PDF Copy of the Cisco ASR 9000 Series Aggregation Services Router

Cisco Confidential - Beta Draft R3.7 FCI

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide Cisco IOS XR Software Release 3.7 FCI

March, 2009

Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883

Text Part Number: OL-17103-01 Cisco Confidential - Beta Draft R3.7 FCI

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

CCDE, CCENT, Cisco Eos, Cisco HealthPresence, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.

All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0812R)

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

CONTENTS

Preface ES-xv

Prerequisites for Installing Ethernet Services Applications on the Cisco ASR 9000 Series Router ES-19 Contents ES-19 Router Management Interfaces ES-19 Command-Line Interface ES-20 Adding a Software Package to your Cisco ASR 9000 Series Router ES-20 Copying the PIE File to a Local Storage Device or Network Server ES-20 Adding Packages to an SDR ES-20 Activating Packages ES-21 Activating Multiple Packages or SMUs ES-21 Activating All Packages Added in a Specific Operation ES-22 Adding and Activating a Package with a Single Command ES-22 Upgrading and Downgrading Packages ES-22 Committing the Active Software Set ES-22 Rolling Back to a Previous Installation Operation ES-22 Configuring IGP ES-23 Configuring MPLS LDP ES-23 Configuring RSVP ES-23 Implementing MPLS Traffic Engineering ES-23 Configuring MPLS Tunnels ES-24 MPLS-TE and Fast Reroute over Link Bundles ES-24 Configuring L2TPv3 Tunnels ES-24 Where to Go Next ES-24

Bringing Up the Ethernet Services on a Cisco ASR 9000 Series Router ES-25 Contents ES-25 Prerequisites ES-25 Software Requirements ES-25 Hardware Prerequisites and Documentation ES-25 Bringing Up and Configuring a Cisco ASR 9000 Series Router ES-26 Examples ES-27 Verifying the System After Initial Bring-Up ES-27

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-iii Contents

Cisco Confidential - Beta Draft R3.7 FCI

Examples of show Commands ES-28 install add ES-32 PIEs to add for Ethernet Services Support ES-37 Where to Go Next ES-37

Configuring Ethernet Layer 2 Switching ES-39 Contents ES-39 Layer 2 Ethernet Switching Overview ES-39 Layer 2 Local Switching Overview ES-39 ASR 9000 Reference Network ES-40 Understanding Ethernet CFM ES-40 CFM Domain ES-41 Maintenance Points ES-42 Ethernet CFM Overview ES-42 CFM Messages ES-43 Ethernet CFM ES-43 Benefits of Ethernet CFM ES-43 Customer Service Instance ES-44 Maintenance Domain ES-44 Maintenance Point ES-46 Maintenance Endpoints ES-46 Maintenance Intermediate Points ES-47 CFM Messages ES-48 Cross-Check Function ES-49 Ethernet Virtual Circuit ES-50 Configuring Ethernet CFM ES-50 Default Ethernet CFM Configuration ES-50 Ethernet CFM Configuration Guidelines ES-50 Preparing the Ethernet CFM Network ES-51 Configuring Ethernet CFM Service ES-52 Configuring Ethernet CFM Crosscheck ES-53 STP Overview ES-54 Ethernet Wire Service ES-55 IGMP Snooping ES-56 MPLS Services ES-57 L2VPN Overview ES-57 Ethernet Port Mode ES-58 Where to Go Next ES-58

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-iv OL-17103-01 Contents

Cisco Confidential - Beta Draft R3.7 FCI

Configuring Ethernet Virtual Connections (EVCs) ES-59 Contents ES-59 EVC ES-59 Restricted TCN Feature ES-60 Root Guard Feature ES-60 Ethernet CFM Overview ES-60 Configuring Ethernet Interfaces ES-61 Installing System Software on Your ASR 9000 ES-62 Examples ES-68 Committing the Active Package Set ES-71 Displaying the Committed Package Versions ES-72 Enabling Tacacs+ Accounting, Authorization, and Authentication ES-73 Enabling DNS Look Up ES-73 Enabling HTTP Server Access ES-73 Configuring a Gigabit Ethernet or 10-Gigabit Ethernet Interface ES-74 What to Do Next ES-77 Configuring MAC Accounting on an Ethernet Interface ES-77 Configuring an Attachment Circuit on an Ethernet Port ES-79 What to Do Next ES-81 Configuration Examples for Ethernet Interfaces ES-81 Configuring an Ethernet Interface: Example ES-81 Configuring MAC-accounting: Example ES-82 Configuring a Layer 2 VPN AC: Example ES-82 Ethernet Services ES-82 Ethernet Wire Service ES-83 Ethernet Relay Service ES-84 Ethernet Multipoint Service ES-85 EMS Example ES-86 What is an EFP? ES-86 EFP CLI Configuration Structure ES-87 Structured CLI ES-87 Where to Go Next ES-87 Additional References ES-87 Related Documents ES-88 Standards ES-88 MIBs ES-88 RFCs ES-88 Technical Assistance ES-88

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-v Contents

Cisco Confidential - Beta Draft R3.7 FCI

Setting Up Your Multicast Connections ES-89 Related Documents ES-93 Where to Go Next ES-93

Cisco ASR 9000 Series Router Platform Dependent Command Reference ES-95 Contents ES-95 Ethernet Interface Commands on Cisco ASR 9000 Series Routers ES-95 carrier-delay ES-97 clear ethernet cfm ccm-learning-database ES-99 clear ethernet cfm interfaces ES-101 clear ethernet cfm local meps ES-102 clear ethernet cfm interfaces ES-104 clear ethernet cfm peer meps ES-105 clear ethernet cfm traceroute-cache ES-107 clear ethernet oam statistics ES-108 clear mac-accounting (Ethernet) ES-109 encapsulation dot1q ES-111 ethernet cfm cc ES-112 ethernet cfm mep domain ES-114 ethernet cfm traceroute cache ES-115 ethernet cfm traceroute cache hold-time ES-116 ethernet cfm traceroute cache size ES-117 ethernet oam loopback ES-119 flow-control ES-120 interface GigabitEthernet ES-122 interface TenGigE ES-124 l2protocol (Ethernet) ES-126 l2transport (Ethernet) ES-128 loopback (Ethernet) ES-130 mac-accounting ES-132 mac-address (Ethernet) ES-133 negotiation auto ES-134 packet-gap non-standard ES-135 ping ethernet cfm ES-136 show controllers (Ethernet) ES-138 show ethernet cfm ccm-learning-database ES-146

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-vi OL-17103-01 Contents

Cisco Confidential - Beta Draft R3.7 FCI

show ethernet cfm configuration-errors ES-147 ES-148 show ethernet cfm interfaces statistics ES-149 show ethernet cfm local maintenance-points ES-151 show ethernet cfm local maintenance-points ES-153 show ethernet cfm local meps ES-154 show ethernet cfm peer meps ES-155 show ethernet cfm traceroute-cache ES-157 show ethernet oam configuration ES-159 show ethernet oam discovery ES-161 show mac-accounting (Ethernet) ES-163 show spanning-tree mst ES-165 traceroute ethernet cfm (basic linktrace) ES-168 traceroute ethernet cfm (exploratory linktrace) ES-170 802.1Q VLAN Subinterface Commands on Cisco ASR 9000 Series Routers ES-172 dot1q native vlan ES-173 dot1q tunneling ethertype 0x9100 ES-175 dot1q vlan ES-177 interface (VLAN) ES-179 l2protocol (VLAN) ES-181 show vlan interface ES-183 show vlan tags ES-185 show vlan trunks ES-187 Where to Go Next ES-190 Additional References ES-190 Related Documents ES-191 Standards ES-191 MIBs ES-191 RFCs ES-191 Technical Assistance ES-191

Ethernet Services Configuration Examples ES-193 Cisco Per-VLAN Spanning Tree (PVST+) ES-193 Layer 2 or Layer 3 VPN ES-194 Why Layer 2 VPN? ES-194 Ethernet + IP/MPLS ES-194 VPLS ES-195

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-vii Contents

Cisco Confidential - Beta Draft R3.7 FCI

VPWS ES-195 Layer 2 VPN Types ES-196 P2P or MP, native Ethernet or MPLS ES-196 Contents ES-196 Configuration Examples for Ethernet Interfaces ES-196 Configuring an Ethernet Interface: Example ES-196 Point to Point Services Local Connect ES-198 Configuring MAC-accounting: Example ES-198 Configuring a Layer 2 VPN AC: Example ES-198 Configuring Layer 2 Local Switching: Example ES-198 Basic MPLS Configuration on the ASR 9000 ES-199 E-Line Configuration – EFP and L2VPN ES-200 Configuring a Cross-Connect ES-200 Verifying Cross-Connect Status ES-200 Verifying Layer 2 Forwarding ES-201 Ethernet Port Mode ES-201 Ethernet VLAN Mode ES-201 Ethernet VLAN Mode (QinQ) ES-201 Ethernet VLAN Mode (QinAny) ES-201 Ethernet VLAN Mode (QinAny) ES-201 Configuring Layer 2 EtherChannel ES-202 Configuring Layer 3 Logical EtherChannel ES-202 VTP, VLANs, Voice VLAN ES-203 VPLS Configuration Example ES-203 EFP Configuration (PE Configuration) ES-203 VPLS Show Layer 2 VPN Forwarding Command Example ES-204 Limitations ES-205 IOS-XR VPLS Configuration Commands ES-205 Configuring VFI under a Bridge Domain ES-205 Associating Pseudowires with VFI ES-206 Attaching Pseudowire Classes to Pseudowires ES-206 Configuring Static AToM Pseudowires ES-206 Shutting Down a VFI ES-206 Associating a Static MAC Address to the Bridge Domain ES-206 Assigning Interfaces to the Bridge Domain ES-206 Configuring Bridge Domain Parameters ES-207 Shutting Down a Bridge Domain ES-207 MAC Address Related Parameters ES-207 Cross Connect ES-207 Configuring a Point to Point Local Connect E-Line ES-208

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-viii OL-17103-01 Contents

Cisco Confidential - Beta Draft R3.7 FCI

Configuring a Point to Point Ethernet Over MPLS E-Line ES-212 Configuring a Multi-Point Local Bridging E-LAN ES-216 Configuring a LAN Port for Layer 2 Switching ES-220 Virtual Router Redundancy Protocol (VRRP) ES-220 Where to Go Next ES-220 Additional References ES-221 Related Documents ES-221 Standards ES-221 MIBs ES-221 RFCs ES-221 Technical Assistance ES-221

Multicast Configuration ES-223 Contents ES-223 Implementing Multicast Routing - IGMP and PIM ES-223 Configuring PIM-SM and PIM-SSM ES-224 PIM-SM Operations ES-224 PIM-SSM Operations ES-224 Restrictions for PIM-SM and SSM ES-224 Configuring PIM-SSM for Use in a Legacy Multicast Deployment ES-227 Restrictions for PIM-SSM Mapping ES-227 Configuring a Set of Access Lists for Static SSM Mapping ES-227 Configuring a Set of Sources for SSM Mapping ES-229 Configuring a Static RP and Allowing Backward Compatibility ES-230 Configuring Auto-RP to Automate Group-to-RP Mappings ES-232 Configuring the Bootstrap Router ES-234 Calculating Rates per Route ES-237 Configuring Multicast Nonstop Forwarding ES-239 Prerequisites for Multicast Nonstop Forwarding ES-240 Interconnecting PIM-SM Domains with MSDP ES-243 Prerequisites for Interconnecting PIM-SM Domains with MSDP ES-243 Controlling Source Information on MSDP Peer Routers ES-246 Configuring MSDP MD5 Password Authentication ES-248 Configuration Examples for Implementing Multicast Routing - IGMP and PIM ES-250 MSDP Anycast RP Configuration: Example ES-250 Calculating Rates per Route: Example ES-252 Preventing Auto-RP Messages from Being Forwarded: Example ES-253 Inheritance in MSDP: Example ES-253 Configuring Multicast QoS: Example ES-254 Enabling and Disabling Interfaces ES-254

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-ix Contents

Cisco Confidential - Beta Draft R3.7 FCI

Multicast Routing Information Base ES-255 Multicast Forwarding Information Base ES-255 MSDP MD5 Password Authentication ES-255 Implementing Multicast Routing - PIM-SM and PIM-SSM ES-255 Configuring PIM-SM and PIM-SSM ES-256 PIM-SM Operations ES-256 PIM-SSM Operations ES-256 Restrictions for PIM-SM and SSM ES-257 Configuring PIM-SSM for Use in a Legacy Multicast Deployment ES-259 Restrictions for PIM-SSM Mapping ES-259 Configuring a Set of Access Lists for Static SSM Mapping ES-259 Configuring a Set of Sources for SSM Mapping ES-261 Configuring a Static RP and Allowing Backward Compatibility ES-262 Configuring Auto-RP to Automate Group-to-RP Mappings ES-264 Configuring the Bootstrap Router ES-266 Calculating Rates per Route ES-269 Configuring Multicast Nonstop Forwarding ES-271 Prerequisites for Multicast Nonstop Forwarding ES-272 Interconnecting PIM-SM Domains with MSDP ES-275 Prerequisites for Interconnecting PIM-SM Domains with MSDP ES-275 Controlling Source Information on MSDP Peer Routers ES-278 Configuring MSDP MD5 Password Authentication ES-280 Configuration Examples for Implementing Multicast Routing - PIM-SM and PIM-SSM ES-282 MSDP Anycast RP Configuration: Example ES-282 Calculating Rates per Route: Example ES-284 Preventing Auto-RP Messages from Being Forwarded: Example ES-285 Inheritance in MSDP: Example ES-285 Configuring Multicast QoS: Example ES-286

Multicast Command Summary ES-287 Multicast IPv4 Commands on Cisco ASR 9000 Series Routers ES-287 Multicast Source Discovery Protocol Commands on Cisco ASR 9000 Series Routers ES-288 Multicast Routing and Forwarding Commands on Cisco ASR 9000 Series Routers ES-289 IGMP Snooping Commands on Cisco ASR 9000 Series Routers ES-290 Multicast PIM Commands on Cisco ASR 9000 Series Routers ES-292 Multicast Tool and Utility Commands on Cisco ASR 9000 Series Routers ES-293

MPLS Configuration ES-295 Contents ES-295 Configuration Examples for Implementing LDP ES-295

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-x OL-17103-01 Contents

Cisco Confidential - Beta Draft R3.7 FCI

Configuring LDP with Graceful Restart: Example ES-296 Configuring LDP Discovery: Example ES-296 Configuring LDP Link: Example ES-296 Configuring LDP Discovery for Targeted Hellos: Example ES-296 Configuring Label Advertisement (Outbound Filtering): Example ES-297 Configuring LDP Neighbors: Example ES-297 Configuring LDP Forwarding: Example ES-297 Configuring LDP Nonstop Forwarding with Graceful Restart: Example ES-298 Configuring Label Acceptance (Inbound Filtering): Example ES-298 Configuring Local Label Allocation Control: Example ES-298 Configuring LDP Session Protection: Example ES-298 Configuring LDP IGP Synchronization - OSPF: Example ES-298 Configuring LDP IGP Synchronization - ISIS: Example ES-299 Configuring LDP Auto-configuration: Example ES-299 Configuration Examples for RSVP ES-299 Bandwidth Configuration (Prestandard): Example ES-300 Bandwidth Configuration (MAM): Example ES-300 Bandwidth Configuration (RDM): Example ES-300 Refresh Reduction and Reliable Messaging Configuration: Example ES-300 Changing the Refresh Interval and the Number of Refresh Messages ES-300 Configuring Retransmit Time Used in Reliable Messaging ES-300 Configuring Acknowledgement Times ES-301 Changing the Summary Refresh Message Size ES-301 Disabling Refresh Reduction ES-301 Configuring Graceful Restart: Example ES-301 Enabling Graceful Restart ES-301 Enabling Interface-Based Graceful Restart ES-301 Changing the Restart-Time ES-301 Changing the Hello Interval ES-302 Configuring ACL-based Prefix Filtering: Example ES-302 Setting DSCP for RSVP Packets: Example ES-302 Configuration Examples for RSVP Authentication ES-302 RSVP Authentication Global Configuration Mode: Example ES-302 RSVP Authentication for an Interface: Example ES-303 RSVP Neighbor Authentication: Example ES-303 RSVP Authentication by Using All the Modes: Example ES-303 Configuration Examples for Cisco MPLS-TE ES-304 Building MPLS-TE Topology and Tunnels: Example ES-305 Configuring IETF Diff-Serv TE Tunnels: Example ES-306

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-xi Contents

Cisco Confidential - Beta Draft R3.7 FCI

Configuring the Ignore IS-IS Overload Bit Setting in MPLS-TE: Example ES-306 Configuring GMPLS: Example ES-306 Configuring Flexible Name-based Tunnel Constraints: Example ES-308 Configuring an Interarea Tunnel: Example ES-310 Configuring Forwarding Adjacency: Example ES-310 Configuring Unequal Load Balancing: Example ES-310 Configuring PCE: Example ES-311 Configure Policy-based Tunnel Selection: Example ES-312 Configuration Examples for L2VPN ES-312 L2VPN Interface Configuration: Example ES-313 Point-to-Point Cross-connect Configuration: Examples ES-313 Inter-AS: Example ES-313 L2VPN Quality of Service: Example ES-315 Preferred Path: Example ES-315 Pseudowires: Examples ES-315 Configuring Dynamic Pseudowires at T-PE1 Node: Example ES-316 Configuring Dynamic Pseudowires at S-PE1 Node: Example ES-316 Configuring Dynamic Pseudowires at T-PE2 Node: Example ES-317 Configuring Dynamic Pseudowires and Preferred Paths at T-PE1 Node: Example ES-317 Configuring Dynamic Pseudowires and Preferred Paths at S-PE1 Node: Example ES-317 Configuring Dynamic Pseudowires and Preferred Paths at T-PE2 Node: Example ES-318 Configuring Static Pseudowires at T-PE1 Node: Example ES-319 Configuring Static Pseudowires at S-PE1 Node: Example ES-319 Configuring Static Pseudowires at T-PE2 Node: Example ES-319 Viewing Pseudowire Status: Example ES-319 show l2vpn xconnect ES-319 show l2vpn xconnect detail ES-320 Configuration Examples for Virtual Private LAN Services ES-322 Virtual Private LAN Services Configuration for Provider Edge-to-Provider Edge: Example ES-322 Virtual Private LAN Services Configuration for Provider Edge-to-Customer Edge: Example ES-323 Adding ACs to a Split Horizon Group: Example ES-323 Configuration Examples for 6PE ES-324 Configuring 6PE on a PE Router: Example ES-324 Configuration Examples for MPLS Layer 3 VPNs ES-324 Configuring an MPLS VPN Using BGP: Example ES-325 Configuring the Routing Information Protocol on the PE Router: Example ES-326 Configuring the PE Router Using EIGRP: Example ES-326 Configuration Examples for MPLS VPN CSC ES-326 Configuring the Backbone Carrier Core: Examples ES-327

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-xii OL-17103-01 Contents

Cisco Confidential - Beta Draft R3.7 FCI

Configuring the Links Between CSC-PE and CSC-CE Routers: Examples ES-327 Configuring a Static Route to a Peer: Example ES-328 Configuration Examples for 6VPE ES-328 Configuring an IPv6 Address Family Under VRF: Example ES-328 Configuring BGP for the Address Family VPNv6: Example ES-328 Configuring the Address Family IPv6 for the VRF Configuration Under BGP: Example ES-329 Configuring a PE-CE Protocol: Example ES-329 Configuring an Entire 6VPE Configuration: Example ES-329 Configuration Examples for MPLS VPNs over IP Tunnels ES-334 Configuring an L2TPv3 Tunnel: Example ES-334 Configuring the Global VRF Definition: Example ES-334 Configuring a Route-Policy Definition: Example ES-335 Configuring a Static Route: Example ES-335 Configuring an IPv4 Loopback Interface: Example ES-335 Configuring a CFI VRF Interface: Example ES-335

MPLS Command Summary ES-337 MPLS Label Distribution Protocol Commands on Cisco ASR 9000 Series Routers ES-337 MPLS Forwarding Commands on Cisco ASR 9000 Series Routers ES-338 MPLS Traffic Engineering Commands on Cisco ASR 9000 Series Routers ES-339 RSVP Infrastructure Commands on Cisco ASR 9000 Series Routers ES-341 MPLS OAM Commands on Cisco ASR 9000 Series Routers ES-343 Virtual Private Network Commands on Cisco ASR 9000 Series Routers ES-343 Virtual Private LAN Services Commands on Cisco ASR 9000 Series Routers ES-345

Index

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-xiii Contents

Cisco Confidential - Beta Draft R3.7 FCI

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-xiv OL-17103-01 Cisco Confidential - Beta Draft R3.7 FCI

Preface

This guide describes how to create the initial configuration for Ethernet applications on the Cisco ASR 9000 Series Aggregation Services Router using the Cisco IOS XR software. This guide also describes how to complete additional administration, maintenance, and troubleshooting tasks that may be required after initial configuration of your Ethernet applications. This preface contains the following sections: • Changes to This Document, page xv • About This Document, page xv • Obtaining Documentation and Submitting a Service Request, page xvii

Changes to This Document

Table 1 lists the technical changes made to this document since it was first printed.

Ta b l e 1 Changes to This Document

Revision Date Change Summary OL-17103-01 February 2009 Initial release of this document.

About This Document

The following sections provide information about the Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guideand related documents: • Intended Audience, page xvi • Organization of the Document, page xvi • Related Documents, page xvi • Conventions, page xvii

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-xv Preface

Cisco Confidential - Beta Draft R3.7 FCI Intended Audience

This document is intended for the following people: • Experienced service provider administrators • Cisco telecommunications management engineers • Third-party field service technicians who have completed the Cisco IOS XR software training sessions • Customers who daily use and manage Cisco ASR 9000 Series Routers running Cisco IOS XR software

Organization of the Document

This document contains the following chapters: • Prerequisites for Installing Ethernet Services Applications on the Cisco ASR 9000 Series Router • Bringing Up the Ethernet Services on a Cisco ASR 9000 Series Router • Configuring Ethernet Layer 2 Switching • Configuring Ethernet Virtual Connections (EVCs) • Ethernet Services Configuration Examples • Cisco ASR 9000 Series Router Platform Dependent Command Reference • Multicast Configuration • Multicast Command Summary • MPLS Configuration • MPLS Command Summary

Related Documents

For a complete listing of available documentation for the Cisco ASR 9000 Series Router and the Cisco IOS XR software, see the following Web pages: • Cisco ASR 9000 Software Documentation http://www.cisco.com/en/US/products/ps5845/tsd_products_support_series_home.html – Cisco ASR 9000 System Management Configuration Guide Cisco ASR 9000 System Security Configuration Guide Cisco ASR 9000 Routing Configuration Guide Cisco ASR 9000 Interface and Hardware Component Configuration Guide http://www.cisco.com/en/US/products/ps5845/ products_installation_and_configuration_guides_list.html – Cisco ASR 9000 Interface and Hardware Component Command Reference Cisco ASR 9000 Routing Command Reference http://www.cisco.com/en/US/products/ps5845/prod_command_reference_list.html • Cisco ASR 9000 Series Router Hardware Documentation http://www.cisco.com/en/US/products/ps5763/tsd_products_support_series_home.html

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-xvi OL-17103-01 Preface

Cisco Confidential - Beta Draft R3.7 FCI Conventions

This document uses the following conventions:

Item Convention Commands and keywords boldface font Variable for which you supply values italic font Displayed session and system information screen font Commands and keywords you enter in an boldface screen font interactive environment Variables you enter in an interactive environment italic screen font Menu items and button names boldface font Menu navigation Option > Network Preferences

Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the publication.

Tip Means the following information will help you solve a problem. The information in tips might not be troubleshooting or an action, but contains useful information.

Caution Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data.

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-xvii Preface

Cisco Confidential - Beta Draft R3.7 FCI

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-xviii OL-17103-01 Cisco Confidential - Beta Draft R3.7 FCI

Prerequisites for Installing Ethernet Services Applications on the Cisco ASR 9000 Series Router

The Cisco ASR 9000 Series Aggregation Services Router runs on Cisco IOS XR software. This module introduces the Cisco IOS XR software and the user interfaces you can use to create and manage Ethernet services applications on the Cisco ASR 9000 Series Router.

Contents

• Router Management Interfaces, page 19 • Configuring IGP, page 23 • Configuring MPLS LDP, page 23 • Configuring RSVP, page 23 • Implementing MPLS Traffic Engineering, page 23 • Configuring MPLS Tunnels, page 24 • Configuring L2TPv3 Tunnels, page 24 • Where to Go Next, page 24

Router Management Interfaces

Because new routers are not yet configured for your environment, you must begin the configuration using the command-line interface (CLI). This guide provides instructions on using the CLI to configure basic router features. Cisco IOS XR software supports the following router management interfaces, which are described in the following sections: • Command-Line Interface, page 20 • Adding a Software Package to your Cisco ASR 9000 Series Router, page 20

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-19 Prerequisites for Installing Ethernet Services Applications on the Cisco ASR 9000 Series Router Router Management Interfaces Cisco Confidential - Beta Draft R3.7 FCI Command-Line Interface

The CLI is the primary user interface for configuring, monitoring, and maintaining routers that run the Cisco IOS XR software. The CLI allows you to directly and simply execute Cisco IOS XR commands. All procedures in this guide use the CLI. Before you can use other router management interfaces, you must first use the CLI to install and configure those interfaces. For information on CLI procedures for these tasks, as well as hardware interface and software protocol management, see the Cisco IOS XR software documents listed in the “Related Documents” section on page xvi.

Adding a Software Package to your Cisco ASR 9000 Series Router

You may need to add or upgrade Package Installation Envelopes (PIE), which are package software files. Table 1 describes the optional packages that can be activated individually.

Ta b l e 1 Optional Cisco IOS XR Software Packages

Name Description Manageability Support for HTTP, XML, SNMP and other management tools. MPLS Support for Multiprotocol Label Switching (MPLS). Multicast Support for multicast protocols. Security Support for Secure Sockets Layer (SSL), certificates and other security tools. Diagnostics Support for testing and verifying hardware functionality while connected to a live network, helping ensure high availability.

Copying the PIE File to a Local Storage Device or Network Server

To add an optional package or upgrade or downgrade a package, you must copy the appropriate PIE file to a local storage device or to a network file server to which the router has access. If you need to store PIE files on the router, we recommended storing PIE files on the harddisk. Flash disk0: serves as the boot device for packages that have been added or activated on the system. Flash disk1: is used as a backup for disk0:.

Tip Before copying PIE files to a local storage device, check to see if the required PIE files are already on the device.

Adding Packages to an SDR

Use the install add command to unpack the package software files from a PIE file and copy them to the boot device (usually disk0). • From administration EXEC mode, the package software files are added to the boot device of the DSDRSC for a specific SDR specified by the sdr keyword in the install add command. • From EXEC mode, the package software files are added to the boot device of the DSDRSC the current SDR only.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-20 OL-17103-01 Prerequisites for Installing Ethernet Services Applications on the Cisco ASR 9000 Series Router Router Management Interfaces Cisco Confidential - Beta Draft R3.7 FCI

• Package software files are also added to the standby DSDRSC for any SDR to which the package is added. This ensures that the files are available to the standby in the event of a redundancy switchover. In the Cisco CRS-1, the package files are also added to any additional installed DRPs. • In addition, package software files are added to all active and standby route processors (RPs), even if they are not acting as a DSC or DSDRSC, as well as active and standby fabric shelf controllers (SCs).

Note The disk that holds the unpacked software files is also known as the boot device. By default, the Cisco ASR 9000 Series Router uses flash disk0 as the boot device. To use an alternate storage device, such as flash disk1, refer to the “Router Recovery with ROM Monitor” chapter of the Cisco IOS XR ROM Monitor Guide. Remember that all RPs in a system must use the same boot device. If the boot device on the primary RSP is flash disk0, then the standby RSP must also have a flash disk0.

Activating Packages

Software packages remain inactive until activated with the install activate command. After a package has been added to the SDR, use the install activate command to activate the package or SMUs for all valid cards. Information within the package is used to verify compatibility with the target cards and with the other active software. Actual activation is performed only after the package compatibility and application program interface (API) compatibility checks have been passed.

Activating a Package for all Secure Domain Routers (SDRs) To activate a package for all secure domain routers (SDRs) in the system, use the install activate command in administration EXEC mode. If used in administration EXEC mode, the install activate command also activates the package on all administration plane nodes and resources, including service processors (SPs), fabric SCs, fan controllers, alarm modules and power modules.

Note To enter administration EXEC mode, you must be logged in to the owner secure domain router (SDR) and have root-system access privileges.

Activating a Package for a Single SDR • To activate a package for a specific SDR from administration EXEC mode, use the install activate command with the sdr keyword and sdr-name argument. This will also activate the package on all administration plane nodes and resources. • To activate a package when logged in to an SDR, use the install activate command in EXEC mode.

Activating Multiple Packages or SMUs

To install multiple packages or Software Maintenance Upgrades (SMUs) with a single command, use the install activate command and either specify up to 32 packages by repeating device:package arguments or use wildcard syntax to specify multiple packages. Some SMUs may require a reload. If the operation requires a node reload, the user is prompted before the installation operation occurs.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-21 Prerequisites for Installing Ethernet Services Applications on the Cisco ASR 9000 Series Router Router Management Interfaces Cisco Confidential - Beta Draft R3.7 FCI

Activating All Packages Added in a Specific Operation

To install all packages that were added in a specific install add operation, use the install activate command with the id keyword and add-id argument, specifying the operation ID of the install add operation. You can specify up to 16 operations in a single command.

Adding and Activating a Package with a Single Command

To add and activate a package with a single command, use the install add command with the activate keyword. • To add and activate a package for all SDRs, enter the install add command with the activate keyword from administration EXEC mode. To add and activate a package for a specific SDR, from administration EXEC mode enter the install add command with the activate and the sdr keywords. • To add and activate a package on a non-owner SDR, enter the install add command with the activate keyword from EXEC mode.

Upgrading and Downgrading Packages

• To upgrade a package, activate the newer version of the package, and the older version is automatically deactivated. • To downgrade a package, activate the older version of the package, and the newer version is automatically deactivated. Actual activation is performed only after the compatibility checks have been passed.

Committing the Active Software Set

When a package is activated for one or more SDRs, it becomes part of the current running configuration for those SDRs. To make the package activation persistent across reloads, enter the install commit command. On startup, the designated secure domain router shelf controller (DSDRSC) of the SDR loads the committed software set. • If the system is restarted before the active software set is saved with the install commit command, the previously committed software set is used. • To commit the active software set for a specific SDR from administration EXEC mode, use the install commit command with the sdr sdr-name keyword and argument. • To commit the active software set for all SDRs in the system, use the install commit command without keywords or arguments in administration EXEC mode.

Rolling Back to a Previous Installation Operation

Although the term commit sounds final, the Cisco IOS XR software provides the flexibility to roll back the selected package set to previously saved package sets. Each time a package is activated or deactivated, a rollback point is created that defines the package set that is active after the package activation or deactivation. The software also creates a rollback point for the last committed package set. If you find that you prefer a previous package set over the currently active package set, you can use the install rollback command to make a previously active package set active again. For more information, refer to the Upgrading and Managing Cisco IOS XR Software module in the Cisco ASR 9000 Series Router Management Configuration Guide.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-22 OL-17103-01 Prerequisites for Installing Ethernet Services Applications on the Cisco ASR 9000 Series Router Router Management Interfaces Cisco Confidential - Beta Draft R3.7 FCI Configuring IGP

You will need to configure IGP (Internet Gateway Protocol) for either OSPF (Open Shortest Path First) or IS-IS (Intermediate System-to-Intermediate System) . For more information on configuring IS-IS, refer to the Implementing IS-IS on Cisco IOS XR Software module in the Cisco ASR 9000 Series Router Routing Configuration Guide.

Configuring MPLS LDP

You will need to configure MPLS LDP (Label Distribution Protocol) for either OSPF (Open Shortest Path First) or IS-IS (Intermediate System-to-Intermediate System) features. For more information, refer to the Implementing MPLS Label Distribution Protocol on Cisco IOS XR Software module in the Cisco ASR 9000 Series Router MPLS Configuration Guide.

Configuring RSVP

RSVP (Resource Reservation Protocol) supports Graceful Restart. RSVP graceful restart provides a control plane mechanism to ensure high availability, which allows detection and recovery from failure conditions while preserving nonstop forwarding services on the systems running Cisco IOS XR software. RSVP graceful restart provides a mechanism that minimizes the negative effects on MPLS traffic caused by the following types of faults: • Disruption of communication channels between two nodes when the communication channels are separate from the data channels. This is called control channel failure. • The control plane of a node fails but the node preserves its data forwarding states. This is called node failure. The procedure for RSVP graceful restart is described in the "Fault Handling" section of RFC 3473: Generalized MPLS Signaling, RSVP-TE Extensions. One of the main advantages of using RSVP graceful restart is recovery of the control plane while preserving nonstop forwarding and existing labels. For more information, refer to the Implementing RSVP for MPLS-TE and MPLS O-UNI on Cisco IOS XR Software module in the Cisco ASR 9000 Series Router MPLS Configuration Guide.

Implementing MPLS Traffic Engineering

As part of configuring MPLS Traffic Engineering for IS-IS you will need to configure IS-IS for MPLS TE. For a description of the MPLS TE tasks and commands that allow you to configure the router to support tunnels, configure an MPLS tunnel that IS-IS can use, and troubleshoot MPLS TE, see the Implementing MPLS Traffic Engineering on Cisco IOS XR Software module in the Cisco ASR 9000 Series Router MPLS Configuration Guide. IOS-XR uses a structured CLI for EFP and EVC configuration. • The layer2tranport command identifies a subinterface (of a physical port of bundle-port parent interface) as an EFP. • The encapsulation command is used specify matching criteria.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-23 Prerequisites for Installing Ethernet Services Applications on the Cisco ASR 9000 Series Router Where to Go Next Cisco Confidential - Beta Draft R3.7 FCI

• The rewrite command is used to specify VLAN tag rewrite criteria. • The service-policy input/output commands are used to specify QoS treatment. • The Ethernet cfm command is used to set OAM features. • The Ethernet services access-group command is used to set Layer 2 security ACLs.

Configuring MPLS Tunnels

MPLS-TE and Fast Reroute over Link Bundles

MPLS Traffic Engineering (TE) and Fast Reroute (FRR) are supported over bundle interfaces on the Cisco CRS-1 router only. MPLS-TE/FRR over virtual local area network (VLAN) interfaces is supported on the Cisco CRS-1 router only. Bidirectional forwarding detection (BFD) over VLAN is used as an FRR trigger to obtain more than 50 milliseconds of switchover time on the Cisco CRS-1. The following link bundle types are supported for MPLS-TE/FRR: • Over POS link bundles • Over Ethernet link bundles • Over VLANs over Ethernet link bundles • Number of links are limited to 100 for MPLS-TE and FRR. • VLANs go over any Ethernet interface (for example, GigabitEthernet, TenGigE, FastEthernet, and so forth). FRR is supported over bundle interfaces in the following ways: • Uses minimum links as a threshold to trigger FRR over a bundle interface. • Uses the minimum total available bandwidth as a threshold to trigger FRR.

Configuring L2TPv3 Tunnels

Traditionally, VPN services are deployed over IP core networks using MPLS, or L2TPv3 tunnels using point-to-point links. However, an L2TPv3 multipoint tunnel network allows L3VPN services to be carried through the core without the configuration of MPLS. L2TPv3 multipoint tunneling supports multiple tunnel endpoints, which creates a full-mesh topology that requires only one tunnel to be configured on each PE router. This permits VPN traffic to be carried from enterprise networks across cooperating service provider core networks to remote sites.

Where to Go Next

If you have logged into the router, you are ready to perform general router configuration as described in Chapter 1, “Configuring Ethernet Layer 2 Switching.” If the router is prompting you to enter a root-system username, bring up the router and see Chapter 1, “Bringing Up the Ethernet Services on a Cisco ASR 9000 Series Router.”

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-24 OL-17103-01 Cisco Confidential - Beta Draft R3.7 FCI

Bringing Up the Ethernet Services on a Cisco ASR 9000 Series Router

This chapter provides instructions for bringing up the Ethernet services on a Cisco ASR 9000 Series Aggregation Services Router for the first time using Cisco IOS XR software. This section applies to routers that are delivered with Cisco IOS XR software already installed. To install the Cisco IOS XR software, refer to the Cisco ASR 9000 Series Aggregation Services Router Getting Started Guide.

Contents

• Prerequisites, page 25 • Bringing Up and Configuring a Cisco ASR 9000 Series Router, page 26 • Verifying the System After Initial Bring-Up, page 27 • Where to Go Next, page 37

Prerequisites

The following sections describe the software and hardware requirements for bringing up Ethernet services on a Cisco ASR 9000 Series Router running Cisco IOS XR Software Release 3.7 FCI.

Software Requirements

The system requires compatible ROM Monitor firmware on all RSPs.

Hardware Prerequisites and Documentation

Before a Cisco ASR 9000 Series Router can be started, the following hardware management procedures must be completed: • Site preparation • Equipment unpacking • Router installation

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-25 Bringing Up the Ethernet Services on a Cisco ASR 9000 Series Router Bringing Up and Configuring a Cisco ASR 9000 Series Router Cisco Confidential - Beta Draft R3.7 FCI

Your router must have at least one of the following line cards installed: • 4x10GE Line Card • 8x10GE Line Card • 40x1GE Line Card The configuration tasks in this document apply to 10 Gigabit Ethernet and Gigabit Ethernet interfaces on either of the two supported line cards. For any platform independent commands refer to the IOS XR document set listed in the “Related Documents” section on page xvi. For information on how to complete installation procedures for your Cisco ASR 9000 Series Router 4x10GE Line Card, 8x 0GE Line Card and/or 40x1GE Line Card, see the hardware documents listed in the “Related Documents” section on page xvi.

Bringing Up and Configuring a Cisco ASR 9000 Series Router

To bring up a Cisco ASR 9000 Series Router, you need to connect to the Console port on the router and configure root-system username and password as described in the following procedure:

SUMMARY STEPS

1. Establish a connection to the RSP Console port. 2. Type the username for the root-system login and press Return. 3. Type the password for the root-system login and press Return. 4. Log in to the router.

DETAILED STEPS

Command or Action Purpose Step 1 Establish a connection to the RSP Console port. Initiates communication with the router. • For instructions on connecting to the Console port, see the “Connecting to the Router Through the Console Port” module of the Cisco ASR 9000 Getting Started Guide. • If the router has been configured, the router displays the prompt: Username: • If the Username prompt appears, skip this procedure and continue general router configuration. Step 2 Type the username for the root-system login and press Sets the root-system username, which is used to log in to the Return. router. Step 3 Type the password for the root-system login and press Creates an encrypted password for the root-system Return. username. Note This password can be changed with the secret command.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-26 OL-17103-01 Bringing Up the Ethernet Services on a Cisco ASR 9000 Series Router Verifying the System After Initial Bring-Up Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 4 Retype the password for the root-system login and Allows the router to verify that you have entered the same press Return. password both times. • If the passwords do not match, the router prompts you to repeat the process. Step 5 Log in to the router. Establishes your access rights for the router management session. • Enter the root-system username and password that were created earlier in this procedure. • After you log in, the router displays the CLI prompt, which is described in the Cisco ASR 9000 Series Aggregation Services Router Getting Started Guide.

Examples

The following example shows the root-system username and password configuration for a new router, and it shows the initial log in: --- Administrative User Dialog ---

Enter root-system username: cisco Enter secret: Enter secret again: RP/0/RSP0/CPU0:Jan 10 12:50:53.105 : exec[65652]: %MGBL-CONFIG-6-DB_COMMIT : 'Administration configuration committed by system'. Use 'show configuration commit changes 2000000009' to view the changes. Use the 'admin' mode 'configure' command to modify this configuration.

User Access Verification

Username: cisco Password: RP/0/RSP0/CPU0:ios#

The secret line in the configuration command script shows that the password is encrypted. When you enter the password during configuration and login, the password is hidden.

Verifying the System After Initial Bring-Up

To verify the status of the router, perform the following procedure:

SUMMARY STEPS

1. show version 2. admin show platform [node-id] end 3. show redundancy 4. show environment

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-27 Bringing Up the Ethernet Services on a Cisco ASR 9000 Series Router Verifying the System After Initial Bring-Up Cisco Confidential - Beta Draft R3.7 FCI

DETAILED STEPS

Command or Action Purpose Step 1 show version Displays information about the router, including image names, uptime, and other system information. Example: RP/0/RSP0/CPU0:router# show version Step 2 admin Places the router in administration EXEC mode, displays show platform [node-id] information about the status of cards and modules installed in exit the router, and terminates administration EXEC mode. • Some cards support a CPU module and service processor Example: (SP) module. Other cards support only a single module. RP/0/RSP0/CPU0:router# admin RP/0/RSP0/CPU0:router(admin)# show platform • A card module is also called a node. When a node is RP/0/RSP0/CPU0:router(admin)# exit working properly, the status of the node in the State column is IOS XR RUN. • Use the show platform node-id command to display information for a specific node. Replace node-id with a node name from the show platform command Node column. Note To view the status of all cards and modules, the show platform command must be executed in administration EXEC mode. Step 3 show redundancy Displays the state of the primary (active) and standby (inactive) RSPs, including the ability of the standby to take control of the system. Example: RP/0/RSP0/CPU0:router# show redundancy • If both RSPs are working correctly, one node displays active role, the Partner node row displays standby role, and the Standby node row displays Ready. Step 4 show environment Displays information about the hardware attributes and status.

Example: RP/0/RSP0/CPU0:router# show environment

Examples of show Commands

The following sections provide examples of show commands: • show version Command: Example, page 28 • show environment Command: Example, page 29 • show platform Command: Example, page 30 • show redundancy Command: Example, page 31 show version Command: Example

To display basic information about the router configuration, type the show version command in EXEC mode, as shown in the following example:

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-28 OL-17103-01 Bringing Up the Ethernet Services on a Cisco ASR 9000 Series Router Verifying the System After Initial Bring-Up Cisco Confidential - Beta Draft R3.7 FCI

RP/0/RSP0/CPU0:router# show version

ROM: System Bootstrap, Version 1.150(20080604:125538) [ASR 9000 ROMMON],

ios uptime is 1 hour, 26 minutes System image file is "disk0:asr9K-os-mbi-3.7.0.26I/mbiasr9K-rp.vm"

cisco ASR9K-4/S (7457) processor with 4194304K bytes of memory. 7457 processor at 1197Mhz, Revision 1.1

1 Ethernet/IEEE 802.3 interface(s) 8 TenGigabitEthernet/IEEE 802.3 interface(s) 1019k bytes of non-volatile configuration memory. 38079M bytes of hard disk. 1000592k bytes of disk0: (Sector size 512 bytes).

