CTR 8500/8300 CONFIGURATION

VLAN
Version 3.1

260-668256-008
Copyright & Terms of Use
November 2015
This documentation incorporates features and functions provided with CTR 8540 and CTR 8300 for software
release 3.1
Copyright © 2015 by Aviat Networks, Inc.
All rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a
retrieval system, or translated into any language or computer language, in any form or by any means, elec-
tronic, magnetic, optical, chemical, manual or otherwise, without the prior written permission of Aviat Net-
works Inc. To request permission, contact [email protected].
Warranty
Aviat Networks makes no representation or warranties with respect to the contents hereof and specifically dis-
claims any implied warranties or merchantability or fitness for any particular purpose. Further, Aviat Net-
works reserves the right to revise this publication and to make changes from time to time in the content
hereof without obligation of Aviat Networks to notify any person of such revision or changes.
Safety Recommendations
The following safety recommendations must be considered to avoid injuries to persons and/or damage to the
equipment:
1. Installation and Service Personnel: Installation and service must be carried out by authorized personnel who
have the technical training and experience necessary to be aware of any hazardous operations during install-
ation and service, and of measures to avoid any danger to themselves, to any other personnel, and to the equip-
ment.
2. Access to the Equipment: Access to the equipment in use must be restricted to service personnel only.
3. Safety Norms: Recommended safety norms are detailed in the Health and Safety sections of this guide.
Local safety regulations must be used if mandatory. Safety instructions in this guide should be used in addi-
tion to the local safety regulations. In the case of conflict between safety instructions stated in this guide and
those indicated in local regulations, mandatory local norms will prevail. Should local regulations not be man-
datory, then the safety norms in this guide will prevail.
4. Service Personnel Skill: Service personnel must have received adequate technical training on tele-
communications and in particular on the equipment this guide refers to.
Trademarks
All trademarks are the property of their respective owners.
End User License Agreement and Open Source
By using this product you agree to the terms of the CTR 8540 End User License Agreement; to view this, log
into a CTR 8540 or CTR 8300 using the CLI command window and enter the CLI command “show EULA”.
The CTR 8540 and CTR 8300 use free and open source software components, which can be viewed by using
the CLI command “show system acknowledgments”. This command also details the licenses associated with
each component and describes the methods available to acquire the open source software.

260-668256-008 NOVEMBER 2015 I

VLAN CONFIGURATION FOR CTR 8300 AND 8500

Aviat Networks Technical & Sales

Support
Technical Service and Support
For customer service and technical support contact the Global Technical Help Desk (GTHD). A call will be
answered by GTHD support staff who will resolve the issue, if possible, or quickly pass the call to the appro-
priate TAC engineer for resolution.
The GTHD number is: +1-210-526-6345, or toll free 1-800-227-8332 within USA
For 24/7 access you will need your Support Assurance PIN. Without a PIN you will still receive support, but the
support process will require an additional screening step.
Americas Technical Help Desk EMEA Technical Help Desk Asia Pacific Technical Help Desk
Aviat Networks,Inc. Aviat Networks Aviat Networks
San Antonio, TX Blantyre, Glasgow G72 0FB Clark Freeport Zone
USA UK Philippines 2023
Phone: +1 210 526 6345 Phone: +1 210 526 6345 Phone: +1 210 526 6345
Toll Free (USA):1-800-227-8332 Fax: +44 16 9871 7204 (English) Fax: +63 45 599 5196
Fax +1 210-526-6315 Fax: +33 1 5552 8012 (French)
[email protected] [email protected] [email protected]

Sales and Sales Support

Contact one of the Aviat Networks headquarters, or find your regional sales office on the Aviat Networks web
site.
Corporate Headquarters, California, USA International Headquarters , Singapore
Aviat Networks, Inc. Aviat Networks(S) Pte. Ltd.
5200 Great America Parkway 17, Changi Business Park Central 1
Santa Clara CA 95054 Honeywell Building, #04-01
U.S.A. Singapore 486073
Phone: + 408 567 7000 Phone: +65 6496 0900
Fax: + 408 567 7001 Fax: + 65 6496 0999
Sales Inquiries: +1-321-674-4252

II AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Product Compliance Notes

CTR 8540, CTR 8312, and CTR 8311 have been tested for and meet EMC Directive 2004/108/EC. The equipment
was tested using screened cable; if any other type of cable is used, it may violate compliance.
CTR 8540, CTR 8312, and CTR 8311 are Class A products. In a domestic environment these products may
cause radio interference in which case the user may be required to take adequate measures. This equipment
is intended to be used exclusively in telecommunications centers.
At CT R s of tw ar e r el eas e 3 . 1 , op er ati on of IRU 6 0 0 i s n ot s u p p or ted .
At CT R s of tw ar e r el eas e 3 . 1 , op er ati on of ODU 6 0 0 on th e l i c en s e- f r ee 5 . 8 GHz b an d i s n ot
s u p p or ted .

International Use of 5.8GHz

ODU 600 or IRU 600 with CTR 8540, CTR 8312, or CTR 8311 on the 5.8 GHz license-free band do not employ
DFS, and as such the equipment cannot be deployed within Europe or any country where DFS is a regulatory
requirement for protection of radars.

WEEE Directive
In accordance with the WEEE Directive (2012/19/EU), CTR 8540, CTR 8312, and CTR 8311 are marked with the
following symbol:

This symbol indicates that this equipment should be collected separately for the purposes of recovery and/or
recycling.
For information about collection and recycling of Aviat Networks equipment please contact your local Aviat
Networks sales office. If you purchased your product via a distributor please contact the distributor for inform-
ation regarding collection and recovery/recycling.
More information on the WEEE Directive is available at our website:
http://www.aviatnetworks.com/products/compliance/weee/.
(WEEE is the acronym for Waste Electrical and Electronic Equipment)

RoHS Directive
CTR 8540, CTR 8312, and CTR 8311 meet the requirements of ROHS directive 2011/65/EU.

Declaration of Conformity, R&TTE Directive, 1999/5/EC

The reference to CTR in this declaration denotes intended use of the CTR 8540, CTR 8312, or CTR 8311, with
one or more of the following Aviat Networks ODUs: ODU 600, ODU 600sp, ODU 300hp.

260-668256-008 NOVEMBER 2015 III

VLAN CONFIGURATION FOR CTR 8300 AND 8500

IV AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

The CTR 8540, CTR 8312, or CTR 8311 with an ODU 600, ODU 600sp, or ODU 300hp radio is classified under the
R&TTE Directive 99/5/EC as a class 2.8 radio (microwave fixed link) product.
Point-to-point radio relay equipment is intended to be used for:
- Interconnecting private and public networks.
- Interconnecting mobile base stations back to the PSTN point of presence (POP).
For details of where the equipment is intended to be used, see the country matrix below.
- AVIAT NETWORKS intends to market this equipment where a cross (X) is shown in the table below.
- The information contained in this table has been gathered from the relevant government authorities and
relates only to European countries participating in the R&TTE directive.
It s h ou l d b e n oted th at a l i c en s e to op er ate th i s eq u i p men t i s l i kel y to b e n ec es s ar y, an d
th e ap p r op r i ate r eg u l ator y ad mi n i s tr ati on s h ou l d b e c on tac ted .

260-668256-008 NOVEMBER 2015 V

VLAN CONFIGURATION FOR CTR 8300 AND 8500

VI AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Table of Contents
Copyright & Terms of Use i
Aviat Networks Technical & Sales Support ii
Product Compliance Notes iii
International Use of 5.8GHz iii
WEEE Directive iii
RoHS Directive iii
Declaration of Conformity, R&TTE Directive, 1999/5/EC iii
Table of Contents vii

CHAPTER 1. VLAN INTRODUCTION 1

Purpose and Scope 1
Acronyms 1
References 2
Document Conventions 2
General Configurations 3
VLAN Protocol Description 4

CHAPTER 2. VLAN CONFIGURATION 5

Configuring Guidelines 5
Bridge Mode Support 6
Default Configurations 6
Configuring Static VLAN 8
Deleting a VLAN or L3 Interface 10
Enabling VLANs 11
Using the VLAN Active Command 11
Configuring Static Unicast Entry 12
Configuring Static Multicast Entry 13
Configuring VLAN Learning Mode and Type 14
Enabling Tunneling on a Port 16
Tunneling of STP Packets 18
Service Classes and Expedited Traffic Handling 19
Configuring VLAN Max Traffic Class 19
Mapping Priority to Traffic Class 20

260-668256-008 NOVEMBER 2015 VII

 Configuring Port Filtering 21
Configuring Acceptable Frametype 21
Configuring Ingress Filtering 22
Configuring Filtering Utility Criteria 23
Configuring WildCard Entry 24

CHAPTER 3. BRIDGE MODE CONFIGURATION 25

Configuring Bridge Mode during System Initialization 26
Configuring Bridge Mode during System Runtime 27

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS 29

Configuring Provider Bridge Port Types 30
Configuring C-VLAN Component 32
Provider Edge Port Configurations 32
C-VLAN Component Spanning Tree Configurations 35
Configuring S-VLAN Component 38
Configuring a Flow for 802.1ad Bridge Port Type 40
Configuring Connectivity through CEP 40
Configuring Transparent Connectivity through CNP (Port Based) 41
Handling Priority in Provider Bridges 42
Configuring PCP Encoding Table 42
Configuring PCP Decoding Table 43
Configuring PCP Selection Row 44
Configuring Service Priority Regeneration Table 45
Configuring Use DEI 46
Configuring VLAN Translation Table 48
Tunneling in Provider Network 50
Tunneling Spanning Tree Protocol 50
Tunneling GVRP Protocol 50
Tunneling GMRP Protocol 51
Tunneling IGMP Protocol 51
Tunneling DOT1X Protocol 51
Tunneling LACP Protocol 51
Configuring Tunnel MAC Address 52
Protocol Tunneling in Customer Bridges 54
Configuring Port MAC Learning Status and Limit 55
Configuring Static Multicast Mac Limit 56

VIII AVIAT NETWORKS

 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Configuring Ether Type Swap Table 57

Configuring Customer Port VLAN ID 58
Configuring S-VLAN 60
Configuring Ingress and Egress Ether Type 62
Configuring Proprietary Port Types 64

CHAPTER 5. FLOW BASED CONFIGURATION 67

Configuring Static Unicast Entry 69
Configuring Static Multicast Entry 71
Procedure 71
Classifying VLAN 73
PVID Based Classification 73
Port and MAC Based Classification 75
Port and protocol Based Classification 77
Configuring Acceptable Frame Types 81
Configuration Guidelines 81
Procedure 81
Configuring Ingress Filtering 84
Configuration Guidelines 84
Procedure 84

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION 87

Configuring Service using C-VLAN Based Service Interface and Port-Based Service Interface 88
Configuration Guidelines 88
Default Configurations 88
Translating VLAN in Provider Networks 97
Configuration Guidelines 97
Default Configurations 97
Configuring PCP Decoding and Encoding Table 101
Configuration Guidelines 101
Default Configurations 101
Configuring Provider Edge Port Configurations and Service Priority Regeneration Table 104
Configuration Guidelines 104
Default Configurations 104
Tunneling Of Customer STP Packets and Customer GVRP Protocol Packets – Provider Bridges 107
Configuration Guidelines 107
Default Configurations 107

260-668256-008 NOVEMBER 2015 IX

 Tunneling Of Customer STP Packets and Customer GVRP Protocol Packets – Customer
Bridges 114
Configuration Guidelines 114
Default Configurations 114
Tunnelling Over Q-in-Q Bridge 122
Configuration Guidelines 122
Default Configurations 122
Port-Based MAC Address Limiting 126
Configuration Guidelines 126
Default Configurations 126
VLAN-Based MAC Address Limiting 128
Configuration Guidelines 128
Default Configurations 128
Customer Controlled Provider Bridges 129
Proprietary Provider Network Port 129

X AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Chapter 1. VLAN Introduction

Purpose and Scope
The Aviat Networks VLAN product facilitates grouping devices on different physical LAN seg-
ments. These virtual LANs (VLANs) can communicate with each other as if they are all on the
same physical LAN segment, i.e. a network of computers that behave as if they are connected to
the same wire even though they can b ephysically located on different segments of a LAN.
VLANS are configured through software rather than hardware, making them extremely flexible.
This document describes configuring VLANs on a switch running Aviat Networks CTR 8540 or
CTR 8300.

Acronyms
This table lists acronyms used in this document.
Table 1-1. Acronyms
Acronym Explanation
BPDU Bridge Protocol Data Unit
ACL Access Control list
CBS Controlled Burst Size
CEP Customer Edge Port
CIR Controlled Information Rate
CNP Customer Network Port
COS Class of Service
CVID Customer VLAN Id
C-VLAN Customer VLAN
DEI Drop Eligible Indicator
DSCP Differentiated Services Code Point
EBS Excess Burst Size
EIR Excess Information Rate
E-LAN Multipoint to Multipoint connectivity
E-LINE Point to Point connectivity
FID Filtering Identifier
GARP Generic Attribute Registration Protocol
GMRP GARP Multicast Registration Protocol

260-668256-008 NOVEMBER 2015 1

CHAPTER 1. VLAN INTRODUCTION

GVRP GARP VLAN Registration Protocol

ID Identifier
IVL Independent VLAN Learning
LAN Local Area Network
MI Multiple Instance
PCB Provider Core Bridge
PCEP Proprietary Customer Edge Port
PCNP Proprietary Customer Network Port
PCP Priority Code Point
PEB Provider Edge Bridge
PEP Provider Edge Port
PNAC Port Based Network Authentication Protocol
PNP Provider Network Port
PPNP Proprietary Provider Network Port
PVID Port VLAN ID
RSTP Rapid Spanning Tree Protocol
STP Spanning Tree Protocol
SVL Shared VLAN Learning
S-VLAN Service VLAN
TOS Type of Service
VID VLAN Identifier
VLAN Virtual Local Area Network

References
l CTR 8500/8300 CLI Reference Guide.

Document Conventions
Table 1-2. Document Conventions
Convention Usage
Code CLI commands

Code User inputs for CLI commands

Italics
Blue code CLI command outputs
text
Red code Output areas specific to the configuration
text

2 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

General Configurations
The following table provides the access and exit methods to various general configuration
modes.
Table 1-3. General Configurations
Command Mode Access Method Prompt Exit method
User EXEC This is the initial mode to aos> The logout method is used.
start a session.
Privileged EXEC Use the enable com- aos# Use the command disable
mand to enter the Priv- to return from the Privileged
ileged EXEC mode. EXEC mode to User EXEC
mode, the disable command
is used.
Global Configuration Enter Privileged EXEC aos(config)# Use the command exit to
mode and use the com- log out of the Global Con-
mand configure ter- figuration Mode, and the
minal to enter the command end to log out of
Global Configuration the Privileged EXEC mode.
Mode.
Interface Con- In Global Configuration aos(config-if) Use the command exit to
figuration Mode, use the command # log out of the Global Con-
command interface figuration Mode, and the
<interface- command end to log out of
type><interface- the Privileged EXEC mode.
id>to enter the Inter-
face Configuration Mode.
VLAN Configuration The Global Configuration aos(config- Use the command exit to
Mode command VLAN vlan)# log out of the Global Con-
<VLANid>, is used to figuration Mode, and the
enter the VLAN con- command end to log out of
figuration mode the Privileged EXEC mode.

