2 Enable iTN A ETH-Test test operation and configure basic information.
iTNA(config)#sla y1731-throughput enable iTNA(config)#sla y1731-throughput 1 local-mep 1 remote-mep 2 level 2 svlan 100 cvlan 200 cos 3 iTNA(config)#sla y1731-throughput 1 two-way object 100 packet-size 1024 pattern null duration 60
iTNA#write
246
8 OAM
iTNB#write
Checking results
Use the show sla y1731-throughput oper-id configuration command on iTN A to show configurations on the ETH-Test test operation.
iTNA(config)#show sla y1731-throughput 1 configuration Operation <1>: Remote mac-address: 0000.0000.0000 Local MEP ID: 1 Remote MEP ID: 2 MD Level: 2 CoS: 3 Service Vlan ID: 100 Customer Vlan ID: 200 Bothway Config: 1 Object Band-width: 100 Packet Length: 1024 Packet Pattern: 0 Test Duration: 60 Schedule Status: completed
Use the show sla y1731-throughput oper-id result command to show throughput test results.
iTNA(config)#show sla y1731-throughput 1 result -----------------------------------------------------------------------Operation <1>: Test Starttime: 0 days, 00:13:11:46 Test Endtime: 0 days, 00:14:11:46 Statistic Starttime: 0 days, 00:13:07:30 Statistic Endtime: 0 days, 00:14:17:30 Operation <1>: Success -----------------------------------------------------------------------Statistic of Test: Local Dev Remote Dev -----------------------------------------------------------------------SendUsrPStatics: 0 0 SendUsrBStatics: 0 0 RecvUsrPStatics: 0 0 RecvUsrBStatics: 0 0 SendTestPStatics: 0 0 SendTestBStatics: 0 0 RecvTestPStatics: 0 0 RecvTestBStatics: 0 0 ReceiveSeqErrStatics: 0 0 ReceiveCrcErrStatic: 0 0
247
8 OAM
Configuration steps
Step 1 Configure RFC2544 basic information on iTN A.
Step 2 Configure public parameters of throughput test on iTN A and configure the test operation.
Raisecom(config)#rfc2544 throughput max-rate 1000 min-rate 1 step 10 frame-loss 0 duration 60 resolution 1 trial 20 Raisecom(config)#rfc2544 throughput 1 frame-size 128
Before scheduling the throughput test operation, you must ensure that iTN B is enabled with interface loopback. Otherwise, configurations fail.
248
8 OAM
iTNA#write
iTNB#write
Checking results
Use the show rfc2544 global-configure command on iTN A to show RFC2544 basic configurations.
Raisecom(config)#show rfc2544 global-configure RFC2544 function: enable send trap: enable svlan: enable cvlan: enable remote mac: 000e.5e12.3456 payload-pattern-mode: fixed fixed-pattern-value: 0x12345678 OpCode: 7 MEG-level: 7 vlan tpid cos vlan-id -----------------------------------------------SVLAN 8100 0 1 CVLAN 8100 0 1
Use the show rfc2544 throughput-configuration command to show configurations on public parameters of iTN A throughput test.
Raisecom(config)#show rfc2544 throughput-configuration Function: throughput maxSpeed(Mbps): 1000 minSpeed(Mbps): 1 stepSize(Mbps): 10 frameLossRate(0.01%): 5000 resolution(Mbps): 1 duration(s): 60 trial: 20
249
8 OAM
Use the show rfc2544 throughput command to show configurations on the iTN A throughput test operation.
Use the show rfc2544 throughput-result command to show throughput test results.
Raisecom(config)#show rfc2544 throughput-result testID trialIndex TxCount Throughput(Mbps) resultStatus --------------------------------------------------------------1 1 84459000 1000 success 1 2 84459000 1000 success 1 3 84459000 1000 success 1 4 84459000 1000 success 1 5 84459000 1000 success 1 6 84459000 1000 success 1 7 84459000 1000 success
Configuration steps for the iTN165-CES to perform RFC2544 delay test and RFC2544 packet loss ration test are basically the same as the ones of RFC2544 throughput test with a few differences on CLI parameters. For detailed configuration steps, see 8.5.4 Configuring RFC2544 latency test and 8.5.5 Configuring RFC2544 frame loss rate test.
250
9 Security
Security
This chapter describes principles and configuration procedures of the security feature, as well as related configuration examples, including following sections:
Introduction Configuring ACL Configuring RADIUS Configuring TACACS+ Configuring storm control Maintenance Configuration examples
9.1 Introduction
With continuous development of Internet technology, network is increasingly applied. More and more enterprises make development with network. How to ensure the data and resource security becomes a significant problem. In addition, the device performance is reduced or the device operates improperly in case users access the network in an unconscious but aggressive way. Security technologies, such as Access Control List (ACL) and user authentication, can improve network and device security effectively.
9.1.1 ACL
To control influence of illegal packets on the network, you need to configure a series of rules on network devices to decide which packets can be transmitted. There rules are defined through ACL. ACL is a series of sequential rules composed by permit | deny sentences. These rules describe packets based on based on source MAC addresses, destination MAC addresses, source IP addresses, destination IP addresses, and interface IDs. The device decides packets to be received or refused based on these rules.
251
9 Security
9.1.2 RADIUS
Remote Authentication Dial In User Service (RADIUS) is a standard communication protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for remote users. RADIUS uses the User Datagram Protocol (UDP) as the transport protocol (port 1812/1813) and has good instantaneity. In addition, RADIUS supports re-transmission mechanism and backup server mechanism. Therefore, it provides good reliability. RADIUS works in client/server mode. Network devices are clients of the RADIUS server. RADIUS server is responsible for receiving users' connection requests, authenticating uses, and replying configurations required by all clients to provide services for users. This mode can control users accessing devices and network to improve network security. Clients and the RADIUS server communicate with each other through the shared key. The shared key is not transmitted through the network. In addition, any user password needs to be encapsulated when it is transmitted through clients and RADIUS. This helps prevent getting the user password by sniffing unsecure network. RADIUS accounting is designed for RADIUS authenticated users. When a user logs in to the device, the device sends an accounting packet to the RADIUS accounting server to begin accounting. During login, the device sends accounting update packets to the RADIUS accounting server. When the user exits from the device, no accounting packet is sent to the RADIUS accounting server. These packets contain the login time. With these packets, the RADIUS accounting server can record the access time and operation of each user.
9.1.3 TACACS+
Terminal Access Controller Access Control System (TACACS+) is a network access authentication protocol, similar to RADIUS. Compared with RADIUS, TACACS+ has the following features:
Use TCP port 49, providing the higher transmission reliability. RADIUS uses a UDP port. Encapsulate the whole standard TACACS+ packet but for the TACACS+ header, providing the higher security. RADIUS encapsulates the user password only. Separate TACACS+ authentication from TACACS+ authorization and TACACS+ accounting, providing a more flexible deployment mode.
Therefore, compared with RADIUS, TACACS+ is more secure and reliable. However, as an open protocol, RADIUS is more widely-used.
Unknown unicast traffic: the unicast traffic whose destination MAC address is not in MAC address table. It is broadcasted by Layer 2 devices.
Raisecom Technology Co., Ltd. 252
9 Security
Multicast traffic: the traffic whose destination MAC address is a multicast MAC address. Generally, it is broadcasted by Layer 2 devices. Broadcast traffic: the traffic whose destination MAC address is a broadcast MAC address. It is broadcasted by Layer 2 devices.
IP ACL: make classification rules based on properties of packets, such as source/destination IP address carried by the IP header of packets or used TCP/UDP port ID. MAC ACL: make classification rules based on Layer 2 information, such as source MAC address, destination MAC address, or Layer 2 protocol type carried by the Layer 2 frame header of packets. MAP ACL: compared with IP ACL and MAC ACL, MAP ACL can define more protocols and more detailed protocol fields. In addition, it can be used to match any byte in first 64 packets of a Layer 2 data frame based on user's definition.
Based on real scenarios, ACL can be applied based on the whole device, interface, flow from the ingress interface to the egress interface, or VLAN.
Prerequisite
N/A
Command
Description Enter global configuration mode. Create IP ACL and define the matching rule.
253
9 Security
Command
Description Enter global configuration mode. Create MAC ACL and define the matching rule.
Description Enter global configuration mode. Create the MACP ACL and enter ACLMAP configuration mode. (Optional) define the matching rule of source or destination MAC address. By default, the MAC address is not matched. (Optional) define the matching rule of CoS value. By default, the CoS value is not matched. (Optional) define the matching rule of Ethernet frame type. By default, the Ethernet frame type is not matched.
mask
value
Raisecom(config-aclmap)#match ethertype ethertype [ ethertype-mask ]
Raisecom(config-aclmap)#match { arp | eapol | flowcontrol | ip | ipv6 | loopback | mpls-unicast | mplsmulticast | pppoe | pppoedisc | slowprotocol | x25 | x75 } Raisecom(config-aclmap)#match arp opcode { reply | request }
(Optional) define the matching rule of upper protocol carried by Layer 2 packet header.
(Optional) define the matching rule of ARP type (replay packet/request packet). By default, the ARP type is not matched.
(Optional) define the matching rule of ARP MAC address. By default, the ARP MAC address is not matched.
Raisecom(config-aclmap)#match arp { sender-ip | target-ip } ip-address [ mask ] Raisecom(config-aclmap)#match ip { destination-address | sourceaddress } ip-address [ mask ]
(Optional) define the matching rule of ARP IP addresses. By default, the ARP IP address is not matched. (Optional) define the matching rule of source or destination IP address. By default, the IP address is not matched.
254
10
9 Security
Step 11
Command
Raisecom(config-aclmap)#match ip precedence { precedence-value | critical | flash | flash-override | immediate| internet | network | priority | routine } Raisecom(config-aclmap)#match ip tos { tos-value | max-reliability | maxthroughput | min-delay | min-monetarycost | normal } Raisecom(config-aclmap)#match ip dscp { dscp-value | af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41| af42 |af43 | cs1 | cs2 | cs3 | cs4 | cs5 | cs6 | cs7| default | ef } Raisecom(config-aclmap)#match ip protocol { protocol-id | ahp | esp | gre | icmp | igmp | igrp |ipinip | ospf | pcp | pim | tcp | udp } Raisecom(config-aclmap)#match ip tcp { destination-port | source-port } { port-id | bgp | domain | echo | exec | finger | ftp | ftp-data | gopher | hostname | ident | irc | klogin | kshell | login | lpd | nntp | pim-autorp | pop2 | pop3 | smtp | sunrpc | syslog | tacacs | talk | telnet | time | uucp | whois | www } Raisecom(config-aclmap)#match ip tcp { ack | fin | psh | rst | syn | urg } Raisecom(config-aclmap)#match ip udp { destination-port | source-port } { port-id | biff | bootpc | bootps | domain | echo | mobile-ip | netbios-dgm | netbios-ns | netbios-ss | ntp | pimauto-rp | rip | snmp | snmptrap | sunrpc | syslog | tacacs | talk | tftp | time | who } Raisecom(config-aclmap)#match ip icmp icmp-type [ icmp-code ]
Description (Optional) define the matching rule of IP precedence. By default, the IP precedence is not matched. (Optional) define the matching rule of IP ToS value. By default, the IP ToS value is not matched. (Optional) define the matching rule of IP DSCP value. By default, the IP DSCP value is not matched. (Optional) define the matching rule of IP protocol value. By default, the IP protocol value is not matched. (Optional) define the matching rule of TCP port ID. By default, the TCP port ID is not matched.
12
13
14
15
16
(Optional) define the matching rule of TCP flag. By default, the TCP flag is not matched. (Optional) define the matching rule of UDP port ID. By default, the UDP port ID is not matched.
17
18
(Optional) define the matching rule of ICMP packet type. By default, the ICMP packet type is not matched.
19
20
Raisecom(config-aclmap)#match ip igmp { igmp-type | dvmrp | leave-v2| pim-v1 | query | report-v1 | report-v2 | report-v3 } Raisecom(config-aclmap)#match ip nofragments
(Optional) define the matching rule of IGMP packet type. By default, the IGMP packet type is not matched. (Optional) define the IP packet matching nonfragment IP packet. By default the IP packet does not match the nonfragment IP packet.
255
9 Security
Step 21 22 23 24
Command
Raisecom(config-aclmap)#match { cvlan | svlan } vlan-id Raisecom(config-aclmap)#match { tunnel | vc } exp exp Raisecom(config-aclmap)#match { tunnel | vc } label label-id Raisecom(config-aclmap)#match userdefine rule-string rule-mask offset
Description Define the matching rule based on VLAN IDs of packets. (Optional) define the matching rule of Tunnel/VC-based MPLS priority. (Optional) define the matching rule of Tunnel/VC-based MPLS label value. (Optional) define the matching rule of customized fields. Use the rule mask and the offset parameters to extract 2364 bytes from the first 64 bytes of a data frame and then use the customized rule to filter matched data frame for process. For example, to filter all TCP packets, you can set the rule, rule mask, and offset to 06, FF and 27 respectively. In this case, the rule mask cooperates with offset to extract TCP ID from received data frames and then use the rule to filer all TCP packers.
The rule must even number of hexadecimal digits. The offset includes the 802.1q VALN Tag field, even the received packet is an untag one.
