Print this pagePrint this page

Email this topicEmail this topic

View PDFView PDF

Download EPUBDownload EPUB

Protocol Tunneling

To make L2PT configuration easier, in ExtremeXOS you can create L2PT profiles. An L2PT profile specifies the tunneling action and other parameters for protocols (specified using protocol filters) that should be tunneled. You can then apply the profile to the interfaces of the service that are participating in L2PT. And you can also change the profile when it is already bound to an interface.

The L2PT parameters that can be configured through a profile include the following:
  • Tunneling Action
  • Tunneling CoS
The following validity checks are performed when an entry for a protocol filter is created in an L2PT profile:
  • Ensure that all protocols in the protocol filter define a destination MAC address.
  • Ensure that all protocols in the protocol filter define a protocol identifier.
  • Ensure that all protocols in the protocol filter are unique within the L2PT profile.
  • If the action for the protocol filter is ‘encapsulate:
    • Ensure that there are no entries with action as ‘tunnel in the L2PT profile.
    • Ensure that the service interface is either a tagged VLAN (Virtual LAN) port or a PW.
  • If the action for the protocol filter is ‘tunnel‘:
    • Ensure that there are no entries with action as ‘encapsulate‘ in the L2PT profile.
    • For every service interface using the L2PT profile:
      • Ensure that none of the protocols in the protocol filter are filtered on the underlying port of the interface.
      • Ensure that none of the protocols in the protocol filter are tunneled on the underlying port of the interface.
The following validity checks are performed when a L2PT profile is bound to an interface of a service:
  • If the profile specifies the action as ‘tunnel‘ for protocol filter:
    • Ensure that the interface is not a PW.
    • Ensure that none of the protocols in the L2PT profile are filtered on the underlying port of the interface.
    • Ensure that none of the protocols in the L2PT profile are tunneled on the underlying port of the interface.

Typically, you will want to configure the tunneling action for all customer facing interfaces of the service that participate in L2PT as tunnel, and the tunneling action for all network facing interfaces as encapsulate/decapsulate. Once any interface of the service is configured to tunnel a protocol, the switch will configure all tagged ports and PWs of the service to encapsulate/decapsulate mode. You can override this implicit configuration by binding a profile to the service interface that specifies a different tunneling action.

For example, consider a VMAN service named c1 with customer facing ports 1, 2 and 3 and network facing ports 4, 5, 6. Ports 4, 5 and 6 are added as tagged to the VMAN and 1, 2 and 3 are added as untagged to the VMAN. The operator wants to tunnel LACP and EFM OAM on all customer facing ports at CoS 5. The configurations that he or she must make are as follows:
# Create a protocol filter
create protocol filter “my_slow_protocols_filter”

# Add LACP to the protocol filter
configure protocol filter “my_slow_protocols_filter” 
add dest-mac 01:80:C2:00:00:02 etype 0x8809 field offset 14 value 01 mask FF

# Add EFM OAM to the protocol filter
configure protocol filter “my_slow_protocols_filter” 
add dest-mac 01:80:C2:00:00:02 etype 0x8809 field offset 14 value 03 mask FF

# Create an L2PT profile for the customer facing ports named c1_l2pt_profile
create l2pt profile “c1_l2pt_profile”

# Enable CDP tunneling with CoS 5
configure l2pt profile “c1_l2pt_profile” add protocol filter 
“my_slow_protocols_filter” action tunnel cos 5

# Bind c1_l2pt_profile to all customer facing ports
configure vman c1 ports 1,2,3 l2pt profile “c1_l2pt_profile”

# Please note that the network facing port 4, 5 and 6 don‘t have to be explicitly
# configured to encapsulate/decapsulate mode since the switch implicitly sets all
# tagged ports to encapsulate/decapsulate mode when an L2PT profile is bound to
# any port of the service.

The operator also has the option to configure the L2PT destination MAC address (i.e., the DA used by L2PT encapsulated PDUs). This is may be done using the following CLI command:

configure l2pt encapsulation dest-mac mac_address

The L2PT destination MAC address may only be changed when no L2PT profiles have been bound to any service interface. The default L2PT DA MAC is 01:00:0C:CD:CD:D0 (selected to be interoperable with Cisco and Juniper).

Use the following commands to view the status and statistics of L2PT:

show [vlan | vman] vlan_name {ports port_list} l2pt {detail}

show {l2vpn} [vpls vpls_name | vpws vpws_name] {peer ipaddress} l2pt {detail}

Use the following commands to clear L2PT stats:

clear l2pt counters {[vlan | vman] vlan_name {ports port_list}}

clear l2pt counters {[vpls vpls_name {peer ipaddress} | vpws vpws_name]}

Published March 2020prev | next

Email this topicEmail this topic

Print this pagePrint this page