260-668256-008 NOVEMBER 2015 3

CHAPTER 1. VLAN INTRODUCTION

VLAN Protocol Description

Virtual LAN (VLAN) technology, defined under the IEEE 802.1q specifications, allows enter-
prises to extend the reach of their corporate networks across WAN. VLANs enable partitioning
of a LAN based on functional requirements, while maintaining connectivity across all devices on
the network. VLAN groups network devices and enable them to behave as if, they are in one
single network. Data security is ensured by keeping the data exchanged between the devices of a
particular VLAN within the same network.

VLAN offers a number of advantages over traditional LAN. They are:

1. Performance - In networks with traffic consisting of a high percentage of
broadcasts and multicasts, VLAN minimizes the possibility of sending the
broadcast and multicast traffic to unnecessary destinations.
2. Formation of Virtual Workgroups - VLAN helps in forming virtual
workgroups. During this period, communication between the members of the
workgroup will be high. Broadcasts and multicasts can be restricted within
the workgroup.
3. Simplified Administration - Most of the network costs are a result of
adds, moves, and changes of users in the network. Every time a user is
moved in a LAN, recabling, new station addressing, and reconfiguration of
hubs and routers becomes necessary. Some of these tasks can be simplified
with the use of VLANs.
4. Reduced Cost - VLANs can be used to create broadcast domains, which
eliminate the need for expensive routers.
5. Security - Sensitive data may be periodically broadcast on a network. Pla-
cing only those users, who are allowed to access to such sensitive data on a
VLAN can reduce the chances of an outsider gaining access to the data.
VLAN can also be used to control broadcast domains, set up firewalls,
restrict access, and inform the network manager of an intrusion.

Aviat Networks VLAN logically segments the shared media LAN, forming virtual workgroups. It
redefines and optimizes the basic Transparent Bridging functionality such as learning, for-
warding, filtering and flooding.

4 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Chapter 2. VLAN Configuration

The following sections describe the configuration of VLAN running as a part of Aviat Networks
CTR 8540

Configuring Guidelines
Follow these configuration guidelines:
l VLAN is enabled in the switch by default. GVRP and GMRP must be disabled prior to
disabling VLAN.
l The default VLAN - VLAN 1- cannot be deleted in the switch.
l The default L3 interface - interface VLAN 1 - can be deleted in the switch.
l If port GVRP state is disabled, but global GVRP status is enabled, then GVRP is
disabled on the current port. GVRP packets received on that port will be discarded
and GVRP registrations from other ports will not be propagated on this port.
l GARP cannot be started if VLAN is shutdown.
l GARP cannot be shutdown, if GVRP and/or GMRP are enabled.
l Mapping of a forwarding database identifier (FID) to VLANs is successful only when
the VLAN learning mode is hybrid.
l To configure a static unicast/multicast MAC address in the forwarding database, the
VLAN must have been configured and member ports must have been configured for
the specified VLAN.
l Bridge-mode status cannot be set to provider mode, if the protocol/MAC based VLAN
is enabled.
l You cannot configure a port as trunk if the port is an untagged member of a VLAN.
l Leave Timer must be two times greater than Join Timer, and Leaveall Timer must be
greater than Leave Timer. For GARP timers: Leave Timer must be two times greater
than Join Timer, and Leaveall Timer must be greater than Leave Timer.
l The following require provider base bridge mode, which is not supported in this
release:
l To enable Dot1q-tunneling status, Bridge Mode must be set to
'provider'.
l To enable the Dot1q-tunnel status on the port, the port mode must be
set with the type 'access'.
l To enable Dot1q tunneling on a port 802.1X (PNAC), port control
must be force-authorized.
l BPDU tunneling on the port cannot be set; if Dot1q tunnel status is
disabled.

260-668256-008 NOVEMBER 2015 5

CHAPTER 2. VLAN CONFIGURATION

Bridge Mode Support

This VLAN supports two bridge modes: Customer Bridge Mode and Provider Edge Bridge Mode.

Customer Bridge Mode

With this bridge mode, the device behaves as a normal switch that works with untagged or C-
VLAN tagged frames.
l Port types:
l Customer Bridge Port (default)

Provider Edge Bridge Mode

With this bridge mode, the device is used in an operator network. this mode enables setup of
Ethernet services for the operators customers encapsulating untagged or C-VLAN tagged frames
with another provider or S-VLAN tag.
l Port types:
l Provider Network Port (default)
l Customer Edge Port
l Customer Network Port port-based
l Customer Network Port s-tagged
l Proprietary Provider Network Port
Where Proprietary port types support more classification mechanisms than defined by the
standard, the standard port types include only restricted S- VLAN classification mechanisms,
whereas PCEP and PCNP supports various types of S- VLAN classification mechanisms. These
include:
l Source Mac
l Destination Mac
l C- VLAN + Source Mac
l C- VLAN + Destination Mac
l Dscp
l C- VLAN + Dscp
l Source IP
l Destination IP
l Source IP + Destination IP
l C- VLAN + Destination IP and PVID

Default Configurations
Table 2-1. Default Configurations
Feature Default Setting
VLAN Module status Enable
Default VLAN Id configured in the 1
switch

6 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Mac based VLAN Classification Disabled

Protocol-VLAN based classification Enabled
System and port level GVRP and Disabled
GMRP Module status
Mac address table aging time 300 seconds
Acceptable frame types All (Accepts untagged frames or priority-
tagged frames or tagged frames received
on the port)
Ingress filtering Disabled
Switch port priority 0
Switch port mode Hybrid
GARP Timers Join: 20 seconds
Leave: 60 seconds
Leave all: 1000 seconds
Max traffic classes Maximum number of traffic classes sup-
ported on a port is 8
Tunneling Disabled

I f there are Provi der Bri dges, the defaul t confi gurati ons and confi gurati on
gui del i nes are provi ded i n the rel evant subsecti on of the documentati on.

Figure 2-1. Topology for VLAN Configuration

260-668256-008 NOVEMBER 2015 7

CHAPTER 2. VLAN CONFIGURATION

Configuring Static VLAN

Static VLAN entries can be configured with the required number of member ports, untagged
ports and forbidden ports. The following configuration deals with the creation of member ports.

Static VLAN Configuration - Member Ports

1. Execute the following commands to configure Static VLAN entry in the switch.
2. Enter the Global Configuration Mode.
aos# configure terminal
3. Enter the VLAN Configuration Mode (for VLAN 2).
aos(config)# VLAN 2
4. Add member ports for VLAN.
aos(config-VLAN)# ports gigabitethernet 0/2-5
untagged gigabitethernet 0/3
5. Member ports represent the set of ports permanently assigned to the VLAN egress
list. Frames belonging to the specified VLAN are forwarded to the ports in the egress
list.
If the port type is not explicitly specified as
untagged, then all the ports are configured to
be of tagged port type allowing transmission of
frames with the specified VLAN tag. The untagged
setting allows the port to transmit the frames
without a VLAN tag. This setting is used to
configure a port connected to an end user
device.
6. In the above example, the packets for the interface gigabitethernet 0/3 are trans-
mitted without the tag. On all the other ports, the packets are transmitted with the
tag.
7. Configure port 1 as forbidden port.
aos(config-VLAN)# ports gigabitethernet 0/2-5
forbidden gigabitethernet 0/1
Alternatively, the forbidden setting prevents
the port from participating in the specified
VLAN activity and ensures that, any dynamic
requests for the port to join the VLAN will be
ignored.
8. Exit from the configuration mode.
aos(config)# end
9. View the VLAN information by executing the following command.
aos# show VLAN summary
Number of VLANs: 2
10. The output displays the number of VLANs in a switch.
11. View the configuration details of all the VLANs by executing the following show
command.

8 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

aos# sh VLAN
Switch default
VLAN database
-------------
VLAN ID : 1
Member Ports : Gi0/1, Gi0/2, Gi0/3, Gi0/4,
Gi0/5, Gi0/6
Gi0/7, Gi0/8, Gi0/9, Gi0/10,
Gi0/11, Gi0/12, Prot1

Untagged Ports : Gi0/1, Gi0/2, Gi0/3, Gi0/4,

Gi0/5, Gi0/6
Gi0/7, Gi0/8, Gi0/9, Gi0/10,
Gi0/11, Gi0/12, Prot1
Forbidden Ports : None
Name :
Status : Permanent
Egress Ethertype : 0x8100
--------------------------------------------------
--
VLAN ID : 2
Member Ports : Gi0/1
Untagged Ports : Gi0/1
Forbidden Ports : None
Name :
Status : Permanent
Egress Ethertype : 0x8100
--------------------------------------------------
--
12. View the configuration details of a particular VLAN by executing the following
command.
aos# show VLAN id 2
VLAN database
-------------
VLAN ID : 2
Member Ports : Gi0/2, Gi0/3, Gi0/4, Gi0/5
Untagged Ports : None
Forbidden Ports : Gi0/1
Name :
Status : Permanent
-------------------------------------------------

260-668256-008 NOVEMBER 2015 9

CHAPTER 2. VLAN CONFIGURATION

Deleting a VLAN or L3 Interface

It is possible to delete a VLAN from the VLAN list. This uses the no VLAN <VLAN-id(1-4094)>
Global Configuration Mode command:
aos(config)# no VLAN 4
You can also delete the default L3 interface:
aos(config)# no vlan 1
% Default Vlan Cannot be Deleted.
aos(config)# no int vlan 1
aos(config)#
aos(config)# do sh ip int
vlan2 is up, line protocol is up
Internet Address is 10.16.15.135/16
Broadcast Address 10.16.255.255

10 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Enabling VLANs
A VLAN can be made active in two ways:
l By adding a member port to a VLAN (refer section Configuring Static VLAN) or
l By using the VLAN active command.

Using the VLAN Active Command

The VLAN active command is used to make a VLAN active in the switch.

Procedure
1. Enter the Global Configuration Mode.
aos#configure terminal
2. Configure VLAN 2 in the switch.
aos(config)# VLAN 2
3. Execute the following command to enable VLAN.
aos(config-VLAN)# VLAN active
I f the VLAN acti ve command i s used wi thout confi guri ng the member
ports, then VLAN wi l l have zero member ports.

260-668256-008 NOVEMBER 2015 11

CHAPTER 2. VLAN CONFIGURATION

Configuring Static Unicast Entry

Configuring a Static Unicast Entry requires the VLAN to be configured and the member ports
for that specified VLAN must also be configured.
Execute the following commands to configure a Static Unicast Entry in the VLAN table.

Procedure

1. Enter the Global Configuration Mode.

aos#configure terminal
2. Configure VLAN 2 in the switch.
aos(config)# VLAN 2
3. Configure a static VLAN entry with the required type of ports.
aos(config-VLAN)#ports gigabitethernet 0/2
untagged gigabitethernet 0/2
4. Exit from the Config-VLAN Mode.
aos(config-VLAN)#exit
5. Configure a static unicast MAC address in the forwarding database.
aos(config)# mac-address-table static unicast
22:22:22:22:22:22 VLAN 2 recv-port
gigabitethernet 0/1 interface gigabitethernet
0/2
6. View the configuration details by executing the following command.
aos# sh mac-address table static unicast
Switch default
VLAN Mac Address RecvPort Status
Ports
---- ----------- -------- ------ -
----
2 22:22:22:22:22:22 Gi0/1 Permanent
Gi0/2
Total Mac Addresses displayed: 1

12 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Configuring Static Multicast Entry

To configure a Static Multicast Entry for a specified VLAN:
l The VLAN must have been configured previously.
l The member ports for that VLAN must also be configured.
Execute the following commands to configure Static Multicast Entry in the VLAN table.

Procedure
1. Enter the Global Configuration Mode.
aos#configure terminal
2. Configure VLAN 2 in the switch.
aos(config)# VLAN 2
3. Configure a static VLAN entry with the required type of ports.
aos(config-VLAN)#ports gigabitethernet 0/2
untagged gigabitethernet 0/2
4. Exit from the Config-VLAN mode.
aos(config-VLAN)#exit
5. Configure static Multicast MAC address in the forwarding database.
aos(config)# mac-address-table static multicast
01:02:03:04:05:06 VLAN 2 recv-port
gigabitethernet 0/1 interface gigabitethernet
0/2
6. View the configuration details by executing the following show command.
aos# sh mac-address table static multicast
Static Multicast Table
----------------------
VLAN : 2
Mac Address : 01:02:03:04:05:06
Receive Port : Gi0/1
Member Ports : Gi0/2
Forbidden Ports :
Status : Permanent
------------------------------------------------
Total Mac Addresses displayed: 1

260-668256-008 NOVEMBER 2015 13

CHAPTER 2. VLAN CONFIGURATION

Configuring VLAN Learning Mode and

Type
By default, the VLAN learning mode is IVL (Independent VLAN Learning).
1. Execute the following commands to change the default learning mode to hybrid.
2. Enter the Global Configuration Mode.
aos# configure terminal
3. Configure the VLAN Learning Mode as Hybrid.
aos(config)#VLAN learning mode hybrid
4. Exit from the configuration mode.
aos(config)#end
5. View the VLAN device information by executing the following command.
aos# sh VLAN device info
VLAN device configurations
--------------------------
VLAN Status : Enabled
VLAN Oper status : Enabled
Gvrp status : Disabled
Gmrp status : Disabled
Gvrp Oper status : Disabled
Gmrp Oper status : Disabled
Mac-VLAN Status : Disabled
Protocol-VLAN Status : Enabled
Bridge Mode : Customer
Bridge
Traffic Classes : Enabled
VLAN Operational Learning Mode : Hybrid
Version number : 1VL
Max VLAN id : 4096
Max supported VLANs : 250
Global MAC learning status: Enabled
Filtering utility criteria: Enabled
Unicast MAC learning limit: 8000
aos# show fid detail
Default Learning Type : IVL
Fid VLAN mapping information
----------------------------
Fid : 1
VLANs : 1,
----------------------------

14 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Fid : 2
VLANs : 2,
----------------------------
Fid : 3
VLANs : 3,
----------------------------
Fid : 4
VLANs : 4,
----------------------------
Fid : 5
VLANs : 5,
----------------------------
Fid : 6
VLANs : 6,
----------------------------
--------
--------
--------
--------
----------------------------
Fid : 4094
VLANs : 4094
----------------------------
6. Execute the following command to configure the learning type.
aos(config)# VLAN learning mode svl
7. Exit from the configuration mode.
aos(config)# end

260-668256-008 NOVEMBER 2015 15

CHAPTER 2. VLAN CONFIGURATION

Enabling Tunneling on a Port

Before enabling tunneling on a port, note the following:
l Bridge mode must be set to ‘provider’ for dot1q-tunneling status to be enabled on an
interface.
l Before configuring the bridge mode, spanning tree and GARP must be shutdown.
l The bridge mode of Provider is not supported.
l This feature is available only if you have a Carrier Ethernet (QINQ) feature license.
Contact Aviat Customer Support if you do not have this and require it.