ACL cannot take effect on the iTN165-CES unless it is added to the filter. Multiple ACL matching rules can be added to the filter to form multiple filtering rules. When you configure a flow-based filter, the sequence to add ACL rules decides their priorities. The later an ACL rule is added, the higher the priority is. If ACL rules are exclusive, the ACL rule with the highest priority takes effect. Therefore, you must arrange their sequence reasonably to filter packets properly.
Description Enter global configuration mode. Configure device-based filtering. If the statistics parameter is configured, the device makes a statistics based on the filtering rule.
256
9 Security
Step 3
Command
Raisecom(config)#filter enable
Description Enable the filter to make filtering valid. After the filter is enabled, not only configured filtering rules take effect but the ones to be configured take effect immediately. By default, the filter is disabled.
Description Enter global configuration mode. Configure interface-based filtering. If the statistics parameter is configured, the device makes a statistics based on the filtering rule.
interface-type interface-list
Enable the filter to make filtering valid. After the filter is enabled, not only configured filtering rules take effect but the ones to be configured take effect immediately. By default, the filter is disabled.
Description Enter global configuration mode. Configure filtering based on the flow from the ingress interface to the egress interface. If the statistics parameter is configured, the device makes a statistics based on the filtering rule.
Enable the filter to make filtering valid. After the filter is enabled, not only configured filtering rules take effect but the ones to be configured take effect immediately. By default, the filter is disabled.
257
9 Security
Step 2
Command
Raisecom(config)#filter{ ip-accesslist| mac-access-list | accesslist-map } { acl-list | all } vlan vlan-id [ double-tagging inner ][ invalid | valid | statistics ] Raisecom(config)#filter enable
Description Configure VLAN-based filtering. If the statistics parameter is configured, the device makes a statistics based on the filtering rule.
Enable the filter to make filtering valid. After the filter is enabled, not only configured filtering rules take effect but the ones to be configured take effect immediately. By default, the filter is disabled.
Description Show IP ACL configurations. Show MAC ACL configurations. Show MAP ACL configurations. Show filter configurations.
Prerequisite
N/A
Description Specify the IP address and port ID of the RADIUS authentication server. The backup parameter is used to specify a backup RADIUS authentication server.
Raisecom Technology Co., Ltd. 258
9 Security
Step 2 3
Command
Raisecom#radius-key string
Description Configure the shared key for RADIUS authentication. Configure the authentication mode for login when RADIUS authentication is applied. Configure the authentication mode for entering privileged EXEC mode when RADIUS authentication is applied.
Raisecom#user login { local-user | radius-user | local-radius | radiuslocal [ server-no-response ] } Raisecom#enable login { local-user | radius-user | local-radius | radiuslocal [ server-no-response ] }
Description Enable RADIUS accounting. By default, RADIUS accounting is disabled. Specify the IP address and port ID of the RADIUS accounting server. By default, the UDP port ID is set to 1813. The backup parameter is used to specify a backup RADIUS accounting server. Configure the shared key used for communicating with the RADIUS accounting server. The shared key must be identical to the one configured on the RADIUS accounting server. Otherwise, accounting operation fails. By default, the shared key is empty.
string
Configure the processing policy for accounting failure. By default, the processing policy is set to online. In indicates that users are allowed to log in if accounting operation fails. Configure the interval for sending accounting update packets. If the interval is set to 0, it indicates that no accounting update packet is sent. By default, the interval for sending accounting update packets is set to 0.
With the accounting begin packet, accounting update packet, and accounting end packet, the RADIUS server can record the access time and operations of each user.
259
9 Security
Prerequisite
N/A
Command
Raisecom#tacacs-server [ backup ] ip-
Description Specify the IP address and port ID of the TACACS+ authentication server. The backup parameter is used to specify a backup TACACS+ authentication server.
2 3
Configure the shared key for TACACS+ authentication. Specify the IP address and port ID of the TACACS+ accounting server. The backup parameter is used to specify a backup TACACS+ accounting server.
Raisecom#user login { local-user | tacacs-user | local-tacacs | tacacslocal [ server-no-response ] } Raisecom#enable login { local-user | tacacs-user | local-tacacs | tacacslocal [ server-no-response ] }
Configure the authentication mode for login when TACACS+ authentication is applied. Configure the authentication mode for entering privileged EXEC mode when TACACS+ authentication is applied.
260
9 Security
Unknown unicast traffic: the unicast traffic whose destination MAC address is not in MAC address table. It is broadcasted by Layer 2 devices. Multicast traffic: the traffic whose destination MAC address is a multicast MAC address. Generally, it is broadcasted by Layer 2 devices. Broadcast traffic: the traffic whose destination MAC address is a broadcast MAC address. It is broadcasted by Layer 2 devices.
Prerequisite
Before configuring storm control, you need to connect interfaces and configure physical parameters of interfaces. Make the physical layer Up.
Description Enter global configuration mode. Enable storm control on broadcast traffic, multicast traffic, and unknown unicast traffic. By default, storm control is enabled on broadcast traffic while is disabled on multicast traffic and unknown unicast traffic. Configure the threshold. By default, the storm control threshold is set to 1024 pps.
type interface-list
261
9 Security
9.6 Maintenance
Command
Raisecom(config)#clear filter statistics
Configuration steps
Step 1 Configure IP ACL.
262
9 Security
Raisecom#write
Checking results
Use the show ip-access-list command to show IP ACL configurations.
Raisecom#show ip-access-list Src Ip: Source Ip Address Src Ip Mask: Source Ip Address Mask Dest Ip: Destination Ip Address Dest Ip Mask: Destination Ip Address Mask List Access Protocol Ref. Src Ip Src Ip Mask:Port Dest Ip Dst Ip Mask:Port ------------------------------------------------------------------------------------------------------1 deny IP 1 192.168.1.1 255.255.225.0:0 192.168.1.100 255.255.255.0:0 2 permit IP 1 0.0.0.0 0.0.0.0:0 0.0.0.0 0.0.0.0:0
Raisecom#show filter Rule filter: Enable Filter list(In accordance with the priority from low to high): ACL-Index IPort EPort VLAN VLANType Hardware Valid StatHw Pkts ------------------------------------------------------------------------IP 1 client1 ---Yes Yes No -IP 2 client1 ---Yes Yes No --
9 Security
Configuration steps
Step 1 Authenticate login users through RADIUS.
Raisecom#aaa accounting login enable Raisecom#radius accounting-server 192.168.1.1 Raisecom#radius accounting-server key raisecom Raisecom#aaa accounting fail offline Raisecom#aaa accounting update 120
Raisecom#write
Checking results
Use the show radius-server command to show RADIUS configurations.
Raisecom#show radius-server Authentication server IP: 192.168.1.1 port:1812 Backup authentication server IP:0.0.0.0 port:1812 Authentication server key: raisecom Accounting server IP: 192.168.1.1 port:1813 Backup accounting server IP: 0.0.0.0 port:1813 Accounting server key: raisecom Accounting login: enable Update interval: 120 Accounting fail policy: offline
264
9 Security
Configuration steps
Step 1 Authenticate login users through TACACS+.
Raisecom#write
Checking results
Use the show tacacs-server command to show TACACS+ configurations.
Raisecom#show tacacs-server Server Address: 192.168.1.1 Backup Server Address: -Sever Shared Key: raisecom Accounting server Address: -Backup Accounting server Address: -Total Packet Sent: 0 Total Packet Recv: 0 Num of Error Packets: 0
265
9 Security
Configuration steps
Step 1 Configure storm control on iTN A.
Raisecom#config Raisecom(config)#storm-control broadcast enable line 1-2 Raisecom(config)#storm-control dlf enable line 1-2 Raisecom(config)#storm-control pps 2000
Raisecom#write
Checking results
Use the show storm-control command to show storm control configurations.
Raisecom#show storm-control Threshold: 2000 pps Interface Broadcast Multicast Unicast -----------------------------------------------------------
266
9 Security
267
10 QoS
10
QoS
This chapter describes principles and configuration procedures of QoS, as well as related configuration examples, including following sections:
Introduction Configuring priority trust and priority mapping Configuring traffic classification and traffic policy Configuring queue scheduling Configuring congestion avoidance and queue shaping Configuring rate limiting based on interface and VLAN Maintenance Configuration examples
10.1 Introduction
Generally, Internet (IPv4), which bases on the storage-and-forward mechanism, only provides "best-effort" service for users. When the network is overloaded or congested, this service mechanism cannot ensure to transmit packets timely and completely. With the ever-growing of network application, users bring different service quality requirements on network application. Then network should distribute and schedule resources for different network applications according to users' demands. Quality of Service (QoS) can ensure real-time and integrated service when network is overloaded or congested and guarantee that the whole network runs high-efficiently. QoS consists of a number of traffic management technologies:
Priority trust Priority mapping Traffic classification Traffic policy Queue scheduling Congestion avoidance Queue shaping Rate limiting based on interface and VLAN
Raisecom Technology Co., Ltd. 268
10 QoS
Figure 10-1 shows the application of QoS. Figure 10-1 Application of QoS
The local priority refers to an internal priority that is assigned to packets. It is related to the queue number on the egress interface. The bigger the value is, the more quickly the packet is processed. The iTN165-CES supports performing priority mapping based on the DSCP priority of IP packets or the CoS priority of VLAN packets. By default, the mapping relationship between the iTN165-CES local priority and DSCP, CoS priorities is listed in Table 10-1 and Table 10-2.
269
10 QoS
Table 10-1 Mapping relationship between local priority and DSCP priority Local DSCP 0 07 1 815 2 1623 3 2431 4 3239 5 4047 6 4855 7 5663
Table 10-2 Mapping relationship between local priority and CoS priority Local CoS 0 0 1 1 2 2 3 3 4 4 5 5 6 6 7 7
270
10 QoS
CoS priority
IEEE802.1Q-based VLAN packets are a modification of Ethernet packets. A 4-byte 802.1Q header is added between the source MAC address and protocol type, as shown in Figure 10-5. The 802.1Q header consists a 2-byte Tag Protocol Identifier (TPID, valuing 0x8100) filed and a 2-byte Tag Control Information (TCI) field. Figure 10-5 Structure of VLAN packet
The first 3 bits of the TCI field represent the CoS priority, which ranges from 0 to 7, as shown in Figure 10-6. CoS priority is used to ensure service quality in Layer 2 network. Figure 10-6 Structure of CoS priority
271
10 QoS
Redirection
Redirection refers that a packet is not forwarded according to the mapping relationship between the original destination address and the interface. Instead, the packet is redirected to a specified interface for forwarding, realizing routing based on traffic policy. The iTN165-CES supports redirection based on the flow.
Re-marking
Re-marking refers to re-configuring some priority fields for some packets, so that devices can re-classify packets based on their own standards. In addition, downstream nodes can provide differentiated QoS services depending on re-marking information. The iTN165-CES supports performing re-remarking on the following priority fields of packets:
ToS priority of IP packets DSCP priority of IP packets CoS priority of VLAN packets
SP: the device strictly schedules packets in a descending order of priority. Packets with lower priority cannot be scheduled until packets with higher priority are scheduled, as shown in Figure 10-7.
272
10 QoS
WRR: on the basis of scheduling packets in a polling manner according to the priority, the device schedules packets according to the weight of the queue, as shown in Figure 10-8.
DRR: on the basis of scheduling packets in a polling manner according to the priority, the device schedules packets according to the weight of the queue. In addition, during the scheduling, if one queue has redundant bandwidth, the device will temporarily assign this bandwidth to another queue. During next scheduling, the assigned schedule will return equal bandwidth to the original queue, as shown in Figure 10-9.
SP+WRR: a scheduling mode combining the SP scheduling and WRR scheduling. In this mode, queues on an interface are divided into 2 groups. You can specify the queues where SP scheduling/WRR scheduling is performed. SP+DRR: a scheduling mode combining the SP scheduling and DRR scheduling. In this mode, queues on an interface are divided into 2 groups. You can specify the queues where SP scheduling/DRR scheduling is performed.
273
10 QoS
RED
The Random Early Detection (RED) technology discards packets randomly and makes multiple TCP connection not reduce transport speed simultaneously to avoid TCP global synchronization. The RED algorithm set a minimum threshold and maximum threshold for length of each queue. In addition:
Packets are not discarded when the queue length is smaller than the minimum threshold. All received packets are discarded when the queue length is greater than the maximum threshold. Packets to be received are discarded randomly when the queue length is between the minimum and maximum thresholds. Add a random number to the packet to be received and compare the random number with the drop ratio of the current queue. If the random number is greater than the drop ration, the packet is discarded. The greater the queue size is, the higher the packet drop probability is.
WRED
The Weighted Random Early Detection (WRED) technology also discards packets randomly to avoid TCP global synchronization. However, the random drop parameter generated by WRED technology is based on the priority. WRED differentiates drop policies through the color of packets. This helps ensure that high-priority packets have a smaller packet drop probability. The iTN165-CES performs congestion avoidance based on WRED.
10 QoS
Prerequisite
Ensure the related interfaces Up.
Description Enter global configuration mode. Enable global QoS. By default, the global QoS is enabled.
3 4
Raisecom(config)#interface
interface-type interface-number
Raisecom(config-port)#mls qos trust { cos | dscp }
Enter physical layer interface configuration mode. Configure the priority trusted by an interface. By default, the interface trusts the CoS priority.