Boot device on node 0/3/SP is bootflash: Package active on node 0/3/SP: asr9K-admin, V 3.7.0.26I[Default], Cisco Systems, at disk0:asr9K-admin-3.7.0.26I Built on Wed Jun 11 20:29:27 UTC 2008 By edde-view5 in /vws/vuh/vuh/9K/ws for c2.95.3-p8

asr9K-base, V 3.7.0.26I[Default], Cisco Systems, at disk0:asr9K-base-3.7.0.26I Built on Wed Jun 11 20:30:46 UTC 2008 By edde-view5 in /vws/vuh/vuh/9K/ws for c2.95.3-p8

asr9K-os-mbi, V 3.7.0.26I[Default], Cisco Systems, at disk0:asr9K-os-mbi-3.7.0.26I Built on Wed Jun 11 20:29:04 UTC 2008 By edde-view5 in /vws/vuh/vuh/9K/ws for c2.95.3-p8

Configuration register on node 0/3/CPU0 is 0x102 Boot device on node 0/3/CPU0 is bootflash: Package active on node 0/3/CPU0: asr9K-mcast, V 3.7.0.26I[Default], Cisco Systems, at disk0:asr9K-mcast-3.7.0.26I Built on Tue Jun 10 10:59:52 UTC 2008 By edde-view5 in /vws/vuh/vuh/9K/ws for c2.95.3-p8 --More-- show environment Command: Example

To display environmental monitor parameters for the system, use the show environment command in EXEC or administration EXEC mode. The following command syntax is used: show environment [options] Enter the show environment ? command to display the command options. In the following example, temperature information is shown: RP/0/RSP0/CPU0:router# show environment temperatures

R/S/I Modules Inlet Exhaust Hotspot Temperature Temperature Temperature (deg C) (deg C) (deg C)

0/1/* host 32, 30 26, 27 35 cpu 34 fabricq0 27 fabricq1 32 ingressq 37

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-29 Bringing Up the Ethernet Services on a Cisco ASR 9000 Series Router Verifying the System After Initial Bring-Up Cisco Confidential - Beta Draft R3.7 FCI

egressq 32 27 ingresspse 35 egresspse 29 jacket 25 24 25 spa0 19 25, 32 spa5 25 24 0/6/* host 32, 26 27, 25 33 cpu 35 fabricq0 27 fabricq1 32 ingressq 37 egressq 30 25 ingresspse 31 egresspse 29 jacket 24 25 26 spa0 19 25, 31 spa4 22 33, 35 spa5 24 24 0/RSP0/* host 23 24 24, 33, 26, 24, 27 0/RSP1/* host 23 24 24, 32, 26, 24, 26

In the following example, LED status of the nodes in the router is shown: RP/0/RSP0/CPU0:router# show environment leds

0/1/*: Module (host) LED status says: OK 0/1/*: Module (jacket) LED status says: OK 0/1/*: Module (spa0) LED status says: OK 0/1/*: Module (spa5) LED status says: OK 0/6/*: Module (host) LED status says: OK 0/6/*: Module (jacket) LED status says: OK 0/6/*: Module (spa0) LED status says: OK 0/6/*: Module (spa4) LED status says: OK 0/6/*: Module (spa5) LED status says: OK 0/RSP0/*: Module (host) LED status says: OK 0/RSP0/*: Alarm LED status says: NONE 0/RSP1/*: Module (host) LED status says: OK 0/RSP1/*: Alarm LED status says: NONE

See the Cisco ASR 9000 Series Router System Management Command Reference for more information. show platform Command: Example

The show platform command displays information on router resources. In EXEC mode, the show platform command displays the resources assigned to the secure domain router (SDR) you are managing. In administration EXEC mode, the show platform command displays all router resources. The following EXEC mode sample output displays the nodes assigned to the router, which is called the owner SDR: RP/0/RSP0/CPU0:router# show platform

Node Type PLIM State Config State ------0/1/0 LINE CARD 4X10GE OK PWR,NSHUT,MON 0/1/5 LINE CARD 40X1GE OK PWR,NSHUT,MON 0/6/4 LINE CARD 8X10GE OK PWR,NSHUT,MON 0/6/5 LINE CARD 40X1GE OK PWR,NSHUT,MON

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-30 OL-17103-01 Bringing Up the Ethernet Services on a Cisco ASR 9000 Series Router Verifying the System After Initial Bring-Up Cisco Confidential - Beta Draft R3.7 FCI

0/RSP0/CPU0 RSP(Active) N/A IOS XR RUN PWR,NSHUT,MON 0/RSP1/CPU0 RSP(Standby) N/A IOS XR RUN PWR,NSHUT,MON

The following administration EXEC mode sample output displays all router nodes: RP/0/RSP0/CPU0:router# admin RP/0/RSP0/CPU0:router(admin)# show platform

Node Type PLIM State Config State ------0/1/SP MSC(SP) N/A IOS XR RUN PWR,NSHUT,MON 0/1/CPU0 MSC Jacket Card IOS XR RUN PWR,NSHUT,MON 0/1/0 MSC(SPA) 4XOC3-POS OK PWR,NSHUT,MON 0/1/5 MSC(SPA) 8X1GE OK PWR,NSHUT,MON 0/6/SP MSC(SP) N/A IOS XR RUN PWR,NSHUT,MON 0/6/CPU0 MSC Jacket Card IOS XR RUN PWR,NSHUT,MON 0/6/0 MSC(SPA) 4XOC3-POS OK PWR,NSHUT,MON 0/6/4 MSC(SPA) 8XOC3/OC12-POS OK PWR,NSHUT,MON 0/6/5 MSC(SPA) 8X1GE OK PWR,NSHUT,MON 0/RSP0/CPU0 RSP(Active) N/A IOS XR RUN PWR,NSHUT,MON 0/RSP1/CPU0 RSP(Standby) N/A IOS XR RUN PWR,NSHUT,MON 0/SM0/SP FC/S(SP) N/A IOS XR RUN PWR,NSHUT,MON 0/SM1/SP FC/S(SP) N/A IOS XR RUN PWR,NSHUT,MON 0/SM2/SP FC/S(SP) N/A IOS XR RUN PWR,NSHUT,MON 0/SM3/SP FC/S(SP) N/A IOS XR RUN PWR,NSHUT,MON

RP/0/RSP0/CPU0:router# end

Note Line cards in the Cisco ASR 9000 Series Router are called modular services cards (MSCs).

In the following example, information is shown for a single node in a Cisco ASR 9000 Series Router: RP/0/RSP0/CPU0:router# show platform 0/1/CPU0

Node Type PLIM State Config State ------0/1/CPU0 MSC Jacket Card IOS XR RUN PWR,NSHUT,MON

For more information on the show platform command, see the Cisco ASR 9000 Interface and Hardware Component Command Reference. show redundancy Command: Example

To display information about the active and standby (inactive) RSPs, enter the show redundancy command as follows: RP/0/RSP0/CPU0:router# show redundancy

Redundancy information for node 0/RSP0/CPU0: ======Node 0/RSP0/CPU0 is in ACTIVE role Partner node (0/RSP1/CPU0) is in STANDBY role Standby node in 0/RSP1/CPU0 is ready

Reload and boot info ------RSP reloaded Wed Feb 15 13:58:32 2006: 1 week, 6 days, 22 hours, 49 minutes ago Active node booted Wed Feb 15 13:58:32 2006: 1 week, 6 days, 22 hours, 49 minutes ago Standby node boot Wed Feb 15 13:59:00 2006: 1 week, 6 days, 22 hours, 49 minutes ago Standby node last went not ready Wed Mar 1 07:40:00 2006: 5 hours, 8 minutes ago Standby node last went ready Wed Mar 1 07:40:00 2006: 5 hours, 8 minutes ago There have been 0 switch-overs since reload

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-31 Bringing Up the Ethernet Services on a Cisco ASR 9000 Series Router install add Cisco Confidential - Beta Draft R3.7 FCI install add

To copy the contents of a package installation envelope (PIE) file to a storage device, use the install add command in EXEC or administration EXEC mode.

Administration EXEC Mode

install add [source source-path | tar] file [activate [admin-profile] [auto-abort-timer time] [location node-id]] [asynchronous | synchronous] [parallel-reload] [prompt-level {default | none}] [if-active] [sdr sdr-name]

EXEC Mode

install add [source source-path | tar] file [activate [auto-abort-timer time] [location node-id]] [asynchronous | synchronous] [parallel-reload] [prompt-level {default | none}]

Syntax Description source source-path Source location of the PIE files to be appended to the PIE filenames. Location options are as follows: • disk0: • disk1: • compactflash: • harddisk: • ftp://username:password@hostname or ip-address/directory-path/ • rcp://username@hostname or ip-address/directory-path/ • tftp://hostname or ip-address/directory-path/ tar Indicates that the PIE file is contained in a tar file. file Name and location of the PIE file (composite package) to install. If a source path location is specified using the source keyword, the file argument can be either a fully specified PIE file path, or a path to the PIE file relative to the source path. Note Up to 32 PIE files can be added to a device in a single install add operation.

If the tar keyword is used, the file argument is a tar file that contains one or more PIE files, or directories containing PIE files. activate (Optional) Activates the package or packages. This option is run only if the install add operation is successful. auto-abort-timer time (Optional) Specifies an abort timer value, time, in minutes, which when expired loads the last committed loadpath.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-32 OL-17103-01 Bringing Up the Ethernet Services on a Cisco ASR 9000 Series Router install add Cisco Confidential - Beta Draft R3.7 FCI

location node-id (Optional) Activates a package on the designated node. The node-id argument is expressed in rack/slot/module notation. Note A package cannot be activated on a single node unless some version of the package being activated is already active on all nodes. For example, a Multiprotocol Label Switching (MPLS) package cannot be active on only one node. If a version of the MPLS package is already active on all nodes, an MPLS package then could be upgraded or downgraded on a single node. asynchronous (Optional) Performs the command in asynchronous mode. In asynchronous mode, this command runs in the background, and the EXEC prompt is returned as soon as possible. This is the default mode. synchronous (Optional) Performs the command in synchronous mode. This mode allows the installation process to finish before the prompt is returned. parallel-reload (Optional) Forces all cards on the router to reload at the same time and then come up with the new software, rather than proceeding according to the option encoded in the install package. prompt-level {default | (Optional) Specifies when you are prompted for input during the none} procedure. • default—You are prompted only when input is required by the operation. • none—You are never prompted. if-active (Optional. Administration EXEC mode only.) Activates the optional packages only if a version is already active. sdr sdr-name (Optional. Administration EXEC mode only.) Activates a package for a specific secure domain router (SDR). The sdr-name argument is the name assigned to the SDR.

Defaults Packages are added to the storage device, but are not activated. The operation is performed in asynchronous mode: The install add command runs in the background, and the EXEC prompt is returned as soon as possible.

Command Modes EXEC Administration EXEC

Command History Release Modification Release 3.7 FCI This command was first supported on the Cisco ASR 9000 Series Router.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-33 Bringing Up the Ethernet Services on a Cisco ASR 9000 Series Router install add Cisco Confidential - Beta Draft R3.7 FCI

• From administration EXEC mode, the package software files are added to all route processors (RPs) installed in the SDRs effected by the install add command. If the install add command is entered without specifying an SDR, then the package files are added to all RPs in all SDRs. If the install add command is entered with the sdr keyword (to add the package files to a specific SDR), then the package files are added to all RPs installed in the specified SDR. • From EXEC mode, the package software files are added to the RPs only for the SDR to which you are logged in.

Note If a package is added only to a non-owner SDR, then the package files and functionality are not available on the owner SDR, or on any other SDR. To add a package to all SDRs in the system, use the install add command without specifying an SDR.

Adding and Activating a Package Software packages remain inactive until activated with the install activate command. To add and activate a package at the same time, use the install add command with the activate keyword. When this command is used, the keywords and rules for package activation apply. See the install activate command module of the Cisco ASR 9000 System Management Command Reference for more information. • To add and activate a package for all SDRs, enter the install add command with the activate keyword from administration EXEC mode. To add and activate a package for a specific SDR from administration EXEC mode enter the install add file activate command with the sdr sdr-name keyword and argument. • To add and activate a package on a non-owner SDR, enter the install add command with the activate keyword from EXEC mode.

Note SDR-specific activation is supported for specific packages and upgrades, such as optional packages and Software Maintenance Upgrades (SMUs). Packages that do not support SDR-specific activation can be activated for all SDRs simultaneously only from administration EXEC mode. For detailed instructions, see the Managing Cisco IOS XR Software Packages module of Cisco ASR 9000 System Management Configuration Guide.

Note If a software activation requires a node reload, the config-register for that node should be set to autoboot. If the config-register for the node is not set to autoboot, then the system automatically changes the setting and the node reloads. A message describing the change is displayed.

Synchronous Mode Use the install add command with the synchronous keyword to complete the operation before the prompt is returned. A progress bar indicates the status of the operation. For example: - 1% complete: The operation can still be aborted (ctrl-c for options) \ 10% complete: The operation can still be aborted (ctrl-c for options)

TFTP Services and Image Size Some Cisco IOS XR images may be larger than 32 MB, and the TFTP services provided by some vendors (such as Sun Solaris) may not support a file this large. If you do not have access to a TFTP server that supports files larger than 32 MB: • Download the software image using FTP or rcp.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-34 OL-17103-01 Bringing Up the Ethernet Services on a Cisco ASR 9000 Series Router install add Cisco Confidential - Beta Draft R3.7 FCI

• Use a third-party or freeware TFTP server that supports file sizes larger than 32 MB. Download a patch from Sun Microsystems to correct this limitation (http://www.sun.com).

Adding tar Files Use the tar keyword to add one or more PIE files in the tar file format. If the tar keyword is used, only a single tar file can be added.

Note Multiple tar files or a combination of PIE and tar files is not supported.

Note the following regarding tar files: • The file filename must include the complete location of the tar file. • The tar file can contain only PIE files and directories containing PIE files. For example: – The tar file pies.tar containing the files x.tar and y.pie fails because x.tar is not a PIE file. – The tar file pies.tar containing the file x.pie and the directory dir_a, where dir_a contains a PIE file y.pie succeeds. – The tar file pies.tar containing the file x.pie and the directory dir_a, where dir_a contains a tar file y.tar fails because y.tar is not a PIE file. – The tar file pies.tar containing the PIE files x.pie, y.pie, ...*.pie succeeds. • The source keyword is not supported with the tar keyword. Following is a valid example of using the tar keyword: RP/0/RSP0/CPU0:router(admin)# install add tar tftp://223.255.254.254/install/files/pies.tar You can add and activate tar files at the same time. In other words, the install add command is supported using the tar and the activate keywords simultaneously.

Adding Multiple Packages To add multiple PIE files, use the source keyword to specify the directory path location of the PIE files. Then list all the PIE filenames, as necessary. This alleviates the need to repeat the directory location for each PIE file. Following is an example of the install add command using the source keyword: RP/0/RSP0/CPU0:router(admin)# install add source tftp://192.168.201.1/images/myimages/ comp-hfr-mini.pie hfr-mgbl-p.pie hfr-mpls-p.pie hfr-mcast-p.pie

The following example also illustrates a valid use of the install add command with the source keyword: RP/0/RSP0/CPU0:router(admin)# install add source tftp://192.168.254.254/images/user/ hfr-mcast-p.pie pies/hfr-mpls-p.pie ftp://1.2.3.4/other_location/hfr-mgbl-p.pie

In the above example, three PIE files are added from the following locations: • tftp://192.168.254.254/images/user/hfr-mcast-p.pie • tftp://192.168.254.254/images/user/pies/hfr-mpls-p.pie • ftp://1.2.3.4/other_location/hfr-mgbl-p.pie

Parallel Reload Installation operations are activated according to the method encoded in the package being activated. Generally, this method has the least impact for routing and forwarding purposes, but it may not be the fastest method from start to finish and can require user interaction by default. To perform the installation procedure as quickly as possible, you can specify the parallel-reload keyword. This forces the

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-35 Bringing Up the Ethernet Services on a Cisco ASR 9000 Series Router install add Cisco Confidential - Beta Draft R3.7 FCI

installation to perform a parallel reload, so that all cards on the router reload simultaneously, and then come up with the new software. This impacts routing and forwarding, but it ensures that the installation is performed without other issues.

Task ID Task ID Operations pkg-mgmt execute

Examples The following example shows how to add a PIE file for all SDRs in the system. In the following example, a Multiprotocol Label Switching (MPLS) package is added in synchronous mode. This operation copies the files required for the package to the storage device. This package remains inactive until it is activated with the install activate command. RP/0/RSP0/CPU0:router# admin RP/0/RSP0/CPU0:router(admin)# install add tftp://209.165.201.1/hfr-mpls.pie synchronous

Install operation 4 'install add /tftp://209.165.201.1/hfr-mpls.pie synchronous' started by user 'user_b' at 03:17:05 UTC Mon Nov 14 2005. Info: The following package is now available to be activated: Info: Info: disk0:hfr-mpls-3.3.80 Info: Install operation 4 completed successfully at 03:18:30 UTC Mon Nov 14 2005.

In the following example, a package is added and activated on all SDRs with a single command: RP/0/RSP0/CPU0:router# admin RP/0/RSP0/CPU0:router(admin)# install add disk1:hfr-mgbl-p.pie-3.4.0 activate Install operation 4 'install add /disk1:hfr-mgbl-p.pie-3.4.0 activate' started by user 'user_b' at 07:58:56 UTC Wed Mar 01 2006. The install operation will continue asynchronously. :router(admin)#Part 1 of 2 (add software): Started Info: The following package is now available to be activated: Info: Info: disk0:hfr-mgbl-3.4.0 Info: Part 1 of 2 (add software): Completed successfully Part 2 of 2 (activate software): Started Info: The changes made to software configurations will not be persistent across system reloads. Use the command 'admin install Info: commit' to make changes persistent. Info: Please verify that the system is consistent following the software change using the following commands: Info: show system verify Info: install verify Part 2 of 2 (activate software): Completed successfully Part 1 of 2 (add software): Completed successfully Part 2 of 2 (activate software): Completed successfully Install operation 4 completed successfully at 08:00:24 UTC Wed Mar 01 2006.

Related Commands Command Description install activate Adds a software package or SMU to the active software set. install commit Makes the current active software set persistent across RP reloads.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-36 OL-17103-01 Bringing Up the Ethernet Services on a Cisco ASR 9000 Series Router PIEs to add for Ethernet Services Support Cisco Confidential - Beta Draft R3.7 FCI

Command Description show install log Displays the entries stored in the logging installation buffer. show install request Displays the list of incomplete installation manager requests.

PIEs to add for Ethernet Services Support

Table 1 describes the optional packages that will be activated individually to enable Ethernet services on the Cisco ASR 9000 Series Router.

Ta b l e 1 Optional Cisco IOS XR Software Packages

Name Description Manageability Support for HTTP, XML, SNMP and other management tools. MPLS Support for Multiprotocol Label Switching (MPLS). Multicast Support for multicast protocols.

Where to Go Next

For information on configuring layer 2 router features, see Configuring Ethernet Layer 2 Switching

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-37 Bringing Up the Ethernet Services on a Cisco ASR 9000 Series Router Where to Go Next Cisco Confidential - Beta Draft R3.7 FCI

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-38 OL-17103-01 Cisco Confidential - Beta Draft R3.7 FCI

Configuring Ethernet Layer 2 Switching

This chapter describes how to configure ethernet layer 2 switching on the Cisco ASR 9000 Series Aggregation Services Router using the command-line interface (CLI), and it describes basic Cisco IOS XR software configuration management.

Contents

• Layer 2 Ethernet Switching Overview, page 39 • Understanding Ethernet CFM, page 40 • Configuring Ethernet CFM, page 50 • Where to Go Next, page 58

Layer 2 Ethernet Switching Overview

Layer 2 Ethernet ports on Cisco ASR 9000 Series Routers support simultaneous, parallel connections between Layer 2 Ethernet segments. Switched connections between Ethernet segments last only for the duration of the packet. New connections can be made between different segments for the next packet. Cisco switches that support Layer 2 Ethernet ports solve congestion problems caused by high-bandwidth devices and by a large number of users by assigning each device (for example, a server) to its own 10-, 100-, or 1000-Mbps collision domain. Because each LAN port connects to a separate Ethernet collision domain, servers in a properly configured switched environment achieve full access to the bandwidth. Because collisions cause significant congestion in Ethernet networks, an effective solution is full-duplex communication. Normally, Ethernet operates in half-duplex mode, which means that stations can either receive or transmit. In full-duplex mode, two stations can transmit and receive at the same time. When packets can flow in both directions simultaneously, the effective Ethernet bandwidth doubles.

Layer 2 Local Switching Overview

Local switching allows you to switch Layer 2 data between two interfaces of the same type (for example, Ethernet to Ethernet) on the same router. The interfaces can be on the same line card or on two different cards. During these kinds of switching, the Layer 2 address is used, not any Layer 3 address. Additionally, same-port local switching allows you to switch Layer 2 data between two circuits on the same interface.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-39 Configuring Ethernet Layer 2 Switching Understanding Ethernet CFM Cisco Confidential - Beta Draft R3.7 FCI ASR 9000 Reference Network

Here is an example of the ASR 9000 reference network:

Understanding Ethernet CFM

Ethernet CFM is an end-to-end per-service-instance (per VLAN) Ethernet layer OAM protocol that includes proactive connectivity monitoring, fault verification, and fault isolation. End-to-end can be provider-edge-to provider-edge (PE-to-PE) device or customer-edge-to-customer-edge (CE-to-CE) device. Ethernet CFM, as specified by IEEE 802.1ag, is the standard for Layer 2 ping, Layer 2 traceroute, and end-to-end connectivity check of the Ethernet network. Unlike CFM, other metro-Ethernet OAM protocols are not end-to-end technologies. For example, IEEE 802.3ah OAM is a single-hop and per-physical-wire protocol and is not end-to-end or service aware. E-LMI is confined between the user provider-edge (UPE) and the CE device and relies on CFM for reporting status of the metro-Ethernet network to the customer-edge device. These sections contain conceptual information about Ethernet CFM: • CFM Domain, page 41 • Maintenance Points, page 42 • CFM Messages, page 43 • Configuring Ethernet CFM, page 50

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-40 OL-17103-01 Configuring Ethernet Layer 2 Switching Understanding Ethernet CFM Cisco Confidential - Beta Draft R3.7 FCI CFM Domain

A CFM maintenance domain is a management space on a network that is owned and operated by a single entity and defined by a set of ports internal to it, but at its boundary. You assign a unique maintenance level (from 0 to 7) to define the hierarchical relationship between domains. The larger the domain, the higher the level. For example, as shown in Figure 1, a service-provider domain would be larger than an operator domain and might have a maintenance level of 6, while the operator domain maintenance level is 3 or 4. As shown in Figure 2, domains cannot intersect or overlap because that would require management by more than one entity, which is not allowed. Domains can touch or nest (if the outer domain has a higher maintenance level than the nested domain). Nesting domains is useful when a service provider contract with one or more operators to provide Ethernet service. Each operator has its own maintenance domain and the service provider domain is a superset of the operator domains. Maintenance levels of nesting domains should be communicated among the administrating organizations. CFM exchanges messages and performs operations on a per-domain basis.

Figure 1 CFM Maintenance Domains

Service Provider Domain Level 6

Operator Domains

Operator 1 Operator 2 CE 1 PE 1 PE 2 PE 3 PE 4 CE 2

MEP MIP MIP MEP Level 4 Level 4

MEPMIP MIP MEP Level 3 MEPMIP MIP MEP Level 2 157281

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-41 Configuring Ethernet Layer 2 Switching Understanding Ethernet CFM Cisco Confidential - Beta Draft R3.7 FCI

Figure 2 Allowed Domain Relationships

Scenario A: Scenario B: Scenario C: Touching Domains OK Nested Domains OK Intersecting Domains Not

Allowed 157282

Maintenance Points

A maintenance point is a demarcation point on an interface that participates in CFM within a maintenance domain. Maintenance points drop all lower-level frames and forward all higher-level frames. There are two types of maintenance points: • Maintenance end points (MEPs) are inward-facing points at the edge of the domain that define the boundary and confine CFM messages within these boundaries. Inward facing means that they communicate through the relay function side, not the wire side (connected to the port). A MEP sends and receives CFM frames through the relay function. It drops all CFM frames of its level or lower that come from the wire side. For CFM frames from the relay side, it processes the frames at its level and drops frames at a lower level. The MEP transparently forwards all CFM frames at a higher level, regardless of whether they are received from the relay or wire side. CFM runs at the provider maintenance level (UPE-to-UPE), specifically with inward-facing MEPs at the user network interface (UNI). • Maintenance intermediate points (MIPs) are internal to a domain, not at the boundary, and respond to CFM only when triggered by traceroute and loopback messages. They forward CFM frames received from MEPs and other MIPs, drop all CFM frames at a lower level, and forward all CFM frames at a higher level, regardless of whether they are received from the relay or wire side. If port on which the MEP is configured is blocked by Spanning-Tree Protocol (STP), the port cannot receive or transmit CFM messages. If a port on which a MIP is configured is blocked by STP, the port cannot receive or respond to messages from the relay function side, but can receive and respond to CFM messages from the wire side.

Ethernet CFM Overview

Ethernet Connectivity Fault Management (CFM) is an end-to-end per-service-instance Ethernet layer operations, administration, and maintenance (OAM) protocol. It includes proactive connectivity monitoring, fault verification, and fault isolation for large Ethernet metropolitan-area networks (MANs) and WANs. The advent of Ethernet as a MAN and WAN technology imposes a new set of OAM requirements on Ethernet’s traditional operations, which were centered on enterprise networks only. The expansion of Ethernet technology into the domain of service providers, where networks are substantially larger and more complex than enterprise networks and the user base is wider, makes operational management of link uptime crucial. More importantly, the timeliness in isolating and responding to a failure becomes mandatory for normal day-to-day operations, and OAM translates directly to the competitiveness of the service provider.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-42 OL-17103-01 Configuring Ethernet Layer 2 Switching Understanding Ethernet CFM Cisco Confidential - Beta Draft R3.7 FCI CFM Messages

CFM uses standard Ethernet frames distinguished by EtherType or (for multicast messages) by MAC address. All CFM messages are confined to a maintenance domain and to a service-provider VLAN (S-VLAN). These CFM messages are supported: • Continuity Check (CC) messages—multicast heartbeat messages exchanged periodically between MEPs that allow MEPs to discover other MEPs within a domain and allow MIPs to discover MEPs. CC messages are configured to a domain or VLAN. • Loopback messages—unicast frames transmitted by a MEP at administrator request to verify connectivity to a particular maintenance point, indicating if a destination is reachable. A loopback message is similar to an Internet Control Message Protocol (ICMP) ping message. • Traceroute messages—multicast frames transmitted by a MEP at administrator request to track the path (hop-by-hop) to a destination MEP. Traceroute messages are similar in concept to UDP traceroute messages.

Ethernet CFM

Ethernet CFM is an end-to-end per-service-instance Ethernet layer OAM protocol that includes proactive connectivity monitoring, fault verification, and fault isolation. End to end can be PE to PE or CE to CE. A service can be identified as a service provider VLAN (S-VLAN) or an EVC service. Being an end-to-end technology is the distinction between CFM and other metro-Ethernet OAM protocols. For example, MPLS, ATM, and SONET OAM help in debugging Ethernet wires but are not always end-to-end. 802.3ah OAM is a single-hop and per-physical-wire protocol. It is not end to end or service aware. Ethernet Local Management Interface (E-LMI) is confined between the user-end provider edge (uPE) and CE and relies on CFM for reporting status of the metro-Ethernet network to the CE. Troubleshooting carrier networks offering Ethernet Layer 2 services is challenging. Customers contract with service providers for end-to-end Ethernet service and service providers may subcontract with operators to provide equipment and networks. Compared to enterprise networks, where Ethernet traditionally has been implemented, these constituent networks belong to distinct organizations or departments, are substantially larger and more complex, and have a wider user base. Ethernet CFM provides a competitive advantage to service providers for which the operational management of link uptime and timeliness in isolating and responding to failures is crucial to daily operations.

Benefits of Ethernet CFM

Ethernet CFM provides the following benefits: • End-to-end service-level OAM technology • Reduced operating expense for service provider Ethernet networks • Competitive advantage for service providers • Supports both distribution and access network environments with the outward facing MEPs enhancement

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-43 Configuring Ethernet Layer 2 Switching Understanding Ethernet CFM Cisco Confidential - Beta Draft R3.7 FCI Customer Service Instance

A customer service instance is an Ethernet virtual connection (EVC), which is identified by an S-VLAN within an Ethernet island, and is identified by a globally unique service ID. A customer service instance can be point-to-point or multipoint-to-multipoint. Figure 3 shows two customer service instances. Service Instance Green is point to point; Service Instance Blue is multipoint to multipoint.

Figure 3 Customer Service Instances

Service Instance Green S-VLAN 100

U-PE CPE

CPE U-PE

Service Instance Blue S-VLAN 500

U-PE CPE U-PE

CPE CPE 155046

Maintenance Domain

A maintenance domain is a management space for the purpose of managing and administering a network. A domain is owned and operated by a single entity and defined by the set of ports internal to it and at its boundary. Figure 4 illustrates a typical maintenance domain.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-44 OL-17103-01 Configuring Ethernet Layer 2 Switching Understanding Ethernet CFM Cisco Confidential - Beta Draft R3.7 FCI

Figure 4 Ethernet CFM Maintenance Domain

Maintenance domain

Port interior to domain

Port at edge of domain 155384

A unique maintenance level in the range of 0 to 7 is assigned to each domain by a network administrator. Levels and domain names are useful for defining the hierarchical relationship that exists among domains. The hierarchical relationship of domains parallels the structure of customer, service provider, and operator. The larger the domain, the higher the level value. For example, a customer domain would be larger than an operator domain. The customer domain may have a maintenance level of 7 and the operator domain may have a maintenance level of 0. Typically, operators would have the smallest domains and customers the largest domains, with service provider domains between them in size. All levels of the hierarchy must operate together. Domains should not intersect because intersecting would mean management by more than one entity, which is not allowed. Domains may nest or touch but when two domains nest, the outer domain must have a higher maintenance level than the domain nested within it. Nesting maintenance domains is useful in the business model where a service provider contracts with one or more operators to provide Ethernet service to a customer. Each operator would have its own maintenance domain and the service provider would define its domain—a superset of the operator domains. Furthermore, the customer has its own end-to-end domain which is in turn a superset of the service provider domain. Maintenance levels of various nesting domains should be communicated among the administering organizations. For example, one approach would be to have the service provider assign maintenance levels to operators. CFM exchanges messages and performs operations on a per-domain basis. For example, running CFM at the operator level does not allow discovery of the network by the higher provider and customer levels. Network designers decide on domains and configurations. Figure 5 illustrates a hierarchy of operator, service provider, and customer domains and also illustrates touching, intersecting, and nested domains.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-45 Configuring Ethernet Layer 2 Switching Understanding Ethernet CFM Cisco Confidential - Beta Draft R3.7 FCI

Figure 5 Ethernet CFM Maintenance Domain Hierarchy

CE CE CE PE PE

CE CE PE PE CE

Operator Domain Provider Domain Customer Domain

Scenario A: Scenario B: Scenario C:

Touching Domains OK Intersecting Domains Not Nested Domains OK 155048 Allowed

Maintenance Point

A maintenance point is a demarcation point on an interface (port) that participates in CFM within a maintenance domain. Maintenance points on device ports act as filters that confine CFM frames within the bounds of a domain by dropping frames that do not belong to the correct level. Maintenance points must be explicitly configured on Cisco devices. Two classes of maintenance points exist, MEPs and MIPs.

Maintenance Endpoints

MEPs have the following characteristics: • Per maintenance domain (level) and service (S-VLAN or EVC) • At the edge of a domain, define the boundary • Within the bounds of a maintenance domain, confine CFM messages • When configured to do so, proactively transmit CFM continuity check messages (CCMs) • At the request of an administrator, transmit traceroute and loopback messages

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-46 OL-17103-01 Configuring Ethernet Layer 2 Switching Understanding Ethernet CFM Cisco Confidential - Beta Draft R3.7 FCI

Inward Facing MEPs Inward facing means the MEP communicates through the Bridge Relay function and uses the Bridge-Brain MAC address. An inward facing MEP performs the following functions: • Sends and receives CFM frames at its level through the relay function, not via the wire connected to the port on which the MEP is configured. • Drops all CFM frames at its level (or lower level) that come from the direction of the wire. • Processes all CFM frames at its level coming from the direction of the relay function. • Drops all CFM frames at a lower level coming from the direction of the relay function. • Transparently forwards all CFM frames at its level (or a higher level), independent of whether they come in from the relay function side or the wire side.

Note For the current Cisco IOS implementation, a MEP of level L (where L is less than 7) requires a MIP of level M > L on the same port; hence, CFM frames at a level higher than the level of the MEP will be catalogued by this MIP.

• If the port on which the inward MEP is configured is blocked by Spanning-Tree Protocol, the MEP can no longer transmit or receive CFM messages.

Outward Facing MEPs for Routed Ports and Switch Ports Outward facing means that the MEP communicates through the wire. Outward facing MEPs can be configured on routed ports and switch ports. A MIP configuration at a level higher than the level of the outward facing MEP is not required. Outward facing MEPs on routed ports use the port MAC address. Outward facing MEPs on port channels use the Bridge-Brain MAC address of the first member link. When port channel members change, the identities of outward facing MEPs do not have to change. Cisco IOS Release 12.2(33)SRD supports outward facing MEPs on switch ports and Ethernet flow points (EFPs). An outward facing MEP performs the following functions: • Sends and receives CFM frames at its level via the wire connected to the port where the MEP is configured. • Drops all CFM frames at its level (or at a lower level) that come from the direction of the relay function. • Processes all CFM frames at its level coming from the direction of the wire. • Drops all CFM frames at a lower level coming from the direction of the wire. • Transparently forwards all CFM frames at levels higher than the level of the outward facing MEP, independent of whether they come in from the relay function side or the wire side. This function is not applicable to routed ports. • If the port on which the outward MEP is configured is blocked by Spanning-Tree Protocol, the MEP can still transmit and receive CFM messages via the wire. Cisco IOS Release 12.2(33)SRD does not support CFM messages passing through a blocked port.

Maintenance Intermediate Points

MIPs have the following characteristics: • Per maintenance domain (level) and for all S-VLANs enabled or allowed on a port. • Internal to a domain, not at the boundary.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-47 Configuring Ethernet Layer 2 Switching Understanding Ethernet CFM Cisco Confidential - Beta Draft R3.7 FCI

• CFM frames received from MEPs and other MIPs are cataloged and forwarded, using both the wire and the relay function. • All CFM frames at a lower level are stopped and dropped, independent of whether they originate from the wire or relay function. • All CFM frames at a higher level are forwarded, independent of whether they arrive from the wire or relay function. • Passive points respond only when triggered by CFM traceroute and loopback messages. • Bridge-Brain MAC addresses are used. If the port on which a MIP is configured is blocked by Spanning-Tree Protocol, the MIP cannot receive CFM messages or relay them toward the relay function side. The MIP can, however, receive and respond to CFM messages from the wire. A MIP has only one level associated with it and the command-line interface (CLI) does not allow you to configure a MIP for a domain that does not exist. Figure 6 illustrates MEPs and MIPs at the operator, service provider, and customer levels.

Figure 6 CFM MEPs and MIPs on Customer and Service Provider Equipment, Operator Devices Equipment Operator A Bridges Operator B Bridges Equipment

Outward facing Inward facing

MIP Operator Operator Provider Customer

MEP level level level level 155385

CFM Messages

CFM uses standard Ethernet frames. CFM frames are distinguishable by EtherType and for multicast messages by MAC address. CFM frames are sourced, terminated, processed, and relayed by bridges. Routers can support only limited CFM functions. Bridges that cannot interpret CFM messages forward them as normal data frames. All CFM messages are confined to a maintenance domain and to an S-VLAN (PE-VLAN or Provider-VLAN). Three types of messages are supported: • Continuity Check • Loopback • Traceroute

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-48 OL-17103-01 Configuring Ethernet Layer 2 Switching Understanding Ethernet CFM Cisco Confidential - Beta Draft R3.7 FCI

Continuity Check Messages CFM CCMs are multicast heartbeat messages exchanged periodically among MEPs. They allow MEPs to discover other MEPs within a domain and allow MIPs to discover MEPs. CCMs are confined to a domain and S-VLAN. CFM CCMs have the following characteristics: • Transmitted at a configurable periodic interval by MEPs. The interval can be from 10 seconds to 65535 seconds, the default is 30. • Contain a configurable hold-time value to indicate to the receiver the validity of the message. The default is 2.5 times the transmit interval. • Catalogued by MIPs at the same maintenance level. • Terminated by remote MEPs at the same maintenance level. • Unidirectional and do not solicit a response. • Carry the status of the port on which the MEP is configured.

Loopback Messages CFM loopback messages are unicast frames that a MEP transmits, at the request of an administrator, to verify connectivity to a particular maintenance point. A reply to a loopback message indicates whether a destination is reachable but does not allow hop-by-hop discovery of the path. A loopback message is similar in concept to an Internet Control Message Protocol (ICMP) Echo (ping) message. A CFM loopback message can be generated on demand using the CLI. The source of a loopback message must be a MEP; the destination may be a MEP or a MIP. CFM loopback messages are unicast; replies to loopback messages also are unicast. CFM loopback messages specify the destination MAC address, VLAN, and maintenance domain.

Traceroute Messages CFM traceroute messages are multicast frames that a MEP transmits, at the request of an administrator, to track the path (hop-by-hop) to a destination MEP. They allow the transmitting node to discover vital connectivity data about the path, and allow the discovery of all MIPs along the path that belong to the same maintenance domain. For each visible MIP, traceroute messages indicate ingress action, relay action, and egress action. Traceroute messages are similar in concept to User Datagram Protocol (UDP) traceroute messages. Traceroute messages include the destination MAC address, VLAN, and maintenance domain and they have Time To Live (TTL) to limit propagation within the network. They can be generated on demand using the CLI. Traceroute messages are multicast; reply messages are unicast.

Cross-Check Function

The cross-check function is a timer-driven post-provisioning service verification between dynamically discovered MEPs (via CCMs) and expected MEPs (via configuration) for a service. The cross-check function verifies that all endpoints of a multipoint or point-to-point service are operational. The function supports notifications when the service is operational; otherwise it provides alarms and notifications for unexpected endpoints or missing endpoints. The cross-check function is performed one time. You must initiate the cross-check function from the CLI every time you want a service verification.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-49 Configuring Ethernet Layer 2 Switching Configuring Ethernet CFM Cisco Confidential - Beta Draft R3.7 FCI

Ethernet Virtual Circuit

An EVC as defined by the Metro Ethernet Forum is a port-level point-to-point or multipoint-to-multipoint Layer 2 circuit. EVC status can be used by a CE device to find an alternative path into the service provider network.

Configuring Ethernet CFM

Configuring Ethernet CFM requires preparing the network and configuring services. You can optionally configure and enable crosschecking. These sections are included • Default Ethernet CFM Configuration, page 50 • Ethernet CFM Configuration Guidelines, page 50 • Preparing the Ethernet CFM Network, page 51 • Configuring Ethernet CFM Service, page 52 • Configuring Ethernet CFM Crosscheck, page 53

Default Ethernet CFM Configuration

CFM is globally disabled. CFM is enabled on all interfaces. A port can be configured as a flow point (MIP/MEP), a transparent port, or disabled (CFM disabled). By default, ports are transparent ports until configured as MEP, MIP, or disabled. There are no MEPs or MIPs configured.

Ethernet CFM Configuration Guidelines

These are the configuration guidelines and restrictions for CFM: • CFM is not supported and cannot be configured on routed ports. • You cannot configure CFM on VLAN interfaces. • You cannot configure CFM on an EoMPLS port. • CFM is not supported on private VLAN ports. The configuration is allowed, but does not take affect.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-50 OL-17103-01 Configuring Ethernet Layer 2 Switching Configuring Ethernet CFM Cisco Confidential - Beta Draft R3.7 FCI Preparing the Ethernet CFM Network

Beginning in privileged EXEC mode, follow these steps to prepare the network for Ethernet CFM:

Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 ethernet cfm traceroute cache [size entries | (Optional) Configure the CFM traceroute cache. You can hold-time minutes] set a maximum cache size or hold time. • (Optional) For size, enter the cache size in number of entry lines. The range is from 1 to 4095; the default is 100 lines. • (Optional) For hold-time, enter the maximum cache hold time in minutes. The range is from 1 to 65535; the default is 100 minutes. Step 3 ethernet cfm domain domain-name level level-id Define a CFM domain, set the domain level, and enter ethernet-cfm configuration mode for the domain. The maintenance level number range is 0 to 7. Step 4 mep archive-hold-time minutes (Optional) Set the number of minutes that data from a missing maintenance end point (mep) is kept before it is purged. The range is 1 to 65535; the default is 100 minutes. Step 5 exit Return to global configuration mode. Step 6 interface interface-id Specify a physical interface or a port channel to configure, and enter interface configuration mode. Step 7 ethernet cfm mip level level-id Configure an operator-level maintenance intermediate point (MIP) for the domain level-ID defined in Step 3. Note If you plan to configure a MEP at level 7 on this interface, do not use this command to configure a MIP on the interface. Step 8 exit Return to global configuration mode. Step 9 ethernet cfm cc {[enable] level {level-id | any} vlan Configure per domain continuity check (cc) parameters. {vlan-id | any}} The level ID identifies the domain to which configuration applies. • Enter enable to enable CFM cc for the domain level. • Enter a maintenance level as a level number (0 to 7) or as any for all maintenance levels. • Enter the VLANs to apply the check to, as a VLAN-ID (1 to 4095), a range of VLAN-IDs separated by a hyphen, a series of VLAN IDs separated by commas, or any for any VLANs. Step 10 end Return to privileged EXEC mode. Step 11 show ethernet cfm domain brief Verify the configuration. show ethernet cfm maintenance-points local show ethernet cfm traceroute-cache

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-51 Configuring Ethernet Layer 2 Switching Configuring Ethernet CFM Cisco Confidential - Beta Draft R3.7 FCI

Command Purpose Step 12 show running-config Verify your entries. Step 13 copy running-config startup-config (Optional) Save your entries in the configuration file.

Use the no versions of the commands to remove the configuration or return to the default configurations.

Configuring Ethernet CFM Service

Beginning in privileged EXEC mode, follow these steps to set up service for Ethernet CFM:

Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 ethernet cfm domain domain-name level level-id Define a CFM domain, set the domain level, and enter ethernet-cfm configuration mode for the domain. The maintenance level number range is 0 to 7. Step 3 service csi-id vlan vlan-id Define a universally unique customer service instance (CSI) and VLAN ID within the maintenance domain. • csi-id—a string of no more than 100 characters that identifies the CSI. • vlan-id—VLAN range is from 1 to 4095. You cannot use the same VLAN ID for more than one domain at the same level. Step 4 exit Return to global configuration mode. Step 5 ethernet cfm enable Globally enable CFM. Step 6 interface interface-id Specify a physical interface or a port channel to configure, and enter interface configuration mode. Step 7 ethernet cfm mip level level-id Configure a customer level or service-provider level maintenance intermediate point (MIP) for the interface. The MIP level range is 0 to 7. Note If you plan to configure a MEP at level 7 on this interface, do not use this command to configure a MIP on the interface.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-52 OL-17103-01 Configuring Ethernet Layer 2 Switching Configuring Ethernet CFM Cisco Confidential - Beta Draft R3.7 FCI

Command Purpose Step 8 ethernet cfm mep level level-id [inward] mpid Configure maintenance end points (MEPs). for different identifier vlan vlan-id maintenance levels. The MEP level range is 0 to 7. • (Optional) Specify the end point in the inward direction. • For mpid identifier, enter a maintenance end point identifier. The identifier must be unique for each VLAN (service instance). The range is 1 to 8191. • For vlan vlan-id, enter the service provider VLAN ID or IDs as a VLAN-ID (1 to 4095), a range of VLAN-IDs separated by a hyphen, or a series of VLAN IDs separated by comma. Note Repeat the command for different level IDs. Step 9 exit Return to global configuration mode. Step 10 snmp-server enable traps ethernet cfm cc [mep-up] (Optional) Enable Ethernet CFM continuity check traps. [mep-down] [config] [loop] [cross-connect] Step 11 snmp-server enable traps ethernet cfm crosscheck (Optional) Enable Ethernet CFM crosscheck traps. [mep-unknown] [mep-missing] [service-up] Step 12 end Return to privileged EXEC mode. Step 13 show ethernet cfm {domain | maintenance-points} Verify the configuration. Step 14 show running-config Verify your entries. Step 15 copy running-config startup-config (Optional) Save your entries in the configuration file.

Use the no form of each command to remove a configuration or to return to the default settings.

Configuring Ethernet CFM Crosscheck

Beginning in privileged EXEC mode, follow these steps to configure Ethernet CFM crosscheck:

Command Purpose Step 1 configure terminal Enter global configuration mode. Step 2 ethernet cfm mep crosscheck start-delay delay Configure the number of seconds that the device waits for remote MEPs to come up before the crosscheck is started. The range is 1 to 65535; the default is 30 seconds. Step 3 ethernet cfm domain domain-name level level-id Define a CFM domain, set the domain level, and enter ethernet-cfm configuration mode for the domain. The maintenance level number range is 0 to 7.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-53 Configuring Ethernet Layer 2 Switching Configuring Ethernet CFM Cisco Confidential - Beta Draft R3.7 FCI

Command Purpose Step 4 mep crosscheck mpid identifier vlan vlan-id [mac Define a remote maintenance end point (MEP) within a remote MAC address] maintenance domain. • For mpid identifier, enter a maintenance end point identifier. The identifier must be unique for each VLAN (service instance). The range is 1 to 8191. • For vlan vlan-id, the VLAN range is from 1 to 4095. • (Optional) Specify the MAC address of the remote MEP. Step 5 end Return to privileged EXEC mode. Step 6 ethernet cfm mep crosscheck {enable | disable} Enable or disable CFM crosscheck for one or more level level-id vlan {vlan-id | any} maintenance levels and VLANs. • For level level-id, enter a single level ID (0 to 7), a range of level IDs separated by a hyphen, or a series of level IDs separated by commas. • For vlan vlan-id, enter the provider VLAN ID or IDs as a VLAN-ID (1 to 4095), a range of VLAN-IDs separated by a hyphen, or a series of VLAN IDs separated by commas, or enter any for any VLAN. Step 7 end Return to privileged EXEC mode. Step 8 show ethernet cfm maintenance-points remote Verify the configuration. crosscheck Step 9 show ethernet cfm errors Enter this command after you enable CFM crosscheck to display the results of the crosscheck operation. Step 10 copy running-config startup-config (Optional) Save your entries in the configuration file.

Use the no form of each command to remove a configuration or to return to the default settings. Multiple Spanning Tree Protocol. A spanning-tree protocol used to prevent loops in bridge configurations. Unlike other types of STPs, MSTP can block ports selectively by VLAN. NOTE: The difference between access interfaces and trunk interfaces is that access interfaces can be part of one VLAN only and the interface is normally attached to an end-user device (packets are implicitly associated with the configured VLAN). In contrast, trunk interfaces multiplex traffic from multiple VLANs and usually interconnect switches.

STP Overview

STP is a Layer 2 link-management protocol that provides path redundancy while preventing undesirable loops in the network. For a Layer 2 Ethernet network to function properly, only one active path can exist between any two stations. STP operation is transparent to end stations, which cannot detect whether they are connected to a single LAN segment or a switched LAN of multiple segments. Cisco ASR 9000 Series Routers use STP (the IEEE 802.1D bridge protocol) on all VLANs. By default, a single instance of STP runs on each configured VLAN (provided you do not manually disable STP). You can enable and disable STP on a per-VLAN basis.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-54 OL-17103-01 Configuring Ethernet Layer 2 Switching Ethernet Wire Service Cisco Confidential - Beta Draft R3.7 FCI

When you create fault-tolerant internetworks, you must have a loop-free path between all nodes in a network. The STP algorithm calculates the best loop-free path throughout a switched Layer 2 network. Layer 2 LAN ports send and receive STP frames at regular intervals. Network devices do not forward these frames, but use the frames to construct a loop-free path. Multiple active paths between end stations cause loops in the network. If a loop exists in the network, end stations might receive duplicate messages and network devices might learn end station MAC addresses on multiple Layer 2 LAN ports. These conditions result in an unstable network. STP defines a tree with a root bridge and a loop-free path from the root to all network devices in the Layer 2 network. STP forces redundant data paths into a standby (blocked) state. If a network segment in the spanning tree fails and a redundant path exists, the STP algorithm recalculates the spanning tree topology and activates the standby path. When two Layer 2 LAN ports on a network device are part of a loop, the STP port priority and port path cost setting determine which port is put in the forwarding state and which port is put in the blocking state. The STP port priority value represents the location of a port in the network topology and how efficiently that location allows the port to pass traffic. The STP port path cost value represents media speed.