Procedure
1. Execute the following commands to shutdown GARP and spanning tree.
aos(config)# set gvrp disable
aos(config)# set gmrp disable
aos(config)# shutdown garp
aos(config)# shutdown spanning-tree
2. Configure the bridge mode of the Switch.
aos(config)# bridge-mode provider
3. Enable GARP and spanning tree.
aos(config)# no shutdown garp
aos(config)# set gvrp enable
aos(config)# set gmrp enable
aos(config)# spanning-tree mode mst
aos# show VLAN device info
VLAN device configurations
--------------------------
VLAN Status : Enabled
VLAN Oper status : Enabled
Gvrp status : Enabled
Gmrp status : Enabled
Gvrp Oper status : Enabled
Gmrp Oper status : Enabled
Mac-VLAN Status : Disabled
Protocol-VLAN Status : Enabled
Bridge Mode : Provider
Bridge
Traffic Classes : Enabled
VLAN Operational Learning Mode : IVL
Version number : 1
Max VLAN id : 4094
Max supported VLANs : 1024

16 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

To enable dot1q-tunneling on a specified port:

Port acceptable frame-type must be
untaggedAndPrioritytagged
Port must be configured in access mode
GVRP, GMRP, STP must be disabled on that port.
4. Execute the following command to disable GVRP on a port.
aos(config)# set port gvrp gigabitethernet 0/1
disable
5. Execute the following command to disable GMRP on a port.
aos(config)# set port gmrp gigabitethernet 0/1
disable
aos(config)# interface gigabitethernet 0/1
6. Configure the Switch port acceptable frame-type as untaggedAndPrioritytagged
aos(config-if)# switchport acceptable-frame-type
untaggedAndPrioritytagged
7. Configure the Switch port mode as access.
aos(config-if)# switchport mode access
8. Execute the following command to disable STP on a port
aos(config-if)# spanning-tree disable
9. Enable Dot1q-tunneling on a specified interface.
aos(config-if)# switchport mode Dot1q-tunnel
10. View the configuration details by executing the following show command.
aos# show VLAN port config port gigabitethernet
0/1
VLAN Port configuration table
-------------------------------
Port Gi0/1
Port VLAN ID : 1
Port Acceptable Frame Type : Admit Only
Untagged and Priority tagged
Port Ingress Filtering : Disabled
Port Mode : Access
Port Gvrp Status : Disabled
Port Gmrp Status : Enabled
Port Gvrp Failed Registrations : 0
Gvrp last pdu origin :
00:00:00:00:00:00
Port Restricted VLAN Registration : Disabled
Port Restricted Group Registration : Disabled
Mac Based Support : Disabled
Port-and-Protocol Based Support : Enabled
Default Priority : 0
--------------------------------------------------

260-668256-008 NOVEMBER 2015 17

CHAPTER 2. VLAN CONFIGURATION

aos# show Dot1q-tunnel interface gigabitethernet

0/1
Interface
---------
Gi0/1

Tunneling of STP Packets

BPDU tunneling can be enabled on a port if Dot1q tunneling is enabled on that port.
The bridge mode of Provider is not supported.

Procedure
1. Execute the following commands to enable tunneling of STP BPDUs.
2. Enter the Global Configuration Mode.
aos# configure terminal
3. Configure the VLAN port mode.
aos(config-if)# switchport mode access
4. Enable Dot1q-tunneling on the specified interface.
aos(config-if)# switchport mode Dot1q-tunnel
5. Disable spanning tree on the specified interface.
aos(config-if)#spanning-tree disable
6. Enable tunneling of STP BPDUs on the interface.
aos(config-if)# l2protocol-tunnel stp
7. View the configuration details by executing the following show command.
aos# show l2protocol-tunnel
COS for Encapsulated STP Packet : 7
Port Protocol Encapsulation Counter
Decapsulation Counter
---- -------- --------------------- -----------
----------
Gi0/1 stp 0 0
Gi0/1 gvrp 0 0

18 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Service Classes and Expedited Traffic

Handling
Aviat Networks VLAN supports multiple traffic classes to handle expedited traffic. Each traffic
class is assigned a traffic type based on the time sensitiveness of the traffic. The aim is to meet
the latency and throughput requirement of time-critical traffic in a LAN environment, where
both time-critical and non-time-critical traffic compete for the network bandwidth.
Each priority tagged data frame received carries priority information. This information is used
to map the traffic to one of the supported Traffic classes for a given outbound port. Based on
the selected Traffic class, the frame is scheduled for outbound transmission.

Configuring VLAN Max Traffic Class

It is possible to configure the maximum number of traffic classes supported on a port.

Procedure
1. Execute the following commands to configure the maximum number of traffic
classes supported on a port.
2. Enter the Global Configuration Mode.
aos# configure terminal
3. Enter the Interface Configuration Mode.
aos(config)# interface gigabitethernet 0/2
4. Configure the maximum number of traffic classes that can be supported on a port.
aos(config-if)# VLAN max-traffic-class 4
5. View the configuration information by executing the following show command.
aos# show VLAN traffic-classes port
gigabitethernet 0/2
Traffic Class table
---------------------
Port Priority Traffic Class
----- --------- -------------
Gi0/2 0 1
Gi0/2 1 0
Gi0/2 2 0
Gi0/2 3 1
Gi0/2 4 2
Gi0/2 5 2
Gi0/2 6 3
Gi0/2 7 3

260-668256-008 NOVEMBER 2015 19

CHAPTER 2. VLAN CONFIGURATION

Mapping Priority to Traffic Class

It is possible to map a priority to a traffic class on the specified port. The frame received on the
interface with the configured priority is processed in the configured traffic class.

Procedure
1. Execute the following commands to map a priority to a traffic class.
2. Enter the Global Configuration Mode.
aos# configure terminal
3. Enter the Interface Configuration Mode.
aos(config)# interface gigabitethernet 0/2
4. Map the priority to traffic class.
aos(config-if)# VLAN map-priority 7 traffic-
class 1
5. View the configuration information by executing the following show command.
aos# show VLAN traffic-classes port
gigabitethernet 0/2
Traffic Class table
---------------------
Port Priority Traffic Class
----- --------- -------------
Gi0/2 0 1
Gi0/2 1 0
Gi0/2 2 0
Gi0/2 3 1
Gi0/2 4 2
Gi0/2 5 2
Gi0/2 6 3
Gi0/2 7 1

20 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Configuring Port Filtering

Configuring Acceptable Frametype

It is possible to configure the acceptable frame type for the port as one of the following:
l All frames
l Tagged frames
l Untagged and priority tagged frames.

Procedure
1. Execute the following commands to configure the acceptable frame type for the
port.
2. Enter the Global Configuration Mode.
aos# configure terminal
3. Enter the Interface Configuration Mode and configure the frame type of the port as
“tagged” for that interface.
aos(config)# interface gigabitethernet 0/2
aos(config-if)# switchport acceptable-frame-type
tagged
4. View the configuration information by executing the following show command.
aos# show VLAN port config port gigabitethernet
0/2
VLAN Port configuration table
-------------------------------
Port Gi0/2
Port VLAN ID : 1
Port Acceptable Frame Type : Admit Only
VLAN Tagged
Port Ingress Filtering : Disabled
Port Mode : Hybrid
Port Gvrp Status : Enabled
Port Gmrp Status : Enabled
Port Gvrp Failed Registrations : 0
Gvrp last pdu origin :
00:00:00:00:00:00
Port Restricted VLAN Registration : Disabled
Port Restricted Group Registration : Disabled
Mac Based Support : Disabled
Port-and-Protocol Based Support : Enabled
Default Priority : 0

260-668256-008 NOVEMBER 2015 21

CHAPTER 2. VLAN CONFIGURATION

--------------------------------------------------
--
When set to “tagged”, the devi ce wi l l di scard untagged and pri ori ty tagged
frames recei ved on the port and wi l l process onl y the VLAN tagged frames.

Configuring Ingress Filtering

Enabling Ingress Filtering on a port does not allow frames for a VLAN from a port that is not
the member port of that particular VLAN.

Procedure
1. Execute the following commands to enable ingress filtering on a port.
2. Enter the Global Configuration Mode.
aos# configure terminal
3. Enter the Interface Configuration Mode and enable ingress filtering for that inter-
face.
aos(config)# interface gigabitethernet 0/1
aos(config-if)# switchport ingress-filter
4. View the configuration details by executing the following show command.
aos# show VLAN port config port gigabitethernet
0/1
VLAN Port configuration table
-------------------------------
Port Gi0/1
Port VLAN ID : 1
Port Acceptable Frame Type : Admit All
Port Ingress Filtering : Enabled
Port Mode : Hybrid
Port Gvrp Status : Enabled
Port Gmrp Status : Enabled
Port Gvrp Failed Registrations : 0
Gvrp last pdu origin :
00:00:00:00:00:00
Port Restricted VLAN Registration : Disabled
Port Restricted Group Registration : Disabled
Mac Based Support : Disabled
Port-and-Protocol Based Support : Enabled
Default Priority : 0
--------------------------------------------------
---

22 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Configuring Filtering Utility Criteria

Filtering Utility Criteria can be configured as Default or Enhanced. By default, the Filtering Util-
ity criteria will be selected as Default.

Procedure
1. Execute the following commands to change filtering utility criteria on a port.
2. Enter the Global Configuration Mode.
aos# configure terminal
3. Enter the Interface Configuration Mode and change filtering utility criteria for that
interface.
aos(config)# interface gigabitethernet 0/1
aos(config-if)# switchport filtering-utility-
criteria enhanced
4. View the configuration details by executing the following show command.
aos# show vlan port config port gigabitethernet
0/1
Vlan Port configuration table
-------------------------------
Port Gi0/1
Port Vlan ID : 1
Port Acceptable Frame Type : Admit All
Port Ingress Filtering : Disabled
Port Mode : Hybrid
Port Gvrp Status : Enabled
Port Gmrp Status : Enabled
Port Gvrp Failed Registrations : 0
Gvrp last pdu origin :
00:00:00:00:00:00
Port Restricted Vlan Registration : Disabled
Port Restricted Group Registration : Disabled
Mac Based Support : Disabled
Port-and-Protocol Based Support : Enabled
Default Priority : 0
Tunnel Status : Disabled
Dot1x Protocol Tunnel Status : Peer
LACP Protocol Tunnel Status : Peer
Spanning Tree Tunnel Status : Peer
GVRP Protocol Tunnel Status : Peer
GMRP Protocol Tunnel Status : Peer
IGMP Protocol Tunnel Status : Peer
Filtering Utility Criteria : Enhanced

260-668256-008 NOVEMBER 2015 23

CHAPTER 2. VLAN CONFIGURATION

Port Protected Status : Disabled

--------------------------------------------------

Configuring WildCard Entry

If WildCard entry is present and there is no static entry configured in the switch for received
destination MAC address and VLAN, then frames will be forwarded on wildcard egress ports.

Procedure
1. Execute the following commands in switch A to configure static multicast MAC
Address.
2. Enter the Global Configuration Mode.
aos#configure terminal
3. Configure wildcard entry with the required egress ports.
aos(config)# wildcard mac-address
00:01:02:03:04:05 interface gigabitethernet 0/1
4. View the configured WildCard entry by executing the following show command.
aos# show wildcard mac-address 00:01:02:03:04:05
Wild Card Entries:
------------------
Mac Address Ports
----------- -------------------
00:01:02:03:04:05 Gi0/1

24 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Chapter 3. Bridge Mode

Configuration
See Defau lt C onfigu rat ions on p age 6 for a l i st of supported Bri dge Modes.
The Provider Bridging feature of VLAN Module in CTR 8540 enables a service provider to offer
an equivalent of separate VLANs to a number of separate customers. Transparent com-
munication between different customer networks at different locations through the provider net-
works is achieved through the Provider Bridges.
Layer2 stacks act as a Customer Bridge or Provider Bridge. An Administrator chooses the type
of bridge during the system initialization or when the system is running.

260-668256-008 NOVEMBER 2015 25

CHAPTER 3. BRIDGE MODE CONFIGURATION

Configuring Bridge Mode during System

Initialization
During system initialization, CTR 8540 takes the value of bridge mode from aosnvram.txt. The
Administrator configures the type of bridge in aosnvram.txt.
The values of bridge mode in aosnvram.txt are as follows. They are provided here as a reference
only: they are not visible to front-end users.
Table 3-1. TBridge Mode values in aosnvram.txt
Bridge Mode Value in aosnvram.txt
Customer Bridge 1
Provider Bridge (q-in-q Bridge) 2
Provider Edge Bridge 3
Provider Core Bridge 4

I n thi s document, the term Dot1ad Bri dges refers to Provi der Edge Bri dge
and Provi der Core Bri dge. The term Q-i n-Q Bri dges refers to Provi der
Bri dge.
IP_ADDRESS =10.0.0.1
IP_MASK =255.0.0.0
INTERFACE =Slot0/1
MGMT_PORT =NO
RM_INTERFACE =NONE
PIM_MODE =2
BRIDGE_MODE =3
SNOOP_FORWARD_MODE =2
SAVE_FLAG =1
RES_FLAG =0
RES_OPTION =1
RES_FILE_NAME =iss.conf
CONSOLE_CLI =1

26 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Configuring Bridge Mode during System

Runtime
The Bridge mode is also configured at runtime. Follow this procedure when Bridge mode is
changed during runtime:

Procedure
1. Spanning Tree must be in shut down state.
2. GARP Module must be in shut down state. GVRP and GMRP protocols must be in
disabled state.
3. Ethernet CFM has to be stopped. Use these commands to stop Ethernet CFM:
configure terminal
!
shutdown spanning-tree
set gvrp disable
set gmrp disable
shutdown garp
no ethernet cfm start
bridge-mode provider-edge
!
end
4. After changing the bridge mode, the above modules (STP, GARP) are started.
5. Enter the Global Configuration mode.
aos#configure terminal
6. Shutdown Spanning tree.
aos(config)# shutdown spanning-tree
7. Disable the GVRP module.
aos(config)# set gvrp disable
8. Disable the GMRP module.
aos(config)# set gmrp disable
9. Shutdown the GARP module.
aos(config)# shutdown garp
10. Change the bridge mode to provider-core bridge.
aos(config)# bridge-mode provider-core
aos(config)# end
11. View the current bridge mode of the switch by executing the following command
aos# show vlan device info
Vlan device configurations
--------------------------
Vlan Status : Enabled
Vlan Oper status : Enabled

260-668256-008 NOVEMBER 2015 27

CHAPTER 3. BRIDGE MODE CONFIGURATION

Gvrp status : disabled

Gmrp status : disabled
Gvrp Oper status : disabled
Gmrp Oper status : disabled
Mac-Vlan Status : Disabled
Protocol-Vlan Status : Enabled
Bridge Mode : Provider Core
Bridge
Traffic Classes : Enabled
Vlan Operational Learning Mode : IVL
Version number : 1
Max Vlan id : 4094
Max supported vlans : 1024

28 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Chapter 4. Provider Bridge

Configurations
The aim of IEEE 802.1ad Provider Bridges is to leverage Ethernet in Ethernet Networks. It also
enables a service provider to provide multiple services on a single port using the architecture
and protocols of IEEE 802.1Q.
As per the standard, bridges are classified into VLAN Bridge (Customer Bridge or C-VLAN
Bridge), S-VLAN Bridge (Provider Core Bridge) and Provider Edge Bridge.
A provider edge bridge is logically subdivided into the following components:
l S-VLAN component.
l C-VLAN component.