275
10 QoS
Description Enter global configuration mode. Enable global QoS. By default, the global QoS is enabled.
3 4
Raisecom(config)#mls qos mapping dscp-mutation profile-id Raisecom(dscp-mutation)#dscp dscp-value to new-dscp dscp-value Raisecom(dscp-mutation)#exit Raisecom(config)#interface
Create the DSCP re-marking profile and enter dscpmutation configuration mode. Re-mark the DSCP priority of specified packets and return to global configuration mode. Enter physical layer interface configuration mode. Apply the DSCP re-marking profile to an interface.
5 6
interface-type interface-number
Raisecom(config-port)#mls qos dscp-mutation profile-id
10.2.4 Configuring mapping relationship between DSCP priority and local priority
Step 1 2
Raisecom#config Raisecom(config)#mls qos enable
Command
Description Enter global configuration mode. Enable global QoS. By default, the global QoS is enabled.
Create the DSCP-to-local priority (color) mapping profile and enter dscp-to-pri configuration mode. Configure the DSCP-to-local priority (color) mapping profile and return to global configuration mode. Apply the DSCP-to-local priority (color) mapping profile in global configuration mode. Enter physical layer interface configuration mode. Apply the DSCP-to-local priority (color) mapping profile to an interface.
5 6 7
Raisecom(dscp-to-pri)#dscp dscp-value to local-priority localpri-value [ color { green | red | yellow } ] Raisecom(dscp-to-pri)#exit Raisecom(config)#mls qos dscp-to-localpriority profile-id Raisecom(config)#interface interface-
type interface-number
Raisecom(config-port)#mls qos dscp-tolocal-priority profile-id
276
10 QoS
10.2.5 Configuring mapping relationship between CoS priority and local priority
Step 1 2
Raisecom#config Raisecom(config)#mls qos enable
Command
Description Enter global configuration mode. Enable global QoS. By default, the global QoS is enabled.
Create the CoS-to-local priority (color) mapping profile and enter cos-to-pri configuration mode. Configure the CoS-to-local priority (color) mapping profile and return to global configuration mode. Enter physical layer interface configuration mode. Apply the CoS-to-local priority (color) mapping profile to an interface.
5 6
Raisecom(cos-to-pri)#cos cos-value to local-priority localpri-value [ color { green | red | yellow } ] Raisecom(dscp-to-pri)#exit Raisecom(config)#interface interface-
type interface-number
Raisecom(config-port)#mls qos cos-tolocal-priority profile-id
10.2.6 Configuring mapping relationship between local priority and CoS priority
Step 1 2 Command
Raisecom#config Raisecom(config)#mls qos enable
Description Enter global configuration mode. Enable global QoS. By default, the global QoS is enabled.
3 4
Raisecom(config)#mls qos mapping cos-remark profile-id Raisecom(cos-remark)#local-priority localpri-value to cos cos-value Raisecom(cos-remark)#exit Raisecom(config)#mls qos cos-remark
Create the local-to-CoS mapping profile and enter cos-remark configuration mode. Configure the mapping relationship between the local priority and CoS priority and return to global configuration mode. Apply the local-to-CoS mapping profile in global configuration mode. Enter physical layer interface configuration mode. Apply the local-to-CoS mapping profile to an interface.
5 6 7
profile-id
Raisecom(config)#interface
interface-type interface-number
Raisecom(config-port)#mls qos cosremark profile-id
277
10 QoS
Description Show global QoS configurations or QoS configurations on an interface. Show information about the CoS-to-local priority (color) mapping profile on an interface. Show information about the DSCP-to-local priority (color) mapping profile on an interface. Show information about the CoS-to-local priority (color) mapping table on an interface. Show information about the CoS-to-local priority (color) mapping profile. Show information about the DSCP-to-local priority (color) mapping table on an interface. Show information about the DSCP-to-local priority (color) mapping profile. Show information about the local-to-queue mapping table. Show information about the DSCP remarking profile on an interface. Show information about all/specified DSCP re-marking profiles. Show information about local-to-CoS mapping profiles. Show information about the local-to-CoS mapping profile on an interface.
interface-type interface-list
Raisecom#show mls qos dscp-to-local-priority
interface-type interface-list
Raisecom#show mls qos mapping cos interface-
type interface-list
Raisecom#show mls qos mapping cos-to-localpriority [ profile-id ] Raisecom#show mls qos mapping dscp
5 6
interface-type interface-list
Raisecom#show mls qos mapping dscp-to-localpriority [ profile-id ] Raisecom#show mls qos mapping local-priority
7 8 9 10 11 12
interface-type interface-number
Raisecom#show mls qos mapping dscp-mutation [ profile-id ] Raisecom#show mls qos mapping cos-remark [ profile-id ] Raisecom#show mls qos cos-remark interface-
type interface-number
10 QoS
After configurations, the traffic classification cannot take effect until being bound to traffic policy. The selection of traffic policy depends on the packet status and current network load status. In general, when a packet is sent to the network, you need to limit the speed according to Committed Information Rate (CIR) and re-mark the packet according to the service feature.
Prerequisite
To perform traffic classification based on the priority of packets, you need to configure priority trust.
Description Enter global configuration mode. Enable global QoS. By default, the global QoS is enabled.
3 4
Raisecom(config)#class-map classmap-name { match-all | match-any } Raisecom(config-cmap)#match { access-list-map | ip-access-list | mac-access-list } acl-number Raisecom(config-cmap)#match cos cos-
Create traffic classification and enter traffic classification configuration mode. (Optional) configure traffic classification based on ACL rules. For configurations on ACL see section 9.2 Configuring ACL. (Optional) configure traffic classification based on CoS priority of VLAN packets. (Optional) configure traffic classification based on DSCP priority of IP packets. (Optional) configure traffic classification based on ToS priority of IP packets. (Optional) configure traffic classification based on VLAN ID of VLAN packets/inner VLAN ID of QinQ packets. (Optional) configure traffic classification based on the inner/outer VLAN ID of QinQ packets. (Optional) configure traffic classification based on the above traffic classification rules. The class-mapname parameter is the name of other created traffic classification.
5 6 7 8
value
Raisecom(config-cmap)#match ip dscp
dscp-value
Raisecom(config-cmap)#match ip precedence ip-precedence-value Raisecom(config-cmap)#match vlan vlan-id [ double-tagging inner ]
9 10
279
10 QoS
On the traffic policing profile, you can configure rate limiting rules or perform relate operations on specified packets based on the color. Step 1 2
Raisecom#config Raisecom(config)#mls qos policer-profile policer-name [ aggregate | class | single ] Raisecom(traffic-policer)#cir cir cbs cbs [ [ eir eir ] ebs ebs [ coupling ] | pir pir pbs pbs ]
Command
Description Enter global configuration mode. Create the traffic policing profile and enter traffic policing profile configuration mode. (Optional) configure rate limiting parameters on the traffic policing profile. You can select the working mode of the traffic policing profile as required. If you specify any optional parameter, the iTN165-CES works in single traffic policing profile mode, where only red and green packets are supported. Otherwise, the iTN165-CES works in dual traffic policing profile mode, where red, yellow, and green packets are supported. (Optional) configure the color-mode of the traffic policing profile. By default, the traffic policing profile works in blind mode.
6 7
Raisecom(traffic-policer)#recolor { green-recolor { red | yellow } | redrecolor { green | yellow } | yellowrecolor { green | red } } Raisecom(traffic-policer)#drop-color { red [ yellow ] | yellow } Raisecom(traffic-policer)#set-cos { green cos-value [ red cos-value | yellow cosvalue [ red cos-value ] ] | red cos-value | yellow cos-value [ red cos-value ] } Raisecom(traffic-policer)#set-dscp { green dscp-value [ red dscp-value | yellow dscp-value [ red dscp-value ] ] | red dscp-value | yellow dscp-value [ red dscp-value ] } Raisecom(traffic-policer)#set-pri { green local-value [ red local-value | yellow local-value [ red local-value ] ] | red local-value | yellow local-value [ red local-value ] }
(Optional) discard packets with specified color. (Optional) configure the mapping relationship between packet color and CoS priority.
(Optional) configure the mapping relationship between packet color and DSCP priority.
(Optional) configure the mapping relationship between packet color and local priority.
280
10 QoS
Step 1 2
Command
Raisecom#config Raisecom(config)#policy enable
Description Enter global configuration mode. Enable traffic policy. By default, traffic policy is disabled.
3 4 5
Raisecom(config)#policy-map policy-
map-name
Raisecom(config-pmap)#description
Create a traffic policy and enter traffic policy configuration mode. (Optional) configure descriptions about the traffic policy. Bind the traffic classification to the traffic policy. Perform traffic policy on packets that match the traffic classification.
description
Raisecom(config-pmap)#class-map
class-map-name
To bind traffic classification to a traffic policy, you should create and configure traffic classification in advance. In addition, the created traffic classification must be based on at least one kind of rules. Otherwise, the binding operation fails. 6
Raisecom(config-pmap-c)#police
policer-name
(Optional) apply the configured traffic policing profile under the traffic classification and limit the rate of traffic based on the rule configured in the traffic policing profile. For details about the traffic policing profile, see section 10.3.3 Creating and configuring traffic policing profile. (Optional) add the outer VLAN under the traffic classification. (Optional) configure redirection rules under traffic classification to forward matched packets from the specified interface. (Optional) configure re-marking rules under traffic classification to modify the CoS priority, local priority, inner VLAN ID, DSCP priority, and ToS priority of matched packets.
7 8
interface-type interface-number
10
Raisecom(config-pmap-c)#set { cos cos-value | local-priority priorityvalue | inner-vlan inner-vlan-id | ip dscp ip-dscp-value | ip precedence ip-precedence-value | vlan vlan-id } Raisecom(config-pmap-c)#statistics enable
(Optional) configure traffic statistics rules under traffic classification to count traffic of matched packets. (Optional) bind hierarchical rate limiting rules under different traffic classification to control the total speed of packets in these traffic classifications. Configure the mirroring feature of traffic to mirror matched packets to the monitor port. Return to traffic policy configuration mode.
281
11
Raisecom(config-pmap-c)#hierarchypolice policer-name
12 13
Raisecom(config-pmap-c)#copy-tomirror Raisecom(config-pmap-c)#exit
10 QoS
Step
Command
Raisecom(config-pmap)#exit Raisecom(config)#service-policy policy-map-name ingress interface-
Description Return to global configuration mode. Apply the configured traffic policy to the ingress interface. Apply the configured traffic policy to the ingress and egress interfaces.
type interface-number
Raisecom(config)#service-policy policy-map-name ingress interfacetype interface-number egress
interface-type interface-number
Raisecom(config)#service-policy policy-map-name egress interface-
type interface-number
Description Show configurations on specified traffic classification rules. Show configurations on specified traffic policy. Show configurations on rate limiting rules or traffic policing profiles in QoS. Show statistics about applied policies. Show configurations on rate limiting rules in QoS.
3 4 5
10 QoS
Prerequisite
To configure local priority and queue scheduling, you need to configure priority trust.
Command
Description Enter global configuration mode. Enter physical layer interface configuration mode. Set the scheduling mode to SP.
interface-number
Raisecom(config-port)#mls qos queue scheduler sp
Description Enter global configuration mode. Enter physical layer interface configuration mode. Set the scheduling mode to WRR. Set the scheduling mode to WRR and configure the weight for all queues. When the priority of some queue is set to 0, perform SP scheduling on the queue.
interface-type interface-number
Raisecom(config-port)#mls qos queue scheduler wrr Raisecom(config-port)#mls qos queue wrr weight1 weight2 weight3 weight4
Description Enter global configuration mode. Enter physical layer interface configuration mode. Set the scheduling mode to DRR. Set the scheduling mode to DRR and configure priorities for all queues. When the priority of some queue is set to 0, perform SP scheduling on the queue.
interface-type interface-number
Raisecom(config-port)#mls qos queue scheduler drr Raisecom(config-port)#mls qos queue drr weight1 weight2 weight3 weight4
283
10 QoS
type interface-list
Prerequisite
N/A
Description Enter global configuration mode. Enable WRED. By default, WRED is disabled. Create the WRED profile and enter WRED profile configuration mode. Configure the WRED profile and return to global configuration mode.
profile-id
Raisecom(wred)#wred [ color { green | red | yellow } ] start-drop-threshold start-drop end-drop-threshold end-drop max-drop-probability max-drop Raisecom(wred)#exit Raisecom(config)#interface interface-
5 6 7
type interface-number
Raisecom(config-port)#mls qos queue queue-id wredprofile wredprofile-num Raisecom(config-port)#mls qos queue queue-id max-buffer length
Enter physical layer interface configuration mode. Apply the WRED profile to specified queues on an interface. Configure the queue size on an interface.
