Virtual Private LAN Services
7210 SAS-X, R6 OS Services Guide Page 585
PBB ACL Support
Filter policies are supported for ingress and egress of PBB I-SAP in both PBB epipe and PBB
VPLS service.
Only MAC criteria Filter policies is available for use with PBB B-SAPs on ingress with the
following functionality:
• For PBB B-VPLS B-SAPs, the MAC filter matches the outer MAC header fields (that is,
B-DA, B-SA, B-Tag) for traffic received on a B-SAP and forwarded to another B-SAP in
the system.
• For PBB B-VPLS B-SAPs, the MAC filter matches the inner MAC header fields (that is,
the customer MAC DA, SA and VLAN tags) for traffic received on a B-SAP and
forwarded out of an I-SAP in the system.
Only MAC criteria filter policies is available for use with PBB B-SAPs on egress. This filter
policy only matches the BCB traffic. BEB traffic (that is, PBB originated traffic) cannot be
matched using the egress filter policy attached to PBB B-SAP.
Configuration Guidelines
Listed below are the configuration guidelines for a PBB service:
• A PBB service instance (identified by the ISID) cannot be used to encapsulate customer
payloads with additional VLAN tags, if that service instance is being used to transport
frames received on a QinQ access SAP. If a particular service instance is in use by a QinQ
access SAP, then the system drops the packets that are received with additional tags on all
the SAPs (NULL or Dot1q) using the same instance. Packets received with one or more
tags on a NULL SAP, more than one tag on a Dot1q SAP, and more than two tags on a
QinQ SAP are classified as packets with additional VLAN tags.
• Service MTU is not available for use.
• Port-based SHG is available for use with I-VPLS and B-VPLS service. Service based
SHG is not available for use in an I-VPLS and a B-VPLS service.
• The system uses an internal loopback to flood or replicate BUM traffic received on the B-
SAPs configured on the node. It is used to create an additional copy for processing in the
I-VPLS context (while the original copy is used for processing the frame in the B-VPLS
context). Thus, one frame received on the B-SAP results in 2 frames internally in the
system. Both the copies of the frame are sent to the traffic manager for ingress queuing
and replication to other SAPs in the B-VPLS and the I-VPLS services. This can
potentially congest the internal backplane to the traffic manager. The additional traffic
(that is, second copy of the BUM traffic received on all the B-SAPs configured in the
To Next Page
Loading...
