In order for EFPs and switchports to bridge frames to each other, they must belong to the same bridge domain. For switchports, the bridge domain is set to the incoming VLAN tags. The ingress rewritten VLAN tag at the customer interface would match the bridge domain ID, which represents an S-VLAN for the service provider. (use cisco 3800ME as a example )
Network port configurations:
Switch (config)# interface gigabitethernet0/12
Switch (config-if)# switchport mode trunk
Switch (config-if)# switchport trunk allowed vlan 20-30
Customer port configurations:
Switch (config)# interface gigabitethernet0/1
Switch (config-if)# switchport mode trunk
Switch (config-if)# switchport trunk allowed vlan none
Switch (config-if)# service instance 1 Ethernet
Switch (config-if-srv)# encapsulation dot1q 2000
Switch (config-if-srv)# rewrite ingress tag pop 1 symmetric
Switch (config-if-srv)# bridge-domain 20
Switch (config-if)# service instance 2 Ethernet
Switch (config-if-srv)# encapsulation dot1q 2001
Switch (config-if-srv)# rewrite ingress tag pop 1 symmetric
Switch (config-if-srv)# bridge-domain 30
Switch (config)# interface gigabitethernet0/2
Switch (config-if)# switchport mode trunk
Switch (config-if)# switchport trunk allowed vlan none
Switch (config-if)# service instance 1 Ethernet
Switch (config-if-srv)# encapsulation dot1q 3000
Switch (config-if-srv)# rewrite ingress tag pop 1 symmetric
Switch (config-if-srv)# bridge-domain 20
Switch (config-if)# service instance 2 Ethernet
Switch (config-if-srv)# encapsulation dot1q 3001
Switch (config-if-srv)# rewrite ingress tag pop 1 symmetric
Switch (config-if-srv)# bridge-domain 30
EVCs and switchports can exist simultaneously on the same switch. When an EFP joins a bridge domain 1 through 4095, it is part of the same flood domain as VLANs 1 through 4095. If an EFP uses a bridge
domain greater than or equal to 4096, it belongs to the EFP-only flood domain.
This example shows VLANs and EFPs sharing the same flooding domain.
Switch (config)# interface gigabitethernet0/1
Switch (config-if)# switchport mode trunk
Switch (config-if)# switchport trunk allowed vlan 1000
Switch (config)# interface gigabitethernet0/2
Switch (config-if)# service instance 1 Ethernet
Switch (config-if-srv)# encapsulation dot1q 1000
Switch (config-if-srv)#rewrite ingress tag pop 1 symmetric
Switch (config-if-srv)# bridge-domain 1000
When data packets are forwarded between EFPs and switchports, the EFP and switchport configurations are applied to the packet. This removes the ambiguity of the tagging behavior between them.
Tagging behavior between an EFP and a switchport.
A switchport trunk has an implicit outer VLAN pop at ingress and an implicit outer VLAN push at egress.
When rewrite is enabled, a VLAN tag is popped at ingress and a VLAN tag corresponding to the bridge domain that bridged the packet is pushed at egress on the switchport trunk without any explicit configuration.When a VLAN tag is pushed on a packet egressing at the switchport, the VLAN ID corresponds to the bridge-domain ID over which the packet is bridged
Single-tagged Traffic Between a Switchport and an EFP with Rewrite
In this example, for traffic entering the switchport trunk port, the VLAN tag is popped on ingress at the
switchport trunk port and the untagged packet is bridged over bridge domain 10. On egress, the rewrite
operation results in a VLAN tag (encapsulation dot1q 10) to be pushed (added), and the packet egresses on the EFP with a single tag (VLAN l0).
For traffic entering the EFP, a VLAN tag is popped at the EFP with a rewrite and the untagged packet is
bridged over bridge domain 10. At egress on the switchport trunk port, the VLAN tag corresponding to
the bridge domain (VLAN 10) is pushed, and the packet egresses on the switchport with a single tag
(VLAN l0).
For Network Design, Build and Consulting Services,
please visit:
No comments:
Post a Comment