260-668256-008 NOVEMBER 2015 29

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

Configuring Provider Bridge Port Types

In Provider Bridges (Provider Edge Bridge or Provider Core Bridge), a port is configured as one
of the following port types:
l Customer Edge Port (Applicable only for Provider Edge Bridge)
l Customer Network Port - Port Based
l Customer Network Port – Stag Based
l Provider Network Port (Default Port Type)
l Proprietary Customer Edge Port
l Proprietary Customer Network Port
l Proprietary Provider Network Port
Note that:
l When a port type is changed, all the configurations related to that port are auto-
matically removed.
l Port type is not configured for a port channel, if some ports are aggregated (con-
figured as part for port-channel) in it.

Procedure
1. Enter the Global Configuration mode.
aos#configure terminal
2. Enter the interface configuration mode.
aos(config)# interface gigabitethernet 0/1
3. Configure the bridge port type for port 1 as customerNetworkPort (Port-based).
aos(config-if)#bridge port-type
customerNetworkPort port-based
aos(config-if)#end
4. View the port type configuration for port 1 by executing the following command.
aos#show provider-bridge port config port
gigabitethernet 0/1
Provider Bridge Port configuration table
-----------------------------------------
Port Gi0/1
Port Type : Customer
Network Port(Port-Based)
Dot1x Protocol Tunnel Status : Peer
LACP Protocol Tunnel Status : Peer
Spanning Tree Tunnel Status : Tunnel
GVRP Protocol Tunnel Status : Tunnel
GMRP Protocol Tunnel Status : Tunnel
IGMP Protocol Tunnel Status : Tunnel
Service Vlan Classification : PVID

30 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Ingress EtherType : 0x88a8

Egress EtherType : 0x88a8
EtherType Swap Status : Disable
Service Vlan Translation Status : Disable
Require Drop Encoding : False
Use_Dei : False
PCP Selection Row : 8P0D
Unicast Mac Learning Status : Enable
Unicast Mac Learning Limit : 150
--------------------------------------------------
--

260-668256-008 NOVEMBER 2015 31

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

Configuring C-VLAN Component

A Provider Edge Bridge is comprised of a single S-VLAN component and zero or many C-VLAN
component, whereas Provider Core Bridge is comprised of only one S-VLAN component.
Configuring a port as Customer Edge Port results in creating a C-VLAN component. The VLAN
port number of the Customer Edge Port uniquely identifies the C-VLAN component. A C-VLAN
component in Provider Edge Bridge is comprised of a single Customer Edge Port and many Pro-
vider Edge Ports. An Instance of RSTP runs on every C-VLAN component in the Provider Edge
Bridge considering CEP and PEPs as bridge ports.

Provider Edge Port Configurations

Creating a Provider Edge Port
The CVID Registration table provides mapping between a C-VLAN and a S-VLAN. Many C-
VLANs are mapped to a single service instance (S-VLAN). Mapping the first C-VLAN to S-
VLAN, results in creation of a Provider Edge Port. Provider Edge Ports are logical ports, which
are used to establish the connectivity of C-VLAN component to the S-VLAN component.
VLAN Customer Edge Port and S-VLAN ID uniquely identify the Provider Edge Ports.
F or more i nformati on about Provi der Edge Port see secti on 12.13 and
12.13.3 of I EEE 802.1ad Draft 6.0.

Procedure
1. Enter the Global Configuration mode.
aos#configure terminal
2. Enter the interface configuration mode.
aos(config)# interface gigabitethernet 0/2
3. Configure the bridge port type for port 2 as customer Edge Port.
aos(config-if)# bridge port-type
customerEdgePort
4. Configure the CVID Registration table to create a Provider Edge Port for service
VLAN 2.
aos(config-if)#switchport customer-vlan 5
service-vlan 2 untagged-pep false untagged-cep
true
aos(config-if)#end
5. View the CVID Registration table by executing the following command.
aos# sh service vlan cvlan
Switch - default
Service Vlan Classification
-------------------------------

32 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Service Vlan Port Customer Vlan Untag-pep

Untag-cep Relay CVlan ID SVLAN Pri Type SVLAN
Priority
--------------------------------------------------
---
2 Gi0/2 5 false
True 5 None NA
aos# show provider-bridge pep configuration
Provider Edge Port configuration
-------------------------------------
Switch - default
Port Gi0/2
Service VLAN-ID : 2
Port VLAN-ID : 5
Acceptable Frame Type : Admit all
Ingress Filtering : Disabled
Default Priority : 0
COS Preservation : Disabled
Oper status : Down
--------------------------------------------------
--

Setting the Operational Status of Provider Edge Port

For every service instance, a Provider Edge Port is created. VLAN Customer Edge Port ID and S-
VLAN ID identify Provider Edge Ports.

Prerequisites
A Provider Edge Port is made operationally up only if the following conditions are met:
l Customer Edge Port of the corresponding C-VLAN component is operationally
up.
l S-VLAN corresponding to this Provider Edge Port is active.

Procedure
1. Execute the following commands
2. Enter the Global Configuration mode.
aos#configure terminal
3. Enter the switch configuration mode.
aos(config)# switch default
4. Enter the VLAN 2 configuration mode.
aos(config-switch)# vlan 2
5. Configure the VLAN 2 as active.
aos(config-switch-vlan)# vlan active

260-668256-008 NOVEMBER 2015 33

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

aos(config-switch-vlan)#end
6. View the operational status of provider edge port by executing the following com-
mand.
aos# show provider-bridge pep configuration
Provider Edge Port configuration
-------------------------------------
Switch - default
Port Gi0/2
Service VLAN-ID : 2
Port VLAN-ID : 5
Acceptable Frame Type : Admit all
Ingress Filtering : Disabled
Default Priority : 0
COS Preservation : Disabled
Oper status : Up
--------------------------------------------------
--

Configuring Provider Edge Port Parameters

Even though the Provider Edge Port is a logical port, this port has limited parameters similar
to the physical port.
The Provider Edge Port has the following parameters to configure:
l PVID
l Default User Priority
l Acceptable Frame types
l Ingress Filtering
See Provider Edge Port Configuration table [12.13.3.2] in IEE 802.1ad draft 6.0.
The following are the default values of Provider Edge Port Configuration table:
1. PVID – PVID for PEP is the first C-VLAN ID mapped to the service instance to
which this PEP caters.
2. Default User Priority – Zero.
3. Ingress Filtering - Disabled.
4. Acceptable Frame Types – Admit All.

Procedure
1. Execute the following commands.
2. Enter the Global Configuration mode
aos#configure terminal
3. Enter the interface configuration mode
aos(config)# interface gigabitethernet 0/2
4. Configure the PVID for Provider Edge Port as 10
aos(config-if)# service-vlan 2 pvid 10
5. Configure the default user priority for Provider Edge Port as 5

34 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

aos(config-if)# service-vlan 2 def-user-priority

5
6. Enable the Ingress filtering for the Provider Edge Port
aos(config-if)# service-vlan 2 ingress-filter
enable
7. Configure the acceptable frame type for provider Edge Port as `Admit only
Tagged`
aos(config-if)# service-vlan 2 acceptable-frame-
type tagged
aos(config-if)#end
8. View the Provider Edge Port configurations by executing the following command
aos# show provider-bridge pep configuration
Provider Edge Port configuration
-------------------------------------
Switch - default
Port Gi0/2
Service VLAN-ID : 2
Port VLAN-ID : 10
Acceptable Frame Type : Admit only
VLAN Tagged
Ingress Filtering : Enabled
Default Priority : 5
COS Preservation : Disabled
Oper status : Up
--------------------------------------------------
--

C-VLAN Component Spanning Tree Configurations

An instance of Rapid Spanning tree with changes mentioned in section 13 of IEEE 802.1ad
D6.0 runs on a C-VLAN component. When a Port is configured as CEP, the S-VLAN Spanning
Tree disables this port VLAN and is active only in C-VLAN Spanning Tree. For the Spanning
Tree instance running on the C-VLAN component, the CEP and PEPs of the corresponding C-
VLAN component are the bridge ports.
The Spanning Tree running on a C-VLAN component is viewed as:
aos# show customer spanning-tree
Switch default
Port [Gi0/2]
Where the root of the Spanning Tree:
Root Id Priority 65535
Address 00:01:02:03:04:02
Cost 0
Root Ports

260-668256-008 NOVEMBER 2015 35

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

Hello Time 2 Sec, Max Age 0 Sec,

Forward Delay 0 Sec
Customer Spanning Tree Enabled Protocol RSTP:
Bridge Id Priority 65535
Address 00:01:02:03:04:02
Hello Time 2 sec, Max Age 20
sec, Forward Delay 15 sec
Name Role State Cost
Prio Type
---- ---- ----- ---- ----
------
PEP-Service: 2 Designated Forwarding 128
32 SharedLan
CEP-Gi0/2 Designated Forwarding
200000 32 SharedLan
------------------------------------------------
-------

Configuration of C-VLAN Component Spanning Tree Parameters

None of the C-VLAN Spanning Tree parameters are configured. C-VLAN Component Spanning
Tree uses the values given in the standard (Section 13 of IEEE 802.1ad D6.0). The only con-
figuration that is allowed in a C-VLAN Component Spanning Tree is to enable or disable the C-
VLAN Spanning Tree.

Configuring C-VLAN Spanning Tree Module Status

1. C-VLAN Spanning Tree is enabled or disabled by configuring the Spanning Tree
status of the CEP.
2. Enter the Global Configuration mode
aos#configure terminal
3. Enter the interface configuration mode
aos(config)# interface gigabitethernet 0/2
4. Disable the Customer spanning tree by disabling the spanning tree on the port 2
aos(config-if)# spanning-tree disable
aos(config-if)#end
5. View the customer spanning tree by executing the following command
aos# show customer spanning-tree
Switch default
Port [Gi0/2] Root Id Priority 0
Address 00:00:00:00:00:00
Cost 0
Root Ports
Hello Time 2 Sec, Max Age 20 Sec,
Forward Delay 15 Sec
Customer Spanning tree Protocol has been disabled

36 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Bridge Id Priority 65535

Address 00:01:02:03:04:02
Hello Time 2 sec, Max Age 0 sec,
Forward Delay 15 sec
Name Role State Cost
Prio Type
---- ---- ----- ----
---- ------
PEP-Service: 2 Disabled Unknown 128
32 SharedLan
CEP-Gi0/2 Disabled Unknown
200000 32 SharedLan
--------------------------------------------------
--
6. The Customer Spanning-Tree is viewed as:
aos# show customer spanning-tree
Switch default
Port [Gi0/2]
We are the root of the Spanning Tree
Root Id Priority 65535
Address 00:01:02:03:04:02
Cost 0
Root Ports
Hello Time 2 Sec, Max Age 0 Sec,
Forward Delay 0 Sec

Customer Spanning Tree Enabled Protocol RSTP

Bridge Id Priority 65535
Address 00:01:02:03:04:02
Hello Time 2 sec, Max Age 20 sec,
Forward Delay 15 sec
Name Role State Cost
Prio Type
---- ---- ----- ----
---- ------
PEP-Service: 2 Designated Forwarding 128
32 SharedLan
CEP-Gi0/2 Designated Forwarding
200000 32 SharedLan
--------------------------------------------------
---

260-668256-008 NOVEMBER 2015 37

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

Configuring S-VLAN Component

The S-VLAN component is ports other than Customer Edge Ports and Provider Edge ports.

Procedure
1. Enter the global configuration mode
aos# config terminal
2. Enter the switch configuration mode
aos(config)# switch default
3. Enter the VLAN 2 configuration mode
aos(config-switch)# vlan 2
4. Configure the Member ports for the Service VLAN 2. Note that this must be a
VLAN without an IP address.
aos(config-switch-vlan)# ports gigabitethernet
0/1,0/2 untagged gigabitethernet 0/2
aos(config-switch-vlan)# end
5. View the service VLAN by executing the following command
aos#sh vlan brief
aos# sh vlan id 2
Switch default
Vlan database
-------------
Vlan ID : 1
Member Ports : None
Untagged Ports : None
Forbidden Ports : None
Name :
Status : Permanent
Egress Ethertype: 0x88a8
ServiceType : E-LAN
MacLearning Status : Disabled
MacLearning Oper-Status: Disabled
--------------------------------------------------
--
Vlan ID : 3
Member Ports : Gi0/1, Gi0/2
Untagged Ports : Gi0/2
Forbidden Ports : None
Name :
Status : Permanent
Egress Ethertype: 0x88a8

38 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

ServiceType : E-LAN
MacLearning Status : Disabled
MacLearning Oper-Status: Enabled
A Provi der Network Port (PNP) i s not confi gured as untagged port of a S-
VLAN.
S-VLAN Component Spanning Tree is a Multiple Instance Spanning Tree or a Rapid Spanning
Tree.
A S-VLAN Spanning Tree is viewed as:
aos# show spanning-tree
Switch default
Root Id Priority 32768
Address 00:01:02:03:04:01
Cost 0
Port 0 [0]
This bridge is the root
Max age 20 Sec, forward delay 15
Sec
MST00

Spanning tree Protocol Enabled.