284
10 QoS
Description Enter global configuration mode. Enter physical layer interface configuration mode. (Optional) configure queue-based bandwidth guarantee without setting the EBS on an interface. (Optional) configure queue-based bandwidth guarantee with setting the EBS on an interface.
type interface-number
Raisecom(config-port)#mls qos queue queue-id shaping minband maxband Raisecom(config-port)#mls qos queue queue-id shaping cir minband [ cbs minburst ] eir maxband [ ebs maxburst ]
Description Show WRED profile configurations. Show WRED/WRED profile information on an interface. Show queue shaping configurations on an interface. Show queue size configurations on an interface.
number
3 4
Raisecom(config)#show mls qos queue shaping interface-type interface-number Raisecom#show mls qos queue max-buffer
interface-type interface-number
Prerequisite
To configure VLAN-/QinQ-based rate limiting, you need to create related VLANs.
285
10 QoS
Command
Description Enter global configuration mode. Configure interface-based rate limiting rules.
Command
Description Enter global configuration mode. (Optional) configure VLANbased rate limiting rules. (Optional) configure QinQ-based rate limiting rules.
Command
Description Enter global configuration mode. Configure rate limiting rules based on interface+VLAN.
2 3
Show VLAN-based rate limiting configurations. Show QinQ-based rate limiting configurations.
286
10 QoS
10.7 Maintenance
Command
Raisecom(config)#clear service-policy statistics Raisecom(config)#clear service-policy statistics interface-type interface-list Raisecom(config)#clear service-policy statistics { egress | ingress } interface-type interface-list [ class-map class-map-name ] Raisecom(config)#clear rate-limit statistics vlan [ vlan-id ]
Description Clear QoS packet statistics. Clear QoS packet statistics on an interface. Clear traffic statistics in a specified traffic classification direction. Clear VLAN-based rate limiting packet loss statistics.
For User A, provide 25 Mbit/s bandwidth; set the burst traffic to 100 Kbit/s and discard the redundant traffic. For User B, provide 35 Mbit/s bandwidth; set the burst traffic to 100 Kbit/s and discard the redundant traffic. For User C, provide 30 Mbit/s bandwidth; set the burst traffic to 100 Kbit/s and discard the redundant traffic.
287
10 QoS
Configuration steps
Step 1 Create and configure traffic classifications. Classify packets from different users based on the VLAN IDs.
Raisecom#config Raisecom(config)#mls qos enable Raisecom(config)#class-map usera Raisecom(config-cmap)#match vlan Raisecom(config-cmap)#exit Raisecom(config)#class-map userb Raisecom(config-cmap)#match vlan Raisecom(config-cmap)#exit Raisecom(config)#class-map userc Raisecom(config-cmap)#match vlan Raisecom(config-cmap)#exit
Step 2 Create traffic policing profiles and configure rate limiting rules.
Raisecom(config)#mls qos policer-profile usera single Raisecom(traffic-policer)#cir 25000 cbs 100 Raisecom(traffic-policer)#drop-color red Raisecom(traffic-policer)#exit Raisecom(config)#mls qos policer-profile userb single Raisecom(traffic-policer)#cir 35000 cbs 100 Raisecom(traffic-policer)#drop-color red Raisecom(traffic-policer)#exit Raisecom(config)#mls qos policer-profile userc single Raisecom(traffic-policer)#cir 30000 cbs 100 Raisecom(traffic-policer)#drop-color red
288
10 QoS
Raisecom(config)#policy-map usera Raisecom(config-pmap)#class-map usera Raisecom(config-pmap-c)#hierarchy-police usera Raisecom(config-pmap-c)#exit Raisecom(config-pmap)#exit Raisecom(config)#service-policy usera ingress client 1 Raisecom(config)#policy-map userb Raisecom(config-pmap)#class-map userb Raisecom(config-pmap-c)#hierarchy-police userb Raisecom(config-pmap-c)#exit Raisecom(config-pmap)#exit Raisecom(config)#service-policy userb ingress client 2 Raisecom(config)#policy-map userc Raisecom(config-pmap)#class-map userc Raisecom(config-pmap-c)#hierarchy-police userc Raisecom(config-pmap-c)#exit Raisecom(config-pmap)#exit Raisecom(config)#service-policy userc ingress client 3
Raisecom(config)#write
Checking results
Use the show class-map command to show traffic classification configurations.
Raisecom#show class-map usera Class Map match-any usera (id 0) Match vlan 1 Raisecom#show class-map userb Class Map match-any userb (id 1) Match vlan 2 Raisecom#show class-map userc Class Map match-any userb (id 2) Match vlan 3
Use the show mls qos policer command to show rate limiting rule configurations.
289
10 QoS
Raisecom(config)#show policy-map usera Policy Map usera Class-map usera police usera Raisecom(config)#show policy-map userb Policy Map userb Class-map userb police userb Raisecom(config)#show policy-map userc Policy Map userc Class-map userc police userc
Perform SP scheduling on voice service to ensure that the traffic is first transmitted. Perform WRR scheduling on video service and set the weight to 50. Perform WRR scheduling on data service and set the weight to 20. In addition, you need to set the drop threshold to 50 to avoid network congestion caused by too large burst traffic.
290
10 QoS
Configuration steps
Step 1 Create the WRED profile.
Raisecom#config Raisecom(config)#mls qos wred enable Raisecom(config)#mls qos wred profile 1 Raisecom(wred)#wred start-drop-threshold 50 end-drop-threshold 90 maxdrop-probability 60 Raisecom(wred)#exit
Raisecom#config Raisecom(config)#mls qos enable Raisecom(config)#interface client 1 Raisecom(config-port)#mls qos trust Raisecom(config-port)#mls qos queue Raisecom(config-port)#mls qos queue Raisecom(config-port)#mls qos queue Raisecom(config-port)#exit Raisecom(config)#interface client 2 Raisecom(config-port)#mls qos trust Raisecom(config-port)#mls qos queue Raisecom(config-port)#mls qos queue Raisecom(config-port)#mls qos queue Raisecom(config-port)#exit Raisecom(config)#interface client 3 Raisecom(config-port)#mls qos trust Raisecom(config-port)#mls qos queue
cos 6 wredprofile 1
291
10 QoS
Step 3 Configure the mapping relationship between the CoS priority and local priority.
Raisecom(config)#mls qos mapping cos-to-local-priority 1 Raisecom(cos-to-pri)#cos 5 to local-priority 6 Raisecom(cos-to-pri)#cos 4 to local-priority 5 Raisecom(cos-to-pri)#cos 2 to local-priority 2 Raisecom(cos-to-pri)#exit Raisecom(config)#interface client 1 Raisecom(config-port)#mls qos cos-to-local-priority 1 Raisecom(config-port)#interface client 2 Raisecom(config-port)#mls qos cos-to-local-priority 1 Raisecom(config-port)#interface client 3 Raisecom(config-port)#mls qos cos-to-local-priority 1 Raisecom(config-port)#exit
Raisecom(config)#write
Checking results
Use the show mls qos mapping cos-to-local-priority command to show mapping relationship configurations on specified priorities.
Raisecom(config)#show mls qos mapping cos-to-local-priority G:GREEN Y:Yellow R:RED cos-to-localpriority(color) Index Description CoS: 0 1 2 3 4 5 6 ------------------------------------------------------------------1 localpri(color) :0(G) 1(G) 2(G) 3(G) 5(G) 6(G) 6(G)
7 7(G)
Use the show mls qos queue command to show queue scheduling configurations.
Raisecom Technology Co., Ltd. 292
10 QoS
Use the show mls qos wred profile command to show WRED profile configurations.
Raisecom#show mls qos wred profile GSDTGreen Start Drop Threshold GEDTGreen End Drop Threshold GDP Green Drop Probability YSDTYellow Start Drop Threshold YEDTYellow End Drop Threshold YDP Yellow Drop Probability RSDTRed Start Drop Threshold REDTRed End Drop Threshold RDP Red Drop Probability Index Description GSDT GEDT GDP YSDT YEDT YDP RSDT REDT RDP ----------------------------------------------------------------------------------------------------------1 50 90 60 50 90 60 50 90 60
293
10 QoS
For User A, provide 25 Mbit/s bandwidth; set the burst traffic to 100 Kbit/s and discard the redundant traffic. For User B, provide 35 Mbit/s bandwidth; set the burst traffic to 100 Kbit/s and discard the redundant traffic. For User C, provide 30 Mbit/s bandwidth; set the burst traffic to 100 Kbit/s and discard the redundant traffic.
Configuration steps
Step 1 Configure interface-based rate limiting.
Raisecom#config Raisecom(config)#rate-limit client 1 ingress 25000 100 Raisecom(config)#rate-limit client 2 ingress 35000 100 Raisecom(config)#rate-limit client 3 ingress 30000 100
Raisecom(config)#write
Checking results
Use the show rate-limit port-list command to show interface-based rate limiting configurations.
294
10 QoS
295
11
Introduction Managing files Load and upgrade Configuring system log Configuring alarm management Configuring CPU protection Configuring CPU monitoring Configuring RMON Configuring optical module DDM Configuring Loopback Configuring extended OAM Configuring LLDP Configuring fault detection Maintenance Configuration examples
11.1 Introduction
11.1.1 Management files
System files
System files are the software/files required for running, including the system Bootrom file, system configuration file, system startup file, and FPGA file. In general, these files are saved to the memory of the device. File management refers to backing up, upgrading, loading, and deleting system files.
Raisecom Technology Co., Ltd. 296
Configuration parameters used for initialization are initial configurations. Configuration parameters used when a device is running properly are current configurations.
You can modify current configurations through CLI. To make these modified current configurations as initial configurations when the device is powered on next time, you should save current configurations to the memory (by using the write command) to form a configuration file.
To resolve these problems, FTP load and TFTP load modes are introduced. The iTN165-CES supports the TFTP auto-loading mode. The TFTP auto-loading refers to downloading the configuration file from the server to the device through Trivial File Transfer Protocol (TFTP) for configuring the device.
297
The iTN165-CES supports saving commands related to load to the configuration file saved in the server. Therefore, the iTN165-CES can load configurations for multiple times. This helps load files in a complex network environment. The iTN165-CES provides multiple methods to acknowledge the name of the configuration file saved in the TFTP server:
Entering the name manually Getting the name through DHCP Client Using the default configuration file name
Upgrade
To resolve the following problems, you can upgrade the device:
Adding new features to the device Optimizing original functions Fixing Bugs of the current software version
BootROM FTP/TFTP
Console: send the log message to the local console through Console interface. Host: send the log message to the host. Monitor: send the log message to the monitor. Flash: send the log file to the Flash of the device.
In general, the system log is in a format of timestamp module-level- Message content An instance of the system log content is shows as below:
FEB-22-2005 14:27:33 CONFIG-7-CONFIG:USER "raisecom" Run "logging on" FEB-22-2005 06:46:20 CONFIG-6-LINK_D:port 2 Link Down FEB-22-2005 06:45:56 CONFIG-6-LINK_U:port 2 Link UP
298
The alarm is used to report some urgent and important events and notify them to the network administrator promptly, which provides strong support for monitoring device operation and diagnosing faults. The alarm is stored in the alarm buffer. Meanwhile, the alarm is generated to log information. If the NView NNM system is configured, the alarm will be sent to it through SNMP. The information sent to the NView NNM system is called Trap.
Classification of alarms
There are 3 kinds of alarms according to properties of an alarm:
Fault alarm: alarms generated because of hardware failure or anomaly of important functions, such as port Down alarm Recovery alarm: alarms generated when device failure or abnormal function returns to normal, such as port Up alarm; Event alarm: prompted alarms or alarms that are generated because the fault alarm and recovery alarm cannot be related, such as alarms generated because of failing to Ping.
Communication alarm: alarms related to the processing of information transmission, including alarms generated because of communication failure between Network Elements (NEs), NEs and NMS, or NMS and NMS Service quality alarm: alarms caused by service quality degradation, including congestion, performance decline, high resource utilization rate, and the bandwidth reducing Processing error alarm: alarms caused by software or processing errors, including software errors, memory overflow, version mismatching, and abnormal program aborts Environmental alarm: alarms caused by equipment location-related problems, including the temperature, humidity, ventilation. and other abnormal working conditions Device alarm: alarms caused by failure of physical resources, including the power supply, fan, processor, clock, input/output interface, and other hardware.
Alarm output
There are 3 alarm output modes:
Alarm buffer: alarms are recorded in tabular form, including the current alarm table and history alarm table.
Current alarm table: records alarms which are not cleared, acknowledged or restored. History alarm table: consists of acknowledged and restored alarms, recording the cleared, auto-restored, or manually acknowledged alarms.
Log: alarms are generated to system log when recorded in the alarm buffer, and stored in the alarm log buffer. Trap: alarms sent to the NView NNM system when the NView NNM system is configured
Alarms will be broadcasted according to various terminals configured on the iTN165-CES, including CLI terminal and NView NNM system. Log output of alarms starts with the symbol "#", and the output format is:
299
Table 11-1 describes alarm fields. Table 11-1 Alarm fields Field Index TimeStamp ModuleName Severity Name Arise From Description Alarm index Time when an alarm is generated Name of a module that generates an alarm Alarm level Alarm name Descriptions about an alarm Description
Alarm levels
The alarm level is used to identify the severity degree of an alarm. The level is defined in Table 11-2. Table 11-2 Alarm levels Level Critical (3) Description This alarm has affected system services and requires immediate troubleshooting. Restore the device or source immediately if they are completely unavailable, even it is not during working time. This alarm has affected the service quality and requires immediate troubleshooting. Restore the device or source service quality if they decline; or take measures immediately during working hours to restore all performances. This alarm has not influenced the existing service yet, which needs further observation and take measures at appropriate time so as to avoid more serious fault. This alarm will not affect the current service, but maybe the potential error will affect the service, so it can be considered as needing to take measures. Uncertain alarm level, usually the event alarm. This alarm shows to clear one or more reported alarms. Syslog 1 (Alert)
Major (4)
2 (Critical)
Minor (5)
3 (Error)
Warning (6)
4 (Warning)
5 (Notice) 5 (Notice)
300
Related concepts
Related concepts about alarm management are displayed as follows:
Alarm inhibition
The iTN165-CES only records root-cause alarms but incidental alarms when enabling alarm inhibition. For example, the generation of alarm A will inevitably produce alarm B, then alarm B is inhibited and does not appear in the alarm buffer or record the log information when enabling alarm inhibition. By enabling alarm inhibition, the iTN165-CES can effectively reduce the number of alarms. The root-cause alarm and all other incidental alarms will be recorded on the iTN165-CES when alarm inhibition is disabled.