Ethernet Wire Service

An Ethernet Wire Service is a service that emulates a point-to-point Ethernet segment. This is similar to Ethernet private line (EPL), a Layer 1 point-to-point service, except the provider edge operates at Layer 2 and typically runs over a Layer 2 network. The EWS encapsulates all frames that are received on a particular UNI and transports these frames to a single-egress UNI without reference to the contents contained within the frame. The operation of this service means that an EWS can be used with VLAN-tagged frames. The VLAN tags are transparent to the EWS (bridge protocol data units [BPDUs])—with some exceptions. These exceptions include IEEE 802.1x, IEEE 802.2ad, and IEEE 802.3x, because these frames have local significance and it benefits both the customer and the Service Provider to terminate them locally. The customer side has the following types: • Untagged • Single tagged • Double tagged • 802.1q • 802.1ad E-Line service provides a point-to-point EVC between two UNIs. Two types of E-Line Service Ethernet Private Line (EPL) • No service multiplexing allowed • Transparent • No coordination between customer and SP on VLAN ID map Ethernet Virtual Private Line (EVPL) • Allows service multiplexing • No need for full transparency of service frames

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-55 Configuring Ethernet Layer 2 Switching Ethernet Wire Service Cisco Confidential - Beta Draft R3.7 FCI

Ethernet LAN (E-LAN) Service E-LAN service provides multipoint connectivity (can connect two or more UNIs). All sites have Ethernet connectivity with each other (inside the cloud is a multipoint-to-multipoint EVC) Types of E-LAN services: Transparent LAN Service (TLS) • Bundled service Ethernet Virtual Connection Service (EVCS) • Per-VLAN service-multiplexed service The Cisco Ethernet Relay Service concept corresponds to the MEF Ethernet Virtual Private Line concept. The Cisco Ethernet Wire Service concept corresponds to the MEF Ethernet Private Line concept. The Cisco Multipoint Service concept corresponds to the MEF Transparent LAN Service concept. The Cisco Multipoint Relay Service concept corresponds to the MEF Ethernet Virtual Connection Service concept. A UNI is the demarcation between the CE and the provider edge (PE). Ethernet service is what the Service Provider provides between UNIs. • Ethernet Line service (E-Line) point-to-point • Ethernet LAN service (E-LAN) multipoint • Ethernet Tree service (E-Tree) point-to-multipoint This is Carrier Ethernet. This can replace Frame Relay/ATM within the cloud with the benefits including faster speeds (GigE and 10GigE). VPLS (Virtual Private LAN Service) is an end-to-end architecture that allows MPLS networks to provide Multipoint Ethernet services. It is “Virtual” because multiple instances of this service share the same physical infrastructure. It is “Private” because each instance of the service is independent and isolated from one another. It is “LAN Service” because it emulates Layer 2 multipoint connectivity between subscribers.

IGMP Snooping

IGMP snooping provides a way to constrain multicast traffic at Layer 2. By snooping the IGMP membership reports sent by hosts in the bridge domain, the IGMP snooping application can set up Layer 2 multicast forwarding tables to deliver traffic only to ports with at least one interested member, significantly reducing the volume of multicast traffic. Configured at Layer 3, IGMP provides a means for hosts in an IPv4 multicast network to indicate which multicast traffic they are interested in and for routers to control and limit the flow of multicast traffic in the network (at Layer 3). IGMP snooping uses the information in IGMP membership report messages to build corresponding information in the forwarding tables to restrict IP multicast traffic at Layer 2. The forwarding table entries are in the form , where: • Route is a <*, G> route or route.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-56 OL-17103-01 Configuring Ethernet Layer 2 Switching Ethernet Wire Service Cisco Confidential - Beta Draft R3.7 FCI

• OIF List comprises all bridge ports that have sent IGMP membership reports for the specified route plus all Multicast Router (mrouter) ports in the bridge domain. The IGMP snooping feature can provide the following benefits to a multicast network: • Basic IGMP snooping reduces bandwidth consumption by reducing multicast traffic that would otherwise flood an entire VPLS bridge domain. • With optional configuration options, IGMP snooping can provide security between bridge domains by filtering the IGMP reports received from hosts on one bridge port and preventing leakage towards the hosts on other bridge ports. • With optional configuration options, IGMP snooping can reduce the traffic impact on upstream IP multicast routers by suppressing IGMP membership reports (IGMPv2) or by acting as an IGMP proxy reporter (IGMPv3) to the upstream IP multicast router. Refer to the Implementing Layer 2 Multicast with IGMP Snooping on Cisco ASR 9000 Series Routers module in the Cisco ASR 9000 Series Aggregation Services Router Multicast Configuration Guide for information on configuring IGMP snooping. The applicable IGMP snooping commands are described in the Cisco ASR 9000 Series Aggregation Services Router Multicast Command Reference.

MPLS Services

For more information on configuring VPLS, refer to the Implementing Virtual Private LAN Services on ASR 9000 Series Routers module of the Cisco ASR 9000 Series Router MPLS Configuration Guide. In-depth description of the applicable commands supporting VPLS can be found in the Virtual Private LAN Services Commands module of the Cisco ASR 9000 Series Router MPLS Command Reference.

L2VPN Overview

Layer 2 VPN (L2VPN) emulates the behavior of a LAN across an IP or MPLS-enabled IP network allowing Ethernet devices to communicate with each other as they would when connected to a common LAN segment. As service providers (SPs) look to replace their Frame Relay or Asynchronous Transfer Mode (ATM) infrastructures with an IP infrastructure, there is a need for to provide standard methods of using an IP infrastructure to provide a serviceable L2 interface to customers; specifically, to provide standard ways of using an IP infrastructure to provide virtual circuits between pairs of customer sites. Building a L2VPN system requires coordination between the SP and the customer. The SP provides L2 connectivity; the customer builds a network using data link resources obtained from the SP. In an L2VPN service, the SP does not require information about a the customer's network topology, policies, routing information, point-to-point links, or network point-to-point links from other SPs.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-57 Configuring Ethernet Layer 2 Switching Where to Go Next Cisco Confidential - Beta Draft R3.7 FCI

Ethernet Port Mode

In Ethernet port mode, both ends of a pseudowire are connected to Ethernet ports. In this mode, the port is tunneled over the pseudowire or, using local switching (also known as an attachment circuit-to-attachment circuit cross-connect) switches packets or frames from one attachment circuit (AC) to another AC attached to the same PE node. Figure 7 provides an example of Ethernet port mode.

Figure 7 Ethernet Port Mode Packet Flow

Ether Ether Ether Ether CE PE PE CE MPLS emulated VC Type 5

Tunnel label VC label VC label Control Word Control Word

Payload Payload Payload Payload Payload Payload

Packet flow 158276

Where to Go Next

When you have completed the configuration procedures in this chapter, consider the following resources for additional configuration documentation: • For information on configuring Ethernet virtual connections, see Chapter 1, “Configuring Ethernet Virtual Connections (EVCs).” • For ethernet services configuration examples, see Ethernet Services Configuration Examples • For the list of platform-specific ethernet services commands on the Cisco ASR 9000 Series Router, see Cisco ASR 9000 Series Router Platform Dependent Command Reference • For information on configuring interfaces, see the hardware documents listed in the Related Documents section.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-58 OL-17103-01 Cisco Confidential - Beta Draft R3.7 FCI

Configuring Ethernet Virtual Connections (EVCs)

This chapter describes how to configure Ethernet Virtual Connections (EVCs) on the Cisco ASR 9000 Series Aggregation Services Router using the command-line interface (CLI), and it describes basic Cisco IOS XR software configuration management.

Contents

• EVC, page 59 • Restricted TCN Feature, page 60 • Root Guard Feature, page 60 • Ethernet CFM Overview, page 60 • Where to Go Next, page 93

EVC

An EVC as defined by the Metro Ethernet Forum is a port-level point-to-point or multipoint-to-multipoint Layer 2 circuit. It is an end-to-end representation of a single instance of a Layer 2 service being offered by a provider to a customer. An EVC embodies the different parameters on which the service is being offered. A service instance is the instantiation of an EVC on a specified port. Service instances are configured under a port channel. The traffic, carried by the service instance is load balanced across member links. Service instances under a port channel are grouped and each group is associated with one member link. Ingress traffic for a single EVC can arrive on any member of the bundle. All egress traffic for a service instance uses only one of the member links. Load balancing is achieved by grouping service instances and assigning them to a member link. Ethernet virtual connection services (EVCS) uses the concepts of EVCs and service instances to provide Layer 2 switched Ethernet services. EVC status can be used by a Customer Edge (CE) device either to find an alternative path into the service provider network or in some cases, to fall back to a backup path over Ethernet.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-59 Configuring Ethernet Virtual Connections (EVCs) Restricted TCN Feature Cisco Confidential - Beta Draft R3.7 FCI Restricted TCN Feature

Support for the Restricted TCN (Topology Change Notification) feature on the Cisco ASR 9000 Series Aggregation Services Router has been added to the Release 3.7 FCI IOS XR software. A Topology Change Notification is a simple Bridge Protocol Data Unit (BPDU) that a bridge sends out to its root port to signal a topology change. Restricted TCN can be toggled between True and False. If set to True, this stops the port from propagating received topology change notifications and topology changes to other ports. The default is False.

Root Guard Feature

The standard STP (Spanning Tree Protocol) does not provide any means for the network administrator to securely enforce the topology of the switched Layer 2 (L2) network. A means to enforce topology can be especially important in networks with shared administrative control, where different administrative entities or companies control one switched network. The forwarding topology of the switched network is calculated. The calculation is based on the root bridge position, among other parameters. Any switch can be the root bridge in a network. But a more optimal forwarding topology places the root bridge at a specific predetermined location. With the standard STP, any bridge in the network with a lower bridge ID takes the role of the root bridge. The administrator cannot enforce the position of the root bridge.

Note The administrator can set the root bridge priority to 0 in an effort to secure the root bridge position. But there is no guarantee against a bridge with a priority of 0 and a lower MAC address.

The root guard feature provides a way to enforce the root bridge placement in the network. The root guard ensures that the port on which root guard is enabled is the designated port. Normally, root bridge ports are all designated ports, unless two or more ports of the root bridge are connected together. If the bridge receives superior STP Bridge Protocol Data Units (BPDUs) on a root guard-enabled port, root guard moves this port to a root-inconsistent STP state. This root-inconsistent state is effectively equal to a listening state. No traffic is forwarded across this port. In this way, the root guard enforces the position of the root bridge.

Ethernet CFM Overview

Ethernet CFM is an end-to-end per-service-instance (per VLAN) Ethernet layer OAM protocol. It includes proactive connectivity monitoring, fault verification, and fault isolation. End-to-end can be provider-edge-to provider-edge (PE-to-PE) device or customer-edge-to-customer-edge (CE-to-CE) device. Ethernet CFM, as specified by IEEE 802.1ag, is the standard for Layer 2 ping, Layer 2 traceroute, and end-to-end connectivity verification of the Ethernet network.

Note Unlike CFM, other metro-Ethernet OAM protocols are not end-to-end technologies. For example, IEEE 802.3ah OAM is a single-hop and per-physical-wire protocol and is not end-to-end or service aware.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-60 OL-17103-01 Configuring Ethernet Virtual Connections (EVCs) Ethernet CFM Overview Cisco Confidential - Beta Draft R3.7 FCI Configuring Ethernet Interfaces

SUMMARY STEPS

1. configure interface TenGigE [instance] 2. ipv4 address ipv4-address mask 3. flow-control ingress 4. mtu bytes 5. mac-address value1.value2.value3 6. no shutdown 7. end

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters interface configuration mode for a 10-Gigabit Ethernet interface TenGigE [instance] interface.

Example: RP/0/RSP0/CPU0:router# configure RP/0/RSP0/CPU0:router(config)# interface TenGigE 0/0/0/1 Step 2 ipv4 address ipv4-address mask Places the router in administration EXEC mode, displays information about the status of cards and modules installed in the router, and terminates administration EXEC mode. Example: RP/0/RSP0/CPU0:router(config-if)# ipv4 • Some cards support a CPU module and service processor address 172.18.189.38 255.255.255.224 (SP) module. Other cards support only a single module. • A card module is also called a node. When a node is working properly, the status of the node in the State column is IOS XR RUN. • Use the show platform node-id command to display information for a specific node. Replace node-id with a node name from the show platform command Node column. Note To view the status of all cards and modules, the show platform command must be executed in administration EXEC mode. Step 3 show redundancy Displays the state of the primary (active) and standby (inactive) RSPs, including the ability of the standby to take control of the system. Example: RP/0/RSP0/CPU0:router# show redundancy • If both RSPs are working correctly, one node displays active role, the Partner node row displays standby role, and the Standby node row displays Ready.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-61 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 4 show environment Displays information about the hardware attributes and status.

Example: RP/0/RSP0/CPU0:router# show environment

Installing System Software on Your ASR 9000

Refer to the Upgrading and Managing Cisco IOS XR Software module of the Cisco ASR 9000 System Management Configuration Guide, Release 3.7 FCI.

SUMMARY STEPS

1. Connect to the console port and log in. 2. dir device: 3. (Optional) admin 4. Add the PIE file to the router boot device: install add device:pie-file [sdr sdr-name] [activate] or install add tftp://hostname_or_ipaddress/directory-path/pie-file [sdr sdr-name] [activate] or install add ftp://username:password@hostname_or_ipaddress/directory-path/pie-file [sdr sdr-name] [activate] or install add rcp://username@hostname_or_ipaddress/directory-path/pie-file [sdr sdr-name] [activate] 5. show install inactive summary [sdr sdr-name] 6. install activate {id add-id | device:package} [test] [sdr sdr-name] [location nodeID] 7. Repeat Steps 4. through 6. until all packages are added and activated. 8. (Optional) show install active summary [sdr sdr-name] 9. (Optional) install verify packages [sdr sdr-name] 10. (Optional) exit 11. (Optional) Verify the system is stable: a. show system verify start b. show system verify [start | report | detail] 12. (Optional) Commit the current set of packages: a. admin b. install commit

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-62 OL-17103-01 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

DETAILED STEPS

Command or Action Purpose Step 1 Connect to the console port and log in. Establishes a CLI management session with the SDR. • To log in to a specific SDR, connect to the console port of the active DSDRSC. • To perform installation operations in administration EXEC mode, connect to the console port for the active DSC (active DSDRSC for the owner SDR). For more information on console connections, see Cisco ASR 9000 Series Router Getting Started Guide. Step 2 dir device: (Optional) Displays the package files that are available for package upgrades and additions. Example: • Only PIE files can be added and activated using this RP/0/RSP0/CPU0:router# dir disk1: procedure. • For more information on PIE file names, see the “PIEs to add for Ethernet Services Support” section on page 37. Step 3 admin (Optional) Enters administration EXEC mode. • From administration EXEC mode, you can perform Example: installation operations for all SDRs, or for a specific RP/0/RSP0/CPU0:router# admin SDR. To enter administration EXEC mode, you must be logged in to the owner secure domain router (SDR) and have root-system access privileges. • This command is not required for users entering install CLIs for a specific SDR. Note Some show install commands can be entered in EXEC mode on an SDR.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-63 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 4 install add [source source-path | tar] Unpacks a PIE file from local storage device or network device:file [sdr sdr-name] [activate] server and adds the package files to the boot device of the or router. The boot device is located on the DSC. install add [source source-path | tar] tftp://hostname_or_ipaddress/directory-path/file • If the tar keyword is used, all PIE files contained in [sdr sdr-name] [activate] the tar file are unpacked. or • If the source keyword is used, the source-path install add [source source-path | tar] specifies the directory path that is used for multiple ftp://username:password@hostname_or_ipaddress/ filenames in the same directory. directory-path/file [sdr sdr-name] [activate] or The following arguments are used when adding a package from a PIE file located on a network server: install add [source source-path | tar] rcp://username@hostname_or_ipaddress/directory-p • Replace device: with the name of the local storage ath/file [sdr sdr-name] [activate] device where the PIE file is stored, such as disk1:. • Replace file with the name of the PIE file you want to Example: add. If the tar keyword is used, file is the name of a tar RP/0/RSP0/CPU0:router(admin)# install add file containing one or more PIE files or directories disk1:c12k-mgbl.pie-3.3.30.1i containing PIE files. or • Replace hostname_or_ipaddress with the host name RP/0/RSP0/CPU0:router(admin)# install add source or IP address of the network file server. tftp://10.1.1.1/images/ hfr-k9sec-p.pie • Replace directory-path with the network file server hfr-mpls-p.pie hfr-mcast-p.pie path that leads to the PIE file to be added. or • Replace username with a username that has access RP/0/RSP0/CPU0:router(admin)# install add ftp://john:[email protected]/images/hfr-k9sec-p.pi privileges to the directory in which the PIE file is e stored. or • Replace password with the password associated with RP/0/RSP0/CPU0:router(admin)# install add tar the username that has access privileges to the rcp://[email protected]/images/CRS-1-iosxr-3.6.0.tar directory in which the PIE file is stored. • Use the sdr sdr-name keyword and argument to specify an SDR in administration EXEC mode. This option is not supported in EXEC mode. Replace sdr-name with the name assigned to the SDR. • The activate option automatically activates the software package after it is successfully added. Note Multiple versions of a software package can be added to the storage device without impacting the running configuration, but only one version of a package can be activated for a card.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-64 OL-17103-01 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 5 show install inactive summary [sdr sdr-name] (Optional) Displays the inactive packages on the router. Verify that the package added in the previous step appears in the display. Example: RP/0/RSP0/CPU0:router(admin)# show install • To display the inactive packages for a specific SDR inactive summary from administration EXEC mode, use the sdr sdr-name keyword and argument. This option is not supported in EXEC mode. Replace sdr-name with the name assigned to the SDR. • To display the inactive packages for a specific card (node), use the location option and specify the node ID.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-65 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 6 install activate {id add-id | device:package} Activates a package that was added to one or more SDRs. [test] [sdr sdr-name] [location nodeID] • Skip this step if the package was activated earlier with the install add command. Example: RP/0/RSP0/CPU0:router(admin)# install activate • Use the id add-id option to specify the package using disk0:c12k-mgbl-3.3.30 the operation ID of the install add operation in which you added the package. The operation ID is provided in the output of the install add command. You can also use show install log to display installation operation IDs. • Use the device:package option to specify the package by name, and replace device:package with the name of the boot device and inactive package, which can be displayed as described in the previous step. • Press ? after a partial package name to display all possible matches available for activation. If there is only one match, press [TAB] to fill in the rest of the package name. • Use the sdr sdr-name option to specify an SDR in administration EXEC mode. This option is not supported in EXEC mode. Replace sdr-name with the name assigned to the SDR. • By default, packages are activated for all cards supported by that package. • To activate a package for a specific card (node), use the location option and specify the node ID. To display a list of node IDs for the entire system, enter the show platform command in administration EXEC mode. A package cannot be activated on a single node unless some version of the package being activated is already active on all nodes. Note The package being activated must be compatible with the currently active software to operate. When an activation is attempted, the system runs an automatic compatibility check to ensure that the package is compatible with the other active software on the router. The activation is permitted only after all compatibility checks have been passed.

Tip When activating packages, use the test option to test the effects of a command without impacting the running system. After the activation process finishes, enter the show install log command to display the process results. Step 7 Repeat Step 4 through Step 6 until all packages are Activates additional packages as required. activated.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-66 OL-17103-01 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 8 show install active summary [sdr sdr-name] (Optional) Displays all active packages. Use this display to determine if the correct packages are active. Example: • To display the active packages for a specific SDR RP/0/RSP0/CPU0:router# show install active from administration EXEC mode, use the sdr sdr-name keyword and argument. This option is not supported in EXEC mode. Replace sdr-name with the name assigned to the SDR. Step 9 Verify that there are no corrupted software files. (Optional) Verifies the consistency of a installed software install verify packages[sdr sdr-name] set with the package file from which it originated. This command can be used as a debugging tool to verify the validity of the files that constitute the packages, to Example: determine if there are any corrupted files. This command RP/0/RSP0/CPU0:router(admin)# install verify also checks for corruptions of installation state files and packages MBI image files. This command is particularly useful when issued after the activation of a package or upgrading the Cisco IOS XR software to a major release. To perform the command for a specific secure domain router (SDR) in administration EXEC mode, use the sdr sdr-name keyword and argument. Note The install verify packages command can take up to two minutes per package to process. Step 10 exit (Optional) Exits administration EXEC mode and returns to EXEC mode. Example: Use this command only if you performed the installation RP/0/RSP0/CPU0:router(admin)# exit operations in administration EXEC mode.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-67 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 11 show system verify start (Optional) Verifies the system is stable. A variety of show system verify [detail | report] information is displayed, including the memory and CPU usage, process status, protocol status, and other status Example: information. Use this information to verify that the system RP/0/RSP0/CPU0:router# show system verify start is stable. Enter this command in EXEC mode for each RP/0/RSP0/CPU0:router# show system verify SDR impacted by the installation operation. • To initiate the system status check, enter the show system verify start command. • Enter the show system verify or show system verify detail command display system status information. – The detail keyword displays additional information at the card and processor level, including actual numbers. – The report keyword displays the same information as the default show system verify command Note While most of the output should display the status “OK”, some processes may show other output, such as “Warning”. This does not specifically indicate a problem. Contact your Cisco technical support representative for more information on the output of this command. Step 12 admin (Optional) Commits the current set of packages for an install commit [sdr sdr-name] SDR or for all SDRs so that these packages are used if the router is restarted. Example: • Enter this command in administration EXEC mode to RP/0/RSP0/CPU0:router(admin)# install commit commit the active software set for all SDRs. • Enter this command in EXEC mode to commit the active software set for the SDR to which you are logged in. • To commit the active software set for a specific SDR from administration EXEC mode, use the sdr sdr-name keyword and argument. For more information, see the “Committing the Active Package Set” section on page 71.

Examples

This section contains examples for the following subjects: • Adding a Package: Example, page 69 • Activating a Package: Example, page 69 • Activating a Package Specifying Operation ID: Example, page 69

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-68 OL-17103-01 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

Adding a Package: Example

The following example shows how to add the contents of a PIE file on disk1 to the boot device. Because the software package is added to the boot device by default, it is not necessary to specify the destination device in the CLI. RP/0/RSP0/CPU0:router(admin)# install add disk1:hfr-mpls-p.pie-3.3.30 synchronous

Install operation 4 'install add /disk1:hfr-mpls.pie synchronous' started by user 'cisco' at 18:10:18 UTC Sat Apr 08 2006. Info: The following package is now available to be activated: Info: Info: disk0:hfr-mpls-3.3.80 Info: Install operation 4 completed successfully at 18:14:11 UTC Sat Apr 08 2006.

The following example shows how to add the contents of a PIE file on a TFTP server to the boot device: RP/0/RSP0/CPU0:router(admin)# install add tftp://209.165.201.1/hfr-mpls.pie synchronous

Install operation 4 '(admin) install add /tftp://209.165.201.1/hfr-mpls.pie synchronous' started by user 'cisco' at 18:16:18 UTC Thu Jan 03 2008. Info: The following package is now available to be activated: Info: Info: disk0:hfr-mpls-3.3.80 Info: Install operation 4 completed successfully at 18:19:10 UTC Thu Jan 03 2008.

Activating a Package: Example

The following example shows the activation of the MPLS package on a Cisco ASR 9000 Series Router. The package is activated on the boot device disk0. RP/0/RSP0/CPU0:router(admin)# install activate disk0:hfr-mpls-3.3.30 synchronous

Install operation 15 'install activate disk0:hfr-mpls-3.3.30 synchronous' started by user 'lab' at 19:15:33 UTC Sat Apr 08 2006. Info: The changes made to software configurations will not be persistent Info: across system reloads. Use the command 'admin install commit' to make Info: changes persistent. Info: Please verify that the system is consistent following the software Info: change using the following commands: Info: show system verify Info: install verify packages Install operation 5 completed successfully at 19:16:18 UTC Sat Apr 08 2006.

Activating a Package Specifying Operation ID: Example

The following example shows the activation of the MPLS package on a Cisco ASR 9000 Series Router using the operation ID of the install add operation that added the package: RP/0/RSP0/CPU0:router(admin)# install activate id 4

Install operation 5 '(admin) install activate id 4' started by user 'lab' via CLI at 18:20:17 UTC Thu Jan 03 2008. Info: This operation will activate the following package: Info: disk0:hfr-mpls-3.3.80 Info: Install Method: Parallel Process Restart The install operation will continue asynchronously. Info: The changes made to software configurations will not be persistent Info: across system reloads. Use the command '(admin) install commit' to Info: make changes persistent. Info: Please verify that the system is consistent following the software

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-69 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

Info: change using the following commands: Info: show system verify Info: install verify packages Install operation 5 completed successfully at 18:21:30 UTC Thu Jan 03 2008.

Adding and Activating a Package from an FTP File Server with One Command: Example

To add and activate a package with a single command, enter the install add command with the activate keyword. In the following example, the Manageability PIE located on disk1 is verified, unpacked, and added to the boot device disk0. Because this operation is performed in administration EXEC mode, the package is activated for all SDRs in the system. RP/0/RSP0/CPU0:router(admin)# install add disk1:hfr-mgbl-p.pie-3.3.30 activate

Install operation 4 'install add /disk1:hfr-mgbl-p.pie-3.3.30 activate' started by user 'cisco' at 07:58:56 UTC Wed Mar 01 2006. The install operation will continue asynchronously. :router(admin)#Part 1 of 2 (add software): Started Info: The following package is now available to be activated: Info: Info: disk0:hfr-mgbl-3.3.30 Info: Part 1 of 2 (add software): Completed successfully Part 2 of 2 (activate software): Started Info: The changes made to software configurations will not be persistent across system reloads. Use the command 'admin install Info: commit' to make changes persistent. Info: Please verify that the system is consistent following the software change using the following commands: Info: show system verify Info: install verify packages Part 2 of 2 (activate software): Completed successfully Part 1 of 2 (add software): Completed successfully Part 2 of 2 (activate software): Completed successfully Install operation 4 completed successfully at 08:00:24 UTC Wed Mar 01 2006.

Displaying the Active Packages: Example

The following example displays a summary of the active packages on a router. Because this operation is performed in administration EXEC mode, the active packages for all SDRs are displayed. RP/0/RSP0/CPU0:router(admin)# show install active summary

Default Profile: SDRs: Owner CE1b Active Packages: Active Packages: disk0:hfr-pagent-3.5.0.1I disk0:hfr-fpd-3.5.0.1I disk0:hfr-firewall-3.5.0.1I disk0:hfr-doc-3.5.0.1I disk0:hfr-diags-3.5.0.1I disk0:hfr-mgbl-3.5.0.1I disk0:hfr-mcast-3.5.0.1I disk0:hfr-mpls-3.5.0.1I disk0:hfr-k9sec-3.5.0.1I disk0:comp-hfr-mini-3.5.0.1I

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-70 OL-17103-01 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

You can also display the active packages for a specific SDR, or for a specific node. Enter the show install active command in EXEC mode, or use the sdr option in administration EXEC mode, as shown in the following example: RP/0/RSP0/CPU0:router(admin)# show install active sdr owner

Secure Domain Router: Owner

Node 0/1/CPU0 [LC] [SDR: Owner] Boot Device: mem: Boot Image: /disk0/hfr-os-mbi-3.5.0.1I/lc/mbihfr-lc.vm Active Packages: disk0:hfr-pagent-3.5.0.1I disk0:hfr-fpd-3.5.0.1I disk0:hfr-firewall-3.5.0.1I disk0:hfr-diags-3.5.0.1I disk0:hfr-mcast-3.5.0.1I disk0:hfr-mpls-3.5.0.1I disk0:comp-hfr-mini-3.5.0.1I

Node 0/6/CPU0 [LC] [SDR: Owner] Boot Device: mem: Boot Image: /disk0/hfr-os-mbi-3.5.0.1I/lc/mbihfr-lc.vm Active Packages: disk0:hfr-pagent-3.5.0.1I disk0:hfr-fpd-3.5.0.1I disk0:hfr-firewall-3.5.0.1I disk0:hfr-diags-3.5.0.1I disk0:hfr-mcast-3.5.0.1I disk0:hfr-mpls-3.5.0.1I disk0:comp-hfr-mini-3.5.0.1I

Node 0/RP0/CPU0 [RP] [SDR: Owner] Boot Device: disk0: Boot Image: /disk0/hfr-os-mbi-3.5.0.1I/mbihfr-rp.vm Active Packages: disk0:hfr-pagent-3.5.0.1I disk0:hfr-fpd-3.5.0.1I disk0:hfr-firewall-3.5.0.1I disk0:hfr-doc-3.5.0.1I disk0:hfr-diags-3.5.0.1I disk0:hfr-mgbl-3.5.0.1I disk0:hfr-mcast-3.5.0.1I disk0:hfr-mpls-3.5.0.1I disk0:hfr-k9sec-3.5.0.1I disk0:comp-hfr-mini-3.5.0.1I

Committing the Active Package Set

When a package is activated, it becomes part of the current running configuration. To make the package activation persistent across SDR or system-wide reloads, enter the install commit command. On startup, the DSDRSC of the SDR loads this committed software set.

Note If an SDR reloads and the committed SDR software is incompatible with the current software running on the rest of the system, the committed software of the SDR will not be used and the current running SDR software is used.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-71 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

If the system is reloaded before the current active software is committed with the install commit command, the previously committed software set is used. • To commit the active software set for a specific SDR from administration EXEC mode, use the install commit command with the sdr sdr-name keyword and argument. • To commit the active software set for all SDRs in the system, use the install commit command without keywords or arguments in administration EXEC mode.

Tip Before committing a package set, verify that the SDR is operating correctly and is forwarding packets as expected.

In the following example, the active software packages are committed on all SDRs in a Cisco ASR 9000 Series Router: RP/0/RSP0/CPU0:router(admin)# install commit

Install operation 16 'install commit' started by user 'lab' at 19:18:58 UTC Sat Apr 08 2006. Install operation 16 completed successfully at 19:19:01 UTC Sat Apr 08 2006.

Displaying the Committed Package Versions

To view which packages are committed, enter the show install committed command using the following syntax:

Administration EXEC Mode

show install committed [sdr sdr-name | location node-id] [summary [sdr sdr-name]] [detail [sdr sdr-name | location node-id]] [verbose [sdr sdr-name | location node-id]]

EXEC Mode

show install committed [location node-id] [summary] [detail [location node-id]] [verbose [location node-id]]

Note Enter the show install committed command in administration EXEC mode to display information for the entire system. Use the sdr sdr-name keyword and argument to display information for a specific SDR. Enter the show install committed command in EXEC mode of an SDR to display information for that SDR. For more information on the command options, see Cisco ASR 9000 Series Router System Management Command Reference.

In the following example, the committed packages are shown for the owner SDR: RP/0/RSP0/CPU0:router# show install committed

Secure Domain Router: Owner

Node 0/1/SP [SP] [SDR: Owner] Boot Image: /disk0/hfr-os-mbi-3.3.30/sp/mbihfr-sp.vm Committed Packages: disk0:hfr-diags-3.3.30 disk0:comp-hfr-mini-3.3.30

Node 0/1/CPU0 [LC] [SDR: Owner]

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-72 OL-17103-01 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

Boot Image: /disk0/hfr-os-mbi-3.3.30/lc/mbihfr-lc.vm Committed Packages: disk0:hfr-diags-3.3.30 disk0:comp-hfr-mini-3.3.30

Node 0/6/SP [SP] [SDR: Owner] Boot Image: /disk0/hfr-os-mbi-3.3.30/sp/mbihfr-sp.vm Committed Packages: disk0:hfr-diags-3.3.30 disk0:comp-hfr-mini-3.3.30

Node 0/6/CPU0 [LC] [SDR: Owner] Boot Image: /disk0/hfr-os-mbi-3.3.30/lc/mbihfr-lc.vm Committed Packages: --More--

As with the show install active command, the show install committed command may display a composite package that represents all packages in the Cisco ASR 9000 Series Router Unicast Routing Core Bundle.

Enabling Tacacs+ Accounting, Authorization, and Authentication

Refer to the Authentication, Authorization and Accounting Commands on Cisco IOS XR Software for Cisco ASR 9000 Series Routers module of the Cisco IOS XR System Security Command Reference for Cisco ASR 9000 Series Routers and the Configuring AAA Services on Cisco IOS XR Software for Cisco ASR 9000 Series Routers module of the Cisco IOS XR System Security Configuration Guide for Cisco ASR 9000 Series Routers .

Enabling DNS Look Up

Use the lp domain-name command to enable DNS look up.

Enabling HTTP Server Access

Refer to the Manageability Commands on Cisco IOS XR Software for Cisco ASR 9000 Series Routers module of the Cisco IOS XR System Management Command Reference for Cisco ASR 9000 Series Routers. The following example shows how to enable the HTTP server on the router: RP/0/RSP0/CPU0:router(config)# http server

The following example shows how to enable SSL to run HTTP over a secure socket: RP/0/RSP0/CPU0:router(config)# http server ssl

The following example shows how to enable SSL to run HTTP over a secure socket and to enable access to the CWI from only IP address that meeting the conditions of the access group named test: RP/0/RSP0/CPU0:router(config)# http server ssl access-group test

The following sample output from the show ipv4 access-lists commands displays the IPv4 access list named test: RP/0/RSP0/CPU0:router# show ipv4 access-lists test

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-73 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

ipv4 access-list test 10 deny ip host 171.71.163.96 any 20 permit ip host 64.102.48.34 any

Configuring a Gigabit Ethernet or 10-Gigabit Ethernet Interface

Use the following procedure to create a basic Gigabit Ethernet or 10-Gigabit Ethernet interface configuration.

SUMMARY STEPS

1. show version 2. show interfaces [GigabitEthernet | TenGigE] instance 3. configure 4. interface [GigabitEthernet | TenGigE] instance 5. ipv4 address ip-address mask 6. flow-control {bidirectional | egress | ingress} 7. mtu bytes 8. mac-address value1.value2.value3 9. negotiation auto (on Gigabit Ethernet interfaces only) 10. no shutdown 11. end or commit 12. show interfaces [GigabitEthernet | TenGigE] instance

DETAILED STEPS

Command or Action Purpose Step 1 show version (Optional) Displays the current software version, and can also be used to confirm that the router recognizes the modular services card. Example: RP/0/RSP0/CPU0:router# show version Step 2 show interface [GigabitEthernet | TenGigE] (Optional) Displays the configured interface and checks the instance status of each interface port. Possible interface types for this procedure are: Example: RP/0/RSP0/CPU0:router# show interface TenGigE • GigabitEthernet 0/1/0/0 • TenGigE

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-74 OL-17103-01 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 3 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router# configure terminal Step 4 interface [GigabitEthernet | TenGigE] instance Enters interface configuration mode and specifies the Ethernet interface name and notation rack/slot/module/port. Possible interface types for this procedure are: Example: RP/0/RSP0/CPU0:router(config)# interface • GigabitEthernet TenGigE 0/1/0/0 • TenGigE Note The example indicates an 8-port 10-Gigabit Ethernet interface in modular services card slot 1. Step 5 ipv4 address ip-address mask Assigns an IP address and subnet mask to the interface. • Replace ip-address with the primary IPv4 address for Example: the interface. RP/0/RSP0/CPU0:router(config-if)# ipv4 address 172.18.189.38 255.255.255.224 • Replace mask with the mask for the associated IP subnet. The network mask can be specified in either of two ways: – The network mask can be a four-part dotted decimal address. For example, 255.0.0.0 indicates that each bit equal to 1 means that the corresponding address bit belongs to the network address. – The network mask can be indicated as a slash (/) and number. For example, /8 indicates that the first 8 bits of the mask are ones, and the corresponding bits of the address are network address. Step 6 flow-control {bidirectional| egress | ingress} (Optional) Enables the sending and processing of flow control pause frames. Example: • egress—Enables the sending of flow control pause RP/0/RSP0/CPU0:router(config-if)# flow control frames in egress. ingress • ingress—Enables the processing of received pause frames on ingress. • bidirectional—Enables the sending of flow control pause frames in egress and the processing of received pause frames on ingress. Step 7 mtu bytes (Optional) Sets the MTU value for the interface. • The default is 1514 bytes for normal frames and 1518 Example: bytes for 802.1Q tagged frames. RP/0/RSP0/CPU0:router(config-if)# mtu 1448 • The range for Gigabit Ethernet and 10-Gigabit Ethernet mtu values is 64 bytes to 65535 bytes.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-75 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 8 mac-address value1.value2.value3 (Optional) Sets the MAC layer address of the Management Ethernet interface. Example: • The values are the high, middle, and low 2 bytes, RP/0/RSP0/CPU0:router(config-if)# mac address respectively, of the MAC address in hexadecimal. The 0001.2468.ABCD range of each 2-byte value is 0 to ffff. Step 9 negotiation auto (Optional) Enables autonegotiation on a Gigabit Ethernet interface. Example: • Autonegotiation must be explicitly enabled on both RP/0/RSP0/CPU0:router(config-if)# negotiation ends of the connection, or speed and duplex settings auto must be configured manually on both ends of the connection. • If autonegotiation is enabled, any manually configured speed or duplex settings take precedence. Note The negotiation auto command is available on Gigabit Ethernet interfaces only. Step 10 no shutdown Removes the shutdown configuration, which forces an interface administratively down. Example: RP/0/RSP0/CPU0:router(config-if)# no shutdown Step 11 end Saves configuration changes. or • When you issue the end command, the system prompts commit you to commit changes: Uncommitted changes found, commit them before Example: exiting(yes/no/cancel)? RP/0/RSP0/CPU0:router(config-if)# end [cancel]: or – Entering yes saves configuration changes to the RP/0/RSP0/CPU0:router(config-if)# commit running configuration file, exits the configuration session, and returns the router to EXEC mode. – Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. – Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Step 12 show interfaces [GigabitEthernet | TenGigE] (Optional) Displays statistics for interfaces on the router. instance

Example: RP/0/RSP0/CPU0:router# show interfaces TenGigE 0/3/0/0

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-76 OL-17103-01 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

What to Do Next

• To configure MAC Accounting on the Ethernet interface, see the “Configuring MAC Accounting on an Ethernet Interface” section later in this module. • To configure an 802.1Q VLAN subinterface on the Ethernet interface, see the “Ethernet Services Configuration Examples” module. • To configure an AC on the Ethernet port for Layer 2 VPN implementation, see the “Configuring an Attachment Circuit on an Ethernet Port” section later in this module. • To attach Layer 3 service policies, such as Multiprotocol Label Switching (MPLS) or Quality of Service (QoS), to the Ethernet interface, refer to the appropriate Cisco ASR 9000 Series Router configuration guide.

Configuring MAC Accounting on an Ethernet Interface

This task explains how to configure MAC accounting on an Ethernet interface. MAC accounting has special show commands, which are illustrated in this procedure. Otherwise, the configuration is the same as configuring a basic Ethernet interface, and the steps can be combined in one configuration session. See “Configuring Ethernet Interfaces” in this module for information about configuring the other common parameters for Ethernet interfaces.

SUMMARY STEPS

1. configure 2. interface [GigabitEthernet | TenGigE] instance 3. ipv4 address ip-address mask 4. mac-accounting {egress | ingress} 5. end or commit 6. show mac-accounting type location instance

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router# configure Step 2 interface [GigabitEthernet | TenGigE] instance Enters the interface configuration mode and specifies the Ethernet interface name and instance in the rack/slot/module/port notation. Example: RP/0/RSP0/CPU0:router(config)# interface • The example indicates an 8-port 10-Gigabit Ethernet TenGigE 0/1/0/0 interface in modular services card slot 1.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-77 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 3 ipv4 address ip-address mask Assigns an IP address and subnet mask to the interface. • Replace ip-address with the primary IPv4 address for Example: the interface. RP/0/RSP0/CPU0:router(config-if)# ipv4 address 172.18.189.38 255.255.255.224 • Replace mask with the mask for the associated IP subnet. The network mask can be specified in either of two ways: – The network mask can be a four-part dotted decimal address. For example, 255.0.0.0 indicates that each bit equal to 1 means that the corresponding address bit belongs to the network address. – The network mask can be indicated as a slash (/) and number. For example, /8 indicates that the first 8 bits of the mask are ones, and the corresponding bits of the address are network address. Step 4 mac-accounting {egress | ingress} Generates accounting information for IP traffic based on the source and destination MAC addresses on LAN interfaces. Example: • To disable MAC accounting, use the no form of this RP/0/RSP0/CPU0:router(config-if)# command. mac-accounting egress Step 5 end Saves configuration changes. or • When you issue the end command, the system prompts commit you to commit changes: Uncommitted changes found, commit them before Example: exiting(yes/no/cancel)? RP/0/RSP0/CPU0:router(config-if)# end [cancel]: or – Entering yes saves configuration changes to the RP/0/RSP0/CPU0:router(config-if)# commit running configuration file, exits the configuration session, and returns the router to EXEC mode. – Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. – Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Step 6 show mac-accounting type location instance Displays MAC accounting statistics for an interface.

Example: RP/0/RSP0/CPU0:router# show mac-accounting TenGigE location 0/2/0/4

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-78 OL-17103-01 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI Configuring an Attachment Circuit on an Ethernet Port

Use the following procedure to configure an attachment circuit on a Gigabit Ethernet or 10-Gigabit Ethernet port.

Note The steps in this procedure configure the L2VPN Ethernet port to operate in port mode.

SUMMARY STEPS

1. configure 2. interface [GigabitEthernet | TenGigE] instance 3. l2transport 4. l2protocol {cdp | pvst | stp | vtp} {[tunnel] experimental bits | drop} 5. end or commit 6. show interfaces [GigabitEthernet | TenGigE] instance

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router# configure Step 2 interface [GigabitEthernet | TenGigE] instance Enters interface configuration mode and specifies the Ethernet interface name and notation rack/slot/module/port. Possible interface types for this procedure are: Example: RP/0/RSP0/CPU0:router(config)# interface • GigabitEthernet TenGigE 0/1/0/0 • TenGigE Step 3 l2transport Enables Layer 2 transport mode on a port and enter Layer 2 transport configuration mode. Example: RP/0/RSP0/CPU0:router(config-if)# l2transport

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-79 Configuring Ethernet Virtual Connections (EVCs) Installing System Software on Your ASR 9000 Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 4 l2protocol {cdp | pvst | stp | vtp} {[tunnel] Configures Layer 2 protocol tunneling and data units experimental bits | drop} parameters on an interface. Possible protocols are: Example: RP/0/RSP0/CPU0:router(config-if-l2)# l2protocol • cdp—Cisco Discovery Protocol (CDP) tunneling and stp data unit parameters. • pvst—Configures VLAN spanning tree protocol tunneling and data unit parameters. • stp—spanning tree protocol tunneling and data unit parameters. • vtp—VLAN trunk protocol tunneling and data unit parameters. Use the tunnel option if you want to tunnel the packets associated with the specified protocol. Use the experimental bits keyword argument to modify the MPLS experimental bits for the specified protocol. Use the drop keyword to drop packets associated with the specified protocol. Step 5 end Saves configuration changes. or • When you issue the end command, the system prompts commit you to commit changes: Uncommitted changes found, commit them before Example: exiting(yes/no/cancel)? RP/0/RSP0/CPU0:router(config-if-l2)# end [cancel]: or – Entering yes saves configuration changes to the RP/0/RSP0/CPU0:router(config-if-l2)# commit running configuration file, exits the configuration session, and returns the router to EXEC mode. – Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. – Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Step 6 show interfaces [GigabitEthernet | TenGigE] (Optional) Displays statistics for interfaces on the router. instance

Example: RP/0/RSP0/CPU0:router# show interfaces TenGigE 0/3/0/0

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-80 OL-17103-01 Configuring Ethernet Virtual Connections (EVCs) Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

What to Do Next

• To configure a point-to-point pseudowire xconnect on the AC, see the “Implementing MPLS Layer 2 VPNs” module of the Cisco IOS XR Multiprotocol Label Switching Configuration Guide. • To attach Layer 2 service policies, such as quality of service (QoS), to the Ethernet interface, refer to the appropriate Cisco IOS XR software configuration guide.