S-VLAN Component: MST00 is executing the mstp
compatible Multiple Spanning Tree Protocol
Bridge Id Priority 32768
Address 00:01:02:03:04:01
Max age is 20 sec, forward delay
is 15 sec

Name Role State Cost Prio

Type
---- ---- ----- ---- ----
------
Gi0/1 Designated Forwarding 200000 128
SharedLan
Gi0/2 Disabled Discarding 200000 128
SharedLan

260-668256-008 NOVEMBER 2015 39

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

Configuring a Flow for 802.1ad Bridge

Port Type
In this figure, CB1 and CB2 are the Customer Bridges transparently connected through the Pro-
vider Network PB1 and PB2.

Figure 4-1. A Simple Deployment Scenario for 802.1ad Bridges

Switch PB1:
l MAC Address: 00:01:02:03:04:01
l VLAN 1 - 10.0.0.1/255.0.0.0
Switch PB2:
l MAC Address: 00:02:02:03:04:01
l VLAN 1 – 10.0.0.2 /255.0.0.0
Switch CB1:
l MAC Address: 00:03:02:03:04:01
l VLAN 1 – 10.0.0.10/255.0.0.0
Switch CB2:
l MAC Address: 00:04:02:03:04:01
l VLAN 1 – 10.0.0.20/255.0.0.0

Configuring Connectivity through CEP

The connectivity through CEP is configured as follows:
1. Configure PB1 and PB2 as Provider Edge Bridge.
2. Configure CB1 and CB2 as Customer Bridges.
3. Create VLANVLAN 5 with member ports as P1, P2 in CB1 and CB2,
4. Configure PB1 and PB2 as follows:
5. P1 as Customer Edge Port
6. C-VID registration entry configuration for port P1 is as follows:
switchport customer-VLAN 5 service-VLAN 2
untagged-pep false untagged-cep false
7. S- VLAN 2 with member ports as P1, P2, with P1 as untagged port.
Now the C-VLAN tagged packets with VLANVLAN ID as 5 reaches port P1 of CB2 sent from
port P1 of CB1.

40 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Configuring Transparent Connectivity through

CNP (Port Based)
The connectivity through CNP (Port Based) is configured as follows:
1. Configure PB1 and PB2 as Provider Edge Bridge.
2. Configure CB1 and CB2 as Customer Bridges.
3. Create VLANVLAN 5 with member ports as P1, P2 in CB1 and CB2.
4. Configure the following in PB1 and PB2:
5. P1 as Customer Network Port (Port Based)
6. S-VLAN 2 with member ports as P1, P2 with P1 as untagged port.
7. PVID of the port P1 as VLAN 2.
Now the C-VLAN tagged packets with VLANVLAN ID as 5, reaches port P1 of CB2 sent from
port P1 of CB1.

260-668256-008 NOVEMBER 2015 41

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

Handling Priority in Provider Bridges

Priority and drop_eligible parameters are encoded in the priority code point (PCP) field of the
VLAN tag using Priority Code Point Encoding Table.
On packet reception, priority and drop_eligible parameters are decoded from the PCP field of
the VLAN tag using Priority Code Point Decoding Table.

Configuring PCP Encoding Table

For each port, the PCP Encoding table has 16 entries corresponding to each of the possible com-
binations of eight possible values of priority (0-7) with two possible values of drop_eligible
(True or False). The input for the PCP Encoding table is PCP Selection Row, Priority and Drop_
Eligible, and the output for the PCP Encoding table is PCP Value.
Whenever a packet has to be sent out on a S-Tagged port, the PCP Encoding table provides the
value of the PCP in the S-Tag.

Procedure

1. Enter the Global Configuration mode

aos# configure terminal
2. Enter the Interface configuration mode
aos(config)# interface gigabitethernet 0/1
3. Configure the PCP Encoding table by executing the following command
aos(config-if)# pcp-encoding 8POD priority 5
drop-eligible false pcp 6
aos(config-if)# end
4. View the PCP Encoding table by executing the following command
aos# show provider-bridge pcp encoding
Pcp Encoding Table
-------------------------------------
Switch - default
Port Gi0/1
-----------
DropEligible: 0 0DE 1 1DE 2 2DE 3 3DE 4 4DE 5 5DE
6 6DE 7 7DE
Priority :
--------------------------------------------------
----
8POD : 0 0 1 1 2 2 3 3 4 4 6 5
6 6 7 7
7P1D : 0 0 1 1 2 2 3 3 5 4 5 4 6
6 7 7

42 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

6P2D : 0 0 1 1 3 2 3 2 5 4 5 4
6 6 7 7
5P3D : 1 0 1 0 3 2 3 2 5 4 5 4
6 6 7 7

Port Gi0/2
-----------
DropEligible: 0 0DE 1 1DE 2 2DE 3 3DE 4 4DE 5 5DE
6 6DE 7 7DE
Priority :
--------------------------------------------------
----
8POD : 0 0 1 1 2 2 3 3 4 4 5 5
6 6 7 7
7P1D : 0 0 1 1 2 2 3 3 5 4 5 4
6 6 7 7
6P2D : 0 0 1 1 3 2 3 2 5 4 5 4
6 6 7 7
5P3D : 1 0 1 0 3 2 3 2 5 4 5 4
6 6 7 7

Configuring PCP Decoding Table

For each port, the PCP Decoding table has eight entries corresponding to each of the possible
PCP values. The input for the PCP Decoding table is PCP Selection Row and PCP Value, and the
output for the PCP Decoding table is Priority and Drop Eligible.
Whenever a packet is received on a port with S-Tag, the PCP Decoding table provides the value
of the Priority and Drop-Eligible for the packet.

Procedure
1. Enter the global configuration mode
aos# configure terminal
2. Enter the interface configuration mode
aos(config)# interface gigabitethernet 0/1
3. Configure the PCP Decoding table by executing the following command
aos(config-if)# pcp-decoding 8POD pcp 7 priority
6 drop-eligible false
aos(config-if)# end
4. View the PCP decoding table by executing the following command
aos# show provider-bridge pcp decoding
Pcp Decoding Table
-------------------------------------
Switch - default

260-668256-008 NOVEMBER 2015 43

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

Port Gi0/1
-----------
PCP : 0 1 2 3 4 5 6 7
----------------------------------------------
8POD : 0 1 2 3 4 5 1 2 2 3 3
4 4 6 5 6 6 7 7
7P1D : 0 0 1 1 2 2 3 3 5 4 5 4 6
6 7 7
6P2D : 0 0 1 1 3 2 3 2 5 4 5 4
6 6 7 7
5P3D : 1 0 1 0 3 2 3 2 5 4 5 4
6 6 7 7x 7
5P3D : 0DE 0 2DE 2 4DE 4 6 7
Port Gi0/2
-----------
PCP : 0 1 2 3 4 5 6 7
----------------------------------------------
8POD : 0 1 2 3 4 5 6 7
7P1D : 0 1 2 3 4DE 4 6 7
6P2D : 0 1 2DE 2 4DE 4 6 7
5P3D : 0DE 0 2DE 2 4DE 4 6 7

Configuring PCP Selection Row

The PCP Selection Row is configured as per the port. The row in PCP Encoding and PCP Decod-
ing table corresponding to the configured value is for the PCP encoding and PCP decoding on
this port.
The conventions followed in naming the PCP Selection Row are:
l Number of priorities with no drop precedence.
l Number of priorities with drop precedence.
For an example:
1. In 6P2D, 6 priorities contain no drop precedence and the rest 2 priorities contain
drop precedence option.
2. Enter the global configuration mode
aos# configure terminal
3. Enter the interface configuration mode
aos(config)# interface gigabitethernet 0/1
4. Configure the PCP selection row for the port P1
aos(config-if)#switchport provider-bridge pcp-
selection-row 6P2D
aos(config-if)#end
5. View the provider bridge port configuration by executing the following command

44 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

aos#sh provider-bridge port config port gi 0/5

Switch default
Provider Bridge Port configuration table
-----------------------------------------
Port Gi0/5
Port Type : Provider
Network Port
Service Vlan Classification : PVID
EtherType Swap Status : Disable
Service Vlan Translation Status : Enable
Require Drop Encoding : False
Use_Dei : False
PCP Selection Row : 6P2D
Unicast Mac Learning Status : Enable
Unicast Mac Learning Limit : 8000

Configuring Service Priority Regeneration Table

The Service Priority Regeneration table is applied only on internal CNP of the S-VLAN com-
ponent. For every service offered on a CEP, a logical Provider Edge port is created in the C-
VLAN component side and a logical internal CNP is created in the S-VLAN component. Packets
coming out of the PEP enter the S-VLAN component through internal CNP. Packets coming to
the internal CNP are from the customer side. Hence the priority for those packets is regenerated
in internal CNP. Whenever a packet is received on a CEP, it has to be transmitted to the pro-
vider network, the priority has to be regenerated and the Priority Regeneration table is applied.
The CEP port number and S-VLAN ID index the Priority Regeneration table. Therefore for PEP
(created by the CVID Registration table) there is a Service Priority Regeneration table in S-VLAN
component on internal CNPs. By default, Received Priority and Regenerated Priority are the
same.

Procedure

1. Enter the global configuration mode

aos# configure terminal
2. Enter the interface configuration mode
aos(config)# interface gigabitethernet 0/2
3. Configure the Service priority regeneration table by executing the following com-
mand
aos(config-if)# service-vlan 2 recv-priority 5
regen-priority 2
aos(config-if)#end
4. View the service priority regeneration table by executing the following command
aos# show provider-bridge priority regen
Service Priority Regeneration table

260-668256-008 NOVEMBER 2015 45

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

-----------------------------------
Switch - default
Port : Gi0/2 Service VLAN-ID : 2
Receive Priority Regenerated Priority
----------------- ---------------------
0 0
1 1
2 2
3 3
4 4
5 2
6 6
7 7

Configuring Use DEI

The Use DEI allows the S-Tag to convey eight distinct priorities each with a drop eligible indic-
ation for each port.

Procedure
When Use DEI is set to true on a port:
1. Packets sent with drop_eligible true has USE_DEI bit in the VLANVLAN tag set.
2. Packets received on this port with USER_DEI filed in the VLANVLAN tag set are
considered as packets with drop_eligible true.
3. Default value of Use DEI is false.
4. To configure Use DEI, execute the following commands
5. Enter the global configuration mode
aos# configure terminal
6. Enter the interface configuration mode
aos(config)# interface gigabitethernet 0/1
7. Configure the use-dei variable for the port 1 as `true` by executing the following
command
aos(config-if)# switchport provider-bridge use-
dei true
aos(config-if)#end
8. View the provider bridge port configuration by executing the following command
aos# show provider-bridge port config port
gigabitethernet 0/1
Switch - default
Provider Bridge Port configuration table
-----------------------------------------
Port Gi0/1

46 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Port Type : Provider

Network Port
Service VLAN Classification : PVID
Ingress EtherType : 0x88a8
Egress EtherType : 0x88a8
EtherType Swap Status : Disable
Service VLAN Translation Status : Enable
Require Drop Encoding : False
Use_Dei : True
PCP Selection Row : 8P0D
Unicast Mac Learning Status : Enable
Unicast Mac Learning Limit : 150

260-668256-008 NOVEMBER 2015 47

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

Configuring VLAN Translation Table

The VLAN Translation table is used for interconnecting two different provider networks. VLAN
Translation table provides a one-to-one bidirectional mapping between the Local S-VLAN and
the Relay S-VLAN.
l Local S-VLAN - Used in Data and Protocol frames for transmission and reception
of frames.
l Relay S-VLAN - Used by Filtering and Forwarding Processes of the SVLAN com-
ponent.
The VLAN Translation table is applicable only for Provider Network Port and Customer Network
Ports (S-Tagged).

Procedure
1. Enter the global configuration mode
aos# configure terminal
2. Enter the interface configuration mode
aos(config)# interface gigabitethernet 0/1
3. Configure the VLAN Translation table by executing the following command
aos(config-if)# switchport service vlan mapping
20 2
aos(config-if)#end
4. View the VID Translation table by executing the following command
aos# show service vlan mapping
Switch - default
Service Vlan Mapping
-------------------------
Port Gi0/1
-----------
Local service vlan Relay service vlan
20 2
5. VLAN Translation table is enabled or disabled on a per port basis. By default, it is
enabled on PNP and CNP (S-Tagged).
6. Enter the global configuration mode
aos# configure terminal
7. Enter the interface configuration mode
aos(config)# interface gigabitethernet 0/1
8. Disabling the VID Translation table on port 1
aos(config-if)# set switchport service vlan swap
disable
aos(config-if)#end
9. View the VID Translation status for the port by executing the following command
aos# show provider-bridge port config port
gigabitethernet 0/1

48 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Switch - default
Provider Bridge Port configuration table
-----------------------------------------
Port Gi0/1
Port Type : Provider
Network Port
Service Vlan Classification : PVID
Ingress EtherType : 0x88a8
Egress EtherType : 0x88a8
EtherType Swap Status : Disable
Service Vlan Translation Status : Disable
Require Drop Encoding : False
Use_Dei : False
PCP Selection Row : 8P0D
Unicast Mac Learning Status : Enable
Unicast Mac Learning Limit : 150

260-668256-008 NOVEMBER 2015 49

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

Tunneling in Provider Network

Customer networks are connected transparently through the provider network. The data traffic
sent by the customer is passed transparently through the provider network. Similarly, the cus-
tomer control packets are treated as data packet, and are switched as data packets in the pro-
vider network, if tunneling is enabled for those control packets in the edge of the provider
network. The following sections explain how the other layer 2 protocols are tunneled across the
provider network.
Protocol tunneling is configured only on customer point of attachments (that is on Customer
Edge Ports, Customer Network Port (Port-Based), Proprietary Customer Edge Port and Pro-
prietary Customer Network Ports).
A Customer Network Port (S-Tagged) tunnel i ng opti on i s not supported,
even though i t i s a customer poi nt of attachment. Protocol tunnel i ng i s
al so not supported on al l other port types except menti oned above.
Control packets received on a port is tunneled or peered or discarded based on the options (Tun-
nel or Peer or Discard) configured through the protocol tunnel command. Tunneled protocol
packets are treated as data packets and are forwarded in the S-VLAN to which they belong.