Alarm auto-report
Auto-report refers that an alarm will be reported to the NView NNM system automatically with its generation and the NView NNM system does not need to query or synchronize alarms actively. You can set auto-report to some alarm, some alarm source, or the specified alarm from specified alarm source.
The alarm source refers to an entity that generates related alarms, such as interfaces, devices, or cards.
Alarm monitoring
When alarm monitoring is enabled, the alarm module will receive alarms generated by modules, and process them according to configurations of the alarm module, such as recording alarm in the alarm buffer, or recording system logs, etc.; When alarm monitoring is disabled, the alarm module will discard alarms generated by modules without follow-up treatment. In addition, alarms will not be recorded on the iTN165-CES.
You can perform alarm monitoring on some alarm, alarm source, or specified alarm from specified alarm source.
Alarm reverse refers to the device will report the information opposite to actual status when recording alarm information, or report the alarm when there is no alarm information. Not report if there is alarm information. Currently, the device is only in support of reverse mode configuration of the interface. There are three reverse modes to be set; the specific definitions are as follows:
Non-reverse mode
Set the alarm reverse mode of an interface as manual reverse mode, then no matter what the current alarm state is, the reported alarm state of the interface will be changed opposite to the actual alarm state immediately, that is to say, not report when there are alarms, report when
Raisecom Technology Co., Ltd. 301
there are not alarms actually. The interface will maintain the opposite alarm state regardless of the alarm state changes before the alarm reverse state being restored to non-reverse mode.
Auto-reverse mode
Set the alarm reverse mode as auto-reverse mode. If the interface has not actual reverse alarm currently, the setting will return fail; if the interface has actual reverse alarm, the setting is success and enter reverse mode, i.e. the interface reported alarm status is changed opposite to the actual alarm status immediately. After the alarm is finished, the enabling state of interface alarm reverse will ends automatically and changes to non-reverse alarm mode so that the alarm state can be reported normally in next alarm.
Alarm delay
Alarm delay refers that the iTN165-CES will record alarms and report them to the NView NNM system after a delay but not immediately when alarms generate. Delay for recording and reporting alarms are identical. By default, an alarm is reported after 0 seconds it is generated and an alarm is cleared after 0 seconds it is finished.
Alarm storage mode refers to how to record new generated alarms when the alarm buffer is full. There are two ways:
stop: stop mode, when the alarm buffer is full, new generated alarms will be discarded without recording. loop: loop mode, when the alarm buffer is full, the new generated alarms will replace old alarm information and take rolling records.
The current alarm list can record up to 1000 alarms and the historical alarm table can record up to 500 alarms. Use the configured storage mode to deal with newly-generated alarms when the alarm table is full.
Clearing alarms
Clear the current alarm, which means deleting current alarms from the current alarm table. The cleared alarms will be saved to the historical alarm table. In addition, a new all-alarm cleared record is generated.
Viewing alarms
The administrator can view alarms and monitor alarms directly on the iTN165-CES. If the iTN165-CES is configured with the NView NNM system, the administrator can monitor alarms on the NView NNM system.
The iTN165-CES supports dual power supplies. The power supply dying-gasp alarm is divided into single power supply dying-gasp alarm and dual power supply dying-gasp alarm.
Single power supply dying-gasp alarm: inform users that power supply 1/power supply 2 is powered off. saving to the temperature beyond threshold alarm table, sending Trap to the NView NNM system, and outputting to the system log.
Raisecom Technology Co., Ltd. 302
Device dying-gasp: 2 power supplies are powered off. Support outputting to system log only.
The device is in support of temperature beyond threshold alarm event, when the current temperature is lower than low temperature threshold, the low temperature alarm event will generate. The iTN165-CES supports saving to the temperature beyond threshold alarm table, sending Trap to the NView NNM system, and outputting to the system log. When the device current temperature is higher than high temperature threshold, the high temperature alarm event will generate. The iTN165-CES supports saving to the device hardware environment monitoring alarm table, sending Trap to the NView NNM system, and outputting to the system log.
The device is in support of voltage beyond threshold alarm event, when the current voltage is lower than low voltage threshold, the low voltage alarm event will generate. The iTN165-CES supports saving to the voltage beyond threshold alarm table, sending Trap to the NView NNM system, and outputting to the system log. When current voltage value of the monitored voltage is greater than the threshold, a high voltage alarm is generated. The iTN165-CES supports saving to the voltage beyond threshold alarm table, sending Trap to the NView NNM system, and outputting to the system log.
Interface link-fault alarm: link failure alarm refers to the peer link signal loss. The alarm event only aims at optical interface, but not electrical interface. Interface link-down alarm: interface status Down alarm.
The iTN165-CES supports saving these 2 alarm events to the device hardware environment monitoring alarm table, sending Trap to the NView NNM system, and outputting to the system log.
303
The iTN165-CES supports CPU protection. The packet sampling interval ranges from 0 to 65535s and the threshold ranges from 2 to 65535. The upper threshold is always greater than the lower threshold.
View CPU hold time and utilization rate of all tasks in each period (5 seconds, 1 minute, 10 minutes, or 2 hours). The total CPU utilization rate within each period can be displayed statically or dynamically. View the operating status of all tasks and the detailed operating status information of specified tasks. View historical CPU utilization rate within each period. View the dying gasp task information.
Within a specified sampling period, the system will generate an alarm and send Trap if CPU utilization rate is over the configured rising threshold or below the declining threshold. The Trap provides 5 task IDs and their CPU utilization rates of tasks which have the highest CPU utilization rate in the latest period (5 seconds, 1 minute, or 10 minutes).
11.1.7 RMON
Remote Network Monitoring (RMON) is a standard developed by the Internet Engineering Task Force (IETF). RMON is used to monitor network data through different Agents and NMS. RMON is an extension of SNMP. However, compared with SNMP, ROMN is more active and efficient for monitoring remote devices. The administrator can quickly trace faults generated on the network, network segments or devices. With RMON, the data traffic between the NMS and Agent is reduced greatly. In addition, RMON helps to effectively manage large-scale network, which eliminating SNMP restrictions across the increasing distributed network. At present, RMON realizes 4 function groups:
Statistics group: collect statistic information on each interface, including number of received packets and packet size distribution statistics. History group: similar with the statistics group, but it only collect statistic information in an assigned detection period. Alarm group: monitor an assigned MIB object, set the upper and lower thresholds in an assigned time interval, and trigger an event if the monitored object exceeds the threshold. Event group: cooperating with the alarm group, when alarm triggers an event, it records the event, such as sending Trap or writing it into the log, etc.
lifetime of the SFP module, isolate system faults, as well as verify the compatibility of the SFP module. The SFP module offers 5 performance parameters:
Temperature for the transceiver Internal Power Feeding Voltage (PFV) Launched bias current Launched optical power Received optical power
11.1.9 Loopback
As shown in Figure 11-1, interface loopback test (Loopback) is a common method for checking interface and network problems. Return the packets, which meet rules and related parameters defined by users, to the iTN B through Client 1 of iTN A. By counting packets transmitted and received by an interface, iTN B can detect the network connectivity. Figure 11-1 Interface loopback
Ingress packets: test packets received by Client 1 Egress packets: test packets returned to the peer device through Client 1
Loopback parameters
Loopback parameters include the source MAC address, destination MAC address, source IP address, destination IP address, SVLAN ID, and CVLAN ID. When you set a loopback parameter and enable loopback of the related rule, packets, which meet the parameter, will be used for loopback.
Loopback based on interface: packets entering this interface will be used for loopback. Loopback based on destination MAC address: packets, which enter the interface and whose destination MAC address is the loopback parameter, will be used for loopback.
305
Loopback based on source MAC address: packets, which enter the interface and whose source MAC address is the loopback parameter, will be used for loopback. Loopback based on destination IP address: packets, which enter the interface and whose destination IP address is the loopback parameter, will be used for loopback. Loopback based on source IP address: packets, which enter the interface and whose source IP address is the loopback parameter, will be used for loopback. Loopback based on CVLAN: packets, which enter the interface and whose CVLAN is the specified VLAN ID, will be used for loopback. Loopback based on SVLAN: packets, which enter the interface and whose SVLAN is the specified VLAN ID, will be used for loopback. Loopback based on Double-VLAN (DVLAN): packets, which enter the interface and whose CVLAN and SVLAN are specified VLAN IDs, will be used for loopback. Loopback based on source IP address and destination IP address: packets, which enter the interface and whose source IP address and destination IP address are specified IP addresses, will be used for loopback.
For multicast IP packets, when destination IP address translation is enabled, the destination IP address of egress packets are changed from the original multicast IP address to the source IP address of ingress packets. Namely. The multicast packets are changed to unicast packets to return to the peer. When destination IP address translation is disabled, the destination IP address of egress packets are the original multicast IP address. For broadcast IP packets, the destination IP address is changed to the source IP address of the ingress packets regardless of whether destination IP address translation is enabled or not.
The source IP address of all egress packets is always changed to the configured local IP address. By default, the local IP address of the iTN165-CES is set to 127.0.0.1.
306
Obtaining properties of remote devices: the local device can obtain properties, configurations, and statistics of remote devices. Configuring basic functions for remote devices: the local device can configure some functions for remote devices, including the host name, interface status, speed, duplex mode, bandwidth, and failover. Configuring network management parameters: the local device can configure network management parameters for remote devices that support SNMP, such as the IP address, gateway, management IP address, and read-write community. Therefore, the NView NNM system can manage remote devices. Sending remote Trap: when a Link Up/Down alarm is generated on a remote device, the remote device sends an extended OAM notification frame to the local device. The local device sends remote Trap to the NView NNM system. Rebooting remote devices: the local device can send commands to reboot remote devices. Managing other remote functions: the local device can manage more remote devices as they are developed, such as SFP and QinQ.
When the iTN165-CES is a managed remote device, the local device (such as the iTN2100) can configure and manage it through extended OAM, as shown in Figure 11-2. Figure 11-2 The iTN165-CES working as a managed remote device
Rebooting the device Viewing basic information about the device (name. model, version, and capability) Configuring the IP address and default gateway of the device Uploading and downloading files Configuring the SNMP community
11.1.11 LLDP
With the enlargement of network scale and increase of network devices, the network topology becomes more and more complex and network management becomes very important. A lot of
Raisecom Technology Co., Ltd. 307
network management software adopts "auto-detection" function to trace changes of network topology, but most of the software can only analyze the Layer 3 network and cannot make sure the interfaces connect to other devices. Link Layer Discovery Protocol (LLDP) is based on IEEE 802.1ab standard. Network management system can fast grip the Layer 2 network topology and changes. LLDP organizes the local device information in different Type Length Value (TLV) and encapsulates in Link Layer Discovery Protocol Data Unit (LLDPDU) to transmit to straightconnected neighbour. It also saves the information from neighbour as standard Management Information Base (MIB) for network management system querying and judging link communication.
LLDP packet
LLDP packet is to encapsulate LLDPDU Ethernet packet in data unit and transmitted by multicast. LLDPDU is data unit of LLDP. The device encapsulates local information in TLV before forming LLDPDU, then several TLV fit together in one LLDPDU and encapsulated in Ethernet data for transmission. As shown in Figure 11-3, LLDPDU is made by several TLV, including 4 mandatory TLV and several optional TLV. Figure 11-3 Structure of LLDPDU packet
As shown in Figure 11-4, each TLV denotes a piece of information at local, such as device ID, interface ID, etc. related Chassis ID TLV, Port ID TLV, and fixed TLV. Figure 11-4 Structure of TLV packet
TLV type value relationship is listed in Table 11-3, at present only types 08 are used. Table 11-3 TLV types TLV type 0 1 2 3 4 Description End Of LLDPDU Chassis ID Port ID Time To Live Port Description
Raisecom Technology Co., Ltd.
TLV type 5 6 7 8
When local device transmits packet, it gets system information required by TLV from NView NNM (Network Node Management) and gets configuration information from LLDP MIB to generate TLV and form LLDPDU to transmit to peer. The peer receives LLDPDU and analyzes TLV information. If there is any change, the information will be updated in neighbor MIB table of LLDP and notifies NView NNM system.