Configuration Examples for Ethernet Interfaces

This section provides the following configuration examples: • Configuring an Ethernet Interface: Example • Configuring MAC-accounting: Example • Configuring a Layer 2 VPN AC: Example

Configuring an Ethernet Interface: Example

The following example shows how to configure an interface for a 10-Gigabit Ethernet modular services card: RP/0/RSP0/CPU0:router# configure RP/0/RSP0/CPU0:router(config)# interface TenGigE 0/0/0/1 RP/0/RSP0/CPU0:router(config-if)# ipv4 address 172.18.189.38 255.255.255.224 RP/0/RSP0/CPU0:router(config-if)# flow-control ingress RP/0/RSP0/CPU0:router(config-if)# mtu 1448 RP/0/RSP0/CPU0:router(config-if)# mac-address 0001.2468.ABCD RP/0/RSP0/CPU0:router(config-if)# no shutdown RP/0/RSP0/CPU0:router(config-if)# end Uncommitted changes found, commit them? [yes]: yes

RP/0/RSP0/CPU0:router# show interfaces TenGigE 0/0/0/1

TenGigE0/0/0/1 is down, line protocol is down Hardware is TenGigE, address is 0001.2468.abcd (bia 0001.81a1.6b23) Internet address is 172.18.189.38/27 MTU 1448 bytes, BW 10000000 Kbit reliability 0/255, txload Unknown, rxload Unknown Encapsulation ARPA, Full-duplex, 10000Mb/s, LR output flow control is on, input flow control is on loopback not set ARP type ARPA, ARP timeout 01:00:00 Last clearing of "show interface" counters never 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 total input drops 0 drops for unrecognized upper-level protocol Received 0 broadcast packets, 0 multicast packets 0 runts, 0 giants, 0 throttles, 0 parity 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 packets output, 0 bytes, 0 total output drops Output 0 broadcast packets, 0 multicast packets 0 output errors, 0 underruns, 0 applique, 0 resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-81 Configuring Ethernet Virtual Connections (EVCs) Ethernet Services Cisco Confidential - Beta Draft R3.7 FCI Configuring MAC-accounting: Example

The following example indicates how to configure MAC-accounting on an Ethernet interface: RP/0/RSP0/CPU0:router# configure RP/0/RSP0/CPU0:router(config)# interface TenGigE 0/0/0/2 RP/0/RSP0/CPU0:router(config-if)# ipv4 address 172.18.189.38 255.255.255.224 RP/0/RSP0/CPU0:router(config-if)# mac-accounting egress RP/0/RSP0/CPU0:router(config-if)# commit RP/0/RSP0/CPU0:router(config-if)# exit RP/0/RSP0/CPU0:router(config)# exit

Configuring a Layer 2 VPN AC: Example

The following example indicates how to configure a Layer 2 VPN AC on an Ethernet interface: RP/0/RSP0/CPU0:router# configure RP/0/RSP0/CPU0:router(config)# interface TenGigE 0/0/0/2 RP/0/RSP0/CPU0:router(config-if)# ipv4 address 172.18.189.38 255.255.255.224 RP/0/RSP0/CPU0:router(config-if)# l2transport RP/0/RSP0/CPU0:router(config-if-l2)# l2protocol cdp drop RP/0/RSP0/CPU0:router(config-if-l2)# commit

Ethernet Services

Cisco and the Metro Ethernet Forum (MEF) endorse three main Layer 2 Ethernet service types. The names of the services differ, but their functionality is the same. They are as follows: • Ethernet Wire Service (EWS) • Ethernet Relay Service (ERS) • Ethernet Multipoint Service (EMS) When discussing an Ethernet WAN (EWAN), the following terminology should be used (Figure 1): • CE (customer edge): The customer device connecting to the service provider • PE (provider edge): The service provider device connecting to the customer • UNI: The connection between the CE and PE • Multiplexed UNI: A UNI supporting multiple VLAN flows • Pseudowire: A term used to indicate an end-to-end path in a service provider network

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-82 OL-17103-01 Configuring Ethernet Virtual Connections (EVCs) Ethernet Services Cisco Confidential - Beta Draft R3.7 FCI

Figure 1EWAN Terms

e1/0 e1/0 10.0.0.1 10.0.0.2

CSC-CE CSC-PE 121190

Ethernet Wire Service

An Ethernet Wire Service is a service that emulates a point-to-point Ethernet segment (Figure 2). This is similar to Ethernet private line (EPL), a Layer 1 point-to-point service, except the provider edge operates at Layer 2 and typically runs over a Layer 2+ network. The EWS encapsulates all frames that are received on a particular UNI and transports these frames to a single-egress UNI without reference to the contents contained within the frame. The operation of this service means that an EWS can be used with VLAN-tagged frames. The VLAN tags are transparent to the EWS (bridge protocol data units [BPDUs])—with some exceptions. These exceptions include IEEE 802.1x, IEEE 802.2ad, and IEEE 802.3x, because these frames have local significance and it benefits both the customer and SP to terminate them locally.

Figure 2 EWS Example

e1/0 e1/0 10.0.0.1 10.0.0.2

CSC-CE CSC-PE 121190

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-83 Configuring Ethernet Virtual Connections (EVCs) Ethernet Services Cisco Confidential - Beta Draft R3.7 FCI

Since the service provider simply accepts frames on an interface and transmits these without reference to the actual frame (other than verifying that the format and length are legal for the particular interface) the EWS is indifferent to VLAN tags that may be present within the customer Ethernet frames. EWS subscribes to the concept of "all-to-one" bundling. That is, an EWS maps a port on one end to a point-to-point circuit and to a port on another end. EWS is a port-to-port service (Figure 3). Therefore, if a customer needs to connect a switch or router to n switches or routers it will need n ports and n pseudowires or logical circuits.

Figure 3 Nonservice Multiplexing Example: Each Destination (Left) Needs Its Own Port (Right)

e1/0 e1/0 10.0.0.1 10.0.0.2

CSC-CE CSC-PE 121190

One important point to consider is that, although the EWS broadly emulates an Ethernet Layer 1 connection, the service is provided across a shared infrastructure, and therefore it is unlikely that the full interface bandwidth will be, or needs to be, available at all times. EWS will typically be a sub-line rate service, where many users share a circuit somewhere in their transmission path. As a result, the cost will most likely be less than that of EPL. Unlike a Layer 1 EPL, the SP will need to implement QoS and traffic engineering to meet the specific objectives of a particular contract. However, if the customer's application requires a true wire rate transparent service, then an EPL service—delivered using optical transmission devices such as DWDM (dense wavelength division multiplexing), CDWM (coarse wavelength division multiplexing), or SONET/SDH—should be considered.

Ethernet Relay Service

Ethernet Relay Service is similar to EWS in that it offers point-to-point connectivity. The key differentiation between EWS and ERS is that an ERS uses a VLAN tag to multiplex several, non-same-destination pseudowires to one port. That is, unlike EPL and EWS, ERS is a "one-to-many," multiplexed service. Service multiplexing simply means that multiple pseudowires utilize a single access interface or UNI. These circuits can terminate within an L2VPN or on, for example, an Internet gateway. From the service user's perspective, this service multiplexing capability offers more efficient interface utilization, simplification of cable plant, and reduced maintenance costs associated with additional interfaces.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-84 OL-17103-01 Configuring Ethernet Virtual Connections (EVCs) Ethernet Services Cisco Confidential - Beta Draft R3.7 FCI

Using the same example as above, where a router connects to n other routers, the source router only needs one port for the service instead of n, as is the case with an EWS. The service need not be port-to-port, but can be logical-pseudowire-to-logical-pseudowire. In the case of an ERS, each circuit can terminate at a different remote location (Figure 4), whereas using EWS, all frames are mapped to a single circuit and therefore a single egress point.

Figure 4 ERS Service Multiplexing Example: One Port (Left) Can Be Used for All Destinations (Right)

e1/0 e1/0 10.0.0.1 10.0.0.2

CSC-CE CSC-PE 121190

Like Frame Relay, ERS allows a customer device to access multiple connections through a single physical port attached to the service provider network. The service offered by ERS can be thought of as being similar in concept to Frame Relay, in that a VLAN number is used as a virtual circuit identifier in a similar fashion to Frame Relay data link connection identifier (DLCI) or an ATM permanent virtual circuit (PVC). Unlike EWS, ERS does not forward BPDUs, because IEEE 802.1Q (VLAN tagging) only sends BPDUs on a default VLAN. In a hub-and-spoke network, only one spoke at most would receive BPDUs, thus breaking the spanning tree in the rest of the network. Therefore, an ERS does not transmit any BPDUs and runs routing protocols instead of Ethernet Spanning Tree. The routing protocols give the customer and provider greater flexibility, traffic determination characteristics, and value-added services.

Ethernet Multipoint Service

An Ethernet Multipoint Service (EMS) differs from EWS and ERS in that an EMS provides a multipoint connectivity model. It should be noted that an EMS service definition is still under review within the IETF Virtual Private LAN Service (VPLS) working group. Although EMS uses a multipoint model, it can forward unicast packets to single destinations; that is, it also supports point-to-point connections. To the end user, the network looks like a giant Ethernet switch where each customer has their own VLAN or broadcast domain, rather than end-to-end pseudowire link(s) (Figure 5).

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-85 Configuring Ethernet Virtual Connections (EVCs) Ethernet Services Cisco Confidential - Beta Draft R3.7 FCI

Figure 5 EMS Example

EMS Example

An EMS does not map an interface or VLAN to a specific point-to-point pseudowire. Instead, it models the operation of a virtual Ethernet switch: EMS uses the customer's MAC address to forward frames to the correct egress UNI within the service provider's network. An EMS emulates the service attributes of an Ethernet switch and learns source MAC to interface associations, floods unknown broadcast and multicast frames, and (optionally) monitors the service user's spanning tree protocol. One important point to note is that although the service provider may utilize spanning tree within the transport network, there is no interaction with the service user's spanning tree. This service works similar to an MPLS VPN, except it functions at Layer 2 instead of Layer 3. While a VPLS EMS is a viable solution, its scalability and QoS control are suspect compared to that of MPLS VPNs. In addition, it is much more difficult, and may be impossible, for the service provider to offer value-added Layer 3 services (this is discussed later in the document).

What is an EFP?

EFP is an Ethernet Flowpoint

An EFP is an instantiation of a particular service. An EFP is defined by a set of filters. These filters are applied to all ingress traffic to classify which frames belong to a particular EFP. An EFP filter is a set of entries, where each entry looks very much like the start of a packet (ignoring source/destination MAC address)—so each entry is usually 0, 1 or 2 VLAN tags. A packet that starts with the same tags as an entry in the filter is said to match the filter; if the start of the packet does not correspond to any entry in the filter then the packet does not match.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-86 OL-17103-01 Configuring Ethernet Virtual Connections (EVCs) Where to Go Next Cisco Confidential - Beta Draft R3.7 FCI EFP CLI Configuration Structure

Structured CLI

IOS-XR uses a structured CLI for EFP and EVC configuration. The layer2tranport command identifies a subinterface (of a physical port of bundle-port parent interface) as an EFP. The encapsulation command is used specify matching criteria. The rewrite command is used to specify VLAN tag rewrite criteria. The service-policy input/output commands are used to specify QoS treatment. The Ethernet cfm command is used to set OAM features. The Ethernet services access-group command is used to set Layer 2 security ACLs.

Where to Go Next

Additional References

The following sections provide references related to implementing Gigabit and 10-Gigabit Ethernet interfaces.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-87 Configuring Ethernet Virtual Connections (EVCs) Additional References Cisco Confidential - Beta Draft R3.7 FCI Related Documents

Related Topic Document Title Cisco IOS XR master command reference Cisco IOS XR Master Commands List

Standards

Standards Title No new or modified standards are supported by this — feature, and support for existing standards has not been modified by this feature.

MIBs

MIBs MIBs Link There are no applicable MIBs for this module. To locate and download MIBs for selected platforms using Cisco IOS XR Software, use the Cisco MIB Locator found at the following URL: http://cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml

RFCs

RFCs Title No new or modified RFCs are supported by this — feature, and support for existing RFCs has not been modified by this feature.

Technical Assistance

Description Link The Cisco Technical Support website contains thousands of http://www.cisco.com/techsupport pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-88 OL-17103-01 Configuring Ethernet Virtual Connections (EVCs) Setting Up Your Multicast Connections Cisco Confidential - Beta Draft R3.7 FCI Setting Up Your Multicast Connections

Refer to the Implementing Multicast Routing on Cisco ASR 9000 Series Aggregation Services Routers module of the Cisco ASR 9000 Series Aggregation Services Router Multicast Configuration Guide and the Multicast Routing and Forwarding Commands on Cisco ASR 9000 Series Aggregation Services Routers module of the Cisco ASR 9000 Series Aggregation Services Router Multicast Command Reference.

SUMMARY STEPS

1. configure 2. multicast-routing 3. address-family ipv4 4. nsf 5. interface all enable 6. accounting per-prefix 7. router pim 8. vrf default address-family ipv4 9. rp-address

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router# configure Step 2 multicast-routing [address-family ipv4] Enters multicast routing configuration mode. • The following multicast processes are started: MRIB, Example: MFWD, PIM, and IGMP. RP/0/RSP0/CPU0:router(config)# multicast-routing • For IPv4, IGMP version 3 is enabled by default. • For IPv4, use the address-family ipv4 keywords. Step 3 interface all enable Enables multicast routing and forwarding on all new and existing interfaces. Example: RP/0/RSP0/CPU0:router(config-mcast-ipv4)# interface all enable Step 4 exit Exits multicast routing configuration mode, and returns the router to the parent configuration mode. Example: RP/0/RSP0/CPU0:router(config-mcast-ipv4)# exit

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-89 Configuring Ethernet Virtual Connections (EVCs) Setting Up Your Multicast Connections Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 5 router igmp (Optional) Enters router IGMP configuration mode.

Example: RP/0/RSP0/CPU0:router(config)# router igmp Step 6 version {1 | 2 | 3} (Optional) Selects the IGMP version that the router interface uses. Example: • The default for IGMP is version 3. RP/0/RSP0/CPU0:router(config-igmp)# version 3 • Host receivers must support IGMPv3 for PIM-SSM operation. • If this command is configured in router IGMP configuration mode, parameters are inherited by all new and existing interfaces. You can override these parameters on individual interfaces from interface configuration mode. Step 7 end Saves configuration changes. or commit • When you issue the end command, the system prompts you to commit changes: Uncommitted changes found, commit them before Example: exiting(yes/no/cancel)? RP/0/RSP0/CPU0:router(config-igmp)# end [cancel]: or RP/0/RSP0/CPU0:router(config-igmp)# commit – Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode. – Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. – Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Step 8 show pim [ipv4] group-map [ip-address-name] (Optional) Displays group-to-PIM mode mapping. [info-source]

Example: RP/0//CPU0:router# show pim ipv4 group-map Step 9 show pim [vrf vrf-name] [ipv4] topology (Optional) Displays PIM topology table information for a [source-ip-address [group-ip-address] | specific group or all groups. entry-flag flag | interface-flag | summary] [route-count]

Example: RP/0/RSP0/CPU0:router# show pim topology

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-90 OL-17103-01 Configuring Ethernet Virtual Connections (EVCs) Setting Up Your Multicast Connections Cisco Confidential - Beta Draft R3.7 FCI

The following example shows how to enter IPv4 multicast routing configuration mode: RP/0/RSP0/CPU0:router(config)# multicast-routing RP/0/RSP0/CPU0:router(config-mcast)# address-family ipv4 RP/0/RSP0/CPU0:router(config-mcast-default-ipv4)#

1. router msdp 2. connect-source type interface-id 3. peer peer-address

Detailed Steps

Step 1 router msdp Enters MSDP protocol configuration mode.

Example: RP/0/RSP0/CPU0:router(config)# router msdp Step 2 default-peer ip-address [prefix-list list] (Optional) Defines a default peer from which to accept all MSDP SA messages. Example: RP/0/RSP0/CPU0:router(config-msdp)# default-peer 172.23.16.0 Step 3 originator-id type interface-id (Optional) Allows an MSDP speaker that originates a (Source-Active) SA message to use the IP address of the interface as the RP address in the SA message. Example: RP/0/RSP0/CPU0:router(config-msdp)# originator-id pos 0/1/1/0 Step 4 peer peer-address Enters MSDP peer configuration mode and configures an MSDP peer. Example: • Configure the router as a BGP neighbor. RP/0/RSP0/CPU0:router(config-msdp)# peer 172.31.1.2 • If you are also BGP peering with this MSDP peer, use the same IP address for MSDP and BGP. You are not required to run BGP or multiprotocol BGP with the MSDP peer, as long as there is a BGP or multiprotocol BGP path between the MSDP peers. Step 5 connect-source type interface-id (Optional) Configures a source address used for an MSDP connection. Example: RP/0/RSP0/CPU0:router(config-msdp-peer)# connect-source loopback 0 Step 6 mesh-group name (Optional) Configures an MSDP peer to be a member of a mesh group. Example: RP/0/RSP0/CPU0:router(config-msdp-peer)# mesh-group internal

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-91 Configuring Ethernet Virtual Connections (EVCs) Setting Up Your Multicast Connections Cisco Confidential - Beta Draft R3.7 FCI

Step 7 remote-as as-number (Optional) Configures the remote autonomous system number of this peer. Example: RP/0/RSP0/CPU0:router(config-msdp-peer)# remote-as 250 Step 8 end Saves configuration changes. or • When you issue the end command, the system prompts commit you to commit changes: Uncommitted changes found, commit them before Example: exiting(yes/no/cancel)? RP/0/RSP0/CPU0:router(config-msdp-peer)# end [cancel]: or – Entering yes saves configuration changes to the RP/0/RSP0/CPU0:router(config-msdp-peer)# commit running configuration file, exits the configuration session, and returns the router to EXEC mode. – Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. – Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

Summary Steps

1. interface GigabitEthernet0/4/0/1.1 l2transport 2. service instance ethernet 3. encapsulation dot1q x second-dot1q 7 4. rewrite ingress tag translate 2-to-2 dot1q y second-dot1q x symmetric 5. interface GigabitEthernet0/4/0/1.2 l2transport 6. service instance ethernet 7. encapsulation dot1q x second-dot1q 8 8. rewrite ingress tag translate 2-to-1 dot1q x symmetric

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-92 OL-17103-01 Configuring Ethernet Virtual Connections (EVCs) Where to Go Next Cisco Confidential - Beta Draft R3.7 FCI

Related Documents

Related Topic Document Title Descriptions of the clock commands Clock Commands on the Cisco ASR 9000 Series Router module of Cisco ASR 9000 Series Router System Management Command Reference Commands used to configure NTP NTP Commands on the Cisco ASR 9000 Series Router module of Cisco ASR 9000 Series Router System Management Command Reference

Where to Go Next

When you have completed the configuration procedures in this chapter, consider the following resources for additional configuration documentation: • For ethernet services configuration examples, see Ethernet Services Configuration Examples • For the list of platform-specific ethernet services commands on the Cisco ASR 9000 Series Router, see Cisco ASR 9000 Series Router Platform Dependent Command Reference • For information on configuring interfaces, see the hardware documents listed in the “Related Documents” section on page xvi.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-93 Configuring Ethernet Virtual Connections (EVCs) Where to Go Next Cisco Confidential - Beta Draft R3.7 FCI

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-94 OL-17103-01 Cisco Confidential - Beta Draft R3.7 FCI

Cisco ASR 9000 Series Router Platform Dependent Command Reference

This module describes the Cisco IOS XRcommands used to configure the Ethernet interfaces and the VLAN subinterfaces on the Cisco ASR 9000 Series Aggregation Services Router using the command-line interface (CLI). The distributed Gigabit Ethernet and 10-Gigabit Ethernet architecture and features deliver network scalability and performance, while enabling service providers to offer high-density, high-bandwidth networking solutions designed to interconnect the router with other systems in POPs, including core and edge routers and Layer 2 and 3 switches.

Contents

• Ethernet Interface Commands on Cisco ASR 9000 Series Routers, page 95 • 802.1Q VLAN Subinterface Commands on Cisco ASR 9000 Series Routers, page 172 • Where to Go Next, page 190 • Additional References, page 190

Ethernet Interface Commands on Cisco ASR 9000 Series Routers

This section containd the following commands: • carrier-delay, page 97 • clear ethernet cfm ccm-learning-database, page 99 • clear ethernet cfm interfaces, page 101 • clear ethernet cfm local meps, page 102 • clear ethernet cfm peer meps, page 105 • clear ethernet cfm traceroute-cache, page 107 • clear ethernet oam statistics, page 108 • clear mac-accounting (Ethernet), page 109 • encapsulation dot1q, page 111 • ethernet cfm cc, page 112

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-95 Cisco ASR 9000 Series Router Platform Dependent Command Reference Ethernet Interface Commands on Cisco ASR 9000 Series Routers Cisco Confidential - Beta Draft R3.7 FCI

• ethernet cfm mep domain, page 114 • ethernet cfm traceroute cache, page 115 • ethernet cfm traceroute cache hold-time, page 116 • ethernet cfm traceroute cache size, page 117 • ethernet oam loopback, page 119 • flow-control, page 120 • interface GigabitEthernet, page 122 • interface TenGigE, page 124 • l2protocol (Ethernet), page 126 • l2transport (Ethernet), page 128 • loopback (Ethernet), page 130 • mac-accounting, page 132 • mac-address (Ethernet), page 133 • negotiation auto, page 134 • packet-gap non-standard, page 135 • ping ethernet cfm, page 136 • show controllers (Ethernet), page 138 • show ethernet cfm ccm-learning-database, page 146 • show ethernet cfm configuration-errors, page 147 • show ethernet cfm interfaces statistics, page 149 • show ethernet cfm local maintenance-points, page 151 • show ethernet cfm local maintenance-points, page 153 • show ethernet cfm local meps, page 154 • show ethernet cfm peer meps, page 155 • show ethernet cfm traceroute-cache, page 157 • show ethernet oam configuration, page 159 • show ethernet oam discovery, page 161 • show mac-accounting (Ethernet), page 163 • show spanning-tree mst, page 165 • traceroute ethernet cfm (basic linktrace), page 168 • traceroute ethernet cfm (exploratory linktrace), page 170

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-96 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference carrier-delay Cisco Confidential - Beta Draft R3.7 FCI carrier-delay

To delay the processing of hardware link down notifications, use the carrier-delay command in interface configuration mode.

carrier-delay {down milliseconds [up milliseconds] | up milliseconds [down milliseconds]}

Syntax Description down milliseconds Length of time, in milliseconds, to delay the processing of hardware link down notifications. Range is from 1 through 5000. up milliseconds Length of time, in milliseconds, to delay the processing of hardware link up notifications. Range is from 1 through 5000.

Defaults No carrier-delay is used, and the upper layer protocols are notified as quickly as possible when a physical link goes down.

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Usage Guidelines To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide. When you delay the processing of hardware link down notifications, the higher layer routing protocols are unaware of a link until that link is stable. If the carrier-delay down milliseconds command is configured on a physical link that fails and cannot be recovered, link down detection is increased, and it may take longer for the routing protocols to re-route traffic around the failed link. In the case of very small interface state flaps, running the carrier-delay down milliseconds command prevents the routing protocols from experiencing a route flap.

Note Enter the show interface command to see the current state of the carrier-delay operation for an interface. No carrier-delay information is displayed if carrier-delay has not been configured on an interface.

Task ID Task ID Operations interface read, write

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-97 Cisco ASR 9000 Series Router Platform Dependent Command Reference carrier-delay Cisco Confidential - Beta Draft R3.7 FCI

Examples The following example shows how to delay the processing of hardware link down notifications: RP/0/RSP0/CPU0:router(config-if)# carrier-delay down 10

The following example shows how to delay the processing of hardware link up and down notifications: RP/0/RSP0/CPU0:router(config-if)# carrier-delay up 100 down 100

Related Commands Command Description dampening Limits propagation of transient or frequently changing interface states on Interface Manager (IM) clients.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-98 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference clear ethernet cfm ccm-learning-database Cisco Confidential - Beta Draft R3.7 FCI clear ethernet cfm ccm-learning-database

To clear the ccm learning database, use the clear ethernet cfm ccm-learning-database command in interface configuration mode.

clear ethernet cfm ccm-learning-database {GigabitEthernet | TenGigE} statistics location { node-id | all }

{GigabitEthernet | Type of Ethernet interface whose CFM CCM learning database you want to TenGigE} clear. Enter GigabitEthernet or TenGigE. location node-id (Optional) Clears the CFM CCM learning database for the designated node. The node-id argument is entered in the rack/slot/module notation.

Defaults All CFM ccm-learning-databases on all interfaces are cleared.

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Note The location cannot be specified if a particular interface is specified.

Task ID Task ID Operations interface read, write

Examples The following example shows how to clear all the CFM CCM learning databases on all interfaces: RP/0/RSP0/CPU0:router(config-if)# clear ethernet cfm ccm-learning-database

Output: none

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-99 Cisco ASR 9000 Series Router Platform Dependent Command Reference clear ethernet cfm ccm-learning-database Cisco Confidential - Beta Draft R3.7 FCI

Related Commands Command Description show ethernet cfm Displays the CFM CCM learning databases. ccm-learning-datab ase

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-100 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference clear ethernet cfm interfaces Cisco Confidential - Beta Draft R3.7 FCI clear ethernet cfm interfaces

To clear the per-interface counters, use the clear ethernet cfm interfaces command in interface configuration mode.

clear ethernet cfm interfaces {GigabitEthernet | TenGigE} statistics location { node-id | all }

{GigabitEthernet | Type of Ethernet interface whose CFM statistics you want to clear. Enter TenGigE} GigabitEthernet or TenGigE. location node-id (Optional) Clears MAC accounting statistics for the designated node. The node-id argument is entered in the rack/slot/module notation.

Defaults All CFM counters from all interfaces are cleared.

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Note The location cannot be specified if a particular interface is specified.

Task ID Task ID Operations interface read, write

Examples The following example shows how to clear all the CFM counters from all interfaces: RP/0/RSP0/CPU0:router(config-if)# clear ethernet cfm interfaces

Output: none

Related Commands Command Description show ethernet cfm Displays the per-interface CFM counters. configuration-errors

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-101 Cisco ASR 9000 Series Router Platform Dependent Command Reference clear ethernet cfm local meps Cisco Confidential - Beta Draft R3.7 FCI clear ethernet cfm local meps

Clear local MEP counters for the given MEPs

clear ethernet cfm local meps { all | domain domain-name { all | service service-name { all | mep-id id } } | interface efp { all | domain domain-name} }

Defaults All CFM counters from all interfaces are cleared.

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Note The location cannot be specified if a particular interface is specified.

Task ID Task ID Operations interface read, write

Examples The following example shows how to clear all the local MEP counters from all interfaces: RP/0/RSP0/CPU0:router(config-if)# clear ethernet cfm local meps

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-102 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference clear ethernet cfm local meps Cisco Confidential - Beta Draft R3.7 FCI

Output: none

Related Commands Command Description show ethernet cfm Displays the per-interface CFM counters. configuration-errors

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-103 Cisco ASR 9000 Series Router Platform Dependent Command Reference clear ethernet cfm interfaces Cisco Confidential - Beta Draft R3.7 FCI clear ethernet cfm interfaces

To clear the per-interface counters, use the clear ethernet cfm interfaces command in interface configuration mode.

clear ethernet cfm interfaces {GigabitEthernet | TenGigE} statistics location { node-id | all }

Defaults All CFM counters from all interfaces are cleared.

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Note The location cannot be specified if a particular interface is specified.

Task ID Task ID Operations interface read, write

Examples The following example shows how to clear all the CFM counters from all interfaces: RP/0/RSP0/CPU0:router(config-if)# clear ethernet cfm interfaces

Output: none

Related Commands Command Description show ethernet cfm Displays the per-interface CFM counters. configuration-errors

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-104 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference clear ethernet cfm peer meps Cisco Confidential - Beta Draft R3.7 FCI clear ethernet cfm peer meps

Clear remote MEP counters for the given MEPs

clear ethernet cfm peer meps { all | domain domain-name { all | service service-name { all | mep-id id } } | interface efp { all | domain domain-name} }

Defaults All CFM remote MEP counters from all interfaces are cleared.

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Note The location cannot be specified if a particular interface is specified.

Task ID Task ID Operations interface read, write

Examples The following example shows how to clear all the remote MEP counters from all interfaces: RP/0/RSP0/CPU0:router(config-if)# clear ethernet cfm peer meps

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-105 Cisco ASR 9000 Series Router Platform Dependent Command Reference clear ethernet cfm peer meps Cisco Confidential - Beta Draft R3.7 FCI

Output: none

Related Commands Command Description show ethernet cfm Displays the per-interface CFM counters. configuration-errors

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-106 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference clear ethernet cfm traceroute-cache Cisco Confidential - Beta Draft R3.7 FCI clear ethernet cfm traceroute-cache

To remove the contents of the traceroute cache, use the clear ethernet cfm traceroute-cache command in privileged EXEC mode.

clear ethernet cfm traceroute-cache

Syntax Description This command has no arguments or keywords.

Command Modes Privileged EXEC (#)

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Usage Guidelines Use the clear ethernet cfm traceroute-cache command to remove traceroute cache entries from previous traceroute operations issued on the device. This command also provides visibility into maintenance intermediate points and maintenance end points of a domain as they were recorded when the operation was performed.

Examples The following example shows the clear ethernet cfm traceroute-cache command: Router# clear ethernet cfm traceroute-cache

Related Commands Command Description ethernet cfm Enables caching of Ethernet CFM data learned through traceroute messages. traceroute cache show ethernet cfm Displays the contents of the traceroute cache. traceroute-cache

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-107 Cisco ASR 9000 Series Router Platform Dependent Command Reference clear ethernet oam statistics Cisco Confidential - Beta Draft R3.7 FCI clear ethernet oam statistics

Use the clear ethernet oam statistics command to clear all OAM counters associated with a given interface. If no interface is specified, the clear ethernet oam statistics command clears all the OAM counters on all interfaces with OAM enabled.

clear ethernet oam statistics {interface {interface | all} | location {location | all}}

Syntax Description interface interface Type of Ethernet interface whose MAC accounting statistics you want to clear. Enter GigabitEthernet or TenGigE. location node-id (Optional) Clears MAC accounting statistics for the designated node. The node-id argument is entered in the rack/slot/module notation.

Defaults No default behavior or values

Command Modes EXEC

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Task ID Task ID Operations interface read, write basic-services read, write

Examples The following example shows how to clear all OAM statistics for the TenGigE port at 1/0/0/1: RP/0/RSP0/CPU0:router# clear ethernet oam statistics TenGigE 0/1/5/0 location 1/0/0/1

Related Commands Command Description mac-accounting Configures MAC accounting on an interface. show mac-accounting Displays MAC accounting statistics for an interface. (Ethernet)

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-108 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference clear mac-accounting (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI clear mac-accounting (Ethernet)

To clear Media Access Control (MAC) accounting statistics, use the clear mac-accounting command in EXEC mode.

clear mac-accounting {GigabitEthernet | TenGigE} instance [location node-id]

Syntax Description {GigabitEthernet | Type of Ethernet interface whose MAC accounting statistics you want to TenGigE} clear. Enter GigabitEthernet or TenGigE. instance Interface whose MAC accounting statistics you want to clear. The naming notation is rack/slot/module/port, and a slash between values is required as part of the notation. • rack—Chassis number of the rack. • slot—Physical slot number of the line card or modular services card. • module—Module number. A physical layer interface module (PLIM) is always 0. • port—Physical port number of the interface. Note For more information about the syntax for the router, use the question mark (?) online help function. location node-id (Optional) Clears MAC accounting statistics for the designated node. The node-id argument is entered in the rack/slot/module notation.

Defaults No default behavior or values

Command Modes EXEC

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Task ID Task ID Operations interface read, write basic-services read, write

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-109 Cisco ASR 9000 Series Router Platform Dependent Command Reference clear mac-accounting (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI

Examples The following example shows how to clear all MAC accounting statistics for the TenGigE port at 1/0/0/1: RP/0/RSP0/CPU0:router# clear mac-accounting TenGigE 0/1/5/0 location 1/0/0/1

Related Commands Command Description mac-accounting Configures MAC accounting on an interface. show mac-accounting Displays MAC accounting statistics for an interface. (Ethernet)

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-110 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference encapsulation dot1q Cisco Confidential - Beta Draft R3.7 FCI encapsulation dot1q

To enable IEEE 802.1Q encapsulation of traffic on a specified subinterface in virtual LANs (VLANs), use the encapsulation dot1q subinterface configuration command.

encapsulation dot1q vlan-id [second-dot1q vlan-id ]

Syntax Description vlan-id Virtual LAN identifier. The allowed range is from 1 to 4095.

Defaults No default values or behaviors.

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Usage Guidelines IEEE 802.1Q encapsulation is configurable on Gigabit Ethernet and Ten Gigabit Ethernet interfaces. IEEE 802.1Q is a standard protocol for interconnecting multiple switches and routers and for defining VLAN topologies. To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Task ID Task ID Operations interface read, write

Examples The following example encapsulates VLAN traffic using the IEEE 802.1Q protocol for VLAN 100: RP/0/RSP0/CPU0:router# configure RP/0/RSP0/CPU0:router(config)# interface GigabitEther 0/2/0/0 RP/0/RSP0/CPU0:router(config-if)# l2transport RP/0/RSP0/CPU0:router(config-if)# encapsulation dot1q 100 second-dot1q 215

Related Commands Command Description interface Enables the interface configuration mode for a Gigabit Ethernet interface. GigabitEthernet interface TenGigE Enables enter interface configuration mode for a Ten Gigabit Ethernet interface.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-111 Cisco ASR 9000 Series Router Platform Dependent Command Reference ethernet cfm cc Cisco Confidential - Beta Draft R3.7 FCI ethernet cfm cc

To set parameters for continuity check messages (CCMs), use the ethernet cfm cc command in global configuration mode. To reset parameters to their default values, use the no form of this command.

ethernet cfm cc level {any | level-id | level-id-level-id | [,level-id-level-id]} vlan {vlan-id | any | vlan-id-vlan-id | [,vlan-id-vlan-id]} [interval seconds] [loss-threshold num_msgs]

no ethernet cfm cc level {any | level-id | level-id-level-id | [,level-id-level-id]} vlan {vlan-id | any | vlan-id-vlan-id | [,vlan-id-vlan-id]} [interval seconds] [loss-threshold num_msgs]

Syntax Description level Indicates a maintenance level for the configuration. any Indicates that all levels are to be configured. level-id Integer from 0 to 7 that identifies a maintenance level. level-id-level-id Integers from 0 to 7 that define a range of levels to be configured. The hyphen is required to separate starting and ending values that define the range. ,level-id-level-id (Optional) Integers from 0 to 7 that define a list of ranges to be configured. The comma must be entered to separate ranges. The hyphen is required to separate starting and ending values that are used to define each range of levels to be configured. vlan Indicates a VLAN for configuration. any Indicates that all VLANs are to be configured. vlan-id Integer from 1 to 4094 that identifies a VLAN to be configured. vlan-id-vlan-id Integers from 1 to 4094 that define a range of VLANs to be configured. The hyphen is required to separate starting and ending values that are used to define the range. ,vlan-id-vlan-id (Optional) Integers from 1 to 4094 that define a list of VLAN ranges to be configured. The comma must be entered to separate ranges. The hyphen is required to separate starting and ending values that are used to define each range of VLANs. interval seconds (Optional) Specifies, in seconds, the time between CCM transmissions. Integer value in the range of 10 to 65535. The default is 30. loss-threshold (Optional) Indicates the maximum number of CCMs that can be missed num_msgs before declaring that a maintenance end point (MEP) is down. Integer in the range of 2 to 255 that specifies the maximum number of CCMs that can be lost before a MEP is declared down. The default is 2.

Command Default For all maintenance levels and VLANs configured on a device, the interval is 30 seconds and the loss-threshold is 2.

Command Modes Global configuration (config)

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-112 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference ethernet cfm cc Cisco Confidential - Beta Draft R3.7 FCI

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Usage Guidelines The ethernet cfm cc command is used to set parameters for generating and receiving CCMs in one of the following ways: • Globally (per device) • For a maintenance domain • For a particular customer service instance (CSI) • For a combination of maintenance domain and CSI When the ethernet cfm cc command is issued, the system may perform optimizations by concatenating possible ranges, and the configuration may not go through nonvolatile generation (NVGEN) as it was originally entered. If you configure the ethernet cfm cc command with the default values for interval and loss threshold, these parameters will not display after NVGEN. If you configure the command with at least one parameter not at the default value, all parameters are displayed.

Examples The following example shows how to configure an Ethernet connectivity fault management (CFM) level ID of 5 for all VLANs, with messages transmitted every 30 seconds and a remote MEP declared down after two messages are missed. Note that the interval and loss-threshold parameters are configured for the default values and do not display after NVGEN. Router(config)# ethernet cfm cc level 5 vlan any interval 30 loss-threshold 2 (NVGEN)ethernet cfm cc level 5 vlan any

The following example shows how to configure an Ethernet CFM level ID of 5 for all VLANs, with messages transmitted every 1000 seconds and a remote MEP declared down after two messages (the default value) are missed: Router(config)# ethernet cfm cc level 5 vlan any interval 1000 loss-threshold 2 (NVGEN)ethernet cfm cc level 5 vlan any interval 1000

The following example shows how to configure an Ethernet CFM level ID of 5 for all VLANs, with messages transmitted every 1000 seconds and a remote MEP declared down after seven messages are missed (neither value is a default value): Router(config)# ethernet cfm cc level 5 vlan any interval 1000 loss-threshold 7 (NVGEN)ethernet cfm cc level 5 vlan any interval 1000 loss-threshold 7

The following example shows how to configure Ethernet CFM for multiple levels for VLANs 100 to 200 with messages transmitted every 50 seconds and a remote MEP declared down after five messages are missed (neither value is a default value): Router(config)# ethernet cfm cc level 1-5 vlan 100-200 interval 50 loss 5 Router(config)# no ethernet cfm cc level 2-3 vlan 50-150 int 50 loss 5 (NVGEN)ethernet cfm cc level 2-3 vlan 151-200 interval 50 loss-threshold 5 ethernet cfm cc level 1,4-5 vlan 100-200 interval 50 loss-threshold 5

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-113 Cisco ASR 9000 Series Router Platform Dependent Command Reference ethernet cfm mep domain Cisco Confidential - Beta Draft R3.7 FCI ethernet cfm mep domain

Use the ethernet cfm mep domain command to define a CFM domain, define the service name, set the MEP ID, set up the COS level, and enter ethernet-cfm configuration mode for the domain.

ethernet cfm mep domain name service name mep-id id [cos val]

Syntax Description domain name String of a maximum of 154 characters that identifies the domain in which the maintenance points reside. Note For more information about the syntax for the Cisco ASR 9000 Series Router, use the question mark (?) online help function. service name String of a maximum of 154 characters that identifies the maintenance association to which the maintenance points belong. mep-id id (Optional) String of a maximum of 154 characters that identifies the ID number of the source MEP. cos cos_val (Optional) Identifies the class of traffic of the source MEP by setting a CoS value. The valid values are from 0 to 7.

Command Default Caching is disabled.

Command Modes Global configuration (config)

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Examples The following example shows how to enable an Ethernet CFM MEP domain named berry: Router(config)# ethernet cfm mep domain berry

Related Commands ethernet cfm traceroute Sets a maximum time that Ethernet CFM traceroute cache entries will cache be retained. ethernet cfm traceroute Sets a maximum number for entries in an Ethernet CFM traceroute cache size cache table.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-114 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference ethernet cfm traceroute cache Cisco Confidential - Beta Draft R3.7 FCI ethernet cfm traceroute cache

To enable caching of Ethernet connectivity fault management (CFM) data learned through traceroute messages, use the ethernet cfm traceroute cache command in global configuration mode. To disable caching, use the no form of this command.

ethernet cfm traceroute cache

no ethernet cfm traceroute cache

Syntax Description This command has no arguments or keywords.

Command Default Caching is disabled.

Command Modes Global configuration (config)

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Usage Guidelines Setting a traceroute cache allows you to store the results of traceroute operations initiated on the device.

Examples The following example shows how to enable Ethernet CFM traceroute cache: Router(config)# ethernet cfm traceroute cache

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-115 Cisco ASR 9000 Series Router Platform Dependent Command Reference ethernet cfm traceroute cache hold-time Cisco Confidential - Beta Draft R3.7 FCI ethernet cfm traceroute cache hold-time

To set the time that Ethernet connectivity fault management (CFM) traceroute cache entries are retained, use the ethernet cfm traceroute cache hold-time command in global configuration mode. To remove the configured time, use the no form of this command.

ethernet cfm traceroute cache hold-time minutes

no ethernet cfm traceroute cache hold-time minutes

Syntax Description minutes Integer in the range of 1 to 65535 that specifies the number of minutes that cache entries will be retained. The default is 100.

Command Default Entries are retained for 100 minutes.

Command Modes Global configuration (config)

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Usage Guidelines Before you can issue this command, you must have enabled traceroute caching using the ethernet cfm traceroute cache command.

Examples The following example shows how to set the retention time for entries in an Ethernet CFM traceroute cache table to 5 minutes: Router(config)# ethernet cfm traceroute cache hold-time 5

Related Commands ethernet cfm traceroute Enables caching of Ethernet CFM data learned from traceroute cache messages. ethernet cfm traceroute Sets a maximum number for entries in an Ethernet CFM traceroute cache size cache table.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-116 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference ethernet cfm traceroute cache size Cisco Confidential - Beta Draft R3.7 FCI ethernet cfm traceroute cache size

To set a maximum size for the Ethernet connectivity fault management (CFM) traceroute cache table, use the ethernet cfm traceroute cache size command in global configuration mode. To remove the configured size, use the no form of this command.

ethernet cfm traceroute cache size entries

no ethernet cfm traceroute cache size entries

Syntax Description entries Number of entries in the traceroute cache table, expressed as an integer in the range of 1 to 4094. The default is 100.

Command Default If traceroute cache is enabled, traceroute replies are cached up to a maximum of 100 entries. If traceroute cache is disabled, traceroute replies are not cached; the default size is 0.

Command Modes Global configuration (config)

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Usage Guidelines Before you can issue this command, you must have enabled traceroute caching using the ethernet cfm traceroute cache command. Entries in the traceroute cache table are single replies from remote devices—not the number of operations on the device. When the maximum cache size is reached, new replies will not be added to the cache. To add new replies, you must clear the cache or increase its size. Setting the traceroute cache size when traceroute caching is disabled causes this command to be rejected and generates an error message. Setting the number of entries lower than the number previously set causes this command to be rejected, and you are prompted to clear the traceroute cache.

Examples The following example shows how to set the maximum number of entries in an Ethernet CFM traceroute cache table to 2500: Router(config)# ethernet cfm traceroute cache size 2500

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-117 Cisco ASR 9000 Series Router Platform Dependent Command Reference ethernet cfm traceroute cache size Cisco Confidential - Beta Draft R3.7 FCI

Related Commands Command Description ethernet cfm traceroute Enables caching of Ethernet CFM data learned from traceroute cache messages. ethernet cfm traceroute Sets the maximum time that Ethernet CFM traceroute cache entries cache hold-time will be retained.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-118 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference ethernet oam loopback Cisco Confidential - Beta Draft R3.7 FCI ethernet oam loopback

Use the ethernet oam loopback command to start or stop remote loopback on the OAM peer of the given interface.

ethernet oam loopback {enable | disable} interface interface

Syntax Description interface Type of Ethernet interface you want to start or stop an OAM loopback. Enter GigabitEthernet or TenGigE.

Defaults No default behavior or values.

Command Modes EXEC

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Task ID Task ID Operations interface read, write basic-services read, write

Examples The following example shows how to start an OAM loopback: RP/0/RSP0/CPU0:router# ethernet oam loopback

Related Commands Command Description mac-accounting Configures MAC accounting on an interface. show mac-accounting Displays MAC accounting statistics for an interface. (Ethernet)

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-119 Cisco ASR 9000 Series Router Platform Dependent Command Reference flow-control Cisco Confidential - Beta Draft R3.7 FCI flow-control

To enable the sending of flow-control pause frames, use the flow-control command in interface configuration mode. To disable flow control, use the no form of this command.

flow-control {bidirectional | egress | ingress}

no flow-control ingress {bidirectional | egress | ingress}

Syntax Description bidirectional Sends flow-control pause frames for both ingress and egress traffic. egress Sends flow-control pause frames for egress traffic. ingress Sends flow-control pause frames for ingress traffic.

Defaults If autonegotiate is enabled on the interface, then the default is negotiated. If autonegotiate is disabled on the interface, then the sending of flow-control pause frames is disabled for both egress and ingress traffic.

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Note When you explicitly enable the sending of flow-control pause frames, the value you configured with the flow-control command overrides any autonegotiated value. This prevents a link from coming up if the value you set with the flow-control command conflicts with the allowable settings on the other end of the connection.

Note The flow-control command is supported on Gigabit Ethernet and TenGigE interfaces only; the flow-control command is not supported on Management Ethernet Interfaces.

Note The flow-control command syntax options may vary, depending on the type of PLIM that is installed in your router.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-120 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference flow-control Cisco Confidential - Beta Draft R3.7 FCI

Task ID Task ID Operations interface read, write

Examples The following example shows how to enable the sending of flow-control pause frames for ingress traffic on the TenGigE interface 0/3/0/0: RP/0/RSP0/CPU0:router(config)# interface TenGigE 0/3/0/0 RP/0/RSP0/CPU0:router(config-if)# flow-control ingress

Related Commands Command Description show interfaces Displays statistics for all interfaces configured on the router.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-121 Cisco ASR 9000 Series Router Platform Dependent Command Reference interface GigabitEthernet Cisco Confidential - Beta Draft R3.7 FCI interface GigabitEthernet

To enter interface configuration mode for a Gigabit Ethernet interface, use the interface GigabitEthernet command in global configuration mode. To delete a Gigabit Ethernet interface configuration, use the no form of this command.

interface GigabitEthernet instance

no interface GigabitEthernet instance

Syntax Description instance Physical interface instance. Naming notation is rack/slot/module/port and a slash between values is required as part of the notation. • rack—Chassis number of the rack. • slot—Physical slot number of the card. • module—Module number. A physical layer interface module (PLIM) is always 0. • port—Physical port number of the interface. Note For more information about the syntax for the Cisco ASR 9000 Series Router, use the question mark (?) online help function.

