Deployment Considerations L2CP Processing
Case-2
CASE 2. Customer LAN uses Cisco PVST+, Provider WAN does not use STP
In some customer LAN configurations, where Cisco proprietary PVST+ works as standard
MSTP, it is additionally required to tunnel a standard BPDU frames (IEEE 802.1 Bridge
Group Access address 0x01-80-C2-00-00-00). Such tunnel should be configured on CPE and
CO ML on all Customer LAN sites using the following options:
Build a transparent tunnel on the CPE. This tunnel will forward the frame unchanged,
cut-through from Ingress to specified Egress ports, and ignore all VLAN filter,
modification and forwarding rules configured on the NE. The transparent tunnel should
be set on all directions – on port(s) facing Customer LAN and port(s) facing Network
WAN. Repeat configuration on CPEs of all other customer site(s).
Build a tunnel by TAG (VID and optionally ETH-Type) on CO. This tunnel will forward
the frame after inserting a TAG with the specified VID and ETH-Type. The VID should
be set exactly as the Service VID (representing the Customer in WAN). This will allow to
merge this special frame with all other customer traffic that is forwarded toward the
service provider WAN. Tunnel by TAG is set manually only on ports ingressing from
Customer side (the HSL on CO).
Note that the reverse direction of the tunnel on the same NE (ETH-x to the HSL) is built
automatically (and invisible in L2CP table). Repeat configuration on COs of all other
customer site(s).
Note the following:
You can apply TAG tunnel starting CPE (not very reasonable, but possible).
Do not use 0x8100 Eth. type if frame is tunneled via stacked ETH port.
Case 3A. Customer uses Cisco PVST+, Provider uses IEEE 802.1 STP/RSTP or Cisco PVST+.
In cases when BPDU frames (MAC 0x01-80-C2-00-00-00) are common for customer and
service provider devices it can be recommended to use MAC tunneling applied on CPE
(requires another MAC multicast address to be used instead of MAC 0x01-80-C2-00-00-00).
When using MAC tunneling, it is important to note the following:
MAC tunneling, when applied on STACKED ETH ports, works with UNTAGGED L2CP
reserved frames only.
MAC tunneling requires units with R7.0 SW (or higher) on both sides. The mechanism
mighty not work if MAC tunnel is not terminated by an ML NE.
The following configuration is allowed only if CPE has ETH port facing the customer
switches as Untagged or Tagged.
Build a tunnel by MAC (and VID) on CPE .This tunnel will forward the frame with MAC
DA modified to specified multicast address and also tagged with VID equal to one of the
VID used for regular customer traffic forwarding. Tunnel by MAC is set manually only
on port(s) facing Customer LAN. Note that the reverse direction of the tunnel on the same
NE (HSL-1 to ETH-x) is built automatically. Repeat configuration on CPEs of all other
customer site(s).
To Next Page