Tunneling Spanning Tree Protocol

The Provider Spanning Tree address is different from the Customer Spanning Tree protocol
address. Hence in the provider network, the Customer Spanning Tree BPDUs are treated as data
packets and are forwarded without changing the destination address.
l In the C-VLAN component, Rapid Spanning Tree runs and interacts with the
Customer Spanning Tree BPDUs received on C-VLAN component ports. By default,
the STP tunnel status on CEP is peer.
l To tunnel the STP packet on CEP, the C-VLAN Spanning Tree must be disabled on
that CEP, and there must be only one PEP in that C-VLAN component.
l Only on CEP, the STP tunnel status is set to peer and on all other ports, it is not set,
where the protocol tunneling does not supports peer option.
l STP tunnel status is set to tunnel or it is set to discard on all port types, where the
protocol tunneling option is set.

Tunneling GVRP Protocol

l IEEE 802.1ad has defined a new address for running GVRP in provider networks. So,
the Customer GVRP packets are transmitted transparently in provider networks.
l GVRP tunnel status is set to tunnel or it is set to discard on any of the ports, where
the protocol tunneling is supported.
l GVRP tunnel status is not set to peer on any of the ports.

50 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Tunneling GMRP Protocol

In Provider Edge and Provider Core Bridges, GMRP is always disabled. So, the Customer GMRP
packets are tunneled transparently across the provider networks.

Tunneling IGMP Protocol

In Provider Edge and Provider Core Bridges, IGMP protocol is always disabled. So, the Cus-
tomer IGMP packets are tunneled transparently across the provider networks.

Tunneling DOT1X Protocol

In Provider Edge and Provider Core Bridges, Dot1x protocol is always enabled by default. Dot1x
must be enabled in any of the Provider Edge and Provider Core Bridges of the entire provider
network to enable the tunneling of Dot1x protocol.

Tunneling LACP Protocol

In Provider Edge and Provider Core Bridges, LACP is always enabled by default. LACP must be
enabled on that port to enable the tunneling of LACP Protocol on a port.
In LACP tunneling, a single service instance is required to tunnel the LACP packets between the
two customer points of attachment across the provider network. So, to aggregate two ports on
one point of attachment to two ports of another point of attachment, two service instances are
required.

Procedure
1. Enter the global configuration mode
aos# configure terminal
2. Enter the interface configuration mode
aos(config)# interface gigabitethernet 0/1
3. Configure the STP protocol tunnel status for Port 1 as `peer`
aos(config-if)#l2protocol-peer stp
4. Configure the GVRP protocol tunnel status for Port 1 as `tunnel`
aos(config-if)#l2protocol-tunnel gvrp
5. Configure the GMRP protocol tunnel status for Port 1 as `discard`
aos(config-if)#l2protocol-discard gmrp
aos(config-if)#end
6. View the protocol tunnel status by executing the following command
aos# sh provider-bridge port config port gi 0/2
Switch - default
Provider Bridge Port configuration table
-----------------------------------------
Port Gi0/2

260-668256-008 NOVEMBER 2015 51

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

Port Type : Customer Edge Port

Dot1x Protocol Tunnel Status : Peer
LACP Protocol Tunnel Status : Peer
Spanning Tree Tunnel Status : Peer
MVRP Protocol Tunnel Status : Discard
MMRP Protocol Tunnel Status : Discard
GVRP Protocol Tunnel Status : Tunnel
GMRP Protocol Tunnel Status : Discard
IGMP Protocol Tunnel Status : Peer
ELMI Protocol Tunnel Status : Peer
LLDP Protocol Tunnel Status : Peer
ECFM Protocol Tunnel Status : Peer
Service Vlan Classification : Customer Vlan
EtherType Swap Status : Disable
Service Vlan Translation Status : Disable
Require Drop Encoding : False
Use_Dei : False
PCP Selection Row : 8P0D
Unicast Mac Learning Status : Enable
Unicast Mac Learning Limit : 8000
Customer Vlan : 1
Customer Vlan Status : Enabled

Configuring Tunnel MAC Address

For Spanning Tree and GVRP packets, the destination Mac addresses are different in provider
network and customer network. So, for tunneling these control PDUs, there is no need to change
the destination Mac address. But to interop with the Q-in-Q bridges, the destination Mac
address for these control packets are changed on those ports that are connected to Q-in-Q
bridges.
For other protocol tunneling, the destination Mac address is to be changed to make the protocol
frames appear as data packet in the rest of the provider network.
The default tunnel Mac address defined for each protocol is given below:
aos# sh l2protocol tunnel-mac-address
Switch - default
VLAN tunnel MAC address
--------------------------
Dot1x tunnel MAC address : 01:00:0c:cd:cd:d3
LACP tunnel MAC address : 01:00:0c:cd:cd:d4
STP tunnel MAC address : 01:00:0c:cd:cd:d0
MVRP tunnel MAC address : 01:00:0c:cd:cd:d5
MMRP tunnel MAC address : 01:00:0c:cd:cd:d6
GVRP tunnel MAC address : 01:00:0c:cd:cd:d1

52 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

GMRP tunnel MAC address : 01:00:0c:cd:cd:d2

ELMI tunnel MAC address : 01:00:0c:cd:cd:d7
LLDP tunnel MAC address : 01:00:0c:cd:cd:d8
ECFM tunnel MAC address : 01:00:0c:cd:cd:d9

Procedure
1. Enter the global configuration mode
aos# configure terminal
2. Enter the switch configuration mode
aos(config)# switch default
3. Configure the GMRP protocol tunnel Mac address as 01:22:33:44:55:66
aos(config-switch)# gmrp-tunnel-address
01:22:33:44:55:66
aos(config-switch)#end
4. View the protocol tunnel mac address by executing the following command
aos# show l2protocol tunnel-mac-address
VLAN tunnel MAC address
--------------------------
Switch - default
--------------------------
Dot1x tunnel MAC address : 01:00:0c:cd:cd:d3
LACP tunnel MAC address : 01:00:0c:cd:cd:d4
STP tunnel MAC address : 01:00:0c:cd:cd:d0
GVRP tunnel MAC address : 01:00:0c:cd:cd:d1
GMRP tunnel MAC address : 01:22:33:44:55:66

260-668256-008 NOVEMBER 2015 53

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

Protocol Tunneling in Customer Bridges

The Provider Network is comprised of both customer bridges and provider bridges. The cus-
tomer bridges present in the provider network operate only on C-VLANs. The data packets in
the customer bridges will be switched in the provider network using only C-VLANs.
But the protocol packets in the customer bridges must be tunneled. For enabling Protocol tun-
neling on a port in customer bridge (present in provider network), the port need not be an
access port.
The Administrator can configure a protocol tunnel status as tunnel/discard only when a par-
ticular protocol is disabled on that port. This rule applies to STP, GVRP and GMRP protocols.
If there are IGMP and DOT1X, for configuring the protocol tunnel status as tunnel/discard, the
administrator must disable the protocol in the system.
If there is LACP, the protocol tunnel status cannot be configured on port-channel interfaces.
The Tunnel MAC address for all the protocols can also be configured in the customer bridges (as
discussed in section 5.7.7).

54 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Configuring Port MAC Learning Status

and Limit
The Administrator configures the Mac Learning Status of each port as enabled or disabled. By
default, each port in the bridge is allocated a limit on the number of Mac addresses that are
learned on that port. The Mac Learning Limit on each port is also configurable. The Port Mac
Learning Limit is applicable only for the dynamic learned entries.

Procedure
1. Enter the global configuration mode
aos# configure terminal
2. Enter the interface configuration mode
aos(config)# interface gigabitethernet 0/1
3. Configure the unicast mac learning status as `disable` Note that you can only set
unicast-mac learning on a VLAN, not on an interface.
aos(config-if)# switchport unicast-mac learning
disable
4. Configure the unicast mac learning limit as `40`
aos(config-if)# switchport unicast-mac learning
limit 40
aos(config-if)#end
5. View the unicast mac learning status and limit by executing the following com-
mand
aos# show provider-bridge port config port
gigabitethernet 0/1
Switch - default
Provider Bridge Port configuration table
-----------------------------------------
Port Gi0/1
Port Type : Provider Network
Port
Service Vlan Classification : PVID
Ingress EtherType : 0x88a8
Egress EtherType : 0x88a8
EtherType Swap Status : Disable
Service Vlan Translation Status: Disable
Require Drop Encoding : False
Use_Dei : False
PCP Selection Row : 8P0D
Unicast Mac Learning Status : Disable
Unicast Mac Learning Limit : 40

260-668256-008 NOVEMBER 2015 55

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

Configuring Static Multicast Mac Limit

Static Multicast Mac Limit is configured at run time. By default, Multicast Mac Limit is the
total size of the Multicast Mac table.

Procedure
1. Enter the global configuration mode
aos# configure terminal
2. Enter the switch configuration mode
aos(config)#switch default
3. Configure the multicast mac limit as 4
aos(config-switch)# multicast-mac limit 4
aos(config-switch)# end

56 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Configuring Ether Type Swap Table

In Provider Bridges, the port recognizes and processes only the S-Tagged packet with ether type
0x88a8. But in the provider network, there is a possibility to interoperate with different net-
works that use different ethertypes. Swap table is configured, so that the different ether types
are interpreted as the S-Tag ether type.
l Local Ether type - Ether type that is present in frame.
l Relay ether type - Used for processing the ethertype of the frame.

Procedure
1. Enter the global configuration mode
aos# configure terminal
2. Enter the interface configuration mode
aos(config)# interface gigabitethernet 0/1
3. Configure the ether type swap table by executing the following command
aos(config-if)# switchport Dot1q ethertype
mapping 0x88a1 0x88a8
aos(config-if)# end
4. View the ether type swap table
aos# show ethertype mapping
Switch - default
EtherType Mapping
-----------------------
Port Gi0/1
-----------
Local EtherType Relay EtherType
0x88a1 0x88a8

260-668256-008 NOVEMBER 2015 57

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

Configuring Customer Port VLAN ID

This configuration is valid only for CEP, PCEP and PCNP ports. When CEP receives an
untagged packet, the packet is classified into C-VLAN based on the CPVID configured for the
Customer Edge Port. The above behavior is enabled or disabled in the command switchport
Dot1q customer vlan disable/enable

Procedure
1. Enter the global configuration mode
aos# configure terminal
2. Enter the interface configuration mode
aos(config)# interface gigabitethernet 0/1
3. Configure the bridge port type as Customer Edge Port
aos(config-if)# bridge port-type
CustomerEdgePort
4. Configure the Customer VLAN PVID as 10 for Port 1
aos(config-if)# switchport dot1q customer vlan
10
5. Configure the Customer VLAN classification status as `disable`
aaos(config-if)# switchport dot1q customer vlan
disable
% Customer VLAN can not be di sabl ed on a customerEdgePort.
6. View the provider bridge port configurations by executing the following command
aos# show provider-bridge port config port
gigabitethernet 0/1
Switch - default
Provider Bridge Port configuration table
-----------------------------------------
Port Gi0/1
Port Type : Customer Edge
Port
Dot1x Protocol Tunnel Status : Peer
LACP Protocol Tunnel Status : Peer
Spanning Tree Tunnel Status : Peer
GVRP Protocol Tunnel Status : Discard
GMRP Protocol Tunnel Status : Discard
IGMP Protocol Tunnel Status : Discard
Service Vlan Classification : Customer Vlan
Ingress EtherType : 0x88a8
Egress EtherType : 0x8100
EtherType Swap Status : Disable
Service Vlan Translation Status : Disable

58 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Require Drop Encoding : False

Use_Dei : False
PCP Selection Row : 8P0D
Unicast Mac Learning Status : Enable
Unicast Mac Learning Limit : 150
Customer Vlan : 10
Customer Vlan Status : Disabled

260-668256-008 NOVEMBER 2015 59

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

Configuring S-VLAN
A S-VLAN is configured to provide two different service types, E-LINE and E-LAN.
E-LINE is defined as “point-to-point” service offered to a customer. E-LAN is defined as “mul-
tipoint-multipoint” service offered to a customer.
By default, the S-VLAN has a service type as “E-LAN”. If a service type is configured as ”E-
LINE”, then the VLAN is not allowed to have more than two member ports.

Procedure
1. Enter the global configuration mode
aos# configure terminal
2. Enter the switch configuration mode
aos(config)# switch default
3. Enter the VLAN 2 configuration mode
aos(config-switch)# vlan 2
4. Configure the service type for the VLAN 2 as `E-LINE`
aos(config-switch-vlan)# service-type e-line
aos(config-switch-vlan)# end
5. View the service type of the S-VLAN by executing the following command
aos# sh vlan
Switch default

Vlan database
-------------
Vlan ID : 1
Member Ports : None
Untagged Ports : None
Forbidden Ports : None
Name :
Status : Permanent
ServiceType : E-LAN
MacLearning Status : Enabled
--------------------------------------------------
--
Vlan ID : 2
Member Ports : Gi0/1, Gi0/2
Untagged Ports : None
Forbidden Ports : None
Name :
Status : Permanent
ServiceType : E-LINE

60 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

MacLearning Status : Disabled

--------------------------------------------------
--

260-668256-008 NOVEMBER 2015 61

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

Configuring Ingress and Egress Ether

Type
A port is configured with Ingress and Egress ether type.
l Ingress ether type – If the ether type of the received packet matches with that of the
Ingress ether type of the reception port, then that packet is considered as the tagged
packet.
l Egress ether type – All the tagged outgoing packets on a port are sent out with the
configured Egress ether type of the outgoing port.
By default, Ingress and Egress ether type for PNP is “0x88a8”. In case of CEP, the Ingress ether
type is “0x8100”. And for PPNP, the Ingress and Egress ether type is “0x8100”.