When the device status is changed, the iTN165-CES sends a LLDP packet to the peer. To avoid sending LLDP packet continuously because of device status changes frequently, you can set a delay timer for sending the LLDP packet. The aging time of Time To Live (TTL) of local device information in the neighbour node can be adjusted by modifying the parameter values of aging coefficient, sends LLDP packets to neighbour node, after receiving LLDP packets, neighbour node will adjust the aging time of its neighbour nodes (sending side) information. Aging time formula, TTL = Min {65535, (interval hold-multiplier)}:
Interval indicates the time period to send LLDP packets from neighbor node. Hold-multiplier refers to the aging coefficient of device information in neighbor node.
309
Traceroute
Just as Ping, Traceroute is a commonly-used maintenance method in network management. Traceroute is often used to test the network nodes of packets from sender to destination, detect whether the network connection is reachable, and analyze network fault The following shows how Traceroute works:
First, send a piece of TTL1 sniffer packet (where the UDP port number of the packet is unavailable to any application programs in destination side). TTL deducts 1 when reaching the first hop. Because the TTL value is 0, in the first hop the device returns an ICMP timeout packet, indicating that this packet cannot be sent. The sending host adds 1 to TTL and resends this packet. Because the TTL value is reduced to 0 in the second hop, the device will return an ICMP timeout packet, indicating that this packet cannot be sent.
The above steps continue until the packet reaches the destination host, which will not return ICMP timeout packets. Because the port number of destination host is not be used, the destination host will send the port unreachable packet and finish the test. Thus, the sending host can record the source address of each ICMP TTL timeout packet and analyze the path to the destination according to the response packet. Figure 11-6 shows the principle of Traceroute. Figure 11-6 Principle of Traceroute
310
Raisecom Boot Loader Bootrom version 1.1.0 Raisecom Technology CO..LTD. .Compiled Mar 18 2013 17:33:50 Base ethernet Mac address: 00:0e:5e:02:03:04 Press Space to Enter Bootrom menu...... 1 [Raisecom]:
You can perform the following operations in the menu below. Operation ? h b i m r S u ub List all executable operations. List all executable operations. Quick execution for system bootstrap software. Modify the IP address of the iTN165-CES in BootROM mode. Upgrade the firmware version (such as CPLD mirroring) of the iTN165CES. Reboot the iTN165-CES. List all system startup software name and related information and specify system startup software name loaded at the time of startup. Upgrade the system software through the serial port or network interface. Upgrade the BootROM software. Description
311
Step 1 2
Command
Raisecom#multi-system overwrite versionindex
Description Specify the ID of the system boot software downloaded by the device. Download the system bootstrap software via FTP or TFTP. Download the system boot software through FTP or TFTP. Specify the ID of the system boot software uploaded by the device. Upload the system boot software via FTP or TFTP.
4 5
Raisecom#download bootstrap { ftp ip-address user-name password file-name | tftp ip-address file-name } Raisecom#download system-boot { ftp ip-address user-name password file-name | tftp ip-address file-name } Raisecom#multi-system upload version index
Raisecom#upload system-boot { ftp [ ip-address user-name password file-name ] | tftp [ ipaddress file-name ] } [ schedule-list listnumber ] Raisecom#erase [ file-name ]
Saved as Mode+Command format; Just reserve the non-defaulted parameters to save space (see command reference for default values of configuration parameters); Take the command mode for basic frame to organize commands, put commands of one mode together to form a section, the sections are separated by "!".
The iTN165-CES starts initialization by reading configuration files from memory after powering on. Thus, the configuration in configuration files are called as initialization configuration, if there is no configuration files in memory, the device take the default parameters for initialization. The device running configuration is called current configuration. You can modify device current configuration through CLI. The current configuration can be used as initial configuration when next time power on, you must use the write command to save current configuration into memory and form configuration file. Step 1 Command
Raisecom#download startup-config { ftp ip-address user-name password file-name [ reservedevcfg ] | tftp ip-address file-name [ reservedevcfg ] } Raisecom#erase [ file-name ]
Description Download system startup configuration files through FTP or TFTP. Delete the files from memory.
312
Step 3
Command
Raisecom#upload startup-config { ftp [ ip-address user-name password file-name ] | tftp [ ip-address file-name ] } [ schedule-list list-number ] Raisecom#write
Description Upload system startup configuration files through FTP or TFTP. Write the configured files into memory.
Description Show the system boot software information of the iTN165CES. Show configuration information loaded when the iTN165CES is being booted. Show the current configurations of the iTN165-CES.
Raisecom#show startup-config
Raisecom#show running-config
When performing auto-loading, the IP address configured through CLI has a higher priority than the one obtained through DHCP Client. When performing auto-loading, the priorities of configuration file names obtained from server are arranged in a descending order as below: the file name confirmed by the naming rule > file name configured through CLI > file name obtained through DHCP Client. Command Description Enter global configuration mode. Configure the IP address of the TFTP server. Set the naming rule for file name. By default, there is no denomination rule, system uses default file name as startup_config.conf. Specify the configuration file name to be uploaded.
Step 1 2 3
Raisecom#config Raisecom(config)#service config tftp-server ip-address Raisecom(config)#service config filename rule [ rule-number ]
313
Step 5
Command
Raisecom(config)#service config overwrite enable
Description Enable local configuration file overwriting. Use the service config overwrite disable command to disable local configuration file overwriting. (Optional) enable the Trap module used for update configuration files automatically. (Optional) configure the version ID of the system Bootrom file, system startup configuration file, and system startup file. Enable auto-loading.
6 7
Raisecom(config)#service config trap enable Raisecom(config)#service config version { bootstrap | startupconfig | system-boot } version Raisecom(config)#service config
The iTN165-CES is booted for the first time. The system files are damaged. The card cannot be booted properly.
Before upgrading the system software through BootROM, you should build a TFTP environment, taking a PC as the TFTP server and the iTN165-CES as the client. Basic requirements are as below.
The iTN165-CES is connected to the TFTP server through SNMP interface. Configure the TFTP server and ensure the TFTP server is available. Configure the IP address of TFTP server and make the IP address in the same network segment with IP addresses configured by the T command. Operation
Step 1
Log in to the iTN165-CES through serial port as the administrator and enter privileged EXEC mode and then use the reboot command to reboot the iTN165-CES.
Raisecom#reboot Please input 'yes' to confirm:yes Rebooting ... booting... Raisecom Boot Loader Bootrom version 1.1.0 Raisecom Technology CO..LTD. .Compiled Mar 18 2013 17:33:50 Base ethernet Mac address: 00:0e:5e:02:03:04 Press Space to Enter Bootrom menu...... 2
314
Step 2
Operation Press Space to enter the raisecom interface when "Press space into Bootstrap menu..." appears on the screen, then input "?" to display the command list:
[Raisecom]:? ? print this list h print this list b boot system i modify network manage port ip address m update microcode r reboot system S select system to boot u update system ub update bootrom
The input letters are case sensitive. 3 Input "u" to download the system boot file through FTP and replace the original one, the display information is shown as below:
[Raisecom]: u Index Name Size ---------------------------------------------------------1* system_1.1.1.20130411 10420581 2 system_1.1.1.20130411 10420581 Current selected version is 1 Please select a version to overwrite: 2 choose mode for updating core file. ----------------------------------1. | serial ----------------------------------2. | network ----------------------------------please input mode choose... 2 config network infor ... host ip address:192.168.4.100 usr: wrs passwd: wrs filename: iTN165-4GE4E1enms-b.z starting connect host,please waiting... Do you want to update image file?<Y/N>y start update core , please wait some minutes... success.
Ensure the input file name here is correct. In addition, the file name should not be longer than 80 characters.
Raisecom Technology Co., Ltd. 315
Step 4
Operation Enter "S" and correctly select the system boot file to be loaded when the iTN165-CES is booted next time. The "*" character indicates the default system startup file loaded currently. [Raisecom]: S
Index Name Size ---------------------------------------------------------1* system_1.1.1.20130411 10420581 2 system_1.1.1.20130411 10420581 Current selected version is 1 Please select a version to start: 2 saving... done
Enter "b" to execute the bootstrap file quickly. The iTN165-CES will be rebooted and upload the downloaded system boot file.
The iTN165-CES is connected to the TFTP server through the client/line interface. Configure the FTP/TFTP server and ensure the FTP/TFTP server is available. Configure the IP address of TFTP server. Command Description Specify the ID of the system boot software downloaded by the device. By default, the downloaded system boot software ID is set to 1. Download the system boot software via FTP or TFTP.
Step 1
Specify the ID of the system boot software uploaded by the device. By default, the uploaded system boot software ID is set to 1. Write the configured files into the memory. Reboot the iTN165-CES and the device will automatically upload the downloaded system boot software.
4 5
316
Description Show the system boot software information of the current device. Show automatically-configured loading information. Show the naming rule of the configuration file. Show the system version.
Prerequisite
N/A
Description Enter global configuration mode. (Optional) Enable system log. By default, system log is enabled.
(Optional) configure the timestamp of system log. The optional parameter debug is used to assign debug-level (7) system log timestamp. By default, this system log does not have timestamp The optional parameter log is used to assign levels 06 system log timestamp. By default, these system logs adopt date-time as timestamp.
(Optional) configure the transport rate of system log. By default, no transport rate is configured.
317
Step 5 6
Command
Raisecom(config)#logging buginf [ high | low | none | normal ] Raisecom(config)#logging buffered size size Raisecom(config)#logging alarm Raisecom(config)#logging discriminator discriminatornumber { facility | mnemonics | msg-body } { drops key | includes key | none } Raisecom(config)#logging facility { alert | audit | auth | clock | cron | daemon | ftp | kern | local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7 | lpr | mail | news | ntp | security | syslog | user | uucp } Raisecom(config)#logging sequence-number
Description (Optional) send Level 7 (debugging) debugging log. (Optional) configure the log buffer size. By default, the log buffer size is set to 4KB. (Optional) enable system log alarm. (Optional) configure the log discriminator.
7 8
(Optional) configure the facility field in the log to be sent to the log host. By default, the facility field value is set to local7.
10
Command
Description Enter global configuration mode. (Optional) output system logs to the Console interface.
5 6
(Optional) output system logs to the Flash of the iTN165-CES. (Optional) output system logs to the log buffer.
318
Step 8
Command
Raisecom(config)#logging history size size
Description Configure the log history table size. By default, the log history table size is set to 1.
Raisecom(config)#logging trap [ log-level | alerts | critical | debugging | emergencies | errors | informational | notifications | warnings ]
(Optional) translate logs output to the log history table to Traps. By default, warning Logs output to the log history table is translated to Traps.
Description Show system log configurations. Show contents of the system log file. Show contents of the log buffer. Show information about the log discriminator. Show contents of the log history table.
Prerequisite
After hardware monitoring is configured on the iTN165-CES,
319
When alarms are output in Syslog form, alarms are generated to the system log. When needing to send alarms to the log host, you need to configure the IP address of the log host on the iTN165-CES. When needing to send alarms to the NView NNM system in a Trap form, you need to configure the IP address of the NView NNM system on the iTN165-CES.
Command
Description Enter global configuration mode. (Optional) enable alarm inhibition. By default, alarm inhibition is enabled.
(Optional) enable alarm auto-report. By default, alarm auto-report is enabled. (Optional) enable alarm monitoring. By default, alarm monitoring is enabled. (Optional) configure the alarm inverse mode. By default, the alarm inverse mode is set to none (non-inverse). (Optional) configure the time for delaying an alarm to be generated. By default, alarm delay is set to 0s.
interface-type interface-number [ module_name [ group_name ] ] } enable Raisecom(config)#alarm inverse interfacetype interface-number { none | auto | manual }
Raisecom(config)#alarm active delay
second
(Optional) configure the alarm storage mode. By default, the alarm storage mode is set to stop. (Optional) clear specified current alarms. (Optional) clear specified current alarms on the specified alarm module. (Optional) clear specified current alarms of the specified alarm source (interface). (Optional) enable alarm Syslog. By default, alarm Syslog is enabled.
Raisecom(config)#alarm clear index index Raisecom(config)#alarm clear module_name [ group_name ] Raisecom(config)#alarm clear interfacetype interface-number [ module_name [ group_name ] ] Raisecom(config)#alarm syslog enable
10
Raisecom(config)#exit Raisecom#show alarm active [ module_name | severity severity ] Raisecom#show alarm cleared [ module_name | severity severity ]
320
Description Enter global configuration mode. (Optional) enable global hardware monitoring alarm Syslog output. By default, global hardware monitoring alarm Syslog output is disabled.
(Optional) enable global hardware monitoring alarm Trap. By default, global hardware monitoring alarm Trap is enabled.
(Optional) enable power supply dying-gasp alarm output and configure the power supply dying-gasp alarm output mode. By default, power supply dying-gasp alarm Syslog output and power supply dying-gasp alarm Trap output are enabled.
(Optional) enable temperature alarm output and configure the temperature alarm output mode/temperature alarm threshold. The high-temperature threshold (high-value) must be greater than the low-temperature threshold (lowvalue). By default, temperature alarm Syslog output and temperature alarm Trap output are enabled. The high-temperature threshold is set to 75 C and the low-temperature threshold is set to -10 C.
(Optional) enable voltage alarm output and configure the voltage alarm output mode/voltage alarm threshold. By default, voltage alarm Syslog output and voltage alarm Trap output are enabled.