Defaults No default behavior or values

Command Modes Global configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Task ID Task ID Operations interface read, write

Examples The following example shows how to enter interface configuration mode for a Gigabit Ethernet interface: RP/0/RSP0/CPU0:router(config)# interface GigabitEthernet 0/4/0/0 RP/0/RSP0/CPU0:router(config-if)#

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-122 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference interface GigabitEthernet Cisco Confidential - Beta Draft R3.7 FCI

Related Commands Command Description show interfaces Displays statistics for all interfaces configured on the router.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-123 Cisco ASR 9000 Series Router Platform Dependent Command Reference interface TenGigE Cisco Confidential - Beta Draft R3.7 FCI interface TenGigE

To enter interface configuration mode for a 10-Gigabit Ethernet interface, use the interface TenGigE command in global configuration mode. To delete a 10-Gigabit Ethernet interface configuration, use the no form of this command.

interface TenGigE instance

no interface TenGigE instance

Defaults No default behavior or values

Command Modes Global configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Task ID Task ID Operations interface read, write

Examples The following example shows how to enter interface configuration mode for a 10-Gigabit Ethernet interface: RP/0/RSP0/CPU0:router(config)# interface TenGigE 0/1/0/0

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-124 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference interface TenGigE Cisco Confidential - Beta Draft R3.7 FCI

RP/0/RSP0/CPU0:router(config-if)#

Related Commands Command Description show interfaces Displays statistics for all interfaces configured on the router.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-125 Cisco ASR 9000 Series Router Platform Dependent Command Reference l2protocol (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI l2protocol (Ethernet)

To configure Layer 2 protocol tunneling and protocol data unit (PDU) filtering on an Ethernet interface, use the l2protocol command in Layer 2 transport configuration mode. To disable a Layer 2 protocol tunneling and Layer 2 protocol data units configuration, use the no form of this command.

l2protocol {cdp | pvst | stp | vtp} {[tunnel] experimental bits | drop}

no l2protocol

Syntax Description cdp Configures Cisco Discovery Protocol (CDP) tunneling and data unit parameters for the Ethernet interface. pvst Configures VLAN spanning tree protocol tunneling and data unit parameters. stp Configures spanning tree protocol tunneling and data unit parameters for the Ethernet interface. vtp Configures VLAN trunk protocol tunneling and data unit parameters. tunnel Tunnels the packets associated with the specified protocol. When you specify the tunnel keyword, the packet destination MAC address is rewritten with an alternative address before that packet is sent over a pseudowire. After the packet comes through the other end of the pseudowire, the alternative address reverts to the original destination MAC address. experimental Replaces the experimental bits in the MPLS header with the IEEE 802.1p bits from bits the MAC header and vice-versa. drop Drops packets associated with the specified protocol.

Command Default All Layer 2 protocol data units are forwarded through the network without modification.

Command Modes Layer 2 transport configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-126 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference l2protocol (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI

Task ID Task ID Operations l2vpn read, write

Examples The following example shows how to configure an Ethernet interface to drop CDP packets: RP/0/RSP0/CPU0:router# configure RP/0/RSP0/CPU0:router(config)# interface TenGigE 0/0/0/1 RP/0/RSP0/CPU0:router(config-if)# l2transport RP/0/RSP0/CPU0:router(config-if-l2)# l2protocol cdp drop

Related Commands Command Description l2transport Enables Layer 2 transport port mode on an Ethernet interface and enters (Ethernet) Layer 2 transport configuration mode. show interfaces Displays statistics for all interfaces configured on the router or for a specific node.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-127 Cisco ASR 9000 Series Router Platform Dependent Command Reference l2transport (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI l2transport (Ethernet)

To enable Layer 2 transport port mode on an Ethernet interface and enter Layer 2 transport configuration mode, use the l2transport command in interface configuration mode for an Ethernet interface. To disable Layer 2 transport port mode on an Ethernet interface, use the no form of this command.

l2transport

no l2transport

Syntax Description This command has no arguments or keywords.

Defaults No default behavior or values

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Usage Guidelines To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide. When you issue the l2transport command in interface configuration mode, the CLI prompt changes to “config-if-l2,” indicating that you have entered the Layer 2 transport configuration submode. In the following sample output, the question mark (?) online help function displays all the commands available under Layer 2 transport configuration submode for an Ethernet interface: RP/0/RSP0/CPU0:router#configure RP/0/RSP0/CPU0:router(config)# interface GigabitEthernet 0/1/5/0 RP/0/RSP0/CPU0:router(config-if)# l2transport RP/0/RSP0/CPU0:router(config-if-l2)# ? commit Commit the configuration changes to running describe Describe a command without taking real actions do Run an exec command exit Exit from this submode no Negate a command or set its defaults service-policy Configure QoS Service policy show Show contents of configuration RP/0/RSP0/CPU0:router(config-if-l2)#

Note The l2transport command is mutually exclusive with any Layer 3 interface configuration.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-128 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference l2transport (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI

Task ID Task ID Operations l2vpn read, write

Examples The following example shows how to enable Layer 2 transport port mode on an Ethernet interface and enter Layer 2 transport configuration mode: RP/0/RSP0/CPU0:router# configure RP/0/RSP0/CPU0:router(config)# interface GigabitEther 0/2/0/0 RP/0/RSP0/CPU0:router(config-if)# l2transport RP/0/RSP0/CPU0:router(config-if-l2)#

Related Commands Command Description show interfaces Displays statistics for all interfaces configured on the router or for a specific node. show l2vpn xconnect Displays brief information on configured xconnects.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-129 Cisco ASR 9000 Series Router Platform Dependent Command Reference loopback (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI loopback (Ethernet)

To configure an Ethernet controller for loopback mode, use the loopback command in interface configuration mode. To disable loopback, use the no form of this command.

loopback {external | internal | line}

no loopback

Syntax Description external All IPv4 self-ping packets are sent out of the interface and looped back externally before being received on the ingress path. internal All packets will be looped back internally within the router before reaching an external cable. line Incoming network packets will be looped back through the external cable.

Defaults Loopback mode is disabled.

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Tip Use the loopback external command when an external loopback connector is attached to the interface.

Task ID Task ID Operations interface read, write

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-130 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference loopback (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI

Examples In the following example, all packets are looped back to the TenGigE controller: RP/0/RSP0/CPU0:router(config)# interface TenGigE 0/3/0/0 RP/0/RSP0/CPU0:router(config-if)# loopback internal

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-131 Cisco ASR 9000 Series Router Platform Dependent Command Reference mac-accounting Cisco Confidential - Beta Draft R3.7 FCI mac-accounting

To generate accounting information for IP traffic based on the source and destination MAC addresses on LAN interfaces, use the mac-accounting command in interface configuration mode. To disable MAC accounting, use the no form of this command.

mac-accounting {egress | ingress}

Syntax Description egress Generates accounting information for IP traffic based on the destination MAC addresses (egress direction). ingress Generates accounting information for IP traffic based on the source MAC addresses (ingress direction).

Defaults MAC accounting is disabled

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Task ID Task ID Operations interface read, write

Examples The following example shows how to enable MAC accounting for the source MAC address on the ingress direction: RP/0/RSP0/CPU0:router(config-if)# mac-accounting ingress

Related Commands Command Description clear mac-accounting (Ethernet) Clears MAC accounting statistics for a specified interface. show mac-accounting (Ethernet) Displays MAC accounting statistics for a specified interface.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-132 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference mac-address (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI mac-address (Ethernet)

To set the MAC layer address of an Ethernet interface, use the mac-address command in interface configuration mode. To return the device to its default MAC address, use the no form of this command.

mac-address value1.value2.value3

no mac-address

Syntax Description value1. High 2 bytes of the MAC address in hexadecimal format. Range is from 0 to ffff. value2. Middle 2 bytes of the MAC address in hexadecimal. Range is from 0 to ffff. value3 Low 2 bytes of the MAC address in hexadecimal. Range is from 0 to ffff.

Defaults The default MAC address is read from the hardware burned-in address (BIA).

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Task ID Task ID Operations interface read, write

Examples The following example shows how to set the MAC address of a Gigabit Ethernet interface located at 0/1/5/0: RP/0/RSP0/CPU0:router(config)# interface GigabitEthernet 0/1/5/0 RP/0/RSP0/CPU0:router(config-if)# mac-address 0001.2468.ABCD

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-133 Cisco ASR 9000 Series Router Platform Dependent Command Reference negotiation auto Cisco Confidential - Beta Draft R3.7 FCI negotiation auto

To enable link autonegotiation on Gigabit Ethernet and Fast Ethernet interfaces, use the negotiation auto command in interface configuration mode. To disable link autonegotiation, use the no form of this command.

negotiation auto

no negotiation auto

Syntax Description This command has no arguments or keywords.

Defaults Link autonegotiation is disabled.

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Task ID Task ID Operations interface read, write

Examples The following example shows how to enable link autonegotiation on an interface: RP/0/RSP0/CPU0:router(config)# interface GigabitEthernet 0/0/2/0 RP/0/RSP0/CPU0:router(config-if)# negotiation auto

The following example shows how to disable link autonegotiation on an interface: RP/0/RSP0/CPU0:router(config)# interface GigabitEthernet 0/0/2/0 RP/0/RSP0/CPU0:router(config-if)# no negotiation auto

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-134 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference packet-gap non-standard Cisco Confidential - Beta Draft R3.7 FCI packet-gap non-standard

To change the packet interval for traffic on an interface for improved interoperability with Cisco Catalyst 6000 series switches, use the packet-gap non-standard command in interface configuration mode. To use the standard packet interval as defined by the IEEE 802.ae specification, use the no form of this command.

packet-gap non-standard

no packet-gap non-standard

Syntax Description This command has no arguments or keywords.

Defaults The interface uses the standard packet interval as defined by the IEEE 802.ae specification.

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Note The packet-gap non-standard command is available on 10-Gigabit Ethernet interfaces only.

Task ID Task ID Operations interface read, write

Examples The following example shows how to change the packet interval for traffic on an interface from standard to nonstandard: RP/0/RSP0/CPU0:router(config)# interface TenGigE 0/3/0/0 RP/0/RSP0/CPU0:router(config-if)# packet-gap non-standard

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-135 Cisco ASR 9000 Series Router Platform Dependent Command Reference ping ethernet cfm Cisco Confidential - Beta Draft R3.7 FCI ping ethernet cfm

To send Ethernet connectivity fault management (CFM) loopback messages to a maintenance endpoint (MEP) or MAC address destination from the specified source MEP, and display a summary of the responses, use the ping ethernet cfm command in privileged EXEC mode.

ping ethernet cfm domain domain-name service service-name [ mep-id id | mac-address mac ] source [mep-id id ] interface {GigabitEthernet | TenGigE} [ cos cos_val ] [ interval seconds ] | frequency n ] [ timeout time ] [ count n ] [ data-size n ] [ data-pattern hex ]

domain domain-name String of a maximum of 154 characters that identifies the domain in which the maintenance points reside. Note For more information about the syntax for the Cisco ASR 9000 Series Router, use the question mark (?) online help function. service service-name String of a maximum of 154 characters that identifies the maintenance association to which the maintenance points belong. mep-id id String of a maximum of 154 characters that identifies the ID number of the destination MEP. mac-address mac Identifies the six-byte ID number of the MAC address of the destination MEP. source mep-id id String of a maximum of 154 characters that identifies the ID number of the source MEP. interface Type of Ethernet interface whose maintenance points you want to display. {GigabitEthernet | Enter GigabitEthernet or TenGigE. TenGigE} cos cos_val (Optional) Identifies the class of traffic of the source MEP by setting a Class of Service (CoS) value. The valid values are from 0 to 7. interval seconds (Optional) Specifies, in seconds, the time between pings. The n argument is entered in seconds. The default is 1 second. frequency n (Optional) Specifies how often pings are sent. Integer value in the range of 10 to 65535. The default is 1. timeout time (Optional) Displays the time-to-live (TTL) value for the specified interface on the specified node. The time argument is entered in seconds. The default is 2 seconds. count n (Optional) Specifies the number of pings. Integer value. The default is 5. data-size n (Optional) Specifies the size of the ping files. Integer value. The default is 0. data-pattern hex (Optional) Specifies the data pattern within the ping files. Hexadecimal value. The default is 0.

Command Modes Interface configuration

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-136 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference ping ethernet cfm Cisco Confidential - Beta Draft R3.7 FCI

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Examples The following example shows how to send an Ethernet CFM loopback message to MAC address 1010.pcef.1010 at maintenance level 2 on evc5:

RP/0/RSP0/CPU0:router(config-if)# ping ethernet 1010.pcef.1010 level 2 evc evc5 Type escape sequence to abort. Sending 100000 CFM Loopbacks, timeout is 2 seconds - Domain fig (level 5), Service bay Source: MEP ID 3, interface GigabitEthernet0/1/2/3.234 Target: 2233.4455.6677 (MEP ID 4): Running (10s) ... Success rate is 98.4 percent (98456/100000), round-trip min/avg/max = 123/290/456 ms Out-of-sequence: 1.2 percent (1181/98456) Received packet rate: 9845 pps

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-137 Cisco ASR 9000 Series Router Platform Dependent Command Reference show controllers (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI show controllers (Ethernet)

To display status and configuration information about the Ethernet interfaces on a specific node, use the show controllers command in EXEC mode.

show controllers {GigabitEthernet | TenGigE} instance [all | bert | internal | mac | phy | stats | xgxs]

Syntax Description {GigabitEthernet | Indicates the type of Ethernet interface whose MAC accounting statistics TenGigE} you want to display. Enter GigabitEthernet or TenGigE. instance (Optional) Specifies an Ethernet interface instance. The naming notation is rack/slot/module/port, and a slash between values is required as part of the notation. • rack—Chassis number of the rack. • slot—Physical slot number of the line card or modular services card. • module—Module number. A physical layer interface module (PLIM) is always 0. • port—Physical port number of the interface. Note For more information about the syntax for the Cisco ASR 9000 Series Router, use the question mark (?) online help function. all Displays detailed information for the specified interface. bert Displays BERT status information for the interface. internal Displays internal information for the interface. mac Displays MAC information for the interface. phy Displays physical information for the interface. stats Displays statistical information for the interface. xgxs Displays information about the 10 Gigabit Ethernet Extended Sublayer (XGXS).

Defaults No default behavior or values

Command Modes EXEC

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-138 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show controllers (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI

Task ID Task ID Operations interface read

Examples The following example shows the output from the show controllers command: RP/0/RSP0/CPU0:router#show controllers gigabitEthernet 0/4/0/0

port:0 good_octets_received: 6008282 bad_octets_received: 0 good_frames_received: 65020 bad_frames_received: 0 broadcast_frames_received: 11 multicast_frames_received: 49985 good_octets_sent: 4483774 good_frames_sent: 45648 broadcast_frames_sent: 0 multicast_frames_sent: 0 mac_transfer_error: 0 excessive_collision: 0 unrecog_mac_control_received: 0 fc_sent: 0 good_fc_received: 0 rx_over_flow_events: 0 undersize: 0 fragments: 0 oversize: 0 jabber: 0 mac_rcv_error: 0 bad_crc: 0 collisions: 0 late_collision: 0 rate_limit_dropped: 0 spi4_rx_frames: 0 spi4_tx_frames: 0 DeviceID: 0x211911ab RevisionID: 0x00000003 SideBandFC: 0xc0000000 SERDESGlbCntl: 0x80000800 GlblEPDCntlCfg: 0x0000a033 TxFIFOUrecECCErrCtr: 0x00000000 RxFIFOUrecECCErrCtr: 0x00000000 DeviceGlobalRst: 0x00000000 GlobalCfg: 0xb480d000 PortTest: 0x00000000 PL4IOGlblStat: 0x00000002 DeviceTest: 0x00000000 MACStatus Port0: 0x0000801f MACControl0 Port0: 0x000c0000 MACControl1 Port0: 0xb1240151 MACControl2 Port0: 0x0d805f60 SERDESCntl Port0: 0x0000501a RateLimCntl Port0: 0x00000001

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-139 Cisco ASR 9000 Series Router Platform Dependent Command Reference show controllers (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI

SysIntMask: 0x000000f0 SysIntCause: 0x00000000

GOPIntMask0: 0x801ffffe GOPIntCause0: 0x40000000 GOPIntMask1: 0x00000000 GOPIntCause1: 0x00000000 GOPIntMask2: 0xffdfb800 GOPIntCause2: 0x00000000 GOPIntMask3: 0x00000000 GOPIntCause3: 0x00000000 CalendarParam: 0x00040004 SPI4SrcDPDeskew: 0x000f2710 SrcClndrCmd: 0x00100404 SnkCalSeqPrgm: 0x00100404 SinkControl: 0x00000000 SPI4SrcMaxBrst: 0x00040004 SPI4IntfBrstLen: 0x0007000f TxPacketSize: 0xc0280011 RxFullWatermarks: 0x01f000c0 RxFIFOXOnOffFCWtrmrk: 0x05000300

RP/0/RSP0/CPU0:router#

Table 1 describes the significant fields shown in the display.

Ta b l e 1 show controllers Command Field Descriptions

Field Description port Identifies the Ethernet port whose information is displayed in the show controllers command output. good_octets_received The count of received octets that had no errors. bad_octets_received The count of received octets that had errors. good_frames_received The count of received frames that had no errors. bad_frames_received The count of received frames that had errors. broadcast_frames_received The total number of well-formed broadcast packets received by the port. It excludes packets received with errors or with multicast destination addresses. multicast_frames_received The total number of well-formed multicast packets received by the port. It excludes packets received with errors or with broadcast destination addresses. good_octets_sent The count of transmitted octets that had no errors. good_frames_sent The count of transmitted frames that had no errors. broadcast_frames_sent The total number of well-formed broadcast packets transmitted by the port. It excludes packets received with errors or with multicast destination addresses. multicast_frames_sent The total number of well-formed multicast packets transmitted by the port. It excludes packets received with errors or with multicast destination addresses. mac_transfer_error Register that tracks all MAC transfer errors on the interface. excessive_collision The total number of packets that failed to be sent after 16 collisions. It includes packets of all destination address types.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-140 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show controllers (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI

Table 1 show controllers Command Field Descriptions (continued)

Field Description unrecog_mac_control_received Number of received MAC control frames that have an opcode different than 00-01. fc_sent Number of flow control frames sent undersize. good_fc_received Number of good flow control messages received rx_over_flow_events Indicates the number of times the port RxFifo has reached full level and at least one packet was dropped undersize Number of undersize frames received (valid packet with length less than 64 bytes). fragments Number of fragments received on this interface. oversize Number of oversized frames received on this interface. jabber Number of jabber packets received (packet length is greater than the MRU, and there is an invalid CRC, and no Rx Error event). mac_rcv_error Number of Rx Error events seen by the receive side of the MAC (the Rx Error signal/symbol was asserted while the frame is being received). bad_crc The number of frames received with bad CRC. Note Collisions and late collisions apply to only half duplex mode. collisions The total number of packets sent without error after having 1 to 15 collisions. It includes packets of all destination address types and excludes packets discarded because of insufficient resources or late collisions. late_collision The total number of packets discarded because of late collisions detected during transmission. It includes all transmit packets that had a collision after the transmission of the packet's 64th byte. The preamble and SFD are not included in the frame's byte count. rate_limit_dropped Number of frames dropped due to the broadcast/multicast rate limit. spi4_rx_frames SPI-4/1 receive frame count. This counter increments once for every Start of Packet (SOP) delineation marker sent on the SPI-4.2 receive interface. Note Packets that come from the CPU are not counted. spi4_tx_frames: SPI-4/1 transmit frame count. This counter increments once for every packet arriving on the SPI-4.2 receive interface. Note Packets that contain certain types of errors and packets sent to the CPU are not counted. DeviceID Unique number identifying the device. RevisionID Indicates the revision of the device. SideBandFC Indicates whether serial sideband flow control is enabled on this port, and the status of ports where flow control is currently active. SERDESGlbCntl Displays information about SERDES speed and receive (Rx) Gain on this port. GlblEPDCntlCfg Cisco-specific register that shows whether Ethernet Packet Decoding is enabled.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-141 Cisco ASR 9000 Series Router Platform Dependent Command Reference show controllers (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI

Table 1 show controllers Command Field Descriptions (continued)

Field Description TxFIFOUrecECCErrCtr Transmit (Tx) FIFO unrecoverable ECC errors counter. This counter increments once per each ECC unrecoverable error. A masked interrupt is optionally generated. RxFIFOUrecECCErrCtr Receive (Rx) FIFO unrecoverable ECC errors counter. This counter increments once per each ECC unrecoverable error. A masked interrupt is optionally generated. DeviceGlobalRst Global register that controls device reset state. GlobalCfg Global register that controls enable, clock modes, and Rx Interface behavior. PortTest Port diagnostics register. PL4IOGlblStat Register used during SPI4.2 initialization. DeviceTest Diagnostic loopback register. MACStatus Port0 MAC control port register. MACControl0 Port0 MAC control port register. Indicates whether the port is enabled on this port, and the status of flow control on this port. MACControl1 Port0 MAC control port1 register. Indicates whether the port is enabled on this port, and the status of flow control on this port. MACControl2 Port0 MAC control port2 register. Indicates whether the port is enabled on this port, and the status of flow control on this port. SERDESCntl Port0 SERDES control port register. The following information is displayed: • 0 = 50 Ohm • 1 = 75 Ohm RateLimCntl Port0 Rate Limit control port 10 register. SysIntMask When the matching bit in the mask register is reset, the matching interrupt in the cause register is not included in the sum. SysIntCause Register that tracks the causes of system interrupts. GOPIntMask0 GOP interrupt Mask0. When the matching bit in the mask register is reset, the matching cause in the GOP register is not included in the sum. GOPIntCause0 Register that tracks all GOP interrupts and matches them with the GOP0 register. GOPIntMask1 GOP interrupt Mask1. When the matching bit in the mask register is reset, the matching cause in the GOP register is not included in the sum. GOPIntCause1 Register that tracks all GOP interrupts and matches them with the Mask1 register. GOPIntMask2 GOP interrupt Mask2. When the matching bit in the mask register is reset, the matching cause in the GOP register is not included in the sum. GOPIntCause2 Register that tracks all GOP interrupts and matches them with the Mask2 register.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-142 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show controllers (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI

Table 1 show controllers Command Field Descriptions (continued)

Field Description GOPIntMask3 GOP interrupt Mask3. When the matching bit in the mask register is reset, the matching cause in the GOP register is not included in the sum. GOPIntCause3 Register that tracks all GOP interrupts and matches them with the Mask3 register. CalendarParam Register that determines the value of Calendar_LEN and Calendar M for the sink and source side. SPI4SrcDPDeskew Register used to control the training pattern generation on the source side. SrcClndrCmd Register used to program the CALENDAR slots in the calendar report generated by the device. SnkCalSeqPrgm Register used to program the CALENDAR slots in the calendar report generated by the device. SinkControl Register used to control the operation of the SPI-4.2 SINK section. SPI4SrcMaxBrst Register used to determine the system parameters MaxBurst1 and MaxBurst2 on the source side. These values are used by the internal packet scheduler to initiate bursts on the SP-4.2 Rx interface. SPI4IntfBrstLen Register used to determine the actual length of the data bursts on the SP-4.2 physical interfaces. These values are different than the system parameters MaxBurts1/2, which corresponds to SP-4.2 flow control. TxPacketSize Maximum transmit packet size for the port, in hexadecimal format. RxFullWatermarks Determines the internal RxFIFO full thresholds. RxFIFOXOnOffFCWtrmrk Determines the generation of 802.3x PAUSE frames based on RxFIFO data fill thresholds.

The following example shows the output from the show controllers TenGigE command: RP/0/RSP0/CPU0:router# show controllers TenGigE 0/3/0/0

PHY: XENPAK device registers: ======

Vendor Name: CISCO-INTEL Vendor PN: TXN174112013F06 Vendor Rev: A1 Vendor SN: INT08270015

Package OUI: 0041f426 Vendor OUI: 00137b11 Vendor Date Code: 2004071200 nvr_control_status = 0x0007 nvr_version = 0x1e nvr_size0 = 0x01 nvr_size1 = 0x00 mem_used0 = 0x01 mem_used1 = 0x00 basic_addr = 0x0b cust_addr = 0x77 vend_addr = 0xa7

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-143 Cisco ASR 9000 Series Router Platform Dependent Command Reference show controllers (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI

ext_vend_addr0= 0x00 ext_vend_addr1= 0xff reserved0 = 0x00 tcvr_type = 0x01 connector = 0x01 encoding = 0x01 bitrate0 = 0x27 bitrate1 = 0x10 protocol = 0x01 x_gbe_code_byte_0 = 0x02 x_gbe_code_byte_1 = 0x00 sonet_sdh_code_byte_0 = 0x00 sonet_sdh_code_byte_1 = 0x00 sonet_sdh_code_byte_2 = 0x00 sonet_sdh_code_byte_3 = 0x00 x_gfc_code_byte_0 = 0x00 x_gfc_code_byte_1 = 0x00 x_gfc_code_byte_2 = 0x00 x_gfc_code_byte_3 = 0x00 range0 = 0x03 range1 = 0xe8 fibre_type_byte_0 = 0x20 fibre_type_byte_1 = 0x00

Center Wavelength: chan0 = 1310.00 nm

chan1 = 0.00 nm chan2 = 0.00 nm chan3 = 0.00 nm

basic_checksum = 0x00

Link Alarm Status Registers: rx_alarm_control = 0x0019 tx_alarm_control = 0x0059 lasi_control = 0x0000 rx_alarm_status = 0x0018 tx_alarm_status = 0x0058 lasi_status = 0x0005

Digital Optical Monitoring: Transceiver Temp: 34.246 C Laser Bias Current: 4.8640 mA Laser Output Power: 0.5059 mW, -3.0 dBm Receive Optical Power: 0.0000 mW, -inf dBm

Quake: devid 0x0043a400 10GE PMA/PMD Registers: Control = 0x2040 Status = 0x0082 Dev ID 0 = 0x0043 Dev ID 1 = 0xa400 Speed Ability = 0x0001 Devices 1 = 0x001a Devices 2 = 0x0000 Control 2 = 0x0006 Status 2 = 0xb541 Tx Disable = 0x0000 Rx Signal Detect = 0x0000 OUI 0 = 0x0041 OUI 1 = 0xf426

Quake (1.c001) = 0x0003

10GE PCS Registers: Control = 0x2040 Status = 0x0082 Dev ID 0 = 0x0043 Dev ID 1 = 0xa400 Speed Ability = 0x0001 Devices 1 = 0x001a Devices 2 = 0x0000 Control 2 = 0x0000 Status 2 = 0x8401 PKG ID 0 = 0x0000 PKG ID 1 = 0x0000 Base X Status = 0x0000 Base X Control = 0x0000 Base R Status 1 = 0x0004 Base R Status 2 = 0x0000 Base R jitter seed a0 = 0x0000 Base R jitter seed a1 = 0x0000 Base R jitter seed a2 = 0x0000 Base R jitter seed a3 = 0x0000 Base R jitter seed b0 = 0x0000 Base R jitter seed b1 = 0x0000 Base R jitter seed b2 = 0x0000 Base R jitter seed b3 = 0x0000 Base R jitter test control = 0x0000 Base R jitter test counter = 0x0000

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-144 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show controllers (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI

10GE XS/XS Registers: Control = 0x2040 Status = 0x0002 Dev ID 0 = 0x0043 Dev ID 1 = 0xa400 Speed Ability = 0x0001 Devices 1 = 0x001a Devices 2 = 0x0000 Status 2 = 0x8000 PKG ID 0 = 0x0000 PKG ID 1 = 0x0000 Lane Status = 0x1c0f Test Control = 0x0000

DTE XGXS (BCM8011): Control = 0x0000 Status = 0x801f Dev ID 0 = 0x0040 Dev ID 1 = 0x6092 Control 2 = 0x202f Status 2 = 0x8b01

Speed Ability = 0x0001 Devices 1 = 0x001a Devices 2 = 0x0000 Status 2 = 0x8000 PKG ID 0 = 0x0000 PKG ID 1 = 0x0000 Lane Status = 0x1c0f Test Control = 0x0000

DTE XGXS (BCM8011): Control = 0x0000 Status = 0x801f Dev ID 0 = 0x0040 Dev ID 1 = 0x6092 Control 2 = 0x202f Status 2 = 0x8b01

MAC (PLA): Unicast MAC Address entries = 0

MAC (PLA) device is enabled MAC (PLA) device is in promiscuous mode MAC (PLA) device loopback is disabled

MAC (PLA) device MTU = 8226

8x10GE PLIM Registers: local_regs_id = 0xa6602000 local_regs_inter_stat = 0x00000000 local_regs_inter_stat_alias = 0x00000000 local_regs_inter_enbl_woset = 0x0000ff00 local_regs_inter_enbl_woclr = 0x0000ff00 local_regs_chip_reset = 0x00000000 local_regs_reset = 0xff000000 local_regs_misc_io = 0x00010000 sn_link_framed = 0x00000001 sn_link_crc_errors = 0x00000000 sn_link_force_reframe = 0x00000000 sn_link_error_reframe = 0x00000001 sn_link_force_error = 0x00000000 sn_link_error_cause = 0x00000000 sn_link_error_interrupt_mask = 0x00000003 channel0_control = 0x000000a6 channel1_control = 0x000000a6 channel2_control = 0x0000008e channel3_control = 0x0000008e channel4_control = 0x0000008e channel5_control = 0x000000a6 channel6_control = 0x000000a6 channel7_control = 0x0000008e

RP/0/RSP0/CPU0:router#

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-145 Cisco ASR 9000 Series Router Platform Dependent Command Reference show ethernet cfm ccm-learning-database Cisco Confidential - Beta Draft R3.7 FCI show ethernet cfm ccm-learning-database

show ethernet cfm ccm-learning-database [ location node-id ]

RP/0/RSP0/CPU0:router(config-if)# show ethernet cfm ccm-learning-database Location 0/1/CPU0:

Domain/Level Service Source MAC Interface ------fig/5 bay 1122.3344.5566 Gi0/12/0/10.23456 fig/5 bay 2222.3344.5566 Gi0/1/0/0 fig/5 fred 2233.4455.6677 Gi0/1/0/1.1 fig/5 fred 3344.5566.7788 Gi0/0/1/1.2

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-146 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show ethernet cfm configuration-errors Cisco Confidential - Beta Draft R3.7 FCI show ethernet cfm configuration-errors

show ethernet cfm configuration-errors [ domain name [ service name [ id ] ] | interface intf [ domain name ] ]

RP/0/RSP0/CPU0:router(config-if)# show ethernet cfm cfm configuration-errors Domain fig (level 5), Service bay * MIP creation configured using bridge-domain blort, but bridge-domain blort does not exist. * An Up MEP is configured for this domain on interface GigabitEthernet0/1/2/3.234 and an Up MEP is also configured for domain blort, which is at the same level (5). * A MEP is configured on interface GigabitEthernet0/3/2/1.1 for this domain/service, which has CC interval X, but the lowest interval supported on that interface is Y

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-147 Cisco ASR 9000 Series Router Platform Dependent Command Reference

Cisco Confidential - Beta Draft R3.7 FCI

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-148 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show ethernet cfm interfaces statistics Cisco Confidential - Beta Draft R3.7 FCI show ethernet cfm interfaces statistics

To display the per-interface counters, use the clear ethernet cfm interfaces statistics command in interface configuration mode.

show ethernet cfm interfaces {GigabitEthernet | TenGigE} statistics location { node-id | all }

{GigabitEthernet | Type of Ethernet interface whose CFM statistics you want to display. Enter TenGigE} GigabitEthernet or TenGigE. location node-id (Optional) Displays CFM statistics for the designated node. The node-id argument is entered in the rack/slot/module notation.

Defaults All CFM counters from all interfaces are displayed.

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Note The location cannot be specified if a particular interface is specified.

Task ID Task ID Operations interface read, write

Examples The following example shows all the CFM counters on all interfaces: RP/0/RSP0/CPU0:router(config-if)# show ethernet cfm interfaces

Location 0/1/CPU0:

Interface Malformed Dropped Last Malformed Reason ------Gi0/12/0/10.23456 2345 1234 Packet malformed - packet is too short Gi0/1/0/0 0 12345 Gi0/1/0/1.1 0 0

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-149 Cisco ASR 9000 Series Router Platform Dependent Command Reference show ethernet cfm interfaces statistics Cisco Confidential - Beta Draft R3.7 FCI

Related Commands Command Description clear ethernet cfm Clears the per-interface CFM counters. interfaces

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-150 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show ethernet cfm local maintenance-points Cisco Confidential - Beta Draft R3.7 FCI show ethernet cfm local maintenance-points

To display all the maintenance points that have been created, use the show ethernet cfm local maintenance-points command in interface configuration mode.

show ethernet cfm local maintenance-points [ domain name [ service name ] | interface {GigabitEthernet | TenGigE} ] [ mep | mip ]

Syntax Description domain name String of a maximum of 154 characters that identifies the domain in which the maintenance points reside. Note For more information about the syntax for the Cisco ASR 9000 Series Router, use the question mark (?) online help function. service name String of a maximum of 154 characters that identifies the maintenance association to which the maintenance points belong. interface Type of Ethernet interface whose maintenance points you want to display. {GigabitEthernet | Enter GigabitEthernet or TenGigE. TenGigE}

Defaults All maintenance points from all interfaces are displayed.

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Note The location cannot be specified if a particular interface is specified.

Task ID Task ID Operations interface read, write

Examples The following example shows all the CFM counters on all interfaces:

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-151 Cisco ASR 9000 Series Router Platform Dependent Command Reference show ethernet cfm local maintenance-points Cisco Confidential - Beta Draft R3.7 FCI

Domain/Level Service Interface Type ID MAC ------fig/5 bay Gi0/10/0/12.23456 Dn MEP 2 44:55:66 fig/5 bay Gi0/0/1/0.1 MIP 55:66:77 fred/3 barney Gi0/1/0/0.1 Up MEP 5 66:77:88!

Related Commands Command Description clear ethernet cfm Clears all the maintenance points that have been created. interfaces

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-152 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show ethernet cfm local maintenance-points Cisco Confidential - Beta Draft R3.7 FCI show ethernet cfm local maintenance-points

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-153 Cisco ASR 9000 Series Router Platform Dependent Command Reference show ethernet cfm local meps Cisco Confidential - Beta Draft R3.7 FCI show ethernet cfm local meps

show ethernet cfm local meps [ domain name [ service name [ mep-id id ] ] | interface intf [ domain name ] ]

Domain fig (level 5), Service bay: ID Interface Dir MAC Address CcmSent CcmRcvd RD MEPs Err 2 Gi0/10/0/12.23456 (Down) Dn 2233.4455.6677 3456 54321 N 5 0 125 Gi0/1/0/0.1 (Up) Up 3344.5566.7788 1234 65432 Y 4 1

Domain fig (level 5), Service fred (cross-check suppressed) ID Interface Dir MAC Address CcmSent CcmRcvd RD MEPs Err 12345 Gi0/0/0/0 (Up) Dn 1122.3344.5566 12345678 123456789 Y 1234 567

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-154 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show ethernet cfm peer meps Cisco Confidential - Beta Draft R3.7 FCI show ethernet cfm peer meps

show ethernet cfm peer meps [ domain name [ service name [ local mep-id id ] [ peer mep-id id peer mac-address mac ]] | interface intf [ domain name [ peer mep-id id ] [ peer mac-address mac ]] ] [ errors | cross-check [ missing | unexpected ] ] [ detail ]

Normal output: Flags: > - Ok I - Wrong interval R - Remote Defect received V - Wrong level L - Loop (our MAC received) T - Timed out C - Config (our ID received) M - Missing (cross-check) X - Cross-connect (wrong MAID) U - Unexpected (cross-check)

Domain fred (level 7), Service barney Up MEP on GigabitEthernet0/1/0/0.234, MEP-ID 2 ======St ID MAC address Port Up/Downtime CcmRcvd SeqErr RDI Error ------> 1 0011.2233.4455 Up 00:00:01 1234 0 0 0 R> 4 4455.6677.8899 Up 1d 03:04 3456 0 234 0 L 2 1122.3344.5566 Up 3w 1d 6h 3254 0 0 3254 C 2 7788.9900.1122 Test 00:13 2345 6 20 2345 X 3 2233.4455.6677 Up 00:23 30 0 0 30 I 3 3344.5566.7788 Down 00:34 12345 0 300 1234 V 3 8899.0011.2233 Blocked 00:35 45 0 0 45 T 5 5566.7788.9900 00:56 20 0 0 0 M 6 0 0 0 0 U> 7 6677.8899.0011 Up 00:02 456 0 0 0

Domain fred (level 7), Service fig (cross-check suppressed) Down MEP on GigabitEthernet0/10/0/12.123, MEP-ID 3 ======St ID MAC address Port Up/Downtime CcmRcvd SeqErr RDI Error ------> 1 9900.1122.3344 Up 03:45 4321 0 0 0

Detailed output: Domain fred (level 7), Service barney Up MEP on GigabitEthernet0/1/0/0.234, MEP-ID 2 ======Remote MEP-ID 3, MAC 1122.3344.5566 CFM state: Ok, for 00:45, RDI received Port state: Up CCMs received: 1234 Out-of-sequence: 6 RDI: 345 Error: 0 Last CCM received 0.234s ago: Level: 7, version: 0, interval: 1s Sequence no: 291, MEP-ID: 3

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-155 Cisco ASR 9000 Series Router Platform Dependent Command Reference show ethernet cfm peer meps Cisco Confidential - Beta Draft R3.7 FCI

MAID: string fred, string barney Hostname: router1, address: 10.0.0.1 Port status: Up, Interface status: Up Organisational TLV (OUI: 23456): 0x01234567 89ABCDEF 12

Remote MEP-ID 4, MAC 2233.4455.6677 CFM state: Cross-connect (MAID: string fred, string wilma), for 01:23 Port state: Blocked CCMs received: 4321 Out-of-sequence: 24 RDI: 0 Error: 4321 Last CCM received 0.654s ago: Level: 7, version: 0, interval: 1s Sequence no: 7654, MEP-ID: 4 MAID: string fred, string wilma Hostname: router2, address: 10.0.0.2 Port status: Blocked, Interface status: Up Unknown TLV (type 32): 0xFEDCBA98

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-156 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show ethernet cfm traceroute-cache Cisco Confidential - Beta Draft R3.7 FCI show ethernet cfm traceroute-cache

To display the contents of the traceroute cache, use the show ethernet cfm traceroute-cache command in privileged EXEC mode.

show ethernet cfm traceroute-cache

Syntax Description This command has no arguments or keywords.

Command Modes Privileged EXEC (#)

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Usage Guidelines Use the show ethernet cfm traceroute-cache command to display the contents of the traceroute cache; for example, to see the maintenance intermediate points and maintenance end points of a domain as they were discovered. The data is historic. The traceroute cache stores entries from previous traceroute operations.

Examples The following example shows output from a show ethernet cfm traceroute-cache command: Router# show ethernet cfm traceroute-cache

Traceroute to aabb.cc00.0400 on Domain DOMAIN_OPERATOR_L5_1, Level 5, vlan 7 issued at 13:52:20

------MAC Ingress Ingress Action Relay Action Hops Host Forwarded Egress Egress Action Next Hop ------B 1 denver aabb.cc00.0200 RlyCCDB Forwarded Et0/0 EgrOK columbus ! 2 boston aabb.cc00.0400 RlyNone

Table 2 describes the significant fields shown in the display.

Ta b l e 2 show ethernet cfm traceroute-cache Field Descriptions

Field Description Hops Number of hops of the traceroute Host Name of the device MAC Bridge Brain MAC address of the device Forwarded Traceroute forwarded or not forwarded Ingress Ingress port

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-157 Cisco ASR 9000 Series Router Platform Dependent Command Reference show ethernet cfm traceroute-cache Cisco Confidential - Beta Draft R3.7 FCI

Table 2 show ethernet cfm traceroute-cache Field Descriptions (continued)

Field Description Egress Egress port Ingress Action Action on the ingress port: IngOk, IngFilter, IngBlocked Egress Action Action on the egress port: EgrNone, EgrTTL, EgrDown, EgrBlocked, EgrOk, EgrGVRP, EgrDomainBoundary, EgrFiltered Relay Action Type of relay action performed: RlyNone, RlyUnknown, RlyFDB, RlyCCDB, RlyFiltered Next Hop Hostname of the neighboring device

Related Commands Command Description ethernet cfm Enables caching of Ethernet CFM data learned through traceroute messages. traceroute cache clear ethernet cfm Removes the contents of the traceroute cache. traceroute-cache traceroute ethernet Sends Ethernet CFM traceroute messages to a destination MAC address. cfm (basic linktrace)

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-158 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show ethernet oam configuration Cisco Confidential - Beta Draft R3.7 FCI show ethernet oam configuration

Use the show ethernet oam configuration command to display the current active OAM configuration on an interface.

show ethernet oam configuration interface {GigabitEthernet | TenGigE}

Syntax Description {GigabitEthernet | Type of Ethernet interface whose active OAM configuration you want to TenGigE} display. Enter GigabitEthernet or TenGigE.

Defaults No default behavior or values

Command Modes EXEC

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Task ID Task ID Operations interface read

Examples The following example shows the output from the show ethernet oam configuration command, which displays the current active OAM configuration on the specified interface: # show ethernet oam configuration

Link monitoring enabled: N Remote loopback enabled: N Mib retrieval enabled: N Configured mode: Active Connection timeout: 00000000000000005 Symbol period window: 00000000000000100 Symbol period low threshold: 00000000000000001 Symbol period high threshold: None Frame window: 00000000000000001 Frame low threshold: 00000000000000001 Frame high threshold: None Frame period window:: 00000000000001000 Frame period low threshold: 00000000000000001 Frame period high threshold: None

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-159 Cisco ASR 9000 Series Router Platform Dependent Command Reference show ethernet oam configuration Cisco Confidential - Beta Draft R3.7 FCI

Frame seconds window:: 00000000000000060 Frame seconds low threshold: 00000000000000001 Frame seconds high threshold: None High threshold action: Disabled Link fault action: Log Dying gasp action: Log Critical event action: Log Discovery timeout action: Log Capabilities conflict action: Log Wiring conflict action: Disable Session up action: Log Session down action: Log Require remote mode: Ignore Require remote MIB retrieval: N Require remote loopback support: N Require remote link monitoring: N

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-160 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show ethernet oam discovery Cisco Confidential - Beta Draft R3.7 FCI show ethernet oam discovery

This command shows the current status of the OAM sessions. If no interface is specified, then reports for all interfaces with OAM configured are printed.

show ethernet oam discovery [brief | interface interface [remote]]

Syntax Description This command has no arguments or keywords.

Command Modes Privileged EXEC (#)

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Usage Guidelines Use the show ethernet oam discovery command to display the contents of the traceroute cache; for example, to see the maintenance intermediate points and maintenance end points of a domain as they were discovered. The data is historic. The traceroute cache stores entries from previous traceroute operations.

Examples The following example shows output from a show ethernet oam discovery command: Router# show ethernet oam discovery

GigabitEthernet0/0/6/11 Local client Administrative configuration: Mode: Active Unidirection: N Link monitor: N Remote loopback: Y MIB retrieval: Y MTU size: 1500

Operational status: Port status: operational/evaluating/unsatisfied PDU revision: 1

Remote client MAC address: 0030.96fd.6bfa Vendor (OUI): 00.00.0C (Cisco)

Administrative configuration: Mode: active Unidirection: not supported Link monitor: supported Remote loopback: supported MIB retrieval: not supported MTU size: 1500

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-161 Cisco ASR 9000 Series Router Platform Dependent Command Reference show ethernet oam discovery Cisco Confidential - Beta Draft R3.7 FCI

When the 'remote' keyword is specified, the output is displayed as if run on the remote client. The 'brief' form of the command provides a summary of all interfaces. # show ethernet oam discovery brief Local Remote Interface MAC Address Vendor Mode Capability

Fa3/1 0080.09ff.e4a0 00000C active L R Gi6/11 0030.96fd.6bfa 00000C passive L R

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-162 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show mac-accounting (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI show mac-accounting (Ethernet)

To display MAC accounting statistics for an interface, use the show mac-accounting command in EXEC mode. show mac-accounting {GigabitEthernet | TenGigE} instance [location node-id]

Syntax Description {GigabitEthernet | Indicates the type of Ethernet interface whose MAC accounting statistics TenGigE} you want to display. Enter GigabitEthernet or TenGigE. instance (Optional) Displays detailed MAC accounting information for the specified interface. The naming notation is rack/slot/module/port, and a slash between values is required as part of the notation. • rack—Chassis number of the rack. • slot—Physical slot number of the line card or modular services card. • module—Module number. A physical layer interface module (PLIM) is always 0. • port—Physical port number of the interface. Note For more information about the syntax for the Cisco ASR 9000 Series Router, use the question mark (?) online help function. location node-id (Optional) Displays detailed MAC accounting information for the specified interface on the specified node. The node-id argument is entered in the rack/slot/module/port notation.

Defaults No default behavior or values

Command Modes EXEC

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Task ID Task ID Operations interface read

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-163 Cisco ASR 9000 Series Router Platform Dependent Command Reference show mac-accounting (Ethernet) Cisco Confidential - Beta Draft R3.7 FCI

Examples The following example shows the output from the show mac-accounting command, which displays MAC accounting statistics on the specified interface: RP/0/RSP0/CPU0:router# show mac-accounting TenGigE 0/2/0/4 location 0/1/CPU0

TenGigE0/2/0/4 Input (511 free) 000b.4558.caca: 4 packets, 456 bytes Total: 4 packets, 456 bytes

Table 3 describes the significant fields shown in the display.

Ta b l e 3 show mac-accounting Field Descriptions

Field Description Interface The interface from which the statistics are generated. Input Heading for the ingress MAC accounting statistics. The number of MAC accounting entries still available is shown in parentheses. Total Total statistics for the traffic accounted for by MAC accounting. This excludes any traffic for which there is no MAC address entry, such as non-IP traffic from an unknown MAC source address.

Related Commands Command Description clear mac-accounting (Ethernet) Clears MAC accounting statistics. mac-accounting Generates MAC accounting statistics.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-164 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show spanning-tree mst Cisco Confidential - Beta Draft R3.7 FCI show spanning-tree mst

This command produces more detailed information regarding interface state than the standard command as described above. In particular it includes interface information about that interface which applies to all MSTIs: • Cost • link-type • hello-time • portfast (including whether BPDU guard is enabled) • guard root • guard topology change • BPDUs sent, received. and information specific to each MSTI • Port ID, Priority, Cost • BPDU info from root (Bridge ID, cost, priority) • BPDU info being sent on this port (Bridge ID, cost, priority) • State transitions to reach this state.

show spanning-tree mst protocol instance identifier interface {GigabitEthernet | TenGigE} [ instance msti ]

Syntax Description protocol instance (Optional) Displays detailed MAC accounting information for the specified identifier interface. The naming notation is rack/slot/module/port, and a slash between values is required as part of the notation. • rack—Chassis number of the rack. • slot—Physical slot number of the line card or modular services card. • module—Module number. A physical layer interface module (PLIM) is always 0. • port—Physical port number of the interface. Note For more information about the syntax for the Cisco ASR 9000 Series Router, use the question mark (?) online help function.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-165 Cisco ASR 9000 Series Router Platform Dependent Command Reference show spanning-tree mst Cisco Confidential - Beta Draft R3.7 FCI

{GigabitEthernet | Indicates the type of Ethernet interface whose MAC accounting statistics TenGigE} you want to display. Enter GigabitEthernet or TenGigE. instance msti (Optional) Displays detailed MAC accounting information for the specified interface. The naming notation is rack/slot/module/port, and a slash between values is required as part of the notation. • rack—Chassis number of the rack. • slot—Physical slot number of the line card or modular services card. • module—Module number. A physical layer interface module (PLIM) is always 0. • port—Physical port number of the interface. Note For more information about the syntax for the Cisco ASR 9000 Series Router, use the question mark (?) online help function.