Procedure
1. Enter the global configuration mode
aos#configure terminal
2. Enter the interface configuration mode
aos(config)#interface gigabitethernet 0/1
3. Configure the ingress Ether type for the Port 1 as 0x8899
aos# sh vlan port config port gi 0/2
Switch default
VLAN Port configuration table
-----------------------------------------
Port Gi0/2
Bridge Port Type : Provider Network Port
Port Vlan ID : 1
Port Acceptable Frame Type : Admit All
Port Mac Learning Status : Enabled
Port Ingress Filtering : Disabled
Port Mode : Hybrid
Port Gvrp Status : Disabled
Port Gmrp Status : Disabled
Port Gvrp Failed Registrations : 2
Gvrp last pdu origin : 00:00:00:00:00:00
Port Restricted Vlan Registration : Disabled
Port Restricted Group Registration : Unknown
Mac Based Support : Disabled
Subnet Based Support : Disabled
Port-and-Protocol Based Support : Enabled
Default Priority : 0
Filtering Utility Criteria : Default

62 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Port Protected Status : Disabled

Ingress EtherType : 0x8899
Egress EtherType : 0x88a8
Egress TPID Type : Portbased
Allowable TPID 1 : 0x0
Allowable TPID 2 : 0x0
Allowable TPID 3 : 0x0
4. View the ingress and Egress Ether type by executing the following command
aos# sh provider-bridge port config port gi 0/5
Switch default
Provider Bridge Port configuration table
-----------------------------------------
Port Gi0/5
Port Type : Customer Edge Port
Dot1x Protocol Tunnel Status : Peer
LACP Protocol Tunnel Status : Peer
Spanning Tree Tunnel Status : Peer
MVRP Protocol Tunnel Status : Discard
MMRP Protocol Tunnel Status : Discard
GVRP Protocol Tunnel Status : Discard
GMRP Protocol Tunnel Status : Discard
IGMP Protocol Tunnel Status : Peer
ELMI Protocol Tunnel Status : Peer
LLDP Protocol Tunnel Status : Peer
ECFM Protocol Tunnel Status : Peer
Service Vlan Classification : Customer Vlan
EtherType Swap Status : Disable
Service Vlan Translation Status : Disable
Require Drop Encoding : False
Use_Dei : False
PCP Selection Row : 8P0D
Unicast Mac Learning Status : Enable
Unicast Mac Learning Limit : 8000
Customer Vlan : 10
Customer Vlan Status : Enabled

260-668256-008 NOVEMBER 2015 63

CHAPTER 4. PROVIDER BRIDGE CONFIGURATIONS

Configuring Proprietary Port Types

Apart from the standard defined port types, there are proprietary port types. The proprietary
port types are:
l Proprietary Provider Network Port (PPNP)
A standard port types has only restricted S- VLAN classification mechanisms, whereas PCEP
and PCNP supports various types of S- VLAN classification mechanisms namely, Source Mac,
Destination Mac, C- VLAN + Source Mac, C- VLAN + Destination Mac, Dscp, C- VLAN + Dscp,
Source Ip, Destination Ip, Source Ip + Destination Ip, C- VLAN + Destination IP and PVID.

Procedure
1. Enter the global configuration mode
aos#configure terminal
2. Enter the interface configuration mode
aos(config)# interface gigabitethernet 0/1
3. Configure the bridge port type for port 1 as Proprietary Customer Edge Port
aos(config-if)# bridge port-type
propCustomerEdgeport
Configure the Service VLAN classification method
as `CvlanSrcMac`
aos(config-if)# switchport service vlan classify
VLAN cVLANSrcMac
4. Configure the CVLAN Source Mac address classification table by executing the fol-
lowing command
aos(config-if)# switchport service vlan 2
customer vlan 5 SrcMac 00:11:22:33:22:11
aos(config-if)#end
5. View the provider edge port configuration by executing the following command
aos# show provider-bridge port config port
gigabitethernet 0/1
Switch - default
Provider Bridge Port configuration table
-----------------------------------------
Port Gi0/1
Port Type : Prop
Customer Edge Port
Dot1x Protocol Tunnel Status : Peer
LACP Protocol Tunnel Status : Peer
Spanning Tree Tunnel Status : Tunnel
GVRP Protocol Tunnel Status : Tunnel
GMRP Protocol Tunnel Status : Tunnel
IGMP Protocol Tunnel Status : Tunnel

64 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Service Vlan Classification : Source Mac

and Customer Vlan
Ingress EtherType : 0x88a8
Egress EtherType : 0x88a8
EtherType Swap Status : Disable
Service Vlan Translation Status : Disable
Require Drop Encoding : False
Use_Dei : False
PCP Selection Row : 8P0D
Unicast Mac Learning Status : Enable
Unicast Mac Learning Limit : 150
Customer Vlan Status : Disabled
aos# show service vlan
Switch - default
Service Vlan Classification
-------------------------------
Service Vlan Port Src MAC Address Customer
Vlan
--------------------------------------------------
---
2 Gi0/1 00:11:22:33:22:11 5

Service Vlan Port pvid

--------------------------------------------------
---
1 Gi0/1 1

260-668256-008 NOVEMBER 2015 65

 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Chapter 5. Flow Based

Configuration

Figure 5-1. Topology 1

Table 5-1. Configuration for Topology 1
Node Port MAC Address IP Address
Host A eth0 00:11:22:33:44:- 12.0.0.10
0a
Host B eth0 00:11:22:33:44:- 12.0.0.20
0b
Host C eth0 00:11:22:33:44:- 12.0.0.30
0c
Switch1 P1 00:01:02:03:04:- 12.0.0.1
01
P2 00:01:02:03:04:-
02
P3 00:01:02:03:04:-
03

Figure 5-2. Topology 2

Table 5-2. Configuration for Topology 2
Node Port MAC Address IP Address

260-668256-008 NOVEMBER 2015 67

CHAPTER 5. FLOW BASED CONFIGURATION

Switch1 eth0 00:01:02:03:0- 12.0.0.1

4:01
eth1 00:01:02:03:0-
4:02
Switch2 eth0 00:02:02:03:0- 12.0.0.2
4:01
eth1 00:02:02:03:0-
4:02

68 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Configuring Static Unicast Entry

To work with Static Unicast Entry, configure the following.

Configuration Guidelines
l Configuration of static unicast entry.
l Configuration of VLAN.

Default Configurations
1. Execute the following commands in Switch1:
At Switch1:
2. Enter into the Global configuration mode
aos# configure terminal
3. Configure VLAN 2 in the switch
aos(config)# vlan 2
4. Configure the static VLAN entry with the required ports
aos(config-vlan)# ports gigabitethernet 0/1-3
5. Exit from VLAN configuration mode
aos(config-vlan)# exit
6. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/1
7. Make the interface up
aos(config-if)# no shutdown
8. Exit from Interface configuration mode
aos(config-if)# exit
9. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/2
10. Make the interface up
aos(config-if)# no shutdown
11. Exit from Interface configuration mode
aos(config-if)# exit
12. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/3
13. Make the interface up
aos(config-if)# no shutdown
14. Exit from Interface configuration mode
aos(config-if)# exit
15. Configure the static unicast entry
aos(config)# mac-address-table static unicast
00:11:22:33:44:0b vlan 2 recv-port
gigabitethernet 0/1 interface gigabitethernet
0/2

260-668256-008 NOVEMBER 2015 69

CHAPTER 5. FLOW BASED CONFIGURATION

16. Exit from the Global Configuration Mode

aos(config)# exit
17. View the VLAN related configurations by executing the following commands:
aos# show vlan id 2
Vlan database
-------------------
Vlan ID : 2
Member Ports : Gi0/1, Gi0/2, Gi0/3
Untagged Ports : None
Forbidden Ports : None
Name :
Status : Permanent
--------------------------------------------------
--
aos# show mac-address-table static unicast
Vlan Mac Address RecvPort Status
Ports
------ -------- ------------- --------- --
----
2 00:11:22:33:44:0b Gi0/1 Permanent
Gi0/2
Total Mac Addresses displayed: 1
18. After spanning topology settlement, send the tagged (VLAN 2) unicast data
packet to Host B from Host A.

70 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Configuring Static Multicast Entry

To work with Static Multicast Entry, configure the following:

Configuration Guidelines
l Configuration of static unicast entry.
l Configuration of forward-unregistered entry.
l Configuration of VLAN.

Default Configurations
l Configure the Forward-Unregistered static ports as none.
l Configure the Forward-All static ports as none.

Procedure
1. Execute the following commands in Switch1:
At Switch1:
2. Enter into the Global configuration mode
aos# configure terminal
3. Configure VLAN 2 in the switch
aos(config)# vlan 2
4. Configure the static VLAN entry with the required ports
aos(config-vlan)# ports gigabitethernet 0/1-3
5. Exit from VLAN configuration mode
aos(config-vlan)# exit
6. Enter into Interface configuration mode
aos(config)# interface gigabitethernet 0/1
7. Make the interface up
aos(config-if)# no shutdown
8. Exit from Interface configuration mode
aos(config-if)# exit
9. Enter into Interface configuration mode
aos(config)# interface gigabitethernet 0/2
10. Make the interface up
aos(config-if)# no shutdown
11. Exit from Interface configuration mode
aos(config-if)# exit
12. Enter into Interface configuration mode
aos(config)# interface gigabitethernet 0/3
13. Make the interface up
aos(config-if)# no shutdown
14. Exit from Interface configuration mode

260-668256-008 NOVEMBER 2015 71

CHAPTER 5. FLOW BASED CONFIGURATION

aos(config-if)# exit
15. Configure the static multicast entry
aos(config)# mac-address-table static multicast
01:02:02:02:02:02 vlan 2 recv-port
gigabitethernet 0/1 interface gigabitethernet
0/3
16. Exit from the Global configuration mode
aos(config)# exit
----
17. View the static multicast information by executing the following command:
aos# show mac-address-table static multicast
Static Multicast Table
----------------------
Vlan : 2
Mac Address : 01:02:02:02:02:02
Receive Port : Gi0/1
Member Ports : Gi0/3
Status : Permanent
------------------------------------------------
Total Mac Addresses displayed: 1
18. View the created VLAN.
aos# show vlan id 2
Vlan database
-------------------
Vlan ID : 2
Member Ports : Gi0/1, Gi0/2, Gi0/3
Untagged Ports : None
Forbidden Ports : None
Name :
Status : Permanent
--------------------------------------------------
--
19. After spanning topology settlement, send the tagged (VLAN 2) multicast data
packet to Host C from Host A.

72 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Classifying VLAN
VLAN is classified as follows:
1. PVID Based Classification
2. Port and MAC Based Classification
3. Port and Protocol Based Classification

PVID Based Classification

For configuring PVID Based Classification, complete the following.

Configuration Guidelines
1. Configure VLAN.
2. Configure PVID for ports.

Procedure
1. Execute the following commands in the switches:
At Switch1:
2. Enter into the Global configuration mode
aos# configure terminal
3. Configure VLAN 1 in the switch
aos(config)# vlan 1
4. Configure the static VLAN entry with the required ports
aos(config-vlan)# ports gigabitethernet 0/1-3
untagged gigabitethernet 0/1-3
5. Exit from VLAN configuration mode
aos(config-vlan)# exit
6. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/1
7. Make the interface up
aos(config-if)# no shutdown
8. Exit from Interface configuration mode
aos(config-if)# exit
9. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/2
10. Make the interface up
aos(config-if)# no shutdown
11. Exit from Interface configuration mode
aos(config-if)# exit
12. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/3
13. Make the interface up

260-668256-008 NOVEMBER 2015 73

CHAPTER 5. FLOW BASED CONFIGURATION

aos(config-if)# no shutdown
14. Exit from Interface configuration mode
aos(config-if)# exit
15. Configure VLAN 2 in the switch
aos(config)# vlan 2
16. Configure the static VLAN entry with the required ports
aos(config-vlan)# ports gigabitethernet 0/1-2
17. Return to Privileged EXEC mode
aos(config-vlan)# end
18. Configure the PVID for the Interface P1 as VLAN 2.
19. Enter into the Global configuration mode
aos# configure terminal
20. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/1
21. Set the PVID as 2 for the interface
aos(config-if)# switchport pvid 2
22. Return to Privileged EXEC mode
aos(config-if)# end
23. View the VLAN related configurations by executing the following commands:
aos# show vlan

Vlan database
-------------------
Vlan ID : 1
Member Ports : Gi0/1, Gi0/2, Gi0/3
Untagged Ports : Gi0/1, Gi0/2, Gi0/3
Forbidden Ports : None
Name :
Status : Permanent
--------------------------------------------------
--
Vlan ID : 2
Member Ports : Gi0/1, Gi0/2
Untagged Ports : None
Forbidden Ports : None
Name :
Status : Permanent
--------------------------------------------------
--
aos# show vlan port config port gigabitethernet
0/1
Vlan Port configuration table
--------------------------------------

74 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Port Gi0/1
Port Vlan ID : 2
Port Acceptable Frame Type : Admit All
Port Ingress Filtering : Disabled
Port Mode : Hybrid
Port Gvrp Status : Enabled
Port Gmrp Status : Enabled
Port Gvrp Failed Registrations : 0
Gvrp last pdu origin :
00:00:00:00:00:00
Port Restricted Vlan Registration : Disabled
Port Restricted Group Registration: Disabled
Mac Based Support : Disabled
Port-and-Protocol Based Support : Enabled
Default Priority : 0
--------------------------------------------------
---
24. Unicast packets are reached only to Host B as a tagged VLAN2 packet that is
sent by Host A.

Port and MAC Based Classification

For configuring MAC Based Classification, complete the following.

Configuration Guidelines
1. Configure VLAN.
2. Configure Mac map entry for Port and Mac based classification.

Procedure
1. Execute the following commands in the switches:
At Switch1:
2. Enter into the Global configuration mode
aos# configure terminal
3. Configure VLAN 1 in the switch
aos(config)# vlan 1
4. Configure the static VLAN entry with the required ports
aos(config-vlan)# ports gigabitethernet 0/1-3
untagged gigabitethernet 0/1-3
5. Exit from VLAN configuration mode
aos(config-vlan)# exit
6. Configure VLAN 2 in the switch
aos(config)# vlan 2

260-668256-008 NOVEMBER 2015 75

CHAPTER 5. FLOW BASED CONFIGURATION

7. Configure the static VLAN entry with the required ports

aos(config-vlan)# ports gigabitethernet 0/1-2
8. Exit from VLAN configuration mode
aos(config-vlan)# exit
9. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/1
10. Set the PVID as VLAN 1
aos(config-if)# switchport pvid 1
11. Make the interface up
aos(config-if)# no shutdown
12. Exit from Interface configuration mode
aos(config-if)# exit
13. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/2
14. Set the PVID as VLAN 1
aos(config-if)# switchport pvid 1
15. Make the interface up
aos(config-if)# no shutdown
16. Exit from Interface configuration mode
aos(config-if)# exit
17. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/3
18. Set the PVID as VLAN 1
aos(config-if)# switchport pvid 1
19. Make the interface up
aos(config-if)# no shutdown
20. Return to Privileged EXEC mode
aos(config-vlan)# end
21. Configure the Mac map entry.
22. Enter into the Global configuration mode
aos# configure terminal
23. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/1
24. Create the Mac map entry
aos(config-if)# mac-map 00:11:22:33:44:0a VLAN 2
mcast-bcast allow
25. Return to Privileged EXEC mode
aos(config-if)# end
26. View the VLAN related configurations by executing the following commands:
aos# show vlan
Vlan database
-------------------
Vlan ID : 1

76 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Member Ports : Gi0/1, Gi0/2, Gi0/3

Untagged Ports : Gi0/1, Gi0/2, Gi0/3
Forbidden Ports : None
Name :
Status : Permanent
--------------------------------------------------
--
Vlan ID : 2
Member Ports : Gi0/1, Gi0/2
Untagged Ports : None
Forbidden Ports : None
Name :
Status : Permanent
--------------------------------------------------
--
aos# show mac-vlan interface gigabitethernet 0/1
Mac Map Table For Port 1--Mac Vlan Enabled
-------------------------------------
Mac Address Vlan ID MCast/Bcast
------------- ---------- ---------------
----
00: 11:22:33:44:0a 2 allow
Untagged unicast packets from Host A are classified as VLAN 2 packets and the packets are for-
warded only to Host B.