(Optional) enable interface status alarm output and configure the voltage alarm output mode. By default, only interface link-down alarm Syslog output and interface link-down alarm Trap output are enabled.
interface-list
321
Step 8
Command
Raisecom(config)#clear hw_monitor
This command can be used to clear all alarms from the current alarm table. In addition an alarm, whose type is all-alarm, is generated in the historical alarm table. If global Trap is enabled, this all-alarm alarm will be output in a Trap form. If global Syslog is enabled, this all-alarm alarm will be output in a Syslog form.
Alarms cannot be generated into Syslog unless global hardware monitoring alarm Syslog output is enabled and Syslog output of monitored alarm events is enabled. Trap cannot be sent unless global hardware monitoring alarm Trap output is enabled and Trap output of monitored alarm events is enabled.
Description Enter global configuration mode. Enable Layer 3 dying-gasp alarm. By default, Layer 3 dying-gasp alarm is enabled. Enter physical layer interface configuration mode.
interface-type interfacenumber
Raisecom(config-port)#snmp trap link-fault enable
Enable Layer 3 link-fault alarm on the uplink Line interface. By default, Layer 3 link-fault alarm is enabled.
Description Show current alarm parameters. Alarm parameters displayed by this command include alarm inhibition, alarm inverse mode, alarm delay, alarm storage mode, alarm buffer size, and alarm log size. Show alarm management module configurations. Show alarm management module statistics.
2 3
322
No. 4
Command
Raisecom#show hw_monitor
Description Show global hardware monitoring alarm configurations. Hardware monitoring information displayed by this command includes global alarm Syslog output, global Trap, power supply dying-gasp alarms, temperature alarms, and voltage alarms.
5 6 7 8
type interface-list
Raisecom#show hw_monitor currrent Raisecom#show hw_monitor history Raisecom#show hw_monitor environment [ power | temperature | voltage ] Raisecom#show power-down Raisecom#show alarm active Raisecom#show alarm cleared [ module_name | severity severity ]
Show interface status alarms. Show current hardware monitoring alarms. Show historical hardware monitoring alarms. Show current power supply, temperature, and voltage alarms and current environment information. Show Layer 3 dying-gasp alarm status. Show the current alarm table. Show cleared alarms.
9 10 11
Prerequisite
N/A
323
Step 2
Command
Raisecom(config)#flood-protect { all | arp | bpdu | icmp } interval interval-
Description Configure the sampling interval for packet. By default, the sampling interval for ARP and ICMP packets is set to 5s and the sampling interval for BPDU packets is set to 1s. Configure the high threshold for packets. In the sampling interval, packets will be dropped when the number of received packets exceeds the threshold. By default, the drop threshold of ARP and BPDU packets is set to 200 and the drop threshold of ICMP packets is set to 300. Configure the low threshold for packets. In the sampling interval, packets will not be dropped when the number of received packets is smaller than the threshold. By default, the low thresholds is set to 40.
second
value
type interface-list
Enable CPU protection of related packets on an interface. By default, CPU protection of related packets is disabled on the interface.
Description Show CPU protection configurations. Show CPU protection status on an interface.
interface-list
324
Prerequisite
To output CPU monitoring alarms in a Trap form. You need to configure the IP address of Trap target host on the iTN165-CES, that is, the IP address of the NView NNM system.
Description Enter global configuration mode. Enable CPU threshold Trap. By default, CPU threshold Trap is disabled. (Optional) configure the upper CPU threshold and lower CPU threshold. The upper CPU threshold must be greater than the lower CPU threshold. By default, the upper CPU threshold is set to 100% and the lower CPU threshold is set to 1%. The sampling interval is set to 60s. After CPU threshold Trap is enabled, in the sampling interval, when the CPU utilization rate is higher than the upper CPU threshold or is smaller than the lower CPU threshold, a Trap is sent automatically.
325
Prerequisite
The route between the iTN165-CES and the Nview NNM system is reachable.
Description Enter global configuration mode. Enable RMON statistics on an interface and configure related parameters. By default, RMON statistics is enabled on all interfaces.
Description Enter global configuration mode. Enable RMON historical statistics on an interface and configure related parameters. By default, RMON historical statistics is disabled on all interfaces.
interface-type interface-number [ shortinterval period ] [ longinterval period ] [ buckets buckets-number ] [ owner string ]
Command
Description Enter global configuration mode. Configure parameters related to the RMON alarm group.
326
Command
Description Enter global configuration mode. Configure parameters related to the RMON event group.
Description Show RMON configurations. Show RMON alarm group information. Show RMON event group information. Show RMON statistics group information. Show RMON history group information.
interface-list
Prerequisite
N/A
Description Enter global configuration mode. Enable optical module DDM. By default, optical module DDM is disabled.
327
Step 3 4
Command
Raisecom#interface interface-type
Description Enter physical layer interface configuration mode. Enable optical module password-check on an interface. By default, optical module password-check is enabled.
interface-number
Raisecom(config-port)#transceiver check-password enable
Description Enter global configuration mode. Enable optical module parameter anomaly Trap. By default, optical module parameter anomaly Trap is disabled. Enter physical layer interface configuration mode.
Raisecom(config)#interface
interface-type interfacenumber
Raisecom(configport)#transceiver trap enable
Enable optical module DDM Trap on an interface. By default, optical module DDM Trap is enabled.
Description Show historical information about optical module DDM. Show optical module DDM information. Show the optical module information. Show the voltage threshold.
interface-type interface-list
Raisecom#show transceiver thresholdviolations interface-type interface-list
Ingress packets: test packets received by an interface Egress packets: test packets return to the peer device through an interface
Prerequisite
When the current interface is in Forwarding status, packets entering the interface can be properly forwarded or transmitted to the CPU.
Description Enter global configuration mode. Enter physical layer interface configuration mode. Configure the parameter for enabling the loopback rule based on the destination/source MAC address. The parameter is set to the destination/source MAC address. Configure the parameter for enabling the loopback rule based on the CVLAN ID/SVLAN ID. The parameter is set to the CVLAN ID/SVLAN ID. Configure the parameter for enabling the loopback rule based on the DIP/SIP. The parameter is set to the DIP/SIP.
type interface-number
Raisecom(config-port)#loopback { dmac | smac } mac-address
The first 3 bytes of the destination MAC address cannot be set to 0x0180C2. The source MAC address cannot be a multicast/broadcast MAC address.
Description Enter global configuration mode. (Optional) configure the local MAC address. By default, the local MAC address is the one of the current device. (Optional) configure the source MAC address translation rule of unicast loopback packets. By default, the source MAC address of the unicast loopback packets is changed to the local MAC address.
Raisecom Technology Co., Ltd. 329
address
Step 4
Command
Raisecom(config)#loopback dmac-swap enable
Description Enable destination MAC address translation of multicast and broadcast packet.
Unicast source MAC address translation: for unicast packets, which enter the interface and meet loopback rules and parameters, you can perform source MAC address translation. Their source MAC address is changed to the local MAC address of the current device or other destination MAC addresses. Multicast/Broadcast destination MAC address translation: for multicast and broadcast packets, which enter the interface and meet loopback rules and parameters, you can perform destination MAC address translation as required. You can configure changing their destination MAC address to the local MAC address of the current device.
Description Enter global configuration mode. (Optional) configure the local IP address. By default, the local IP address is set to 127.0.0.1.
address
The source IP address of all loopback egress packets is changed to the local IP address. 3
Raisecom(config)#loopback dip-swap enable
Enable destination IP address translation of multicast IP packets. By default, destination IP address translation is enabled.
Multicast destination IP address translation: for multicast IP packets, which enter the interface and meet loopback rules, you can perform destination IP address translation as required. After multicast destination IP address translation is enabled, the destination IP address is changed to the source IP address of the ingress packets. The source IP address of loopback egress packets is changed to the source IP address (local IP address) of the current device. Broadcast destination IP address translation: the destination IP address of loopback egress packets is always changed to the source IP address of ingress packets.
330
Loopback may influence normal services. Be careful to perform it. After loopback detection, disable loopback immediately. Otherwise, normal services fail. Command Description Enter global configuration mode. Enter physical layer interface configuration mode. Configure the rule for enabling interface loopback. By default, loopback is performed on all packets. The timeout is set to 0, which indicates that the interface is always in loopback status. Enable interface loopback. By default, interface loopback is disabled.
Step 1 2 3
type interface-number
Raisecom(config-port)#loopback mode { cvlan | dip | dmac | dvlan | sip | sip-dip | smac | svlan } [ timeout time-out-second ]
Prerequisite
N/A
331
Description Enter global configuration mode. Configure the OAM working mode. By default, the OAM working mode is set to passive. Enter physical layer interface configuration mode. Enable OAM on an interface.
type interface-number
Raisecom(config-port)#oam enable
Description Show extended OAM link status. Show extended OAM frame statistics.
type interface-number
Prerequisite
N/A
After global LLDP is disabled, you cannot re-enable it immediately. Global LLDP cannot be enabled unless the restart timer times out. Step 1 Command
Raisecom#config
332
Step 2
Command
Raisecom(config)#lldp enable
Description Enter global configuration mode. Enter physical layer interface configuration mode. Enable interface LLDP. By default, interface LLDP is enabled. You can use the lldp disable command to disable interface LLDP.
interface-type interface-number
Raisecom(config-port)#lldp enable
We recommend configuring the LLDP delivery period in advance. The delivery period and delivery delay are interact on each other. The delivery delay must be smaller than or equal to 0.25 delivery period. Otherwise, configuration fails. The LLDP delivery delay should be smaller than the aging time. The aging time = aging coefficient delivery period. Command Description Enter global configuration mode. (Optional) configure the period timer of the LLDP packet. By default, the period timer of the LLDP packet is set to 30s. (Optional) configure the delay timer of the LLDP packet. By default, the delay timer of the LLDP packet is set to 2s. (Optional) configure the aging coefficient of the LLDP packet. By default, the aging coefficient of the LLDP packet is set to 4. (Optional) configure the restart timer. After global LLDP is disabled, it cannot be enabled unless the restart timer times out. By default, the restart timer is set to 2s.
Step 1 2
Raisecom#config Raisecom(config)#lldp messagetransmission interval period Raisecom(config)#lldp messagetransmission delay period Raisecom(config)#lldp messagetransmission hold-multiplier
coefficient
333
Description Enter global configuration mode. Enable LLDP Trap. (Optional) configure the LLDP Trap period timer . By default, the LLDP Trap period timer is set to 5s.
second
After enabled with LLDP Trap, the iTN165-CES will send Traps after detecting aged neighbours, newly-added neighbours, and changed neighbour information.
Description Show LLDP local configurations. Show LLDP local system information. Show LLDP neighbor information. Show LLDP packet statistics.
Description Show current power supply, temperature, and voltage alarms and current environment information.
334
Command
Description Enter global configuration mode. Create and configure the schedule list.
list-number
Bind the CLIs, which need to be performed periodically and support the schedule list, to the schedule list. Show schedule list configurations.
Raisecom#show schedule-list
Description (Optional) use the ping command to test IPv4 network connectivity.
The iTN165-CES cannot perform other operations in the process of Ping. It can perform other operations only when Ping is finished or Ping is broken off by pressing Ctrl + C.
Traceroute
Before using Traceroute, you should configure the IP address and default gateway of the iTN165-CES. Step 1
Raisecom#config
Command
335
Step 2 3 4 5 6
Command
Raisecom(config)#interface ip if-number Raisecom(config-ip)#ip address ip-address [ ip-mask ] vlan-id Raisecom(config-ip)#exit
Description Enter layer 3 interface configuration mode. Configure the IP address of the interface. Exit from Layer 3 interface configuration mode and enter global configuration mode. Configure the default gateway. Exit from global configuration mode and enter privileged EXEC configuration mode. (Optional) use the traceroute command to test the IPv4 network connectivity and view nodes passed by the packet.
address
Raisecom(config)#exit
Raisecom#traceroute ip-address [ firstttl first-ttl ] [ maxttl max-ttl ] [ port portnumber ] [ waittime period ] [ count times ]
11.14 Maintenance
Command
Raisecom(config)#clear lldp statistic { interface-type interface-number | port-channel port-channel-number} Raisecom(config)#clear lldp remote-table [ interface-type interface-number ] Raisecom(config)#clear rmon
Description Clear LLDP statistics. Clear LLDP neighbour information. Clear all RMON configurations.
336
Configuration steps
Step 1 Create event group 1. Event group 1 is used to record and send the log which contains the string High-ifOutErrors. The owner of the log is set to system.
Step 2 Create alarm group 10. Alarm group 10 is used to monitor the MIB variable (1.3.6.1.2.1.2.2.1.20.1) every 20 seconds. If the value of the variable is added by 15 or greater, a Trap is triggered. The owner of the Trap is also set to system.
Raisecom#write
Checking results
Use the show rmon alarms command to show RMON alarm group information.
Raisecom#show rmon alarms Alarm 10 is active, owned by system Monitors 1.3.6.1.2.1.2.2.1.20.1 every 20 seconds Taking delta samples, last value was 0 Rising threshold is 15, assigned to event 1 Falling threshold is 0, assigned to event 0 On startup enable rising and falling alarm
337
Use the show rmon events command to show RMON event group information.