Defaults No default behavior or values

Command Modes EXEC

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Task ID Task ID Operations interface read

Examples Here’s the example: # show spanning-tree mst a interface GigabitEthernet0/1/2/1 instance 3 GigabitEthernet0/1/2/1 Cost: 20000 link-type: point-to-point hello-time 1 Portfast: no BPDU Guard: no Guard root: no Guard topology change: no BPDUs sent 492, received 3

MST 3:

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-166 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show spanning-tree mst Cisco Confidential - Beta Draft R3.7 FCI

Edge port: Boundary : internal Designated forwarding Vlans mapped to MST 3: 1-2,4-2999,4000-4094 Port info port id 128.193 cost 200000 Designated root address 0050.3e66.d000 priority 8193 cost 20004 Designated bridge address 0002.172c.f400 priority 49152 port id 128.193 Timers: message expires in 0 sec, forward delay 0, forward transitions 1 Transitions to reach this state: 12

Related Commands Command Description clear mac-accounting (Ethernet) Clears MAC accounting statistics. mac-accounting Generates MAC accounting statistics.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-167 Cisco ASR 9000 Series Router Platform Dependent Command Reference traceroute ethernet cfm (basic linktrace) Cisco Confidential - Beta Draft R3.7 FCI traceroute ethernet cfm (basic linktrace)

To send Ethernet connectivity fault management (CFM) traceroute messages to generate a directed, basic, or exploratory linktrace, use the traceroute ethernet command in EXEC mode. traceroute ethernet cfm domain name service name { mep-id id | mac mac } source [ mep-id id ] interface intf [ cos cos_val ] [ filtering-db-only ] [ timeout time ]

Syntax Description traceroute ethernet cfm domain name String of a maximum of 154 characters that identifies the domain in which the destination MEP resides. Note For more information about the syntax for the Cisco ASR 9000 Series Router, use the question mark (?) online help function. service name String of a maximum of 154 characters that identifies the maintenance association to which the destination MEP belongs. mep-id id String of a maximum of 154 characters that identifies the ID number of the destination MEP. mac mac Identifies the six-byte ID number of the MAC address of the destination MEP. source mep-id id (Optional) String of a maximum of 154 characters that identifies the ID number of the source MEP. interface intf (Optional) Identifies the interface of the source MEP. It must be an existing interface. cos cos_val (Optional) Identifies the class of traffic of the source MEP by setting a Class of Service (CoS) value. The valid values are from 0 to 7. filtering-db-only Sets whether or not the that remote MPs should base their responses on the filtering database only. Default: no (use both the filtering and MIP-CCM databases). timeout time (Optional) Displays the time-to-live (TTL) value for the specified interface on the specified node. The time argument is entered in seconds.

Defaults No default behavior or values

Command Modes EXEC

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-168 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference traceroute ethernet cfm (basic linktrace) Cisco Confidential - Beta Draft R3.7 FCI

Task ID Task ID Operations interface read

Examples Domain fig (level 5), Service bay: ID Interface Dir MAC Address CcmSent CcmRcvd RD MEPs Err 2 Gi0/10/0/12.23456 (Down) Dn 2233.4455.6677 3456 54321 N 5 0 125 Gi0/1/0/0.1 (Up) Up 3344.5566.7788 1234 65432 Y 4 1

Domain fig (level 5), Service fred (cross-check suppressed) ID Interface Dir MAC Address CcmSent CcmRcvd RD MEPs Err 12345 Gi0/0/0/0 (Up) Dn 1122.3344.5566 12345678 123456789 Y 1234 567

Related Commands Command Description ethernet cfm Enables caching of Ethernet CFM data learned through traceroute messages. traceroute cache clear ethernet cfm Removes the contents of the traceroute cache. traceroute-cache show ethernet cfm Displays configured Ethernet CFM traceroute message caching. traceroute-cache

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-169 Cisco ASR 9000 Series Router Platform Dependent Command Reference traceroute ethernet cfm (exploratory linktrace) Cisco Confidential - Beta Draft R3.7 FCI traceroute ethernet cfm (exploratory linktrace)

traceroute ethernet cfm domain name service name {explore [ all-ports ] [ from mac ] source [ mep-id id ] interface intf [ cos cos_val ] [ filtering-db-only ] [ timeout time ]

Syntax Description traceroute ethernet cfm domain name String of a maximum of 154 characters that identifies the domain in which the destination MEP resides. Note For more information about the syntax for the Cisco ASR 9000 Series Router, use the question mark (?) online help function. service name String of a maximum of 154 characters that identifies the maintenance association to which the destination MEP belongs. explore Identifies that this is an exploratory linktrace. all-ports String of a maximum of 154 characters that identifies ID number of the destination MEP. from mac Identifies the six-byte ID number of the MAC address of the destination MEP. source mep-id id (Optional) String of a maximum of 154 characters that identifies the ID number of the source MEP. interface intf (Optional) Identifies the interface of the source MEP. It must be an existing interface. cos cos_val (Optional) Identifies the class of traffic of the source MEP by setting a CoS value. The valid values are from 0 to 7. filtering-db-only Sets whether or not the that remote MPs should base their responses on the filtering database only. Default: no (use both the filtering and MIP-CCM databases). timeout time (Optional) Displays the time-to-live (TTL) value for the specified interface on the specified node. The time argument is entered in seconds.

Defaults No default behavior or values

Command Modes EXEC

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-170 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference traceroute ethernet cfm (exploratory linktrace) Cisco Confidential - Beta Draft R3.7 FCI

Task ID Task ID Operations interface read

Domain fig (level 5), Service fred (cross-check suppressed) ID Interface Dir MAC Address CcmSent CcmRcvd RD MEPs Err 12345 Gi0/0/0/0 (Up) Dn 1122.3344.5566 12345678 123456789 Y 1234 567

Related Commands Command Description ethernet cfm Enables caching of Ethernet CFM data learned through traceroute messages. traceroute cache clear ethernet cfm Removes the contents of the traceroute cache. traceroute-cache show ethernet cfm Displays configured Ethernet CFM traceroute message caching. traceroute-cache

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-171 Cisco ASR 9000 Series Router Platform Dependent Command Reference 802.1Q VLAN Subinterface Commands on Cisco ASR 9000 Series Routers Cisco Confidential - Beta Draft R3.7 FCI 802.1Q VLAN Subinterface Commands on Cisco ASR 9000 Series Routers

This section describes the commands for configuring and monitoring 802.1Q VLAN commands on Cisco ASR 9000 Series Router. This section containd the following commands: • dot1q native vlan, page 173 • dot1q tunneling ethertype 0x9100, page 175 • dot1q vlan, page 177 • interface (VLAN), page 179 • l2protocol (VLAN), page 181 • show vlan interface, page 183 • show vlan tags, page 185 • show vlan trunks, page 187

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-172 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference dot1q native vlan Cisco Confidential - Beta Draft R3.7 FCI dot1q native vlan

To assign the native VLAN ID of a physical interface trunking 802.1Q VLAN traffic, use the dot1q native vlan command in interface configuration mode. To remove the VLAN ID assignment, use the no form of this command.

dot1q native vlan vlan-id

no dot1q native vlan vlan-id

Syntax Description vlan-id Trunk interface ID. Range is from 1 to 4094 inclusive (0 and 4095 are reserved).

Defaults No default behavior or values

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Note The native VLAN cannot be configured on a subinterface of the trunk interface. The native VLAN must be configured with the same value at both ends of the link, or traffic can be lost or sent to the wrong VLAN.

Task ID Task ID Operations vlan read, write

Examples The following example shows how to configure the native VLAN of a TenGigE0/2/0/4 trunk interface as 1. Packets received on this interface that are untagged, or that have an 802.1Q tag with VLAN ID 1, are received on the main interface. Packets sent from the main interface are transmitted without an 802.1Q tag. RP/0/RSP0/CPU0:router(config)# interface TenGigE 0/2/0/4 RP/0/RSP0/CPU0:router(config-if)# dot1q native vlan 1

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-173 Cisco ASR 9000 Series Router Platform Dependent Command Reference dot1q native vlan Cisco Confidential - Beta Draft R3.7 FCI

Related Commands Command Description dot1q vlan Assigns a VLAN ID to a subinterface, or changes the VLAN ID assigned to a subinterface.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-174 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference dot1q tunneling ethertype 0x9100 Cisco Confidential - Beta Draft R3.7 FCI dot1q tunneling ethertype 0x9100

To configure the Ethertype used by peer devices when implementing Q-in-Q VLAN tagging to be 0x9100, use the dot1q tunneling ethertype command in interface configuration mode for an Ethernet interface. To return to the default configuration of Ethertype 0x8100, use the no form of this command.

dot1q tunneling ethertype 0x9100

no dot1q tunneling ethertype 0x9100

Syntax Description This command has no arguments or keywords.

Defaults The Ethertype field used by peer devices when implementing Q-in-Q VLAN tagging is 0x8100.

Command Modes Interface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Task ID Task ID Operations vlan read, write

Examples The following example shows how to configure the inter-packet gap for a 10-Gigabit Ethernet interface: RSP/0/0/CPU0:router# configure RSP/0/0/CPU0:router(config-if)# interface GigabitEthernet 0/1/5/0 RSP/0/0/CPU0:router(config-if)# dot1q tunneling ethertype 0x9100

Related Commands

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-175 Cisco ASR 9000 Series Router Platform Dependent Command Reference dot1q tunneling ethertype 0x9100 Cisco Confidential - Beta Draft R3.7 FCI

Command Description dot1q vlan Assigns a VLAN ID to a subinterface, or modifies the VLAN ID that is currently assigned to a subinterface.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-176 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference dot1q vlan Cisco Confidential - Beta Draft R3.7 FCI dot1q vlan

To assign a VLAN ID to a subinterface (or to modify the VLAN ID that is currently assigned to a subinterface) use the dot1q vlan command in subinterface configuration mode. To remove the VLAN ID assigned to a subinterface, use the no form of this command. On the Cisco CRS-1:

dot1q vlan vlan-id

no dot1q vlan vlan-id

On the Cisco XR 12000 Series Router.

dot1q vlan vlan-id [vlan-id2 | any]

no dot1q vlan vlan-id

Syntax Description vlan-id ID of the subinterface. Range is from 1 to 4094 (0 and 4095 are reserved). vlan-id2 (Optional) Identifies the host VLAN of a Q-in-Q VLAN pair. Replace vlan-id2 with a number that specifies the host VLAN. Range is from 1 to 4094. Note The vlan-id2 argument is available for Q-in-Q VLANs on a 10-Gigabit Ethernet node only. any (Optional) Identifies the host VLAN of a Q-in any VLAN pair. Note The any keyword is available for Q-in-any VLANs on a 10-Gigabit Ethernet node only.

Defaults No default behavior or values

Command Modes Subinterface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-177 Cisco ASR 9000 Series Router Platform Dependent Command Reference dot1q vlan Cisco Confidential - Beta Draft R3.7 FCI

subinterfaces configured on the same physical interface. To change a VLAN ID, the new VLAN must not already be in use on the same physical interface. To exchange VLAN IDs, you must remove the configuration information and reconfigure the ID for each device.

Note The subinterface does not pass traffic without an assigned VLAN ID.

Task ID Task ID Operations vlan read, write

Examples The following example shows how to configure the VLAN ID and IP address on a subinterface: RP/0/RSP0/CPU0:router# configure

RP/0/RSP0/CPU0:router(config)# interface TenGigE 0/2/0/4.1

RP/0/RSP0/CPU0:router(config-subif)# dot1q vlan 10

RP/0/RSP0/CPU0:router(config-subif)# ipv4 addr 10.0.0.1/24

The following example shows how to configure the VLAN IDs for both VLANS in a single Q-in-Q attachment circuit (AC). In this case, incoming traffic must match both of the VLAN IDs before it is accepted by the subinterface: RSP/0/0/CPU0:router# configure

RSP/0/0/CPU0:router(config)# interface TenGigE 0/2/0/4.1

RSP/0/0/CPU0:router(config-subif)# dot1q vlan 10 20

The following example shows how to configure the VLAN IDs for a Q-in-any AC. In this case, all incoming traffic must have two VLAN tags, where the outer VLAN ID matches the configured value, while the inner VLAN ID can be any value. RSP/0/0/CPU0:router# configure

RSP/0/0/CPU0:router(config)# interface TenGigE 0/2/0/4.1 l2transport

RSP/0/0/CPU0:router(config-subif)# dot1q vlan 10 any

Related Commands Command Description dot1q native vlan Defines the native VLAN ID associated with a VLAN trunk. show interfaces Displays statistics for all interfaces configured on the router or for a specific node, show vlan interface Displays summarized information for the VLAN subinterfaces configured on your router. show vlan tags Displays VLAN tagging allocation information.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-178 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference interface (VLAN) Cisco Confidential - Beta Draft R3.7 FCI interface (VLAN)

To create a VLAN subinterface, use the interface command in global configuration mode. To delete a subinterface, use the no form of this command.

interface {GigabitEthernet | TenGigE | FastEthernet | Bundle-Ether} instance.subinterface [l2transport]

no interface {GigabitEthernet | TenGigE | FastEthernet | Bundle-Ether} instance.subinterface [l2transport]

Syntax Description {GigabitEthernet | Type of Ethernet interface on which you want to create a VLAN. Enter TenGigE} GigabitEthernet or TenGigE. instance.subinterface Physical interface instance, followed by the subinterface identifier. Naming notation is instance.subinterface, and a period between arguments is required as part of the notation. Replace the instance argument with one of the following Ethernet interface identifiers: • Physical interface instance. Naming notation is rack/slot/module/port and a slash between values is required as part of the notation. – rack—Chassis number of the rack. – slot—Physical slot number of the card. – module—Module number. A physical layer interface module (PLIM) is always 0. – port—Physical port number of the interface. Replace the subinterface argument with the subinterface value. Range is from 0 through 4095. Note For more information about the syntax for the router, use the question mark (?) online help function. l2transport Enables Layer 2 transport port mode on the specified VLAN interface and enters Layer 2 transport configuration mode. The l2transport keyword creates the Vlan interface in L2 mode so that it can be used for L2VPNs and local switching.

Defaults No default behavior or values

Command Modes Global configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-179 Cisco ASR 9000 Series Router Platform Dependent Command Reference interface (VLAN) Cisco Confidential - Beta Draft R3.7 FCI

Note A subinterface does not pass traffic without an assigned VLAN ID.

Task ID Task ID Operations vlan read, write

Examples The following example shows how to configure a VLAN subinterface on a 10-Gigabit Ethernet interface: RP/0/RSP0/CPU0:router(config)# interface TenGigE 0/0/0/1.2

RP/0/RSP0/CPU0:router(config-subif)# dot1q vlan 1

RP/0/RSP0/CPU0:router(config-subif)# ipv4 address 50.0.0.1/24

The following example shows how to create a VLAN subinterface with Layer 2 transport port mode enabled, and enter Layer 2 transport configuration mode under that VLAN: RSP/0/0/CPU0:router(config)# interface GigabitEthernet 0/4/0/1.1 RP/0/RSP0/CPU0:router(config-if-l2)#

Related Commands Command Description dot1q native vlan Defines the native VLAN ID associated with a VLAN trunk. dot1q vlan Assigns a VLAN ID to a subinterface, or changes the VLAN ID assigned to a subinterface.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-180 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference l2protocol (VLAN) Cisco Confidential - Beta Draft R3.7 FCI l2protocol (VLAN)

To configure Layer 2 protocol tunneling and data units parameters on an VLAN interface, use the l2protocol command in subinterface configuration mode. To disable a Layer 2 protocol tunneling and Layer 2 protocol data units configuration, use the no form of this command.

l2protocol {cdp | pvst | stp | vtp} {[tunnel] experimental bits | drop}

no l2protocol

Defaults All Layer 2 protocol data units are tunneled through the network without modification.

Command Modes Subinterface configuration

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Task ID Task ID Operations l2vpn read, write

Examples The following example shows how configure a VLAN to drop CDP packets: RP/0/RSP0/CPU0:router# configure

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-181 Cisco ASR 9000 Series Router Platform Dependent Command Reference l2protocol (VLAN) Cisco Confidential - Beta Draft R3.7 FCI

RP/0/RSP0/CPU0:router(config)# interface GigabitEthernet 0/1/5/0.1 l2transport

RP/0/RSP0/CPU0:router(config-subif)# l2protocol cdp drop

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-182 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show vlan interface Cisco Confidential - Beta Draft R3.7 FCI show vlan interface

To display summarized information about VLAN subinterfaces, use the show vlan interface command in EXEC mode.

show vlan interface [{GigabitEthernet | TenGigE } instance | location instance]

Syntax Description {GigabitEthernet | (Optional) Type of Ethernet interface whose VLAN information you TenGigE } want to display. Enter GigabitEthernet or TenGigE. instance.subinterface Physical interface instance, followed by the subinterface identifier. Naming notation is instance.subinterface, and a period between arguments is required as part of the notation. Replace the instance argument with one of the following Ethernet interface identifiers: • Physical interface instance. Naming notation is rack/slot/module/port and a slash between values is required as part of the notation. – rack—Chassis number of the rack. – slot—Physical slot number of the card. – module—Module number. A physical layer interface module (PLIM) is always 0. – port—Physical port number of the interface. Replace the subinterface argument with the subinterface value. Range is from 0 through 4095. Note For more information about the syntax for the router, use the question mark (?) online help function. location instance (Optional) Displays VLAN subinterfaces on a particular port. The instance argument is entered in the rack/slot/module/port notation.

Defaults No default behavior or values

Command Modes EXEC

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-183 Cisco ASR 9000 Series Router Platform Dependent Command Reference show vlan interface Cisco Confidential - Beta Draft R3.7 FCI

Enter the show vlan interface command without including any of the optional parameters to display summarized information about all VLANs configured on the router.

Task ID Task ID Operations vlan read

Examples The following is sample output from the show vlan interface command: RP/0/RSP0/CPU0:router#show vlan interface

Interface Encapsulation Outer 2nd Service MTU LineP VLAN VLAN State Gi0/1/5/0.1 802.1Q 10 L3 1518 up Gi0/1/5/0.2 None L3 1518 down

RP/0/RSP0/CPU0:P2_ASR9K#

Table 4 describes the significant fields shown in the display.

Ta b l e 4 show vlan interface Field Descriptions

Field Description interface VLAN subinterface. encapsulation Encapsulation of the VLAN subinterface. Currently, this is always 802.1Q. Outer VLAN VLAN ID currently assigned to the subinterface. Range is from 1 to 4094 (or blank if no VLAN ID has been assigned). 2nd VLAN VLAN ID currently assigned to the second subinterface in a pair. Range is from 1 to 4094 (or blank if no VLAN ID has been assigned). For Q-in-any VLANS, this field shows “Any.” Service Service currently assigned to the VLAN. Possible services are L2 and L3. MTU Maximum transmission unit (MTU) value configured for the specified VLAN, in bytes. LineP state Displays the line protocol state of the VLAN interface. Possible states: up, down, admin-down. The line protocol state reflects whether a VLAN ID is configured or not.

Related Commands Command Description show interfaces Displays statistics for all interfaces configured on the router. These statistics include VLAN L2 interface statistics. show vlan trunks Displays summary information about VLAN trunk interfaces.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-184 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show vlan tags Cisco Confidential - Beta Draft R3.7 FCI show vlan tags

To display VLAN tagging allocation information, use the show vlan tags command in EXEC mode.

show vlan tags [GigabitEthernet instance | TenGigE instance | location node-id]

Syntax Description GigabitEthernet Displays VLAN tagging information for a specific Gigabit Ethernet interface. instance Note Use the show interfaces GigabitEthernet command to see a list of all Ethernet interfaces currently configured on the router. TenGigE instance Displays VLAN tagging information for a specific 10-Gigabit Ethernet interface. Note Use the show interfaces TenGigE command to see a list of all10-Gigabit Ethernet interfaces currently configured on the router. location node-id Displays VLAN tagging information for a specific node. The node-id argument is entered in the rack/slot/module notation.

Defaults Enter the command without any of the optional keywords or arguments to display tagging allocation information for all VLANS configured on the router.

Command Modes EXEC

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Task ID Task ID Operations vlan read

Examples The following example shows how to display VLAN tagging allocation information for a router: RP/0/RSP0/CPU0:router# show vlan tags

Interface Outer 2nd Service MTU LineP VLAN VLAN State Gi0/1/5/0.1 10 L3 1518 up Gi0/1/5/0.2 20 L3 1518 up Gi0/1/5/0.3 30 L3 1518 up

RP/0/RSP0/CPU0:router

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-185 Cisco ASR 9000 Series Router Platform Dependent Command Reference show vlan tags Cisco Confidential - Beta Draft R3.7 FCI

Table 5 describes the significant fields shown in the display

Ta b l e 5 show vlan tags Field Descriptions

Field Description Outer Vlan The first (outermost) 802.1Q VLAN ID. This field is empty if no VLAN ID is configured. An asterisk (*) indicate the native VLAN. 2nd Vlan The second 802.1Q VLAN ID. This field reports “any” for a Q-in-Any service. If no VLAN ID is configured, then this field is empty. Service Service currently assigned to the subinterface. Can be Layer 2 (L2) or Layer 3 (L3). MTU Maximum transmission unit (MTU) value configured for the specified VLAN, in bytes. LineP state Displays the state of the VLAN interface. Possible states: up, down, admin-down.

Related Commands Command Description dot1q vlan Assigns a VLAN ID to a subinterface, or modifies the VLAN ID that is currently assigned to a subinterface. show vlan interface Displays summary information about each of the VLAN interfaces and subinterfaces. show vlan trunks Displays information about the VLAN trunks currently configured on your router.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-186 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show vlan trunks Cisco Confidential - Beta Draft R3.7 FCI show vlan trunks

To display information about VLAN trunks, use the show vlan trunks command in EXEC mode.

show vlan trunks [brief] [location node-id] [type instance] [summary]

Syntax Description type (Optional) Type of Ethernet interface whose VLAN trunk information you want to display. Possible Ethernet types are GigabitEthernet or TenGigE. instance Either a physical interface instance. Replace the instance argument with one of the following Ethernet interface identifiers: • Physical interface instance. Naming notation is rack/slot/module/port and a slash between values is required as part of the notation. – rack—Chassis number of the rack. – slot—Physical slot number of the card. – module—Module number. A physical layer interface module (PLIM) is always 0. – port—Physical port number of the interface. Note For more information about the syntax for the router, use the question mark (?) online help function. brief (Optional) Displays a short summary output. summary (Optional) Displays a summarize output. Note The summary option can be specified only if the trunk interface is not specified. location node-id (Optional) Displays VLAN trunk information for a specific node. The node-id is expressed in the rack/slot/module notation. Note For more information about the syntax for the router, use the question mark (?) online help function.

Defaults No default behavior or values

Command Modes EXEC

Command History Release Modification Release 3.7 FCI This command was first introduced on the Cisco ASR 9000 Series Router.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-187 Cisco ASR 9000 Series Router Platform Dependent Command Reference show vlan trunks Cisco Confidential - Beta Draft R3.7 FCI

Task ID Task ID Operations vlan read

Examples The following is sample output from the show vlan trunks command: RP/0/RSP0/CPU0:router# show vlan trunks

GigabitEthernet0/4/0/0 is up Outer VLAN tag format is Dot1Q (0x8100) L3 Encapsulations: Ether, 802.1Q Sub-interfaces: 2 2 are up Single tag sub-interfaces: 2 No native VLAN Id L2 Encapsulations: 802.1Q VLAN ACs: 1 1 are up Single tag ACs: 1

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-188 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference show vlan trunks Cisco Confidential - Beta Draft R3.7 FCI

Table 6 describes the significant fields shown in the display.

Ta b l e 6 show vlan trunks summary Field Descriptions

Field Description Outer VLAN tag format The first (outermost) 802.1Q VLAN Id. • This field is empty if no VLAN ID is configured. • An asterisk (*) indicates that a native VLAN is configured. L3 Encapsulations VLAN encapsulations currently used for terminated Layer 3traffic. Possible Layer 3 encapsulations are as follows: • Nat – A Native VLAN is configured. • Q – One or more sub-interfaces are configured with either 0 or 1 802.1Q VLAN tags. • 2Q – One or more sub-interfaces have been configured with two 802.1Q VLAN tags. Sub-interfaces The number of subinterfaces configured on the main Ethernet interface, and the current state of those subinterfaces. Possible states are up, down, and admin-down. Note The number of Down and Admin-down subinterfaces is only reported only if that number is greater than 0. Single tag sub-interfaces: Number of sub-interfaces configured with a single 802.1Q tag. Note The number of sub-interfaces is displayed only if that number is greater than 0. No native VLAN Id Indicate that a native VLAN ID is not configured on this interface. L2 Encapsulations: VLAN encapsulations currently used for terminated L2 traffic. Possible Layer 2 encapsulations are as follows: • Q – One or more single 802.1Q tag ACs are configured. • 2Q – One or more double 802.1Q tag ACs have been configured. • Qany – One or more double 802.1Q tag ACs have been configured that have a wildcard “any” innertag. VLAN ACs Number of ACs currently configured under the specified interface. Single tag ACs Note The number of sub-interfaces sub-interfaces configured with a single 802.1Q tag is displayed only if that number is greater than 0.

Related Commands Command Description interface (VLAN) Displays summary information about each of the VLAN interfaces and subinterfaces.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-189 Cisco ASR 9000 Series Router Platform Dependent Command Reference Where to Go Next Cisco Confidential - Beta Draft R3.7 FCI Where to Go Next

When you have configured an Ethernet interface, you can configure individual VLAN subinterfaces on that Ethernet interface. For information about configuring VLAN subinterfaces, see the Configuring 802.1Q VLAN Interfaces on the Cisco ASR 9000 Series Router module in the Cisco ASR 9000 Series Hardware Intercaces Configuration Guide. For information about modifying Ethernet management interfaces for the shelf controller (SC), route switch processor (RSP), and distributed RSP, see the Advanced Configuration and Modification of the Management Ethernet Interface on the Cisco ASR 9000 Series Router module in the Cisco ASR 9000 Series Hardware Intercaces Configuration Guide. For information about ACLs (Access Server Lists) see the Implementing Access Lists and Prefix Lists on the Cisco ASR 9000 Series Router module in the Cisco ASR 9000 Series Aggregation Services Router IP Addresses and Services Configuration Guide.

Additional References

The following sections provide references related to implementing Gigabit and 10-Gigabit Ethernet interfaces.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-190 OL-17103-01 Cisco ASR 9000 Series Router Platform Dependent Command Reference Additional References Cisco Confidential - Beta Draft R3.7 FCI Related Documents

Related Topic Document Title Cisco IOS XR master command reference Cisco ASR 9000 Series Router Master Commands List Information about user groups and task IDs Cisco ASR 9000 Series Router Interface and Hardware Component Command Reference

Standards

Standards Title No new or modified standards are supported by this — feature, and support for existing standards has not been modified by this feature.

MIBs

RFCs

RFCs Title No new or modified RFCs are supported by this — feature, and support for existing RFCs has not been modified by this feature.

Technical Assistance

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-191 Cisco ASR 9000 Series Router Platform Dependent Command Reference Additional References Cisco Confidential - Beta Draft R3.7 FCI

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-192 OL-17103-01 Cisco Confidential - Beta Draft R3.7 FCI

Ethernet Services Configuration Examples

This chapter describes several ethernet services configuration examples on the Cisco ASR 9000 Series Aggregation Services Router using the command-line interface (CLI). The distributed Gigabit Ethernet and 10-Gigabit Ethernet architecture and features deliver network scalability and performance, while enabling service providers to offer high-density, high-bandwidth networking solutions designed to interconnect the router with other systems in POPs, including core and edge routers and Layer 2 and Layer 3 switches. Configuring Layer 2 features on a Cisco ASR 9000 Series Router can vary from the very simple (aggregated Ethernet trunk interfaces, spanning trees), to the more complex (inner and outer VLAN tags, broadcast domains), to the very complicated (integrated bridging and routing, Layer 2 filtering). This chapter offers a fairly complex configuration for Layer 2 processing in a bridged environment. Generally, there are four things that you must configure in an Layer 2 environment: • Interfaces and virtual LAN (VLAN) tags—Layer 2 interfaces are usually various type of Ethernet links with VLAN tags used to connect to customer devices or other bridges or routers. • Bridge domains and virtual switches—Bridge domains limit the scope of media access control (MAC) learning (and thereby the size of the MAC table) and also determine where the device should propagate frames sent to broadcast, unknown unicast, and multicast (BUM) MAC addresses. Virtual switches allow for the configuration of multiple, independent bridge domains. • Spanning Tree Protocols (xSTP, where the “x” represents the STP type)—Bridges function by associating a MAC address with an interface, similar to the way a router associates an IP network address with a next-hop interface. Just as routing protocols use packets to detect and prevent routing loops, bridges use xSTP frames to detect and prevent bridging loops. (Layer 2 loops are more devastating to a network because of the broadcast nature of Ethernet LANs.) • Integrated bridging and routing (IRB)—Support for both Layer 2 bridging and Layer 3 routing on the same interface. Frames are bridged if they are not sent to the router's MAC address. Frames sent to the router's MAC address are routed to other interfaces configured for Layer 3 routing.

Cisco Per-VLAN Spanning Tree (PVST+)

The following two sections compare Virtual Private LAN Service (VPLS) and Virtual Private Wire Service (VPWS). Both services provide advanced packet-switched VPN solutions that blend Layer 2 and Layer 3 technologies to make it possible to operate private, point-to-point, and multipoint virtual LANs through public networks. Multiple Layer 2 networks can be consolidated within enterprise or service provider environments into single networks with Layer 2 services running over a common IP/MPLS core. LANs also can be smoothly extended as private virtual LANs across a WAN.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-193 Ethernet Services Configuration Examples

Cisco Confidential - Beta Draft R3.7 FCI Layer 2 or Layer 3 VPN

A virtual private network commonly referred to as VPN is a private communications network often used within a company, or by several companies or organizations, to communicate confidentially over a public network or the Internet. The VPN traffic is generally carried over the Internet using standard protocols or over a SP network under a Service Level Agreement (SLA) between the VPN customer and the SP. The VPN can be broadly divided into two categories namely L3VPN and L2VPN Historically, if an organization wanted to extend their local area network (LAN) between locations across a geographic distance they would typically use a leased-line, circuit-based service such as frame relay (FR) or asynchronous transfer mode (ATM). However, leased-line, circuit-based architectures are limited in their ability to scale and provide multiservice capability. We needed to go from a point-to-point network to a network “cloud”, meaning any-to-any connectivity. The recent advances in VPN technologies have allowed SPs to accommodate traditional access technologies (such as, dial, Frame Relay, and ATM) along with new ones (like, Ethernet and wireless) and Layer 3 VPNs over a common network infrastructure. A new solution, enabling SPs to converge Layer 2 and Layer 3 services and provide legacy data services over an IP or MPLS backbone, promises to simplify matters, benefiting both SPs and enterprises.

Why Layer 2 VPN?

Ethernet + IP/MPLS

Layer 2 VPNs from an SP provides only a layer 2 interface to its customer, and the customer is responsible for creating and managing the layer 3 overlays. The Service Provider provides layer 2 connectivity, and the customer builds his own VPN, using the provided layer 2 connectivity as one of the building blocks. In an L2VPN service, the Service Provider does not need to know about the customer's topology, about the customer's policies, or about the customer's routing. The Service Provider does not need to know whether all the point-to-point links he is providing are used by the customer as part of the same network, or whether a customer network has point-to-point links from other providers as well. In essence the customer builds his own network, using data link resources obtained from the Service Provider. IP and MPLS connectionless, packet-switched architectures are now the choice of Service Providers worldwide. Ethernet, ubiquitous in the LAN market, has also evolved in both scale (10 Gigabit Ethernet and 100 Gigabit Ethernet are now available) and Layer 1 performance management (802.3 OAM, 802.1ag, 802.1ad, etc.), making it an ideal transport mechanism. IP provides QoS at the application layer rather than across the entire VC. Customers looking to extend their Ethernet LAN now have the option of connecting with Ethernet across the Service Provider IP/MPLS network. MPLS can be used to provide point-to-point or multipoint/any-any service connectivity. This capability is known as Layer 2 Virtual Private LAN Service (VPLS). Today customers demand any application, any connectivity, on almost any device, whether accessing information or entertainment delivered via voice, video or data. We need to be “in the office” when we’re at home, and connected to our home when we’re at work. And of course, we want it all to be delivered as one service. All the characteristics of Carrier Ethernet mean that it is poised to be that “one service” Carrier Ethernet is a network-wide set of Service Provider transport standards defined by the Metro Ethernet Forum (MEF). The MEF is a consortium of vendors, Service Providers and governing bodies. The MEF sets standards for services deployed over a Carrier Ethernet network.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-194 OL-17103-01 Ethernet Services Configuration Examples

Cisco Confidential - Beta Draft R3.7 FCI

The ASR-9k enables converged aggregation for residential broadband and business Ethernet services. Residential broadband components include Internet Access, Broadcast TV, Video on Demand and Voice over IP. Business Ethernet components include the MEF standard services of E-Line, E-LAN and Access to Layer 3 Virtual Private Network (VPN). This is the Cisco Ethernet Infrastructure (EI) Model. The Cisco EI model uses a series of Ethernet Flow Points (EFPs) and Bridge Domains to create an end to end Ethernet Virtual Connection (EVC). An EVC can be point-to-point or multipoint. A service is what the CE sees. Service frames cannot leak out of an EVC. The technology used inside the SP network is not visible to the end customer. The ASR-9k connects Ethernet services (called Attachment Circuits, ACs) on its customer-facing or downstream side to Ethernet Virtual Circuits (EVCs) on its network or upstream side provided by an IP tunnel or MPLS pseudowire. The end-to-end service is a Layer 2 Virtual Private Network (L2VPN).

VPLS

VPLS is an attractive option for service providers because it uses a Layer 2 architecture to offer multipoint Ethernet VPNs that connect multiple sites over a metropolitan-area network (MAN) or WAN. Other technologies also enable Ethernet across the WAN, including Ethernet over MPLS, Ethernet over Layer 2 Tunneling Protocol Version 3 (L2TPv3), Ethernet over SONET/SDH, and Ethernet bridging over Any-Transport over MPLS AToM. However, they provide only point-to-point connectivity and VPLS is designed for applications that require multipoint or broadcast access. For larger VPLS networks supporting applications requiring multipoint or broadcast access, VPLS scalability is achieved by using a hierarchy to reduce the signaling overhead and packet replication requirements for the provider edge. Using VPLS, service providers can create a Layer 2 “virtual switch” over an MPLS core to establish a distributed Network Access Point (NAP). The NAP allows transparent private peering between multiple ISPs and delivers robust connections to multiple sites within a specific metro region. Service provider-to-service provider VPLS can be supported using either Border Gateway Protocol (BGP) or Label Distribution Protocol (LDP). LDP provides more granular control of communication and quality of service between VPLS nodes, more control per node, and is a consistent signaling option to support MPLS, VPLS, or VPWS. BGP is less versatile because typically it communicates the same information to all nodes participating in a VPLS. The hierarchical VPLS architecture includes customer edge devices connected to provider edge routers that aggregate VPLS traffic before it reaches the network provider edge routers, where the VPLS forwarding takes place.

VPWS

VPWS makes the integration of existing Layer 2 and Layer 3 services possible on a point-to-point basis across a service provider’s IP/MPLS cloud. Two pseudowire technologies are available from Cisco Systems®: • AToM is the Cisco® pseudowire technology that targets MPLS networks. • L2TPv3 is the Cisco pseudowire technology for native IP networks. Both AToM and L2TPv3 support the transport of Frame Relay, ATM, High-Level Data Link Control (HDLC), and Ethernet traffic over an IP or MPLS core.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-195 Ethernet Services Configuration Examples Contents Cisco Confidential - Beta Draft R3.7 FCI Layer 2 VPN Types

P2P or MP, native Ethernet or MPLS

This table categorizes the L2VPN types. The table is divided vertically with P2P on the left and MP on the right. The table is divided horizontally with local services (one-platform) using native Ethernet on top and multi-platform services using MPLS on the bottom.

P2P

Local connect is a transparent connection between two EFPs (AC-AC) which resided on the same box. The EFPs the same or different LCs, the same or different physical port.. EoMPLS is a transparent connection between two EFPs on different platforms using an MPLS PW. Each platform has an AC-PW connection. There are two endpoints to the service, no MAC learning is performed.

Local bridging uses a bridge-domain (BD) to interconnect 2 or more EFPs on a single platforms. VPLS bridging uses bridge-domains and a PW mesh to interconnect 2 or more EFPs on multiple platforms. MAC learning/forwarding is performed by the BD.

Contents

• Configuring an Ethernet Interface: Example, page 196 • Configuring MAC-accounting: Example, page 198 • Configuring a Layer 2 VPN AC: Example, page 198 • Where to Go Next, page 220

Configuration Examples for Ethernet Interfaces

This section provides the following configuration examples: • Configuring an Ethernet Interface: Example • Configuring MAC-accounting: Example • Configuring a Layer 2 VPN AC: Example

Configuring an Ethernet Interface: Example

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-196 OL-17103-01 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

RP/0/RSP0/CPU0:router(config-if)# end Uncommitted changes found, commit them? [yes]: yes

RP/0/RSP0/CPU0:router# show interfaces TenGigE 0/0/0/1

RP/0/RSP0/CPU0:router(config)# interface GigabitEthernet0/4/0/0.50 l2transport RP/0/RSP0/CPU0:router(config-if)# encapsulation dot1q 20

If encapsulation dot1q is specified, packets appear with the IEEE 802.1Q encapsulation. If these keywords are not specified, packets appear in the untagged format. RP/0/RSP0/CPU0:router(config-if)# rewrite ingress tag push dot1ad 2 dot1q 10 symmetric

Pop - to remove an Ethernet tag. Useful at the NNI ingress to remove a provider tag. Can pop one tag or two tags. The number of tags you match are the number that you can pop.

RP/0/RSP0/CPU0:router(config)# interface GigabitEthernet0/4/0/0.20 l2transport RP/0/RSP0/CPU0:router(config-if)# encapsulation dot1q 50 second-dot1q 20 RP/0/RSP0/CPU0:router(config-if)# rewrite ingress tag pop 2 symmetric

Translate a tag Options are 1:1, 1:2, 2:1, 2:2 Useful for customer VLAN overlap

RP/0/RSP0/CPU0:router(config)# interface GigabitEthernet0/4/0/0.200 l2transport RP/0/RSP0/CPU0:router(config-if)# encapsulation dot1q 200 second-dot1q 10 RP/0/RSP0/CPU0:router(config-if)# rewrite ingress tag translate 2-to-1 dot1q 30 symmetric

RP/0/RSP0/CPU0:router(config)# interface GigabitEthernet0/4/0/0.220 l2transport RP/0/RSP0/CPU0:router(config-if)# encapsulation dot1q 30 RP/0/RSP0/CPU0:router(config-if)# rewrite ingress tag translate 1-to-2 dot1ad 40 dot1q 50 symmetric

RP/0/RSP0/CPU0:router(config)# interface type 0/0/slot/port. l2transport

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-197 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

RP/0/RSP0/CPU0:router(config-if)# encapsulation RP/0/RSP0/CPU0:router(config-if)# rewrite ingress Symmetric * RP/0/RSP0/CPU0:router(config-if)# service-policy input RP/0/RSP0/CPU0:router(config-if)# service-policy output

Point to Point Services Local Connect

Left side RP/0/RSP0/CPU0:router(config)# Interface GigabitEthernet0/0/0/4.1 l2transport RP/0/RSP0/CPU0:router(config-if)# encapsulation RP/0/RSP0/CPU0:router(config-if)# rewrite ingress Symmetric

Right side RP/0/RSP0/CPU0:router# configure RP/0/RSP0/CPU0:router(config)# Interface GigabitEthernet0/0/0/5.1 l2transport RP/0/RSP0/CPU0:router(config-if)# encapsulation RP/0/RSP0/CPU0:router(config-if)# rewrite ingress Symmetric

Setting up the connection RP/0/RSP0/CPU0:router(config)# l2vpn RP/0/RSP0/CPU0:router(config)# xconnect group cisco p2p lconnect RP/0/RSP0/CPU0:router(config)# interface GigabitEthernet0/0/0/4.1 RP/0/RSP0/CPU0:router(config)# interface GigabitEthernet0/0/0/5.1

Configuring MAC-accounting: Example

Configuring a Layer 2 VPN AC: Example

Configuring Layer 2 Local Switching: Example

The following example indicates how to configure Layer 2 local switchingon an Ethernet interface:

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-198 OL-17103-01 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

RP/0/RSP0/CPU0:L2VPN-PE1(config)# RP/0/RSP0/CPU0:L2VPN-PE1(config)# l2vpn xconnect group AC2AC p2p con1 RP/0/RSP0/CPU0:L2VPN-PE1(config-l2vpn-xconnect-p2p)# interface gigabitEthernet 0/2/0/0.100 RP/0/RSP0/CPU0:L2VPN-PE1(config-l2vpn-xconnect-p2p)# interface gigabitEthernet 0/2/0/1.100 RP/0/RSP0/CPU0:L2VPN-PE1(config-l2vpn-xconnect-p2p)# end

RP/0/RSP0/CPU0:L2VPN-PE1# sh l2vpn xconnect group AC2AC detail Group AC2AC, XC con1, state is up Segment 1 is AC: GigabitEthernet0/2/0/0.100, Xconnect ID: 2, type VLAN Tags: Outer 300, Inner 0, MTU 1500 State is up Statistics: packet totals: receive 0,send 0 byte totals: receive 0,send 0 drops: illegal VLAN 0, illegal length 0 Segment 2 is AC: GigabitEthernet0/2/0/1.100, Xconnect ID: 3, type VLAN Tags: Outer 350, Inner 0, MTU 1500 State is up Statistics: packet totals: receive 0,send 0 byte totals: receive 0,send 0 drops: illegal VLAN 0, illegal length 0

RP/0/RSP0/CPU0:L2VPN-PE1# sh l2vpn forwarding interface gigabitEthernet 0/2/0/0.100 detail location 0/2/cpu0 Local interface: GigabitEthernet0/2/0/0.100, Xconnect id: 2, Status: up Segment 1 AC, GigabitEthernet0/2/0/0.100, Ethernet VLAN mode, status: Bound Packet switched: 0, byte switched: 0 Segment 2 AC, GigabitEthernet0/2/0/1.100, Ethernet VLAN mode, status: Bound Packet switched: 0, byte switched: 0

Basic MPLS Configuration on the ASR 9000

Enable basic MPLS Make sure OSPF is operational Make sure the MPLS protocol is enabled Enable layer 2 service instances or VLANs Configure targeted LDP RP/0/RSP0/CPU0:L2VPN-PE1# mpls ldp router-id loopback0 RP/0/RSP0/CPU0:L2VPN-PE1# mpls ldp discovery targeted-hello accept

Note that the mpls ldp discovery targeted-hello accept command is optional.

