Assigning Port CVID on Port-based or CEP VMAN Service

As of ExtremeXOS 21.1, an optional port CVID parameter has been added to the existing untagged and CEP VMAN port configuration options. When present, any untagged packet received on the port is double tagged with the configured port CVID and the SVID associated with the VMAN. If the port is untagged, packets received with a single CID still have the SVID added. If the port is CEP, only untagged and any specifically configured CVIDs are allowed. As double tagged ports are received from tagged VMAN ports and forwarded to untagged VMAN ports, the SVID associated with the VMAN is stripped. Additionally, the CVID associated with the configured port CVID is also stripped in the same operation. If the port is CEP and CEP egress filtering in enabled, only the specified port CVID and CVIDs are allowed to egress.

Much like the CVIDs configured as part of the CEP feature, the configured port CVID is not represented by a VLAN within ExtremeXOS. The implication is that protocols and individual services cannot be applied to the Port CVID alone. Protocols and services are instead applied to the VMAN and/or port as the VMAN represents the true layer-2 broadcast domain. Much like regular untagged and CEP VMAN ports, MAC FDB learned occurs on the VMAN so duplicate MAC addresses received on multiple CVIDs which are mapped to the same VMAN can be problematic.

Even when the additional Port CVID is configured, the port still has all of the attributes of a regular untagged VMAN port. This means that any single c-tagged packets received on the same port will have just the SVID associated with the VMAN added to the packet. Likewise, any egress packet with a CVID other than the configured Port CVID will have just the SVID stripped. This is not true when the Port CVID specification is part of the CEP configuration, added in ExtremeXOS 16.2.1.