Raisecom#show rmon events Event 1 is active, owned by system Event generated at 0:0:0 Send TRAP when event is fired.
When an alarm event is triggered, you can view related records at the alarm management dialog box of the NView NNM system.
Configuration steps
Step 1 Enable global LLDP and enable LLDP alarm.
Configure iTN A.
338
Configure iTN B.
Configure iTN A.
iTNA(config)#create vlan 1024 active iTNA(config)#interface client 1 iTNA(config-port)#switchport access vlan 1024 iTNA(config-port)#exit iTNA(config)#interface ip 1 iTNA(config-ip)#ip address 10.10.10.1 1024
Configure iTN B.
iTNB(config)#create vlan 1024 active iTNB(config)#interface client 1 iTNB(config-port)#switchport access vlan 1024 iTNB(config)#interface ip 1 iTNB(config-ip)#ip address 10.10.10.2 1024
Configure iTN A.
Configure iTN B.
iTNB#write
Checking results
Use the show lldp local config command to show local configurations.
iTNA#show lldp local config System configuration: ------------------------------------------------------------------------LLDP enable status: enable (default is disabled) LLDP enable ports: 1-6 LldpMsgTxInterval: 60 (default is 30s) LldpMsgTxHoldMultiplier:4 (default is 4) LldpReinitDelay: 2 (default is 2s) LldpTxDelay: 2 (default is 2s) LldpNotificationInterval: 5 (default is 5s) LldpNotificationEnable: enable (default is 0180.c200.000e) ------------------------------------------------------------line1 : destination-mac:0180.C200.000E line2 : destination-mac:0180.C200.000E client1 : destination-mac:0180.C200.000E client2 : destination-mac:0180.C200.000E client3 : destination-mac:0180.C200.000E client4 : destination-mac:0180.C200.000E client5 : destination-mac:0180.C200.000E client6 : destination-mac:0180.C200.000E iTNB#show lldp local config System configuration: ------------------------------------------------------------------------LLDP enable status: enable (default is disabled) LLDP enable ports: 1 LldpMsgTxInterval: 60 (default is 30s) LldpMsgTxHoldMultiplier:4 (default is 4) LldpReinitDelay: 2 (default is 2s) LldpTxDelay: 9 (default is 2s) LldpNotificationInterval: 10 (default is 5s) LldpNotificationEnable: enable (default is 0180.C200.000E) ------------------------------------------------------------line1 : destination-mac:0180.C200.000E line2 : destination-mac:0180.C200.000E client1 : destination-mac:0180.C200.000E client2 : destination-mac:0180.C200.000E client3 : destination-mac:0180.C200.000E client4 : destination-mac:0180.C200.000E
340
iTNA#show lldp remote Port ChassisId PortId SysName MgtAddress ExpiredTime ------------------------------------------------------------------------client 1000E.5E02.B010 client1 iTNB 10.10.10.2 106 iTNB#show lldp remote Port ChassisId PortId SysName MgtAddress ExpiredTime ------------------------------------------------------------------------client 1000E.5E12.F120 client1 iTNA 10.10.10.1 106
Configuration steps
Step 1 Configure the IP address of the iTN165-CES.
341
Checking results
Use the show logging command to show system log configurations.
Raisecom#show logging Syslog logging: enable Dropped Log messages: 0 Dropped debug messages: 0 Rate-limited: 2 messages per second Logging config: disable Logging config level: informational(6) Squence number display: disable Log time stamp: datetime Debug time stamp: none Log buffer size: 4kB Debug level: low Syslog history logging: disable Syslog history table size:1 Dest Status Level LoggedMsgs DroppedMsgs Discriminator ------------------------------------------------------------------------buffer disable informational(6) 0 0 0 console enable informational(6) 2 0 0 trap disable warnings(4) 0 0 0 file disable warnings(4) 0 0 0 monitor disable informational(6) 0 0 0 Log host information: Max number of log server: 10 Current log server number: 1
View whether the log information is displayed on the terminal emulation Graphical User Interface (GUI) of the PC.
07-01-2008 11:31:28Local0.Debug 20.0.0.6JAN 01 10:22:15 iTN165: CONFIG-7CONFIG:USER " raisecom " Run " logging on " 07-01-2008 11:27:41Local0.Debug 20.0.0.6JAN 01 10:18:30 iTN165: CONFIG-7CONFIG:USER " raisecom " Run " ip address 20.0.0.6 255.0.0.0 1 " 07-01-2008 11:27:35Local0.Debug 20.0.0.10 JAN 01 10:18:24 iTN165: CONFIG-7CONFIG:USER " raisecom " Run " ip address 20.0.0.6 255.0.0.1 1 " 07-01-2008 11:12:43Local0.Debug 20.0.0.10 JAN 01 10:03:41 iTN165: CONFIG-7CONFIG:USER " raisecom " Run " logging host 20.0.0.168 local0 7 " 07-01-2008 11:12:37Local0.Debug 20.0.0.10 JAN 01 10:03:35 iTN165: CONFIG-7CONFIG:USER " raisecom " Run " logging on"
342
Configuration steps
Step 1 Configure the IP address of the iTN165-CES.
343
Raisecom#write
Checking results
Use the show snmp config command to show Trap configurations.
Raisecom#show snmp config Contact information: support@Raisecom.com Device location : World China Raisecom SNMP trap status: enable SNMP engine ID: 800022B603000E5E156789
Use the show snmp host command to show Trap target host configurations.
Raisecom(config)#show snmp host Index: 0 IP family: IPv4 IP address: 20.0.0.1 Port: 162 User Name: public SNMP Version: v2c Security Level: noauthnopriv TagList: bridge config interface rmon snmp ospf
Use the show hw_monitor command to show hardware monitoring alarm configurations.
Enabled Disabled
Power Supply Notifies: Enabled Syslog: Enabled Temperature High threshold(Celsius): 50 Low threshold(Celsius): 20 Notifies: Enabled Syslog: Enabled Voltage High threshold: 3460mV Low threshold: 3150mV Notifies: Enabled Syslog: Enabled
344
12 Appendix
12
12.1 Terms
Appendix
This chapter describe terms and abbreviations involved in this guide, including the following sections:
Terms Abbreviations
C Connectivity Fault Management (CFM) Control Word A standard defined by IEEE. It defines protocols and practices for OAM (Operations, Administration, and Maintenance) for paths through 802.1 bridges and local area networks (LANs). Used to diagnose fault for EVC (Ethernet Virtual Connection). Cost-effective by fault management function and improve Ethernet maintenance. The control word is a 4-byte TDM service data encapsulation packet header, used for circuit emulation services. The control word is mainly used to indicate a packet sequence number, link faults, shorter encapsulation packet, and encapsulation packet type.
E Encapsulation A technology used by the layered protocol. When the lower protocol receives packets from the upper layer, it will map packets to the data of the lower protocol. The outer layer of the data is encapsulated with the lower layer overhead to form a lower protocol packet structure. For example, an IP packet from the IP protocol is mapped to the data of 802.1Q protocol. The outer layer is encapsulated by the 802.1Q frame header to form a VLAN frame structure. A protocol based on ITU-T G.8031 APS (Automatic Protection Switching) to protect an Ethernet connection. It is a kind of end-to-end protection technology. Including two linear protection modes: linear 1:1 protection switching and linear 1+1 protection switching.
345
12 Appendix
An APS (Automatic Protection Switching) protocol based on ITU-T G.8032 Recommendation to provide backup link protection and recovery switching for Ethernet traffic in a ring topology and at the same time ensuring that there are no loops formed at the Ethernet layer.
F Failover Provide a port association solution, extending link backup range. Transport fault of upper layer device quickly to downstream device by monitoring upstream link and synchronize downstream link, then trigger switching between master and standby device and avoid traffic loss.
J Jitter Buffer When packets are transmitted in the PSN, delay will be generated, which influence the performance of emulation services. The Jitter Buffer can be used to reduce the influence caused by delay. Jitter Buffer is used to contain earlier or later-received packets. Requirements are introduced to the distribution of Jitter Buffer capacity. If the capacity is too larger, the buffer overflow can be prevented. However, longer delay will be generated. If the capacity is too small, it will cause buffer overflow. Therefore, you should set an appropriate value for the Jitter Buffer capacity.
L Link Aggregation A computer networking term which describes using multiple network cables/ports in parallel to increase the link speed beyond the limits of any one single cable or port, and to increase the redundancy for higher availability.
M Mobile Backhaul Solve communication problem from BTS to BSC for 2G, NodeB to RNC for 3G. Mobile backhaul for 2G focuses on voice service, not request high bandwidth, implemented by TDM microwave or SDH/PDH device. In 3G times, lots of data service as HSPA, HSPA+, etc concerning to IP service, voice is changing to IP as well, namely IP RAN, to solve problem of IP RAN mobile backhaul is solving whole network backhaul, satisfying both data backhaul and voice transportation over IP (clock synchronization).
346
12 Appendix
QinQ
QinQ is (also called Stacked VLAN or Double VLAN) extended from 802.1Q, defined by IEEE 802.1ad recommendation. Basic QinQ is a simple layer-2 VPN tunnel technology, encapsulating outer VLAN Tag for client private packets at carrier access end; the packets take double VLAN Tag passing through trunk network (public network). In public network, packets only transmit according to outer VLAN Tag, the private VLAN Tag are transmitted as data in packets.
S SyncE A technology adopts Ethernet link codes recover clock, similar to SDH clock synchronization quality, SyncE provides frequency synchronization of high precision. Unlike traditional Ethernet just synchronize data packets at receiving node, SyncE implements real-time synchronization system for inner clock.
12.2 Abbreviations
A AC ACL APS ASIC ATM Attachment Circuit Access Control List Automatic Protection Switching Application Specific Integrated Circuit Asynchronous Transfer Mode
B BC Boundary Clock
C CAS CCS CDMA2000 CE CES CESoPSN CFM CoS Channel Associated Signaling Common Channel Signaling Code Division Multiple Access 2000 Customer Edge Circuit Emulation Service Circuit Emulation Services over Packet Switch Network Connectivity Fault Management Class of Service
347
12 Appendix
CR-LDP
D DoS DRR DSCP DUT Deny of Service Deficit Round Robin Differentiated Services Code Point Device Under Test
E EFM ELPS ERPS EVC Ethernet in the First Mile Ethernet Linear Protection Switching Ethernet Ring Protection Switching Ethernet Virtual Connection
F FEC FIB FTP FR Forwarding Equivalence Class Forwarding Information Base File Transfer Protocol Frame Relay
G GACH GARP GPS GSM GVRP Generic Associated Channel Generic Attribute Registration Protocol Global Positioning System Global System for Mobile Communications GARP VLAN Registration Protocol
I IANA IEEE IETF IGMP IGMP Snooping Internet Assigned Numbers Authority Institute of Electrical and Electronics Engineers Internet Engineering Task Force Internet Group Management Protocol Internet Group Management Protocol Snooping
348
12 Appendix
IP ITU-T
L LACP LBM LBR LDP LER LLDP LLDPDU LOS LTM LSR LSA LTR Link Aggregation Control Protocol LoopBack Message LoopBack Reply Label Distribution Protocol Label Edge Router Link Layer Discovery Protocol Link Layer Discovery Protocol Data Unit Loss of Signal LinkTrace Message Label Switching Router Link Status Advertisement LinkTrace Reply
M MA MAC MAN MD MEF MEG MEP MIB MIP MP-BGP MPLS MSTI MSTP MTU Maintenance Association Medium Access Control Metro Area Network Maintenance Domain Metro Ethernet Forum Maintenance Entity Group Maintenance associations End Point Management Information Base Maintenance association Intermediate Point Multiprotocol Extensions for Border Gateway Protocol Multiprotocol Label Switching Multiple Spanning Tree Instance Multiple Spanning Tree Protocol Maximum Transfered Unit
349
12 Appendix
MVR
P PC PE PPP PSN PTP PW PWE3 Personal Computer Provider Edge Point to Point Protocol Packet Switched Network Precision Time Protocol Pseudo Wire Pseudo Wire Emulation Edge-to-Edge
R RADIUS RMON RMEP RNC RSTP RSVP-TE RTP S SAToP SES Structure-Agnostic TDM over Packet Severely Errored Second Remote Authentication Dial In User Service Remote Network Monitoring Remote Maintenance association End Point Radio Network Controller Rapid Spanning Tree Protocol Resource Reservation Protocol Traffic Engineering Real-time Transport Protocol
350
12 Appendix
Small Form-factor Pluggables Service Level Agreement Simple Network Management Protocol Simple Network Time Protocol Strict-Priority Secure Shell v2 Spanning Tree Protocol
T TACACS+ TC TCP TD-SCDMA TDM TDMoP TFTP TLV ToS Terminal Access Controller Access Control System Transparent Clock Transmission Control Protocol Time Division-Synchronous Code Division Multiple Access Time Division Multiplex Time Division Multiplex over Packet Trivial File Transfer Protocol TypeLengthValue Type of Service
W WAN WCDMA WRR Wide Area Network Wideband Code Division Multiple Access Weight Round Robin
351
Address: Building 2, No. 28, Shangdi 6th Street, Haidian District, Beijing, P.R.China. Postal code: 100085 Tel: +86-10-82883305 Fax: 8610-82883056 http://www.raisecom.com Email: export@raisecom.com