On each end of the point-to-point link, configure the CPEs to create a virtual connection on virtual switched interfaces Create an SVI — RP/0/RSP0/CPU0:(config)# interface vlan number

Setup an EVC — RP/0/RSP0/CPU0:(config)# xconnect destination vc-id encapsulation mpls

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-199 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI E-Line Configuration – EFP and L2VPN

Enable LDP globally, [We need to enable Graceful Reset for supporting Non-Stop Forwarding] RP/0/RSP0/CPU0:L2VPN-PE1# config t RP/0/RSP0/CPU0:L2VPN-PE1(config)# mpls ldp RP/0/RSP0/CPU0:L2VPN-PE1(config-ldp)# router-id 101.101.101.101 RP/0/RSP0/CPU0:L2VPN-PE1(config-ldp)# graceful-restart RP/0/RSP0/CPU0:L2VPN-PE1(config-ldp)# commit RP/0/RSP0/CPU0:L2VPN-PE1(config-ldp)# end

Configure the interface as a Layer 2 interface (VLAN) RP/0/RSP0/CPU0:L2VPN-PE1# config t RP/0/RSP0/CPU0:L2VPN-PE1(config)# int gigabitEthernet 0/6/0/0.1001 l2transport RP/0/RSP0/CPU0:L2VPN-PE1(config-if)# encapsulation dot1q 1001 RP/0/RSP0/CPU0:L2VPN-PE1(config-if-l2)# commit RP/0/RSP0/CPU0:L2VPN-PE1(config-if-l2)# end

Configuring a Cross-Connect

RP/0/RSP0/CPU0:L2VPN-PE1(config)# l2vpn RP/0/RSP0/CPU0:L2VPN-PE1(config-l2vpn)# xconnect group toPE2-Gig6 RP/0/RSP0/CPU0:L2VPN-PE1(config-l2vpn-xconnect)# p2p vlan1001 RP/0/RSP0/CPU0:L2VPN-PE1(config-l2vpn-xconnect-p2p)# interface GigabitEthernet0/6/0/2.1001 RP/0/RSP0/CPU0:L2VPN-PE1(config-l2vpn-xconnect-p2p)# neighbor 102.102.102.102 pw-id 1001 RP/0/RSP0/CPU0:L2VPN-PE1(config-l2vpn-xconnect-p2p)# commit

Verifying Cross-Connect Status

RP/0/RSP0/CPU0:L2VPN-PE1# sh l2vpn xconnect detail Group to_PE2-Gig6, XC vlan1001, state is up; Interworking none AC: GigabitEthernet0/6/0/2.1001, state is up Type simple EFP; Num Ranges: 1 vlan ranges: [1001, 1001] MTU 4470; XC ID 0x7000001; interworking none; MSTi 0 Statistics: packet totals: send 0 byte totals: send 0 drops: illegal VLAN 0, illegal length 0 PW: neighbor 102.102.102.102, PW ID 1001, state is up ( established ) PW class not set, XC ID 0x7000001 Encapsulation MPLS, protocol LDP PW type Ethernet VLAN, control word enabled, interworking none Sequencing not set MPLS Local Remote ------Label 19492 21032 Group ID 0x7000400 0x8000e00 Interface GigabitEthernet0/6/0/2.1001 GigabitEthernet0/7/1/6.1001 MTU 4470 4470 Control word enabled enabled PW type Ethernet VLAN Ethernet VLAN VCCV CV type 0x2 0x2 (LSP ping verification) (LSP ping verification) VCCV CC type 0x3 0x3 (control word) (control word) (router alert label) (router alert label) ------

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-200 OL-17103-01 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

Create time: 18/07/2008 04:11:40 (6d08h ago) Last time status changed: 23/07/2008 17:20:55 (19:12:08 ago) Statistics: packet totals: receive 276516 byte totals: receive 386016336

Verifying Layer 2 Forwarding

RP/0/RSP0/CPU0:L2VPN-PE1# sh l2vpn forwarding location 0/6/cpu0 Segment 1 Segment 2 State ------Gi0/6/0/2.1001(Eth VLAN) mpls 102.102.102.102 UP

RP/0/RSP0/CPU0:L2VPN-PE1# sh l2vpn forwarding detail location 0/6/cpu0 Local interface: GigabitEthernet0/6/0/2.1001, Xconnect id: 0x7000001, Status: up Segment 1 AC, GigabitEthernet0/6/0/2.1001, Ethernet VLAN mode, status: Bound Packet switched: 0, byte switched: 0 Segment 2 MPLS, Destination address: 102.102.102.102, pw-id: 1001, status: Bound Pseudowire label: 21032 Packet switched: 278736, byte switched: 389115456

Ethernet Port Mode

RP/0/RSP0/CPU0:(config)# interface GigabitEthernet 0/0/0/0 RP/0/RSP0/CPU0:(config-if)# l2transport

Ethernet VLAN Mode

RP/0/RSP0/CPU0:(config)# interface GigabitEthernet 0/0/0/0.1 RP/0/RSP0/CPU0:(config-if)# l2transport RP/0/RSP0/CPU0:(config-if)# dot1q vlan 999

Ethernet VLAN Mode (QinQ)

RP/0/RSP0/CPU0:(config)# interface TenGigE 0/0/0/0.1 l2transport RP/0/RSP0/CPU0:(config-if)# dot1q vlan 999 vlan 888

Ethernet VLAN Mode (QinAny)

RP/0/RSP0/CPU0:(config)# interface GigabitEthernet 0/0/0/0.1 l2transport RP/0/RSP0/CPU0:(config-if)# dot1q vlan 999 vlan 888

Ethernet VLAN Mode (QinAny)

RP/0/RSP0/CPU0:(config)# interface TenGigE 0/0/0/0.1 l2transport RP/0/RSP0/CPU0:(config-if)# dot1q vlan 999 vlan 888

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-201 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

Configuring Layer 2 EtherChannel

Core# conf t Core(config)# interface range gigabitethernet1/0/1 -2 Core(config-if-range)# switchport mode access Core(config-if-range)# switchport access vlan 100 Core(config-if-range)# channel-group 5 mode active Core(config-if-range)# end

StackMaster# conf t StackMaster(config)# interface range gigabitethernet1/0/23 -24 StackMaster(config-if-range)# switchport mode access StackMaster(config-if-range)# switchport access vlan 100 StackMaster(config-if-range)# channel-group 5 mode on StackMaster(config-if-range)# exit StackMaster(config)# interface gigabitethernet2/0/24 StackMaster(config-if)# switchport mode access StackMaster(config-if)# switchport access vlan 100 StackMaster(config-if)# channel-group 5 mode on StackMaster(config-if)# exit

Configuring Layer 3 Logical EtherChannel

Core# conf t Core(config)# interface port-channel 5 Core(config-if)# no switchport Core(config-if)# ip address 192.168.23.1 255.255.255.0 Core(config-if)# end

Core# configure terminal Core(config)# interface range gigabitethernet1/0/1 -2 Core(config-if-range)# no ip address Core(config-if-range)# no switchport Core(config-if-range)# channel-group 5 mode on Core(config-if-range)# end

StackMaster# conf t StackMaster(config)# interface gigabitethernet1/0/24 StackMaster(config-if)# no ip address StackMaster(config-if)# no switchport StackMaster(config-if)# channel-group 5 mode on StackMaster(config-if)# exit

StackMaster(config)# interface gigabitethernet2/0/24 StackMaster(config-if)# no ip address StackMaster(config-if-range)# no switchport StackMaster(config-if)# channel-group 5 mode on StackMaster(config-if)# exit

StackMaster(config)# interface port-channel 1 StackMaster(config-if)# ip address 192.168.23.2 255.255.255.0 StackMaster(config-if)# no switchport StackMaster(config-if)# channel-group 5 mode on StackMaster(config-if)# exit

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-202 OL-17103-01 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

VTP, VLANs, Voice VLAN

Core# conf t Core(config)# vtp domain MINFIN Core(config)# vtp mode transparent Core(config)# vtp version 2

Core(config)# vlan 110 Core(config-vlan)# name voice Core(config-vlan)# exit Core(config)# vlan 100 Core(config-vlan)# name data Core(config-vlan)# exit

Core(config)# interface vlan voice Core(config-if)# ip address 192.168.110.1 255.255.255.0 Core(config)# exit Core(config)# interface vlan data Core(config-if)# ip address 192.168.100.1 255.255.255.0 Core(config)# exit

StackMaster# conf t StackMaster(config)# vtp domain MINFIN StackMaster(config)# vtp mode transparent StackMaster(config)# vtp version 2

VPLS Configuration Example

EFP Configuration (PE Configuration)

RP/0/RSP0/CPU0:PE3# interface GigabitEthernet0/2/0/16.2 l2transport RP/0/RSP0/CPU0:PE3# encapsulation dot1q 5 RP/0/RSP0/CPU0:PE3# ! RP/0/RSP0/CPU0:PE3# interface GigabitEthernet0/2/0/16.3 l2transport RP/0/RSP0/CPU0:PE3# encapsulation dot1ad 3 dot1q 300 RP/0/RSP0/CPU0:PE3# ! RP/0/RSP0/CPU0:PE3# mtu 1514 !

interface GigabitEthernet0/2/0/16.4 l2transport (PUSH/POP Configuration Example) RP/0/RSP0/CPU0:PE3# interface GigabitEthernet0/2/0/16.4 l2transport RP/0/RSP0/CPU0:PE3# encapsulation dot1ad 4 dot1q 20 RP/0/RSP0/CPU0:PE3# rewrite ingress tag pop 1 symmetric RP/0/RSP0/CPU0:PE3# !

interface GigabitEthernet0/2/0/16.3 l2transport (1-to-1 rewrite example) RP/0/RSP0/CPU0:PE3# interface GigabitEthernet0/2/0/16.3 l2transport RP/0/RSP0/CPU0:PE3# encapsulation dot1q 100 RP/0/RSP0/CPU0:PE3# rewrite ingress tag translate 1-to-1 dot1q 200 symmetric RP/0/RSP0/CPU0:PE3# ! RP/0/RSP0/CPU0:PE3# sho ethernet tags GigabitEthernet0/7/0/18.2

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-203 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

St: AD - Administratively Down, Dn - Down, Up - Up Ly: L2 - Switched layer 2 service, L3 = Terminated layer 3 service, Xtra C - Match on Cos, E - Match on Ethertype, M - Match on source MAC -,+: Ingress rewrite operation; number of tags to pop and push respectively

Interface St MTU Ly Outer Inner Xtra -,+ Gi0/7/0/18.2 Up 1514 L2 .1Q:2 .1Q:1002 - 0 0

VPLS Bridge Configuration (PE configuration) RP/0/RSP0/CPU0:PE3# configure RP/0/RSP0/CPU0:PE3(config)# l2vpn RP/0/RSP0/CPU0:PE3(config-l2vpn)# bridge group bg RP/0/RSP0/CPU0:PE3(config-l2vpn-bg)# bridge-domain bd500 RP/0/RSP0/CPU0:PE3(config-l2vpn-bg-bd)# ! RP/0/RSP0/CPU0:PE3# interface GigabitEthernet0/6/0/19.500 ? Attachment Ciruit (EFP) RP/0/RSP0/CPU0:PE3(config-l2vpn-bg-bd-vfi-pw)# static-mac-address 0002.0002.0002 ? Static MAC address configuration example RP/0/RSP0/CPU0:PE3# ! RP/0/RSP0/CPU0:PE3# vfi vfi500 RP/0/RSP0/CPU0:PE3(config-l2vpn-bg-bd-vfi)# neighbor 15.15.15.15 pw-id 500 ? PW Configuration RP/0/RSP0/CPU0:PE3(config-l2vpn-bg-bd-vfi-pw)# ! RP/0/RSP0/CPU0:PE3(config-l2vpn-bg-bd-vfi-pw)# ! RP/0/RSP0/CPU0:PE3(config-l2vpn-bg-bd-vfi-pw)# !

Enabling MAC withdrawal under Bridge Domain RP/0/RSP0/CPU0:PE3(config)# l2vpn RP/0/RSP0/CPU0:PE3(config-l2vpn)# bridge group bg RP/0/RSP0/CPU0:PE3(config-l2vpn-bg)# bridge-domain bd500 RP/0/RSP0/CPU0:PE3(config-l2vpn-bg-bd)# mac RP/0/RSP0/CPU0:PE3(config-l2vpn-bg-bd)# withdraw RP/0/RSP0/CPU0:PE3(config-l2vpn-bg-bd)# !

VPLS Show Layer 2 VPN Forwarding Command Example

RP/0/RSP0/CPU0:ASR-9k_VPLS_05# sho l2vpn forwarding detail location 0/6/CPU0 Local interface: GigabitEthernet0/6/0/19.500, Xconnect id: 0x2040002, Status: up Segment 1 AC, GigabitEthernet0/6/0/19.500, status: Bound Packet switched: 7247817134, byte switched: 943854963052 Packet dropped (MTU/Queue): 0/0, byte dropped (MTU/Queue): 0/0 Segment 2 Bridge id: 2, Split horizon group id: 0 MAC learning: enabled Flooding: Broadcast & Multicast: enabled Unknown unicast: enabled MAC aging time: 300 s, Type: inactivity MAC limit: 192000, Action: none, Notification: syslog MAC limit reached: no Security: disabled DHCPv4 snooping: profile not known on this node, disabled Packet switched: 10218382031, byte switched: 653976449984 Packet dropped (PLU/Queue): 0/0, byte dropped (PLU/Queue): 0/0

RP/0/RSP0/CPU0:ASR-9k_VPLS_05# sho l2vpn forwarding bridge-domain mac-address location 0/6/cpu0

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-204 OL-17103-01 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

Mac Address Type Learned from/Filtered on LC learned Age ------0000.0100.0d00 dynamic Gi0/6/0/19.500 0/6/CPU0 0d 0h 2m 16s 0000.0100.0d01 dynamic Gi0/6/0/19.500 0/6/CPU0 0d 0h 2m 16s 0000.0100.0d02 dynamic Gi0/6/0/19.500 0/6/CPU0 0d 0h 1m 43s 0000.0100.0d03 dynamic Gi0/6/0/19.500 0/6/CPU0 0d 0h 1m 43s … 0002.0002.0002 static Gi0/6/0/19.500 N/A N/A

Limitations

Use the show l2vpn capability system command to view the supported amounts for MAC addresses, bridhge domains, attachment circuits, and other features listed below. RP/0/RSP0/CPU0:RO-C# show l2vpn capability system

System capability: Max MAC addresses: 192000 Max bridge-domains: 32768 Max attachment circuits: 131072 Max pseudowires: 131072 RSI bit size: 14 Per-AC drop counters supported: Y VPLS Preferred path allowed: Y Max attachment circuits per bridge-domain: 8192 Max virtual forwarding interfaces: 32768 Max virtual forwarding interfaces per bridge-domain: 1 Max pseudowires per bridge-domain: 4096 Max pseudowires per virtual forwarding interface: 4096 VPWS PW redundancy supported: Y Access PW supported: Y Bundle AC supported: Y Security config supported: Y DHCP snooping supported: Y Static MAC filter supported: Y MAC configs on bridge port supported: Y Flooding config on bridge port supported: Y MAC Aging Default Timer Value: 300 VPWS Max attachment circuits: 131072 VPWS Max pseudowires: 131072 VPWS Preferred path fallback enable allowed: Y VPWS Preferred path fallback disable allowed: Y VPLS allowed: Y VPLS Default MAC limit: 4000

IOS-XR VPLS Configuration Commands

Configuring VFI under a Bridge Domain

Router(config)# l2vpn Router(config-l2vpn)# bridge group Router(config-l2vpn-bg)# bridge-domain Router(config-l2vpn-bg-bd)# [no] vfi

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-205 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

Associating Pseudowires with VFI

Router(config)# l2vpn Router(config-l2vpn)# bridge group customer_X Router(config-l2vpn-bg)# bridge-domain Router(config-l2vpn-bg-bd)# vfi Router(config-l2vpn-bg-bd-vfi)# [no] neighbor PW-id

Attaching Pseudowire Classes to Pseudowires

To configure the pseudowire class template name to use for the pseudowire, use the pw-class command in l2vpn bridge group bridge domain VFI pseudowire configuration mode. To delete the pseudowire class, use the no form of this command. Router (config)# l2vpn Router(config-l2vpn)# bridge group customer_X Router(config-l2vpn-bg)# bridge-domain Router(config-l2vpn-bg-bd)# vfi Router(config-l2vpn-bg-bd-vfi)# [no] neighbor PW-id Router(config-l2vpn-bg-bd-vfi-PW)# [no] PW-class

OR Router(config-l2vpn-bg-bd-vfi)# neighbor PW-id PW-class

Configuring Static AToM Pseudowires

Router(config)# l2vpn Router(config-l2vpn)# bridge group customer_X Router(config-l2vpn-bg)# bridge-domain Router(config-l2vpn-bg-bd)# vfi Router(config-l2vpn-bg-bd-vfi)# [no] neighbor PW-id Router(config-l2vpn-bg-bd-vfi-PW)# [no] mpls static label local < 16-15999> remote <16-15999>

Shutting Down a VFI

Router(config)# l2vpn Router(config-l2vpn)# bridge group Router(config-l2vpn-bg)# bridge-domain Router(config-l2vpn-bg-bd)# vfi Router(config-l2vpn-bg-bd-vfi)# [no] shutdown

Associating a Static MAC Address to the Bridge Domain

Router(config)# l2vpn Router(config-l2vpn)# bridge group customer_X Router(config-l2vpn-bg)# bridge-domain Router(config-l2vpn-bg-bd)# vfi foo Router(config-l2vpn-bg-bd-vfi)# [no] neighbor PW-id PW-class Router(config-l2vpn-bg-bd-vfi-neighbor)# [no] static-mac-address

Assigning Interfaces to the Bridge Domain

Router(config)# l2vpn Router(config-l2vpn)# bridge group customer_X

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-206 OL-17103-01 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

Router(config-l2vpn-bg)# bridge-domain Router(config-l2vpn-bg-bd)# interface GigabitEthernet 0/1/0/0 Router(config-l2vpn-bg-bd-ac)# [no] static-mac-address

Configuring Bridge Domain Parameters

Router(config)# l2vpn Router(config-l2vpn)# bridge group customer_X Router(config-l2vpn-bg)# bridge-domain Router(config-l2vpn-bg-bd)# [no] flooding disable Router(config-l2vpn-bg-bd)# [no] mac-learning disable Router(config-l2vpn-bg-bd)# mtu

Shutting Down a Bridge Domain

Router(config)# l2vpn Router(config-l2vpn)# bridge group Router(config-l2vpn-bg)# bridge-domain Router(config-l2vpn-bg-bd)# [no] shutdown

MAC Address Related Parameters

Router(config)# l2vpn Router(config-l2vpn)# bridge group Router(config-l2vpn-bg)# bridge-domain Router(config-l2vpn-bg-bd)# [no] mac address-table limit [maximum ] [action {limit {flood | no-flood} | shutdown} ][notification {syslog | trap | both}] Router(config-l2vpn-bg-bd)# [no] mac address-table aging-time

Cross Connect

hostname PE44_ASR-9010 ! interface GigabitEthernet0/1/0/3 description Connected to PE64_C3750-ME GE 1/0/2 mtu 9014 ! interface GigabitEthernet0/1/0/3.185 l2transport description P2P Local Connect E-Line encapsulation dot1q 100 second-dot1q 185 ! interface GigabitEthernet0/1/0/7 description Connected to PE66_C3750-ME GE 1/0/2 mtu 9014 ! interface GigabitEthernet0/1/0/7.185 l2transport description P2P Local Connect E-Line encapsulation dot1q 100 second-dot1q 185 ! l2vpn ! xconnect group 185 p2p 185 interface GigabitEthernet0/1/0/3.185 interface GigabitEthernet0/1/0/7.185

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-207 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

Configuring a Point to Point Local Connect E-Line

Setting up the 3400: hostname PE67_ME-C3400 ! system mtu 1998

MTU: MTU is short for Maximum Transmission Unit, the largest physical packet size, measured in bytes, that a network can transmit. Any messages larger than the MTU are divided into smaller packets before transmission.

system mtu jumbo 9000

Jumbo: Jumbo frames are frames that are bigger than the standard Ethernet frame size, which is 1518 bytes (including Layer 2 (L2) header and FCS). The definition of frame size is vendor-dependent, as these are not part of the IEEE standard. system mtu routing 1500

When you use the system mtu bytes or system mtu jumbo bytes command to change the system MTU or system jumbo MTU size, you must reset the switch before the new configuration takes effect. The system mtu routing command does not require a switch reset to take effect. ! spanning-tree mode rapid-pvst

Rapid-PVST uses the existing PVST+ framework for configuration and interaction with other features. It also supports some of the PVST+ extensions.

spanning-tree extend system-id

You can enable the extended system ID on chassis that support 1024 MAC addresses ! ! vlan internal allocation policy ascending ! vlan 185 ! interface GigabitEthernet0/1

description Connected to PE66_C3750-ME GE 1/0/1 port-type nni switchport trunk allowed vlan 185 switchport mode trunk ! interface Vlan185

description P2P Local Connect E-Line ip address 185.0.0.67 255.255.255.0 !

Setting up the 3750:

hostname PE66_C3750-ME !

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-208 OL-17103-01 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

system mtu 1998 system mtu jumbo 9000 system mtu routing 1998 ! vtp domain Metro_Eth

Naming the virtual trunking protocol domain Metro Ethernet vtp mode transparent

When you set the VTP mode to transparent, then the switches do not participate in VTP. A VTP transparent switch will not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received messages. ! spanning-tree mode pvst

Sets the spanning tree mode to per VLAN spanning tree spanning-tree extend system-id

Allows the system to use the total supply, or global resource, of MAC addresses for the switch (1024 MAC addresses). ! vlan internal allocation policy ascending

Configures the system to allocate internal VLANs from 1006 and up. ! vlan 100 ! interface GigabitEthernet1/0/1

description Connected to PE67_ME-C3400 GE 0/1 switchport access vlan 100

Configures the default VLAN, which is used if the interface stops trunking. switchport mode dot1q-tunnel

Configures the Layer 2 port as a tunnel port. switchport nonegotiate switchport port-security maximum 200 switchport port-security switchport port-security violation restrict storm-control broadcast level 10.00 l2protocol-tunnel cdp l2protocol-tunnel stp l2protocol-tunnel vtp no cdp enable spanning-tree bpdufilter enable spanning-tree guard root ! interface GigabitEthernet1/0/2 description Connected to PE44_ASR-9010 GE 0/1/0/7 switchport trunk encapsulation dot1q switchport trunk allowed vlan 100 switchport mode trunk switchport nonegotiate speed nonegotiate !

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-209 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

Setting up the second 3400:

hostname PE65_ME-C3400 ! system mtu 1998 system mtu jumbo 9000 system mtu routing 1500 ! spanning-tree mode rapid-pvst spanning-tree extend system-id ! ! vlan internal allocation policy ascending ! vlan 185 ! interface GigabitEthernet0/1 description Connected to PE64_C3750-ME GE 1/0/1 port-type nni switchport trunk allowed vlan 185 switchport mode trunk ! interface Vlan185 description P2P Local Connect E-Line ip address 185.0.0.65 255.255.255.0 !

Setting up the second 3750:

hostname PE64_C3750-ME ! system mtu 1998 system mtu jumbo 9000 system mtu routing 1500 ! vtp domain Metro_Eth vtp mode transparent ! spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! vlan 100 ! interface GigabitEthernet1/0/1 description Connected to PE65_ME-C3400 GE 0/1 switchport access vlan 100 switchport mode dot1q-tunnel switchport nonegotiate switchport port-security maximum 200 switchport port-security switchport port-security violation restrict storm-control broadcast level 10.00 l2protocol-tunnel cdp l2protocol-tunnel stp l2protocol-tunnel vtp

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-210 OL-17103-01 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

no cdp enable spanning-tree bpdufilter enable spanning-tree guard root ! interface GigabitEthernet1/0/2 description Connected to PE44_ASR-9010 GE 0/1/0/3 switchport trunk encapsulation dot1q switchport trunk allowed vlan 100 switchport mode trunk switchport nonegotiate speed nonegotiate !

Setting up the ASR 9000:

hostname PE44_ASR-9010 ! interface GigabitEthernet0/1/0/3

description Connected to PE64_C3750-ME GE 1/0/2 mtu 9014 ! interface GigabitEthernet0/1/0/3.185 l2transport

description P2P Local Connect E-Line encapsulation dot1q 100 second-dot1q 185 ! interface GigabitEthernet0/1/0/7

description Connected to PE66_C3750-ME GE 1/0/2 mtu 9014 ! interface GigabitEthernet0/1/0/7.185 l2transport

description P2P Local Connect E-Line encapsulation dot1q 100 second-dot1q 185 ! l2vpn ! xconnect group 185

To configure cross-connect groups, use the xconnect group command in L2VPN configuration mode. p2p 185

To enter p2p configuration submode to configure point-to-point cross-connects, use the p2p command in l2vpn xconnect mode interface GigabitEthernet0/1/0/3.185 interface GigabitEthernet0/1/0/7.185

To enter interface configuration mode for a Gigabit Ethernet interface, use the interface GigabitEthernet command in global configuration mode. description P2P_Local_Connect_E-Line ! ! !

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-211 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

Creates the interface between port 3 and port 7.

Configuring a Point to Point Ethernet Over MPLS E-Line

Setting up the 3400:

hostname PE67_ME-C3400 ! system mtu 1998 system mtu jumbo 9000 system mtu routing 1500 ! spanning-tree mode rapid-pvst spanning-tree extend system-id ! ! vlan internal allocation policy ascending ! vlan 187 ! interface GigabitEthernet0/1 description Connected to PE66_C3750-ME GE 1/0/1 port-type nni switchport trunk allowed vlan 187 switchport mode trunk ! interface Vlan187 description P2P EoMPLS E-Line ip address 187.0.0.67 255.255.255.0 !

Setting up the 3750:

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-212 OL-17103-01 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

switchport port-security maximum 200 switchport port-security switchport port-security violation restrict storm-control broadcast level 10.00 l2protocol-tunnel cdp l2protocol-tunnel stp l2protocol-tunnel vtp no cdp enable spanning-tree bpdufilter enable spanning-tree guard root ! interface GigabitEthernet1/0/2 description Connected to PE44_ASR-9010 GE 0/1/0/7 switchport trunk encapsulation dot1q switchport trunk allowed vlan 100 switchport mode trunk switchport nonegotiate speed nonegotiate !

Setting up the ASR 9000:

hostname PE44_ASR-9010 ! interface Loopback0 ipv4 address 10.144.144.144 255.255.255.255 ! interface GigabitEthernet0/1/0/7 description Connected to PE66_C3750-ME GE 1/0/2 mtu 9014 ! interface GigabitEthernet0/1/0/7.187 l2transport description P2P EoMPLS E-Line encapsulation dot1q 100 second-dot1q 187 mtu 9014 ! interface GigabitEthernet0/1/0/23 description Connected to P11_CRS-4 GE 0/2/3/0 mtu 9216 ipv4 address 10.114.4.44 255.255.255.0 ! router ospf 100 router-id 10.144.144.144 nsf cisco area 0 interface Loopback0 passive enable ! interface GigabitEthernet0/1/0/23 ! ! ! l2vpn ! xconnect group 187 p2p 187 interface GigabitEthernet0/1/0/7.187 neighbor 10.19.19.19 pw-id 187 ! description P2P_EoMPLS_E-Line !

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-213 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

! ! mpls ldp router-id 10.144.144.144 log neighbor graceful-restart ! interface GigabitEthernet0/1/0/23 ! !

Setting up the CRS-1:

hostname P11_CRS-4 ! interface Loopback0 ipv4 address 10.11.11.11 255.255.255.255 ! interface GigabitEthernet0/2/3/0 description Connected to PE44_ASR-9010 GE 0/1/0/23 mtu 9216 ipv4 address 10.114.4.11 255.255.255.0 ! interface GigabitEthernet0/2/3/6 description Connected to P19_C7609-S GE 8/0/12 mtu 9216 ipv4 address 10.119.4.11 255.255.255.0 ! router ospf 100 router-id 10.11.11.11 nsf cisco area 0 interface Loopback0 passive enable ! interface GigabitEthernet0/2/3/0 ! interface GigabitEthernet0/2/3/6 ! ! ! mpls ldp router-id 10.11.11.11 log neighbor graceful-restart ! interface GigabitEthernet0/2/3/0 ! interface GigabitEthernet0/2/3/6 ! !

Setting up the 7600:

hostname P19_C7609-S

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-214 OL-17103-01 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

! mpls label protocol ldp ! interface Loopback0 ip address 10.19.19.19 255.255.255.255 ! interface GigabitEthernet8/0/3 description Connected to PE60_C3750-ME GE 1/0/2 mtu 9000 no ip address mls qos trust dscp service instance 187 ethernet

description P2P EoMPLS E-Line encapsulation dot1q 100 second-dot1q 187 xconnect 10.144.144.144 187 encapsulation mpls ! ! interface GigabitEthernet8/0/12

description Connected to P11_CRS-4 GE 0/2/3/6 mtu 9202 ip address 10.119.4.19 255.255.255.0 speed nonegotiate mls qos trust dscp mpls label protocol ldp mpls ip ! router ospf 100 router-id 10.19.19.19 log-adjacency-changes passive-interface Loopback0 network 10.19.19.19 0.0.0.0 area 0 network 10.119.4.0 0.0.0.255 area 0 ! mpls ldp router-id Loopback0 !

Setting up the second 3750:

hostname PE60_C3750-ME ! system mtu 1998 system mtu jumbo 9000 system mtu routing 1500 ! vtp domain Metro_Eth vtp mode transparent ! spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! vlan 100 ! interface GigabitEthernet1/0/1 description Connected to PE61_ME-C3400 GE 0/1 switchport access vlan 100 switchport mode dot1q-tunnel

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-215 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

switchport nonegotiate switchport port-security maximum 200 switchport port-security switchport port-security violation restrict storm-control broadcast level 10.00 l2protocol-tunnel cdp l2protocol-tunnel stp l2protocol-tunnel vtp no cdp enable spanning-tree bpdufilter enable spanning-tree guard root ! interface GigabitEthernet1/0/2 description Connected to P19_C7609-S GE 8/0/3 switchport trunk encapsulation dot1q switchport trunk allowed vlan 100 switchport mode trunk switchport nonegotiate !

Setting up the second 3400:

hostname PE61_ME-C3400 ! system mtu 1998 system mtu jumbo 9000 system mtu routing 1500 ! spanning-tree mode rapid-pvst spanning-tree extend system-id ! ! ! vlan internal allocation policy ascending ! vlan 187 ! interface GigabitEthernet0/1 description Connected to PE60_C3750-ME GE 1/0/1 port-type nni switchport trunk allowed vlan 187 switchport mode trunk ! interface Vlan187 description P2P EoMPLS E-Line ip address 187.0.0.61 255.255.255.0 !

Configuring a Multi-Point Local Bridging E-LAN

Setting up the 3400:

hostname PE67_ME-C3400 ! system mtu 1998

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-216 OL-17103-01 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

system mtu jumbo 9000 system mtu routing 1500 ! spanning-tree mode rapid-pvst spanning-tree extend system-id ! ! vlan internal allocation policy ascending ! vlan 189 ! interface GigabitEthernet0/1 description Connected to PE66_C3750-ME GE 1/0/1 port-type nni switchport trunk allowed vlan 189 switchport mode trunk ! interface Vlan189 description Multipoint Local Bridging E-LAN ip address 189.0.0.67 255.255.255.0 !

Setting up the 3750:

hostname PE66_C3750-ME ! system mtu 1998 system mtu jumbo 9000 system mtu routing 1998 ! vtp domain Metro_Eth vtp mode transparent ! spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! vlan 100 ! interface GigabitEthernet1/0/1 description Connected to PE67_ME-C3400 GE 0/1 switchport access vlan 100 switchport mode dot1q-tunnel switchport nonegotiate switchport port-security maximum 200 switchport port-security switchport port-security violation restrict storm-control broadcast level 10.00 l2protocol-tunnel cdp l2protocol-tunnel stp l2protocol-tunnel vtp no cdp enable spanning-tree bpdufilter enable spanning-tree guard root ! interface GigabitEthernet1/0/2 description Connected to PE44_ASR-9010 GE 0/1/0/7 switchport trunk encapsulation dot1q switchport trunk allowed vlan 100 switchport mode trunk switchport nonegotiate speed nonegotiate

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-217 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

Setting up the second 3400:

hostname PE65_ME-C3400 ! system mtu 1998 system mtu jumbo 9000 system mtu routing 1500 ! spanning-tree mode rapid-pvst spanning-tree extend system-id ! ! vlan internal allocation policy ascending ! vlan 189 ! interface GigabitEthernet0/1 description Connected to PE64_C3750-ME GE 1/0/1 port-type nni switchport trunk allowed vlan 189 switchport mode trunk ! interface Vlan189 description Multipoint Local Bridging E-LAN ip address 189.0.0.65 255.255.255.0 !

Setting up the second 3750:

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-218 OL-17103-01 Ethernet Services Configuration Examples Configuration Examples for Ethernet Interfaces Cisco Confidential - Beta Draft R3.7 FCI

spanning-tree bpdufilter enable spanning-tree guard root ! interface GigabitEthernet1/0/2 description Connected to PE44_ASR-9010 GE 0/1/0/3 switchport trunk encapsulation dot1q switchport trunk allowed vlan 100 switchport mode trunk switchport nonegotiate speed nonegotiate !

Setting up the ASR 9000:

hostname PE44_ASR-9010 ! interface GigabitEthernet0/1/0/3 description Connected to PE64_C3750-ME GE 1/0/2 mtu 9014 ! interface GigabitEthernet0/1/0/3.189 l2transport description Multipoint Local Bridging E-LAN encapsulation dot1q 100 second-dot1q 189 ! interface GigabitEthernet0/1/0/7 description Connected to PE66_C3750-ME GE 1/0/2 mtu 9014 ! interface GigabitEthernet0/1/0/7.189 l2transport description Multipoint Local Bridging E-LAN encapsulation dot1q 100 second-dot1q 189 ! l2vpn ! bridge group 189 bridge-domain 189 mtu 9000 interface GigabitEthernet0/1/0/3.189 ! interface GigabitEthernet0/1/0/7.189 ! ! ! !

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-219 Ethernet Services Configuration Examples Where to Go Next Cisco Confidential - Beta Draft R3.7 FCI Configuring a LAN Port for Layer 2 Switching

To configure a LAN port for Layer 2 switching, perform this task:

Command Purpose Step 1 Router(config)# interface type1 slot/port Selects the LAN port to configure. Step 2 Router(config-if)# shutdown (Optional) Shuts down the interface to prevent traffic flow until configuration is complete. Step 3 Router(config-if)# switchport Configures the LAN port for Layer 2 switching. Note You must enter the switchport command once without any keywords to configure the LAN port as a Layer 2 port before you can enter additional switchport commands with keywords. Router(config-if)# no switchport Clears Layer 2 LAN port configuration. Step 4 Router(config-if)# no shutdown Activates the interface. (Required only if you shut down the interface.) Step 5 Router(config-if)# end Exits configuration mode. Step 6 Router# show running-config interface Displays the running configuration of the interface. [type1 slot/port] Step 7 Router# show interfaces [type1 slot/port] Displays the switch port configuration of the interface. switchport Step 8 Router# show interfaces [type1 slot/port] trunk Displays the trunk configuration of the interface.

1. type = gigabitethernet, or tengigabitethernet

Virtual Router Redundancy Protocol (VRRP)

The Virtual Router Redundancy Protocol (VRRP) feature can solve the static configuration problem. VRRP enables a group of routers to form a single virtual router. The LAN clients can then be configured with the virtual router as their default gateway. The virtual router, representing a group of routers, is also known as a VRRP group. VRRP is supported on Ethernet and Gigabit Ethernet interfaces, and on MPLS VPNs and VLANs.

Where to Go Next

When you have configured an Ethernet interface, you can configure individual VLAN subinterfaces on that Ethernet interface. For information about configuring VLAN subinterfaces, see the Configuring 802.1Q VLAN Interfaces on Cisco IOS XR Software module in the Cisco ASR 9000 Series Router Interface and Hardware Component Configuration Guide. For information about modifying Ethernet management interfaces for the shelf controller (SC), route switching processor (RSP), and distributed RSP, see the Advanced Configuration and Modification of the Management Ethernet Interface on the Cisco ASR 9000 Series Router module in the Cisco ASR 9000 Series Router Interface and Hardware Component Configuration Guide.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-220 OL-17103-01 Ethernet Services Configuration Examples Additional References Cisco Confidential - Beta Draft R3.7 FCI Additional References

The following sections provide references related to implementing Gigabit and 10-Gigabit Ethernet interfaces.

Related Documents

Standards

Standards Title No new or modified standards are supported by this — feature, and support for existing standards has not been modified by this feature.

MIBs

RFCs

RFCs Title No new or modified RFCs are supported by this — feature, and support for existing RFCs has not been modified by this feature.

Technical Assistance

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-221 Ethernet Services Configuration Examples Additional References Cisco Confidential - Beta Draft R3.7 FCI

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-222 OL-17103-01 Cisco Confidential - Beta Draft R3.7 FCI

Multicast Configuration

This chapter describes how to configure multicast connections on the Cisco ASR 9000 Series Aggregation Services Router using the command-line interface (CLI), and it describes basic Cisco IOS XR software multicast configuration examples.

Contents

• Implementing Multicast Routing - IGMP and PIM, page 223 • Configuration Examples for Implementing Multicast Routing - IGMP and PIM, page 250 • Implementing Multicast Routing - PIM-SM and PIM-SSM, page 255 • Configuration Examples for Implementing Multicast Routing - PIM-SM and PIM-SSM, page 282

Implementing Multicast Routing - IGMP and PIM

This section contains instructions for the following tasks. • Configuring PIM-SM and PIM-SSM, page 224 (required) • Configuring PIM-SSM for Use in a Legacy Multicast Deployment, page 227 (optional) • Configuring a Static RP and Allowing Backward Compatibility, page 230 (required) • Configuring Auto-RP to Automate Group-to-RP Mappings, page 232 (optional) • Configuring the Bootstrap Router, page 234 (optional) • Calculating Rates per Route, page 237 (optional) • Configuring Multicast Nonstop Forwarding, page 239 (optional) • Interconnecting PIM-SM Domains with MSDP, page 243 (optional) • Controlling Source Information on MSDP Peer Routers, page 246 (optional) • Configuring MSDP MD5 Password Authentication, page 248 (optional)

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-223 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI Configuring PIM-SM and PIM-SSM

PIM is an efficient IP routing protocol that is “independent” of a routing table, unlike other multicast protocols such as Multicast Open Shortest Path First (MOSPF) or Distance Vector Multicast Routing Protocol (DVMRP). Cisco IOS XR software supports Protocol Independent Multicast in sparse mode (PIM-SM) and Protocol Independent Multicast in Source-Specific Multicast (PIM-SSM), permitting both to operate on your router at the same time. This task configures PIM-SM and PIM-SSM.

PIM-SM Operations

PIM in sparse mode operation is used in a multicast network when relatively few routers are involved in each multicast and these routers do not forward multicast packets for a group, unless there is an explicit request for the traffic. For more information about PIM-SM, see the Cisco ASR 9000 Series Aggregation Services Router Multicast Configuration Guide.

PIM-SSM Operations

PIM in Source Specific Multicast operation uses information found on source addresses for a multicast group provided by receivers and performs source filtering on traffic. • By default, PIM-SSM operates in the 232.0.0.0/8 multicast group range for IPv4. To configure these values, use the ssm range command. • If SSM is deployed in a network already configured for PIM-SM, only the last-hop routers must be upgraded with Cisco IOS XR software that supports the SSM feature. • No MSDP SA messages within the SSM range are accepted, generated, or forwarded. For more information about PIM-SSM, see the Cisco ASR 9000 Series Aggregation Services Router Multicast Configuration Guide.

Restrictions for PIM-SM and SSM

Interoperability with SSM PIM-SM operations within the SSM range of addresses change to PIM-SSM. In this mode, only PIM (S,G) join and prune messages are generated by the router, and no (S,G) RP shared tree or (*,G) shared tree messages are generated.

IGMP Version To report multicast memberships to neighboring multicast routers, routers use IGMP and all routers on the subnet must be configured with the same version of IGMP. A router running Cisco IOS XR software does not automatically detect Version 1 systems. You must use the version command in router IGMP configuration submode to configure the IGMP version.

SUMMARY STEPS

1. configure

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-224 OL-17103-01 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

2. multicast-routing [address-family ipv4] 3. interface all enable 4. exit 5. router igmp 6. version {1 | 2 | 3} 7. end or commit 8. show pim [ipv4] group-map [ip-address-name] [info-source] 9. show pim [vrf vrf-name] [ipv4] topology [source-ip-address [group-ip-address] | entry-flag flag | interface-flag | summary] [route-count]

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router# configure Step 2 multicast-routing [address-family ipv4] Enters multicast routing configuration mode. • The following multicast processes are started: MRIB, Example: MFWD, PIM, IGMP. RP/0/RSP0/CPU0:router(config)# multicast-routing • IGMP version 3 is enabled by default.. • Step 3 interface all enable Enables multicast routing and forwarding on all new and existing interfaces. Example: RP/0/RSP0/CPU0:router(config-mcast-ipv4)# interface all enable Step 4 exit Exits multicast routing configuration mode, and returns the router to the parent configuration mode. Example: RP/0/RSP0/CPU0:router(config-mcast-ipv4)# exit Step 5 router igmp (Optional) Enters router IGMP configuration mode.

Example: RP/0/RSP0/CPU0:router(config)# router igmp

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-225 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 6 version {1 | 2 | 3} (Optional) Selects the IGMP version that the router interface uses. Example: • The default is IGMP version 3. RP/0/RSP0/CPU0:router(config-igmp)# version 3 • Host receivers must support IGMPv3 for PIM-SSM operation. • If this command is configured in router IGMP configuration mode, parameters are inherited by all new and existing interfaces. You can override these parameters on individual interfaces from interface configuration mode. Step 7 end Saves configuration changes. or commit • When you issue the end command, the system prompts you to commit changes: Uncommitted changes found, commit them before Example: exiting(yes/no/cancel)? RP/0/RSP0/CPU0:router(config-igmp)# end [cancel]: or RP/0/RSP0/CPU0:router(config-igmp)# commit – Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode. – Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. – Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Step 8 show pim [ipv4] group-map [ip-address-name] (Optional) Displays group-to-PIM mode mapping. [info-source]

Example: RP/0/RSP0/CPU0:router# show pim topology

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-226 OL-17103-01 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI Configuring PIM-SSM for Use in a Legacy Multicast Deployment

Deploying PIM-SSM in legacy multicast-enabled networks can be problematic, because it requires changes to the multicast group management protocols used on the various devices attached to the network. Host, routers, and switches must all be upgraded in such cases. To support legacy hosts and switches in a PIM-SSM deployment, Cisco ASR 9000 Series Router offer a configurable mapping feature. Legacy group membership reports for groups in the SSM group range are mapped to a set of sources providing service for that set of (S,G) channels. IGMP supports this mapping functionality. This configuration consists of two tasks: • Configuring a Set of Access Lists for Static SSM Mapping, page 259 • Configuring a Set of Sources for SSM Mapping, page 261

Restrictions for PIM-SSM Mapping

PIM-SSM mapping does not modify the SSM group range. Instead, the legacy devices must report group membership for desired groups in the SSM group range. The router then maps to the sets of sources for those groups.

Configuring a Set of Access Lists for Static SSM Mapping

This tasks configures a set of access lists (ACLs) where each ACL describes a set of SSM groups to be mapped to one or more sources.

SUMMARY STEPS

1. configure 2. ipv4 access-list acl-name 3. [sequence-number] permit source [source-wildcard] 4. Repeat 3. to add more entries to the ACL. 5. Repeat Steps 2. through 4. until you have entered all of the ACLs you want to be part of the set. 6. end or commit

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-227 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/0/CPU0:router# configure Step 2 ipv4 access-list acl-name Enters IPv4 ACL configuration submode and creates a name for an IPv4 access list. Example: RP/0/0/CPU0:router(config)# ipv4 access-list mc3 Step 3 [sequence-number] permit source Sets conditions for the access list to recognize the source as [source-wildcard] part of the specified access list set, in which each ACL describes a set of SSM groups to be mapped. Example: RP/0/0/CPU0:router(config-ipv4-acl)# permit 1 host 232.1.1.2 any Step 4 Repeat Step 3 to add more entries to the ACL. — Step 5 Repeat Step 2 through Step 4 until you have entered all — the ACLs you want to be part of the set. Step 6 end Saves configuration changes. or commit • When you issue the end command, the system prompts you to commit changes: Uncommitted changes found, commit them before Example: exiting(yes/no/cancel)? RP/0/0/CPU0:router(config-ipv4-acl)# end [cancel]: or RP/0/0/CPU0:router(config-ipv4-acl)# commit – Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode. – Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. – Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-228 OL-17103-01 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

Configuring a Set of Sources for SSM Mapping

This task consists of configuring a set of sources mapped by SSM groups, as described by access lists (ACLs).

SUMMARY STEPS

1. configure 2. router igmp [vrf vrf-name] 3. ssm map static source-address access-list 4. Repeat Step 3. as many times as you have source addresses that you want to include in your set. 5. end or commit 6. show igmp [vrf vrf-name] ssm map [group-address ][detail]

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/0/CPU0:router# configure Step 2 router igmp [vrf vrf-name] Enters router IGMP configuration mode.

Example: RP/0/0/CPU0:router(config)# router igmp vrf vpn20 Step 3 ssm map static source-address access-list Configures a source as part of a set of sources that map SSM groups described by the specified access list. Example: RP/0/0/CPU0:router(config-igmp)# ssm map static 232.1.1.1 mc2 Step 4 Repeat Step 3 as many times as you have source — addresses to include in the set for SSM mapping.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-229 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 5 end Saves configuration changes. or commit • When you issue the end command, the system prompts you to commit changes: Uncommitted changes found, commit them before Example: exiting(yes/no/cancel)? RP/0/0/CPU0:router(config-ipv4-acl)# end [cancel]: or RP/0/0/CPU0:router(config-ipv4-acl)# commit – Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode. – Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. – Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Step 6 show igmp [vrf vrf-name] ssm map (Optional) Queries the mapping state. [group-address][detail] • When you provide one address for mapping, you receive the state for that address alone. Example: RP/0/0/CPU0:router# show igmp vrf vrf20 ssm map • When you provide no address for mapping, you receive 232.1.1.1 the state for all sources.

232.1.1.1 is static with 1 source

or RP/0/0/CPU0:router# show igmp vrf vrf20 ssm map 232.1.1.0 is static with 3 sources 232.1.1.1 is static with 1 source

Configuring a Static RP and Allowing Backward Compatibility

When PIM is configured in sparse mode, you must choose one or more routers to operate as a rendezvous point (RP) for a multicast group. An RP is a single common root placed at a chosen point of a shared distribution tree. An RP can either must be configured statically in each router, or learned through Auto-RP or BSR. This task configures a static RP. For more information about RPs, see the Cisco ASR 9000 Series Aggregation Services Router Multicast Configuration Guide. For configuration information for Auto-RP, see the “Configuring Auto-RP to Automate Group-to-RP Mappings” section on page 264.

