ACL Filter Policy Overview
486 Router Configuration Guide
Destination MAC Rewrite when Deploying Policy-Based
Forwarding
For Layer 2 Policy Based-Forwarding (PBF) redirect actions, a far-end router may discard
redirected packets when the PBF changes the destination IP interface the packet arrives on.
This happens when a far-end IP interface uses a different MAC address than the IP interface
reachable via normal forwarding (for example one of the routers does not support a
configurable MAC address per IP interface). To avoid the discards, operators can deploy
egress destination MAC rewrite functionality for VPLS SAPs (config>service>vpls>sap>
egress>dest-mac-rewrite). Figure 18 illustrates a sample deployment.
Figure 18: Layer 2 Policy Based Forwarding (PBF) redirect action
When enabled, all unicast packets have their destination MAC rewritten to operator-
configured value on an L2 switch VPLS SAP. Multicast and broadcast packets are
unaffected. The feature:
• Is supported for regular and split-horizon group Ethernet SAPs in a regular VPLS
Service
• Is expected to be deployed on a SAP that faces far-end IP interface (either a SAP that
is the target of PBF action as depicted in the picture above or a VPLS SAP of a
downstream L2 switch that is connected to a far-end router – not shown).
• Applies to any unicast egress traffic including LI and mirror.
0920
PE1
PE2
L2 Switch
VPLS
VPRN
VPRN
New Network
Legacy Network
SAP
SAP
IP:10.0.0.1
Mac_A
CPE:
Single static route,
0.0.0.0/0 next-hop 10.0.0.1
Follows “black path” to PE facing legacy network
CPE:
Must accept
downstream traffic
from MAC_A and
MAC_B
PBF:
Ingress IP/IPv6
filter redirects to
PE2 while normal
traffic flows to PE 1
SAP Egress
Rewrite all unicast
traffic to the
configured dest-MAC:
MAC_B (1 per SAP)
IP:10.0.0.1
Mac_B
SAP
SAP
Access/
Netw
To Next Page
Loading...