SUMMARY STEPS

1. configure 2. router pim [address-family ipv4]

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-230 OL-17103-01 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

3. rp-address ip-address [group-access-list] [bidir] [override] 4. old-register-checksum 5. exit 6. ipv4 access-list name 7. [sequence-number] permit source [source-wildcard] 8. end or commit 9. show version

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router# configure Step 2 router pim [address-family ipv4 ] Enters PIM configuration mode, or PM address-family configuration submode. Example: RP/0/RSP0/CPU0:router(config)# router pim Step 3 rp-address ip-address [group-access-list] Assigns an RP to multicast groups. [bidir] [override] • If you specify a group-access-list-number value, you must configure that access list using the ipv4 Example: access-list command. RP/0/RSP0/CPU0:router(config-pim-default-ipv4)# rp-address 172.16.6.22 rp-access Step 4 old-register-checksum (Optional) Allows backward compatibility on the RP that uses old register checksum methodology. Example: RP/0/RSP0/CPU0:router(config-pim-ipv4)# old-register-checksum Step 5 exit Exits PIM configuration mode, and returns the router to the parent configuration mode. Example: RP/0/RSP0/CPU0:router(config-pim-ipv4)# exit Step 6 ipv4 access-list name (Optional) Enters access list configuration mode and configures the RP access list. Example: • The access list called “rp-access” permits multicast RP/0/RSP0/CPU0:router(config)# ipv4 access-list group 239.1.1.0 0.0.255.255. rp-access

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-231 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 7 [sequence-number] permit source (Optional) Permits multicast group 239.1.1.1 0.0.255.255 [source-wildcard] for the “rp-access” list. Tip The commands in Step 6 and Step 7 can be Example: combined in one command string and entered from RP/0/RSP0/CPU0:router(config-ipv4-acl)# permit global configuration mode like this: ipv4 access-list 239.1.1.1 0.0.255.255 rp-access permit 239.1.1.1 0.0.255.255. Step 8 end Saves configuration changes. or commit • When you issue the end command, the system prompts you to commit changes: Uncommitted changes found, commit them before Example: exiting(yes/no/cancel)? RP/0/RSP0/CPU0:router(config-ipv4-acl)# end [cancel]: or RP/0/RSP0/CPU0:router(config-ipv4-acl)# commit – Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode. – Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. – Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Step 9 show version Displays the software release version.

Example: RP/0/RSP0/CPU0:router# show version

Configuring Auto-RP to Automate Group-to-RP Mappings

This task configures the Auto-RP mechanism to automate the distribution of group-to-RP mappings in your network. In a network running Auto-RP, at least one router must operate as an RP candidate and another router must operate as an RP mapping agent. For more information about Auto-RP, see the Cisco ASR 9000 Series Aggregation Services Router Multicast Configuration Guide.

SUMMARY STEPS

1. configure 2. router pim [address-family ipv4] 3. auto-rp candidate-rp type instance scope ttl-value [group-list access-list-name] [interval seconds] [bidir] 4. auto-rp mapping-agent type number scope ttl-value [interval seconds]

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-232 OL-17103-01 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

5. exit 6. ipv4 access-list name 7. [sequence-number] permit source [source-wildcard] 8. end or commit

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router# configure Step 2 router pim [address-family ipv4] Enters PIM configuration mode, or PIM address-family configuration submode. Example: RP/0/RSP0/CPU0:router(config)# router pim Step 3 auto-rp candidate-rp type instance scope Configures an RP candidate that sends messages to the ttl-value [group-list access-list-name] CISCO-RP-ANNOUNCE multicast group (224.0.1.39). [interval seconds] [bidir] • This example sends RP announcements out all PIM-enabled interfaces for a maximum of 31 hops. The Example: IP address by which the router wants to be identified as RP/0/RSP0/CPU0:router(config-pim-ipv4)# auto-rp an RP is the IP address associated with GigabitEthernet candidate-rp GigabitEthernet0/1/0/1 scope 31 group-list 2 interface 0/1/0/1. • Access list 2 designates the groups this router serves as RP. • If you specify group-list, you must configure the optional access-list command. Step 4 auto-rp mapping-agent type number scope Configures the router to be an RP mapping agent on a ttl-value [interval seconds] specified interface. • After the router is configured as an RP mapping agent Example: and determines the RP-to-group mappings through the RP/0/RSP0/CPU0:router(config-pim-ipv4)# auto-rp CISCO-RP-ANNOUNCE (224.0.1.39) group, the mapping-agent GigabitEthernet0/1/0/1 scope 20 router sends the mappings in an Auto-RP discovery message to the well-known group CISCO-RP-DISCOVERY (224.0.1.40). • A PIM DR listens to this well-known group to determine which RP to use. • This example limits Auto-RP discovery messages to 20 hops. Step 5 exit Exits PIM configuration mode and returns the router to the parent configuration mode. Example: RP/0/RSP0/CPU0:router(config-pim-ipv4)# exit

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-233 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 6 ipv4 access-list name (Optional) Defines the RP access list.

Example: RP/0/RSP0/CPU0:router(config)# ipv4 access-list 2 Step 7 [sequence-number] permit source (Optional) Permits multicast group 239.1.1.1 for the RP [source-wildcard] access list. Tip The commands in Step 6 and Step 7 can be Example: combined in one command string and entered from RP/0/RSP0/CPU0:router(config-ipv4-acl)# permit global configuration mode like this: ipv4 access-list 239.1.1.1 0.0.0.0 rp-access permit 239.1.1.1 0.0.0.0 Step 8 end Saves configuration changes. or commit • When you issue the end command, the system prompts you to commit changes: Uncommitted changes found, commit them before Example: exiting (yes/no/cancel)? RP/0/RSP0/CPU0:router(config-ipv4-acl)# end [cancel]: or RP/0/RSP0/CPU0:router(config-ipv4-acl)# commit – Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode. – Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. – Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

Configuring the Bootstrap Router

This task configures one or more candidate bootstrap routers (BSRs) and a BSR mapping agent. This task also connects and locates the candidate BSRs in the backbone portion of the network. For more information about BSR see the Cisco ASR 9000 Series Aggregation Services Router Multicast Configuration Guide.

SUMMARY STEPS

1. configure 2. router pim [address-family ipv4] 3. bsr candidate-bsr ip-address [hash-mask-len length] [priority value] 4. bsr candidate-rp ip-address [group-list access-list] [interval seconds] [priority value] 5. interface type number

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-234 OL-17103-01 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

6. bsr border 7. exit 8. exit 9. ipv4 access-list name 10. [sequence-number] permit source [source-wildcard] or [sequence-number] permit source-prefix dest-prefix 11. end or commit 12. clear pim [vrf vrf-name] [ipv4] bsr 13. show pim [vrf vrf-name] [ipv4] bsr candidate-rp 14. show pim [vrf vrf-name] [ipv4] bsr election 15. show pim [vrf vrf-name] [ipv4] bsr rp-cache 16. show pim [vrf vrf-name] [ipv4] group-map [ip-address-name] [info-source]

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router# configure Step 2 router pim [address-family ipv4] Enters PIM configuration mode, or address-family configuration submode. Example: RP/0/RSP0/CPU0:router(config)# router pim Step 3 bsr candidate-bsr ip-address [hash-mask-len Configures the router to announce its candidacy as a BSR. length] [priority value]

Example: RP/0/RSP0/CPU0:router(config-pim-default-ipv4)# bsr candidate-bsr 10.0.0.1 hash-mask-len 30 Step 4 bsr candidate-rp ip-address [group-list Configures the router to advertise itself as a PIM Version 2 access-list] [interval seconds] [priority candidate RP to the BSR. value] • See Step 9 for group list 4 configuration.

Example: RP/0/RSP0/CPU0:router(config-pim-default-ipv4)# bsr candidate-rp 172.16.0.0 group-list 4

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-235 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 5 interface type number (Optional) Enters interface configuration mode for the PIM protocol. Example: RP/0/RSP0/CPU0:router(config-pim-default-ipv4)# interface GigabitEthernet0/1/0/0 Step 6 bsr-border (Optional) Stops the forwarding of bootstrap router (BSR) messages on a Protocol Independent Multicast (PIM) router interface. Example: RP/0/RSP0/CPU0:router(config-pim-ipv4-if)# bsr-border Step 7 exit (Optional) Exits PIM interface configuration mode, and returns the router to PIM configuration mode. Example: RP/0/RSP0/CPU0:router(config-pim-ipv4-if)# exit Step 8 exit Exits PIM configuration mode, and returns the router to global configuration mode. Example: RP/0/RSP0/CPU0:router(config-pim-default-ipv4)# exit Step 9 {ipv4 | ipv6} access-list name (Optional) Defines the candidate group list to the BSR. • Access list number 4 specifies the group prefix Example: associated with the candidate RP address 172.16.0.0. RP/0/RSP0/CPU0:router(config)# ipv4 access-list (See Step 4). 4 • This RP is responsible for the groups with the prefix 239. Step 10 [sequence-number] permit source (Optional) Permits multicast group 239.1.1.1 for the [source-wildcard] candidate group list. or Tip The commands in Step 6 and Step 7 can be [sequence-number] permit source-prefix dest-prefix combined in one command string and entered from global configuration mode like this: ipv4 access-list rp-access permit 239.1.1.1 0.255.255.255 Example: RP/0/RSP0/CPU0:router(config-ipv4-acl)# permit 239.1.1.1 0.255.255.255

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-236 OL-17103-01 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 11 end Saves configuration changes. or • When you issue the end command, the system prompts commit you to commit changes: Uncommitted changes found, commit them before Example: exiting(yes/no/cancel)? RP/0/RSP0/CPU0:router(config-ipv4-acl)# end [cancel]: or – Entering yes saves configuration changes to the RP/0/RSP0/CPU0:router(config-ipv4-acl)# commit running configuration file, exits the configuration session, and returns the router to EXEC mode. – Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. – Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Step 12 clear pim [vrf vrf-name] [ipv4] bsr (Optional) Clears BSR entries from the PIM RP group mapping cache. Example: RP/0/RSP0/CPU0:router# clear pim bsr Step 13 show pim [vrf vrf-name] [ipv4] bsr candidate-rp (Optional) Displays PIM candidate RP information for the BSR. Example: RP/0/RSP0/CPU0:router# show pim bsr candidate-rp Step 14 show pim [vrf vrf-name] [ipv4] bsr election (Optional) Displays PIM candidate election information for the BSR. Example: RP/0/RSP0/CPU0:router# show pim bsr election Step 15 show pim [vrf vrf-name] [ipv4] bsr rp-cache (Optional) Displays PIM RP cache information for the BSR.

Example: RP/0/RSP0/CPU0:router# show pim bsr rp-cache Step 16 show pim [vrf vrf-name][ipv4] group-map (Optional) Displays group-to-PIM mode mapping. [ip-address-name] [info-source]

Example: RP/0/RSP0/CPU0:router# show pim ipv4 group-map

Calculating Rates per Route

This procedure enables multicast hardware forward-rate counters on a per-VRF-family basis.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-237 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

SUMMARY STEPS

1. configure 2. multicast-routing [vrf vrf-name] [address-family ipv4 ] 3. rate-per-route 4. interface {type interface-id | all} enable 5. accounting per-prefix 6. end or commit 7. show mfib [vrf vrf-name] [ipv4] route [rate | statistics] [* | source-address] [group-address [/prefix-length] [detail | old-output] | summary] [location node-id]

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router# configure Step 2 multicast-routing [vrf vrf-name] Enters multicast routing configuration mode. [address-family ipv4 ] • The following multicast processes are started: MRIB, MFWD, PIM, IGMP. Example: RP/0/RSP0/CPU0:router(config)# • For IPv4, IGMP version 3 is enabled by default. multicast-routing address-family ipv4 Step 3 rate-per-route Enables a per (S,G) rate calculation for a particular route.

Example: RP/0/RSP0/CPU0:router(config-mcast-default-ipv4 )# rate-per-route Step 4 interface {type interface-id | all} enable Enables multicast routing on all interfaces.

Example: RP/0/RSP0/CPU0:router(config-mcast-default-ipv4 )# interface all enable or RP/0/RSP0/CPU0:router(config-mcast-default-ipv4 )# interface FastEthernet0/3/3/1 enable Step 5 accounting per-prefix Enables per-prefix counters in hardware. Cisco IOS XR software counters are always present. When enabled, every existing and new (S, G) route is assigned forward, punt, and Example: RP/0/RSP0/CPU0:router(config-mcast-default-ipv4 drop counters on the ingress route and forward and punt )# accounting per-prefix counters on the egress route. The (*, G) routes are assigned a single counter.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-238 OL-17103-01 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 6 end Saves configuration changes. or • When you issue the end command, the system prompts commit you to commit changes: Uncommitted changes found, commit them before Example: exiting(yes/no/cancel)? RP/0/RSP0/CPU0:router(config-mcast-default-ipv4 [cancel]: )# end or – Entering yes saves configuration changes to the running configuration file, exits the configuration RP/0/RSP0/CPU0:router(config-mcast-default-ipv4 )# commit session, and returns the router to EXEC mode. – Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. – Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Step 7 show mfib [vrf vrf-name] [ipv4] route [rate | Displays route entries in the Multicast Forwarding statistics] [* | source-address] [group-address Information Base (MFIB) table. [/prefix-length] [detail | old-output] | summary] [location node-id] • When the rate keyword is used with the source- and group-address, the command displays the cumulative rates per route for all line cards in the Multicast Example: Forwarding Information Base (MFIB) table. RP/0/RSP0/CPU0:router# show mfib vrf 12 route statistics location 0/1/cpU0 • When the statistics keyword is used, the command displays the rate per route for one line card in the Multicast Forwarding Information Base (MFIB) table.

Configuring Multicast Nonstop Forwarding

This task configures the nonstop forwarding (NSF) feature for multicast packet forwarding for the purpose of alleviating network failures, or software upgrades and downgrades. Although we strongly recommend that you use the NSF lifetime default values, the optional Step 4 through Step 9 allow you to modify the NSF timeout values for Protocol Independent Multicast (PIM) and Internet Group Management Protocol (IGMP). Use these commands when PIM and IGMP are configured with nondefault interval or query intervals for join and prune operations. Generally, configure the IGMP NSF and PIM NSF lifetime values to equal or exceed the query or join query interval. For example, if you set the IGMP query interval to 120 seconds, set the IGMP NSF lifetime to 120 seconds (or greater). If the Cisco IOS XR software control plane does not converge and reconnect after NSF is enabled on your router, multicast packet forwarding continues for up to 15 minutes, then packet forwarding stops.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-239 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

Prerequisites for Multicast Nonstop Forwarding

For NSF to operate in your multicast network, you must also enable NSF for the unicast protocols (such as IS-IS, OSPF, and BGP) that PIM relies on for Reverse Path Forwarding (RPF) information. See the appropriate configuration modules to learn how to configure NSF for unicast protocols.

SUMMARY STEPS

1. configure 2. multicast-routing [address-family ipv4] 3. nsf [lifetime seconds] 4. exit 5. router pim [address-family ipv4] 6. nsf lifetime seconds 7. exit 8. router igmp 9. nsf lifetime seconds 10. end or commit 11. show igmp [old-output] nsf 12. show mfib [ipv4] nsf [location node-id] 13. show mrib [ipv4] [old-output] nsf 14. show pim [ipv4] nsf

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router(config-mcast)# nsf

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-240 OL-17103-01 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 4 exit (Optional) Exits multicast routing configuration mode, and returns the router to the parent configuration mode. Example: RP/0/RSP0/CPU0:router(config-mcast)# exit Step 5 router pim [address-family ipv4] (Optional) Enters PIM address-family configuration submode. Example: RP/0/RSP0/CPU0:router(config)# router pim address-family ipv4 Step 6 nsf lifetime seconds (Optional) Configures the NSF timeout value for multicast forwarding route entries under the PIM process. Example: Note If you configure the PIM hello interval to a RP/0/RSP0/CPU0:router(config-pim-default-ipv4)# nondefault value, configure the PIM NSF lifetime to nsf lifetime 30 a value less than the hello hold time. Typically the value of the hold-time field is 3.5 times the interval time value, or 120 seconds if the PIM hello interval time is 30 seconds. Step 7 exit (Optional) Exits PIM configuration mode and returns the router to the parent configuration mode. Example: RRP/0/RSP0/CPU0:router(config-pim-default-ipv4) # exit Step 8 router igmp (Optional) Enters router IGMP configuration mode.

Example: RP/0/RSP0/CPU0:router(config)# router igmp Step 9 nsf lifetime seconds (Optional) Configures the NSF timeout value for multicast forwarding route entries under the IGMP process. Example: RP/0/RSP0/CPU0:router(config-igmp)# nsf lifetime 30

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-241 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 10 end Saves configuration changes. or • When you issue the end command, the system prompts commit you to commit changes: Uncommitted changes found, commit them before Example: exiting(yes/no/cancel)? RP/0/RSP0/CPU0:router(config-igmp)# end [cancel]: or – Entering yes saves configuration changes to the RP/0/RSP0/CPU0:router(config-igmp)# commit running configuration file, exits the configuration session, and returns the router to EXEC mode. – Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. – Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Step 11 show igmp [old-output] nsf (Optional) Displays the state of NSF operation in IGMP.

Example: RP/0/RSP0/CPU0:router# show igmp nsf Step 12 show mfib [ipv4] nsf [location node-id] (Optional) Displays the state of NSF operation for the MFIB line cards. Example: RP/0/RSP0/CPU0:router# show mfib nsf Step 13 show mrib [ipv4] [old-output] nsf (Optional) Displays the state of NSF operation in the MRIB.

Example: RP/0/RSP0/CPU0:router# show mrib nsf Step 14 show pim [ipv4] nsf (Optional) Displays the state of NSF operation for PIM.

Example: RP/0/RSP0/CPU0:router# show pim nsf

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-242 OL-17103-01 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI Interconnecting PIM-SM Domains with MSDP

To set up an MSDP peering relationship with MSDP-enabled routers in another domain, you configure an MSDP peer to the local router. If you do not want to have or cannot have a BGP peer in your domain, you could define a default MSDP peer from which to accept all Source-Active (SA) messages. Finally, you can change the Originator ID when you configure a logical RP on multiple routers in an MSDP mesh group.

Prerequisites for Interconnecting PIM-SM Domains with MSDP

You must configure MSDP default peering, if the addresses of all MSDP peers are not known in BGP or multiprotocol BGP.

SUMMARY STEPS

1. configure 2. interface type number 3. ipv4 address address mask 4. end 5. router msdp 6. default-peer ip-address [prefix-list list] 7. originator-id type interface-id 8. peer peer-address 9. connect-source type interface-id 10. mesh-group name 11. remote-as as-number 12. end or commit 13. show msdp [ipv4] globals 14. show msdp [ipv4] peer [peer-address] 15. show msdp [ipv4] rpf rpf-address

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-243 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router# configure Step 2 interface type number (Optional) Enters interface configuration mode to define the IPv4 address for the interface. Example: Note This step is required if you specify an interface type RP/0/RSP0/CPU0:router(config)# interface and number whose primary address becomes the loopback 0 source IP address for the TCP connection. Step 3 ipv4 address address mask (Optional) Defines the IPv4 address for the interface. Note This step is required only if you specify an interface Example: type and number whose primary address becomes RP/0/RSP0/CPU0:router(config-if)# ipv4 address the source IP address for the TCP connection. See 10.0.1.3 255.255.255.0 optional Step 9 for information about configuring the connect-source command. Step 4 exit Exits interface configuration mode, and returns the router to global configuration mode. Example: RP/0/RSP0/CPU0:router(config-if)# end Step 5 router msdp Enters MSDP protocol configuration mode.

Example: RP/0/RSP0/CPU0:router(config)# router msdp Step 6 default-peer ip-address [prefix-list list] (Optional) Defines a default peer from which to accept all MSDP SA messages. Example: RP/0/RSP0/CPU0:router(config-msdp)# default-peer 172.23.16.0 Step 7 originator-id type interface-id (Optional) Allows an MSDP speaker that originates a (Source-Active) SA message to use the IP address of the interface as the RP address in the SA message. Example: RP/0/RSP0/CPU0:router(config-msdp)# originator-id GigabitEthernet0/1/1/0 Step 8 peer peer-address Enters MSDP peer configuration mode and configures an MSDP peer. Example: • Configure the router as a BGP neighbor. RP/0/RSP0/CPU0:router(config-msdp)# peer 172.31.1.2 • If you are also BGP peering with this MSDP peer, use the same IP address for MSDP and BGP. You are not required to run BGP or multiprotocol BGP with the MSDP peer, as long as there is a BGP or multiprotocol BGP path between the MSDP peers.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-244 OL-17103-01 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 9 connect-source type interface-id (Optional) Configures a source address used for an MSDP connection. Example: RP/0/RSP0/CPU0:router(config-msdp-peer)# connect-source loopback 0 Step 10 mesh-group name (Optional) Configures an MSDP peer to be a member of a mesh group. Example: RP/0/RSP0/CPU0:router(config-msdp-peer)# mesh-group internal Step 11 remote-as as-number (Optional) Configures the remote autonomous system number of this peer. Example: RP/0/RSP0/CPU0:router(config-msdp-peer)# remote-as 250 Step 12 end Saves configuration changes. or • When you issue the end command, the system prompts commit you to commit changes: Uncommitted changes found, commit them before Example: exiting(yes/no/cancel)? RP/0/RSP0/CPU0:router(config-msdp-peer)# end [cancel]: or – Entering yes saves configuration changes to the RP/0/RSP0/CPU0:router(config-msdp-peer)# commit running configuration file, exits the configuration session, and returns the router to EXEC mode. – Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. – Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Step 13 show msdp [ipv4] globals Displays the MSDP global variables.

Example: RP/0/RSP0/CPU0:router# show msdp globals

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-245 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 14 show msdp [ipv4] peer [peer-address] Displays information about the MSDP peer.

Example: RP/0/RSP0/CPU0:router# show msdp peer 172.31.1.2 Step 15 show msdp [ipv4] rpf rpf-address Displays the RPF lookup.

Example: RP/0/RSP0/CPU0:router# show msdp rpf 172.16.10.13

Controlling Source Information on MSDP Peer Routers

Your MSDP peer router can be customized to control source information that is originated, forwarded, received, cached, and encapsulated. When originating Source-Active (SA) messages, you can control to whom you will originate source information, based on the source that is requesting information. When forwarding SA messages you can do the following: • Filter all source/group pairs • Specify an extended access list to pass only certain source/group pairs • Filter based on match criteria in a route map When receiving SA messages you can do the following: • Filter all incoming SA messages from an MSDP peer • Specify an extended access list to pass certain source/group pairs • Filter based on match criteria in a route map In addition, you can use time to live (TTL) to control what data is encapsulated in the first SA message for every source. For example, you could limit internal traffic to a TTL of eight hops. If you want other groups to go to external locations, you send those packets with a TTL greater than eight hops. By default, MSDP automatically sends SA messages to peers when a new member joins a group and wants to receive multicast traffic. You are no longer required to configure an SA request to a specified MSDP peer.

SUMMARY STEPS

1. configure 2. router msdp 3. sa-filter {in | out} {ip-address | peer-name} [list access-list-name] [rp-list access-list-name] 4. cache-sa-state [list access-list-name] [rp-list access-list-name] 5. ttl-threshold ttl-value 6. exit 7. ipv4 access-list name [sequence-number] permit source [source-wildcard]

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-246 OL-17103-01 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

8. end or commit

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router# configure Step 2 router msdp Enters MSDP protocol configuration mode.

Example: RP/0/RSP0/CPU0:router(config)# router msdp Step 3 sa-filter {in | out} {ip-address | peer-name} Configures an incoming or outgoing filter list for messages [list access-list-name] [rp-list received from the specified MSDP peer. access-list-name] • If you specify both the list and rp-list keywords, all conditions must be true to pass any source, group (S, G) Example: pairs in outgoing Source-Active (SA) messages. RP/0/RSP0/CPU0:router(config-msdp)# sa-filter out router.cisco.com list 100 • You must configure the ipv4 access-list command in Step 7. • If all match criteria are true, a permit from the route map passes routes through the filter. A deny filters routes. • This example allows only (S, G) pairs that pass access list 100 to be forwarded in an SA message to the peer named router.cisco.com. Step 4 cache-sa-state [list access-list-name] [rp-list Creates and caches source/group pairs from received access-list-name] Source-Active (SA) messages and controls pairs through access lists. Example: RP/0/RSP0/CPU0:router(config-msdp)# cache-sa-state 100 Step 5 ttl-threshold ttl-value (Optional) Limits which multicast data is sent in SA messages to an MSDP peer. Example: • Only multicast packets with an IP header TTL greater RP/0/RSP0/CPU0:router(config-msdp)# than or equal to the ttl-value argument are sent to the ttl-threshold 8 MSDP peer specified by the IP address or name. • Use this command if you want to use TTL to examine your multicast data traffic. For example, you could limit internal traffic to a TTL of 8. If you want other groups to go to external locations, send those packets with a TTL greater than 8. • This example configures a TTL threshold of eight hops.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-247 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 6 exit Exits the current configuration mode.

Example: RP/0/RSP0/CPU0:router(config-msdp)# exit Step 7 ipv4 access-list name [sequence-number] permit Defines an IPv4 access list to be used by SA filtering. source [source-wildcard] • In this example, the access list 100 permits multicast group 239.1.1.1. Example: RP/0/RSP0/CPU0:router(config)# ipv4 access-list • The ipv4 access-list command is required if the 100 20 permit 239.1.1.1 0.0.0.0 keyword list is configured for SA filtering in Step 3. Step 8 end Saves configuration changes. or • When you issue the end command, the system prompts commit you to commit changes: Uncommitted changes found, commit them before Example: exiting(yes/no/cancel)? RP/0/RSP0/CPU0:router(config-ipv4-acl)# end [cancel]: or – Entering yes saves configuration changes to the RP/0/RSP0/CPU0:router(config-ipv4-acl)# commit running configuration file, exits the configuration session, and returns the router to EXEC mode. – Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. – Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

Configuring MSDP MD5 Password Authentication

This task describes how to configure Multicast Source Discovery Protocol (MSDP) MD5 password authentication.

SUMMARY STEPS

1. configure 2. router msdp 3. peer peer-address 4. password {clear | encrypted} password 5. end or commit

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-248 OL-17103-01 Multicast Configuration Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

6. show mfib [vrf vrf-name] [ipv4] hardware route {* | source-address | group-address [/prefix-length]} location node-id

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router# configure Step 2 router msdp Enters MSDP configuration mode.

Example: RP/0/RSP0/CPU0:router(config)# router msdp Step 3 peer peer-address Configures the MSDP peer.

Example: RP/0/RSP0/CPU0:router(config-msdp)# peer 10.0.5.4 Step 4 password {clear | encrypted} password Configures the password.

Example: RP/0/RSP0/CPU0:router(config-msdp-peer)# password encrypted a34bi5m

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-249 Multicast Configuration Configuration Examples for Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 5 end Saves configuration changes. or • When you issue the end command, the system prompts commit you to commit changes: Uncommitted changes found, commit them before Example: exiting(yes/no/cancel)? RP/0/RSP0/CPU0:router(config-msdp-peer)# end [cancel]: or – Entering yes saves configuration changes to the RP/0/RSP0/CPU0:router(config-msdp-peer)# commit running configuration file, exits the configuration session, and returns the router to EXEC mode. – Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. – Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Step 6 show mfib [vrf vrf-name] [ipv4] hardware route Displays multicast routes. {* | source-address | group-address [/prefix-length]} location node-id

Example: RP/0/RSP0/CPU0:router# show mfib hardware route * location 0/1/cpu0

Configuration Examples for Implementing Multicast Routing - IGMP and PIM

This section provides the following configuration examples: • MSDP Anycast RP Configuration: Example, page 282 • Calculating Rates per Route: Example, page 284 • Preventing Auto-RP Messages from Being Forwarded: Example, page 285 • Inheritance in MSDP: Example, page 285 • Configuring Multicast QoS: Example, page 286

MSDP Anycast RP Configuration: Example

Anycast Route Processor (RP) allows two or more RPs to share the load for source registration and to act as hot backup routers for each other. MSDP is the key protocol that makes Anycast RP possible.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-250 OL-17103-01 Multicast Configuration Configuration Examples for Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

In Anycast RP, two or more RPs are configured with the same IP address on loopback interfaces. Configure the Anycast RP loopback address with a 32-bit mask, making it a host address. Configure all downstream routers to “know” that the Anycast RP loopback address is the IP address of the local RP. IP routing automatically selects the topologically closest RP for each source and receiver. As a source may register with one RP and receivers may join to a different RP, a method is needed for the RPs to exchange information about active sources. This information exchange is done with MSDP. In Anycast RP, all the RPs are configured to be MSDP peers of each other. When a source registers with one RP, a Source-Active (SA) message is sent to the other RPs, informing them that there is an active source for a particular multicast group. The result is that each RP knows about the active sources in the area of the other RPs. If any of the RPs fails, IP routing converges and one of the RPs becomes the active RP in more than one area. New sources register with the backup RP, and receivers join the new RP. Note that the RP is usually needed only to start new sessions with sources and receivers. The RP facilitates the shared tree so that sources and receivers can directly establish a multicast data flow. If a multicast data flow is already directly established between a source and the receiver, an RP failure does not affect that session. Anycast RP ensures that new sessions with sources and receivers can begin at any time. The following Anycast RP example configures Router A and Router B as Anycast RPs. The Anycast RP IP address assignment is 10.0.0.1.

Router A interface loopback 0 ipv4 address 10.0.0.1/32 no shutdown interface loopback 1 ipv4 address 10.2.0.1/32 no shutdown multicast-routing interfaces all enable router pim rp-address 10.0.0.1 router msdp connect-source loopback 1 peer 10.2.0.2

Router B interface loopback 0 ipv4 address 10.0.0.1/32 no shutdown interface loopback 1 ipv4 address 10.2.0.2/32 no shutdown multicast-routing interfaces all enable router pim rp-address 10.0.0.1 router msdp connect-source loopback 1 peer 10.2.0.1

Apply the following configuration to all network routers: multicast-routing router pim rp-address 10.0.0.1

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-251 Multicast Configuration Configuration Examples for Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI Calculating Rates per Route: Example

The following example illustrates output from hardware counters based on rate per route for a specific source and group address location: RP/0/RSP0/CPU0:router# configure RP/0/RSP0/CPU0:router(config)# multicast-routing vrf vpn12 address-family ipv4 RP/0/RSP0/CPU0:router(config-mcast-default-ipv4)# rate-per-route RP/0/RSP0/CPU0:router(config-mcast-default-ipv4)# interface all enable RP/0/RSP0/CPU0:router(config-mcast-default-ipv4)# accounting per-prefix RP/0/RSP0/CPU0:router(config-mcast-default-ipv4)# commit RP/0/RSP0/CPU0:router(config-mcast-default-ipv4)# exit RP/0/RSP0/CPU0:router(config-mcast)# exit RP/0/RSP0/CPU0:router(config)# exit RP/0/RSP0/CPU0:router# show mfib route rate

IP Multicast Forwarding Rates Source Address, Group Address HW Forwarding Rates: bps In/pps In/bps Out/pps Out

(*,224.0.0.0/24) bps_in /pps_in /bps_out /pps_out N/A / N/A / N/A / N/A

(*,224.0.1.39) bps_in /pps_in /bps_out /pps_out N/A / N/A / N/A / N/A

(*,224.0.1.40) bps_in /pps_in /bps_out /pps_out N/A / N/A / N/A / N/A

(*,232.0.0.0/8) bps_in /pps_in /bps_out /pps_out N/A / N/A / N/A / N/A (10.0.70.2,225.0.0.0) bps_in /pps_in /bps_out /pps_out 22649 / 50 / 22951 / 50

(10.0.70.2,225.0.0.1) bps_in /pps_in /bps_out /pps_out 22649 / 50 / 22951 / 50

(10.0.70.2,225.0.0.2) bps_in /pps_in /bps_out /pps_out 22649 / 50 / 22951 / 50

(10.0.70.2,225.0.0.3) bps_in /pps_in /bps_out /pps_out 22649 / 50 / 22951 / 50

(10.0.70.2,225.0.0.4) bps_in /pps_in /bps_out /pps_out 22649 / 50 / 22951 / 50

(10.0.70.2,225.0.0.5) bps_in /pps_in /bps_out /pps_out 22649 / 50 / 22951 / 50

(10.0.70.2,225.0.0.6) bps_in /pps_in /bps_out /pps_out

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-252 OL-17103-01 Multicast Configuration Configuration Examples for Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI Preventing Auto-RP Messages from Being Forwarded: Example

The following example shows that Auto-RP messages are prevented from being sent out of the GigabitEthernet interface 0/3/0/0. It also shows that access list 111 is used by the Auto-RP candidate and access list 222 is used by the boundary command to contain traffic on GigabitEthernet interface 0/3/0/0. ipv4 access-list 111 10 permit 224.1.0.0 0.0.255.255 any 20 permit 224.2.0.0 0.0.255.255 any ! !Access list 111 is used by the Auto-RP candidate. ! ipv4 access-list 222 10 deny any host 224.0.1.39 20 deny any host 224.0.1.40 ! !Access list 222 is used by the boundary command to contain traffic (on GigabitEthernet0/3/0/0) that is sent to groups 224.0.1.39 and 224.0.1.40. ! router pim auto-rp mapping-agent loopback 2 scope 32 interval 30 auto-rp candidate-rp loopback 2 scope 15 group-list 111 interval 30 multicast-routing interface GigabitEthernet0/3/0/0 boundary 222 !

Inheritance in MSDP: Example

The following MSDP commands can be inherited by all MSDP peers when configured under router MSDP configuration mode. In addition, commands can be configured under the peer configuration mode for specific peers to override the inheritance feature. • connect-source • sa-filter • ttl-threshold If a command is configured in both the router msdp and peer configuration modes, the peer configuration takes precedence. In the following example, MSDP on Router A filters Source-Active (SA) announcements on all peer groups in the address range 226/8 (except IP address 172.16.0.2); and filters SAs sourced by the originator RP 172.16.0.3 to 172.16.0.2. MSDP peers (172.16.0.1, 172.16.0.2, and 172.17.0.1) use the loopback 0 address of Router A to set up peering. However, peer 192.168.12.2 uses the IPv4 address configured on the GigabitEthernet interface to peer with Router A.

Router A ! ipv4 access-list 111 10 deny ip host 172.16.0.3 any 20 permit any any !

ipv4 access-list 112 10 deny any 226.0.0.0 0.255.255.255 30 permit any any

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-253 Multicast Configuration Configuration Examples for Implementing Multicast Routing - IGMP and PIM Cisco Confidential - Beta Draft R3.7 FCI

! router msdp connect-source loopback 0 sa-filter in rp-list 111 sa-filter out rp-list 111 peer 172.16.0.1 ! peer 172.16.0.2 sa-filter out list 112 ! peer 172.17.0.1 ! peer 192.168.12.2 connect-source GigabitEthernet0/2/0/0 !

Configuring Multicast QoS: Example

Note There are no commands to specifically enable Multicast QoS on Cisco ASR 9000 Series Router. The commands to configure QoS apply to multicast and unicast. See the Cisco ASR 9000 Series Aggregation Services Router Modular Quality of Service Configuration Guide for information on configuring QoS on Cisco ASR 9000 Series Router.

The following example shows how to configure a multicast QoS shaping policy: class-map match-any class1 match precedence flash-override ! policy-map policy1 class class1 shape average 200 kbps

interface GigabitEthernet0/0/3/3 service-policy output class1 vrf mvpn1 ipv4 address 10.25.25.1 255.255.255.0 keepalive disable

Enabling and Disabling Interfaces

When the Cisco IOS XR multicast routing feature is configured on your router, by default, no interfaces are enabled. To enable multicast routing and protocols on a single interface or multiple interfaces, you must explicitly enable interfaces using the interface command in multicast routing configuration mode. To set up multicast routing on all interfaces, enter the interface all command in multicast routing configuration mode. For any interface to be fully enabled for multicast routing, it must be enabled specifically (or be default) in multicast routing configuration mode, and it must not be disabled in the PIM and IGMP configuration modes. For example, in the following configuration, all interfaces are explicitly configured from multicast routing configuration submode: RP/0/RSP0/CPU0:router(config)# multicast-routing RP/0/RSP0/CPU0:router(config-mcast)# interface all enable

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-254 OL-17103-01 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

To disable an interface that was globally configured from the multicast routing configuration submode, enter interface configuration submode, as illustrated in the following example: RP/0/RSP0/CPU0:router(config-mcast)# interface GigabitEthernet0/1/0/0 RP/0/RSP0/CPU0:router(config-mcast-default-ipv4-if)# disable

Multicast Routing Information Base

The Multicast Routing Information Base (MRIB) is a protocol-independent multicast routing table that describes a logical network in which one or more multicast routing protocols are running. The tables contain generic multicast routes installed by individual multicast routing protocols. There is an MRIB for every logical network (VPN) in which the router is configured. MRIBs do not redistribute routes among multicast routing protocols; they select the preferred multicast route from comparable ones, and they notify their clients of changes in selected attributes of any multicast route.

Multicast Forwarding Information Base

Multicast Forwarding Information Base (MFIB) is a protocol-independent multicast forwarding system that contains unique multicast forwarding entries for each source or group pair known in a given network. There is a separate MFIB for every logical network (VPN) in which the router is configured. Each MFIB entry resolves a given source or group pair to an incoming interface (IIF) for reverse forwarding (RPF) checking and an outgoing interface list (olist) for multicast forwarding.

MSDP MD5 Password Authentication

MSDP MD5 password authentication is an enhancement to support Message Digest 5 (MD5) signature protection on a TCP connection between two Multicast Source Discovery Protocol (MSDP) peers. This feature provides added security by protecting MSDP against the threat of spoofed TCP segments being introduced into the TCP connection stream. MSDP MD5 password authentication verifies each segment sent on the TCP connection between MSDP peers. The password command is used to enable MD5 authentication for TCP connections between two MSDP peers. When MD5 authentication is enabled between two MSDP peers, each segment sent on the TCP connection between the peers is verified.

Note MD5 authentication must be configured with the same password on both MSDP peers; otherwise, the connection between them will not be made.

MSDP MD5 password authentication uses an industry-standard MD5 algorithm for improved reliability and security.

Implementing Multicast Routing - PIM-SM and PIM-SSM

This section contains instructions for the following tasks. • Configuring PIM-SM and PIM-SSM, page 256 (required) • Configuring PIM-SSM for Use in a Legacy Multicast Deployment, page 259 (optional)

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-255 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

• Configuring a Static RP and Allowing Backward Compatibility (required) • Configuring Auto-RP to Automate Group-to-RP Mappings, page 264 (optional) • Configuring the Bootstrap Router, page 266 (optional) • Calculating Rates per Route, page 269 (optional) • Configuring Multicast Nonstop Forwarding, page 271 (optional) • Interconnecting PIM-SM Domains with MSDP, page 275 (optional) • Controlling Source Information on MSDP Peer Routers, page 278 (optional) • Configuring MSDP MD5 Password Authentication, page 280 (optional)

Configuring PIM-SM and PIM-SSM

PIM-SM Operations

PIM-SSM Operations

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-256 OL-17103-01 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

Restrictions for PIM-SM and SSM

SUMMARY STEPS

1. configure 2. multicast-routing [address-family ipv4] 3. interface all enable 4. exit 5. router igmp 6. version {1 | 2 | 3} 7. end or commit 8. show pim [ipv4] group-map [ip-address-name] [info-source] 9. show pim [vrf vrf-name] [ipv4] topology [source-ip-address [group-ip-address] | entry-flag flag | interface-flag | summary] [route-count]

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-257 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 3 interface all enable Enables multicast routing and forwarding on all new and existing interfaces. Example: RP/0/RSP0/CPU0:router(config-mcast-ipv4)# interface all enable Step 4 exit Exits multicast routing configuration mode, and returns the router to the parent configuration mode. Example: RP/0/RSP0/CPU0:router(config-mcast-ipv4)# exit Step 5 router igmp (Optional) Enters router IGMP configuration mode.

Example: RP/0/RSP0/CPU0:router(config)# router igmp Step 6 version {1 | 2 | 3} (Optional) Selects the IGMP version that the router interface uses. Example: • The default is IGMP version 3. RP/0/RSP0/CPU0:router(config-igmp)# version 3 • Host receivers must support IGMPv3 for PIM-SSM operation. • If this command is configured in router IGMP configuration mode, parameters are inherited by all new and existing interfaces. You can override these parameters on individual interfaces from interface configuration mode. Step 7 end Saves configuration changes. or commit • When you issue the end command, the system prompts you to commit changes: Uncommitted changes found, commit them before Example: exiting(yes/no/cancel)? RP/0/RSP0/CPU0:router(config-igmp)# end [cancel]: or RP/0/RSP0/CPU0:router(config-igmp)# commit – Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode. – Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. – Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-258 OL-17103-01 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 8 show pim [ipv4] group-map [ip-address-name] (Optional) Displays group-to-PIM mode mapping. [info-source]

Example: RP/0/RSP0/CPU0:router# show pim topology

Configuring PIM-SSM for Use in a Legacy Multicast Deployment

Restrictions for PIM-SSM Mapping

Configuring a Set of Access Lists for Static SSM Mapping

This tasks configures a set of access lists (ACLs) where each ACL describes a set of SSM groups to be mapped to one or more sources.

SUMMARY STEPS

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-259 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

6. end or commit

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-260 OL-17103-01 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

Configuring a Set of Sources for SSM Mapping

This task consists of configuring a set of sources mapped by SSM groups, as described by access lists (ACLs).

SUMMARY STEPS

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/0/CPU0:router# configure Step 2 router igmp [vrf vrf-name] Enters router IGMP configuration mode.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-261 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

232.1.1.1 is static with 1 source

or RP/0/0/CPU0:router# show igmp vrf vrf20 ssm map 232.1.1.0 is static with 3 sources 232.1.1.1 is static with 1 source

Configuring a Static RP and Allowing Backward Compatibility

SUMMARY STEPS

1. configure 2. router pim [address-family ipv4]

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-262 OL-17103-01 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-263 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

Example: RP/0/RSP0/CPU0:router# show version

Configuring Auto-RP to Automate Group-to-RP Mappings

SUMMARY STEPS

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-264 OL-17103-01 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

5. exit 6. ipv4 access-list name 7. [sequence-number] permit source [source-wildcard] 8. end or commit

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-265 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 6 ipv4 access-list name (Optional) Defines the RP access list.

Configuring the Bootstrap Router

SUMMARY STEPS

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-266 OL-17103-01 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router(config-pim-default-ipv4)# bsr candidate-rp 172.16.0.0 group-list 4

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-267 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-268 OL-17103-01 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

Example: RP/0/RSP0/CPU0:router# show pim bsr rp-cache Step 16 show pim [vrf vrf-name][ipv4] group-map (Optional) Displays group-to-PIM mode mapping. [ip-address-name] [info-source]

Example: RP/0/RSP0/CPU0:router# show pim ipv4 group-map

Calculating Rates per Route

This procedure enables multicast hardware forward-rate counters on a per-VRF-family basis.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-269 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

SUMMARY STEPS

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router(config-mcast-default-ipv4 )# rate-per-route Step 4 interface {type interface-id | all} enable Enables multicast routing on all interfaces.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-270 OL-17103-01 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

Configuring Multicast Nonstop Forwarding

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-271 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

Prerequisites for Multicast Nonstop Forwarding

SUMMARY STEPS

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router(config-mcast)# nsf

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-272 OL-17103-01 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-273 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

Example: RP/0/RSP0/CPU0:router# show mrib nsf Step 14 show pim [ipv4] nsf (Optional) Displays the state of NSF operation for PIM.

Example: RP/0/RSP0/CPU0:router# show pim nsf

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-274 OL-17103-01 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI Interconnecting PIM-SM Domains with MSDP

Prerequisites for Interconnecting PIM-SM Domains with MSDP

You must configure MSDP default peering, if the addresses of all MSDP peers are not known in BGP or multiprotocol BGP.

SUMMARY STEPS

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-275 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-276 OL-17103-01 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

Example: RP/0/RSP0/CPU0:router# show msdp globals

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-277 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 14 show msdp [ipv4] peer [peer-address] Displays information about the MSDP peer.

Example: RP/0/RSP0/CPU0:router# show msdp peer 172.31.1.2 Step 15 show msdp [ipv4] rpf rpf-address Displays the RPF lookup.

Example: RP/0/RSP0/CPU0:router# show msdp rpf 172.16.10.13

Controlling Source Information on MSDP Peer Routers

SUMMARY STEPS

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-278 OL-17103-01 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

8. end or commit

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router# configure Step 2 router msdp Enters MSDP protocol configuration mode.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-279 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

Command or Action Purpose Step 6 exit Exits the current configuration mode.

Configuring MSDP MD5 Password Authentication

This task describes how to configure Multicast Source Discovery Protocol (MSDP) MD5 password authentication.

SUMMARY STEPS

1. configure 2. router msdp 3. peer peer-address 4. password {clear | encrypted} password 5. end or commit

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-280 OL-17103-01 Multicast Configuration Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

6. show mfib [vrf vrf-name] [ipv4] hardware route {* | source-address | group-address [/prefix-length]} location node-id

DETAILED STEPS

Command or Action Purpose Step 1 configure Enters global configuration mode.

Example: RP/0/RSP0/CPU0:router# configure Step 2 router msdp Enters MSDP configuration mode.

Example: RP/0/RSP0/CPU0:router(config)# router msdp Step 3 peer peer-address Configures the MSDP peer.

Example: RP/0/RSP0/CPU0:router(config-msdp)# peer 10.0.5.4 Step 4 password {clear | encrypted} password Configures the password.

Example: RP/0/RSP0/CPU0:router(config-msdp-peer)# password encrypted a34bi5m

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-281 Multicast Configuration Configuration Examples for Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

Example: RP/0/RSP0/CPU0:router# show mfib hardware route * location 0/1/cpu0

Configuration Examples for Implementing Multicast Routing - PIM-SM and PIM-SSM

MSDP Anycast RP Configuration: Example

Anycast Route Processor (RP) allows two or more RPs to share the load for source registration and to act as hot backup routers for each other. MSDP is the key protocol that makes Anycast RP possible.

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide ES-282 OL-17103-01 Multicast Configuration Configuration Examples for Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI

Apply the following configuration to all network routers: multicast-routing router pim rp-address 10.0.0.1

Cisco ASR 9000 Series Aggregation Services Router Ethernet Services Application Guide OL-17103-01 ES-283 Multicast Configuration Configuration Examples for Implementing Multicast Routing - PIM-SM and PIM-SSM Cisco Confidential - Beta Draft R3.7 FCI Calculating Rates per Route: Example