Port and protocol Based Classification

For configuring Port and Protocol Based Classification, the following are to be done.

Configuration Guidelines
1. Configure VLAN.
2. Configure protocol-group entry for Port and Protocol based classification.

Procedure
1. Execute the following commands in the switches:
At Switch1:
2. Enter into the Global configuration mode
aos# configure terminal
3. Configure VLAN 1 in the switch
aos(config)# vlan 1
4. Configure the static VLAN entry with the required ports

260-668256-008 NOVEMBER 2015 77

CHAPTER 5. FLOW BASED CONFIGURATION

aos(config-vlan)# ports gigabitethernet 0/1-3

untagged gigabitethernet 0/1-3
5. Exit from VLAN configuration mode
aos(config-vlan)# exit
6. Configure VLAN 2 in the switch
aos(config)# vlan 2
7. Configure the static VLAN entry with the required ports
aos(config-vlan)# ports gigabitethernet 0/1-2
8. Exit from VLAN configuration mode
aos(config-vlan)# exit
9. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/1
10. Set the PVID as VLAN 1
aos(config-if)# switchport pvid 1
11. Make the interface up
aos(config-if)# no shutdown
12. Exit from Interface configuration mode
aos(config-if)# exit
13. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/2
14. Set the PVID as VLAN 1
aos(config-if)# switchport pvid 1
15. Make the interface up
aos(config-if)# no shutdown
16. Exit from Interface configuration mode
aos(config-if)# exit
17. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/3
18. Set the PVID as VLAN 1
aos(config-if)# switchport pvid 1
19. Make the interface up
aos(config-if)# no shutdown
20. Return to Privileged EXEC mode
aos(config-vlan)# end
21. Configure the Protocol-Group entry.
22. Enter into the Global configuration mode
aos# configure terminal
23. Create protocol-group entry
aos(config)# map protocol other 08:06 enet-v2
protocols-group 100
24. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/1
25. Map the protocol-group entry to the VLAN

78 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

aos(config-if)# switchport map protocols-group

100 vlan 2
26. Return to Privileged EXEC mode
aos(config-if)# end
27. View the VLAN related configurations by executing the following commands:
aos# show vlan
Vlan database
-------------------
Vlan ID : 1
Member Ports : Gi0/1, Gi0/2, Gi0/3
Untagged Ports : Gi0/1, Gi0/2, Gi0/3
Forbidden Ports : None
Name :
Status : Permanent
--------------------------------------------------
--
Vlan ID : 2
Member Ports : Gi0/1, Gi0/2
Untagged Ports : None
Forbidden Ports : None
Name :
Status : Permanent
--------------------------------------------------
--
aos# show vlan protocols-group
Protocol Group Table
-----------------------------
--------------------------------------------------
-
Frame Type Protocol Group
--------------------------------------------------
-
Enet-v2 08:06 100
--------------------------------------------------
-
aos# show protocol-vlan
Port Protocol Table
-----------------------------------------
Port Group Vlan ID
-----------------------------------------
Gi0/1 100 2
-----------------------------------------

260-668256-008 NOVEMBER 2015 79

CHAPTER 5. FLOW BASED CONFIGURATION

28. ARP packets (Unknown Host) from Host A are classified as VLAN 2 packets and
the packets are forwarded only to Host B.

80 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Configuring Acceptable Frame Types

To work with Acceptable Frame types, configure the following.

Configuration Guidelines
1. Configuration of VLAN.
2. Configuration of PVID for the interfaces.
3. Configuration of Acceptable Frame Types.

Procedure
1. Execute the following commands in the Switch1:
At Switch1:
2. Enter into the Global configuration mode
aos# configure terminal
3. Configure VLAN 1 in the switch
aos(config)# vlan 1
4. Configure the static VLAN entry with the required ports
aos(config-vlan)# ports gigabitethernet 0/1-2
untagged gigabitethernet 0/1-2
5. Return from VLAN Configuration mode
aos(config-vlan)# exit
6. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/1
7. Make the interface up
aos(config-if)# no shutdown
8. Set PVID as VLAN 1
aos(config-if)# switchport pvid 1
9. Return from Interface configuration mode
aos(config-if)# exit
10. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/2
11. Make the interface up.
aos(config-if)# no shutdown
12. Set PVID as VLAN 2.
aos(config-if)# switchport pvid 1
13. Return to Privileged EXEC mode
aos(config-if)# end
14. Wait for around 30 seconds (topology settlement), to initiate ping from Host A
to Host B, which is successful.
15. Configure the Acceptable Frame Type for port P1.

260-668256-008 NOVEMBER 2015 81

CHAPTER 5. FLOW BASED CONFIGURATION

At Switch1:
16. Enter into the Global configuration mode
aos# configure terminal
17. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/1
18. Configure the Acceptable Frame Type
aos(config-if)# switchport acceptable-frame-type
tagged
19. Return to Privileged EXEC mode
aos(config-vlan)# end
20. View the VLAN related configurations by executing the following commands:
aos# show vlan
Vlan database
-------------------
Vlan ID : 1
Member Ports : Gi0/1, Gi0/2
Untagged Ports : Gi0/1, Gi0/2
Forbidden Ports : None
Name :
Status : Permanent
--------------------------------------------------
--
aos# show vlan port config port gigabitethernet
0/1
Vlan Port configuration table
-------------------------------
Port Gi0/1
Port Vlan ID : 1
Port Acceptable Frame Type : Admit Only Vlan
Tagged
Port Ingress Filtering : Disabled
Port Mode : Hybrid
Port Gvrp Status : Enabled
Port Gmrp Status : Enabled
Port Gvrp Failed Registrations : 0
Gvrp last pdu origin :
00:00:00:00:00:00
Port Restricted Vlan Registration: Disabled
Port Restricted Group Registration: Disabled
Mac Based Support : Disabled
Port-and-Protocol Based Support :Enabled
Default Priority : 0

82 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

------------------------------------------------
21. Once the Acceptable Frame Type is configured as Admit OnlyVLAN Tagged, the
ping fails (as ping packets are untagged) from Host A to Host B.

260-668256-008 NOVEMBER 2015 83

CHAPTER 5. FLOW BASED CONFIGURATION

Configuring Ingress Filtering

To work with Ingress Filtering, the following are to be done.

Configuration Guidelines
1. Configuration of VLAN.
2. Configuration of PVID for the interfaces.
3. Configuration of Ingress filtering.

Procedure
1. Execute the following commands in Switch1:
At Switch1:
2. Enter into the Global configuration mode
aos# configure terminal
3. Configure VLAN 2 in the switch
aos(config)# vlan 2
4. Configure the static VLAN entry with the required ports
aos(config-vlan)# ports gigabitethernet 0/2
untagged gigabitethernet 0/2
5. Return from VLAN Configuration mode
aos(config-vlan)# exit
6. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/1
7. Make the interface up
aos(config-if)# no shutdown
8. Set PVID as VLAN 2
aos(config-if)# switchport pvid 2
9. Return from Interface configuration mode
aos(config-if)# exit
10. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/2
11. Make the interface up
aos(config-if)# no shutdown
12. Set PVID as VLAN 2
aos(config-if)# switchport pvid 2
13. Return to Privileged EXEC mode
aos(config-if)# end
14. Wait for around 30 seconds (topology settlement) to initiate ping from Host A to
Host B, and the ARP packet reaches Host B.
15. Enable Ingress filtering in port P1 as follows:

84 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

At Switch1:
16. Enter into the Global configuration mode
aos# configure terminal
17. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/1
18. Configure the Ingress filter
aos(config-if)# switchport ingress-filter
19. Return to Privileged EXEC mode
aos(config-vlan)# end
20. View the VLAN related configurations by executing the following commands:
aos# show vlan
Vlan database
-------------------
Vlan ID : 2
Member Ports : Gi0/2
Untagged Ports : Gi0/2
Forbidden Ports : None
Name :
Status : Permanent
--------------------------------------------
aos# show vlan port config port gigabitethernet
0/1
Vlan Port configuration table
-------------------------------
Port Gi0/1
Port Vlan ID : 2
Port Acceptable Frame Type : Admit All
Port Ingress Filtering : Enabled
Port Mode : Hybrid
Port Gvrp Status : Enabled
Port Gmrp Status : Enabled
Port Gvrp Failed Registrations : 0
Gvrp last pdu origin :
00:00:00:00:00:00
Port Restricted Vlan Registration : Disabled
Port Restricted Group Registration: Disabled
Mac Based Support : Disabled
Port-and-Protocol Based Support : Enabled
Default Priority : 0
--------------------------------------------------
---
21. The APR packet reaches Host B, when the Ingress filtering is enabled.

260-668256-008 NOVEMBER 2015 85

CHAPTER 5. FLOW BASED CONFIGURATION

86 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Chapter 6. Flow Based Provider

Bridge Configuration

Figure 6-1. Dot1ad Bridge Configuration Topology

Switch AOS1 (PB1):
l MAC Address: 00:01:02:03:04:01
l VLAN 1 - 10.0.0.1/255.0.0.0
Switch AOS2 (PB2):
l MAC Address: 00:02:02:03:04:01
l VLAN 1 – 10.0.0.2 /255.0.0.0
Switch AOS3 (CB1):
l MAC Address: 00:03:02:03:04:01
l VLAN 1 – 10.0.0.10/255.0.0.0
Switch AOS4 (CB2):
l MAC Address: 00:04:02:03:04:01
l VLAN 1 – 10.0.0.20/255.0.0.0
Host HA:
l IP Address – 10.0.0.100/255.0.0.0
Host HB:
l IP Address – 10.0.0.200/255.0.0.0.

260-668256-008 NOVEMBER 2015 87

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

Configuring Service using C-VLAN Based

Service Interface and Port-Based
Service Interface

Configuration Guidelines
1. Configure C-VLAN based Service Interface (Configure Customer Edge Port) and
Port based Service Interface (configuration of Customer Network Port (Port-Based) as
follows:
2. Configure the C-VLAN based service using C-VID registration table.
3. Configure the Port based service by setting PVID for the Customer Network Port
(Port-Based).
4. Configuration of S-VLAN.

Default Configurations
By default, all ports are configured as “Provider Network Port” in PB1 and PB2.

Procedure
1. Configure P1 of PB1 as Customer Edge Port and Configure P1 of PB2 as Customer
Network Port (Port-Based).
At Switch PB1
2. Enter into the Global configuration mode.
aos# configure terminal
3. Enter into the Interface configuration mode.
aos# interface gigabitethernet 0/1
4. Configure the port P1 as Customer Edge Port
aos(config-if)# bridge port-type
customerEdgePort
5. Exit from the Global configuration mode
aos(config-if)#end
At Switch PB2
6. Enter into the Global configuration mode
aos# configure terminal
7. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/1
8. Configure the port P1 as Customer Edge Port
aos(config-if)# bridge port-type
customerNetworkPort port-based
9. Exit from the Global configuration mode

88 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

aos(config-if)#end
10. Configure the S-VLAN 2 with member ports as P1, P2 and untagged port as P1 in
both PB1 and PB2.
At Switch PB1
11. Enter into the Global configuration mode
aos# configure terminal
12. Enter into the VLAN configuration mode
aos(config)# vlan 2
13. Configure the port P1, P2 as member ports and P1 as untagged port for S-VLAN 2
aos(config-vlan)# ports gigabitethernet0/1,0/2
untagged gigabitethernet0/1
14. Exit from the VLAN configuration mode
aos(config-vlan)#end
At Switch PB2
15. Enter into the Global configuration mode
aos# configure terminal
16. Enter into the VLAN configuration mode
aos(config)# vlan 2
17. Configure the port P1, P2 as member ports and P1 as untagged port for S-VLAN 2
aos(config-vlan)# ports gigabitethernet0/1,0/2
untagged gigabitethernet0/1
18. Exit from the VLAN configuration mode
aos(config-vlan)#end
19. Configure the CVID Registration table for providing C-VLAN based service
At Switch PB1
20. Enter into the Global configuration mode
aos# configure terminal
21. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/1
22. Configure the CVID Registration table for S-VLAN 2 and C-VLAN 2.
aos(config-if)# switchport customer-vlan 2
service-vlan 2
23. Exit from the Interface configuration mode
aos(config-if)#end
24. Configure the VLAN 2 with member ports as P1, P2 with untagged ports as P1 in
both CB1 and CB2.
At Switch CB1
25. Enter into the Global configuration mode
aos# configure terminal
26. Enter into the VLAN configuration mode
aos(config)# vlan 2
27. Configure the port P1, P2 as member ports and untagged member port as P2 for
VLAN2

260-668256-008 NOVEMBER 2015 89

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

aos(config-vlan)# ports gigabitethernet 0/1,0/2

untagged gigabitethernet0/2
28. Exit from the VLAN configuration mode
aos(config-vlan)#end
At Switch CB2
29. Enter into the Global configuration mode
aos# configure terminal
30. Enter into the VLAN configuration mode
aos(config)# vlan 2
31. Configure the port P1, P2 as member ports and untagged member port as P2 for
VLAN2
aos(config-vlan)# ports gigabitethernet 0/1,0/2
untagged gigabitethernet0/2
32. Exit from the VLAN configuration mode
aos(config-vlan)#end
33. Configure the PVID for port P2 on CB1 and CB2 as VLAN 2 and configure the
PVID of Port P1 on PB2 as VLAN 2.
At Switch PB2
34. Enter into the Global configuration mode
aos# configure terminal
35. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/1
36. Configure the PVID of the port P1 as S-VLAN 2
aos(config-if)# switchport pvid 2
37. Exit from the Interface configuration mode
aos(config-if)#end
At Switch CB1
38. Enter into the Global configuration mode
aos# configure terminal
39. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/2
40. Configure the PVID of the port P2 as VLAN 2
aos(config-if)# switchport pvid 2
41. Exit from the Interface configuration mode
aos(config-if)#end
At Switch CB2
42. Enter into the Global configuration mode
aos# configure terminal
43. Enter into the Interface configuration mode
aos(config)# interface gigabitethernet 0/2
44. Configure the PVID of the port P2 as VLAN 2
aos(config-if)# switchport pvid 2
45. Exit from the Interface configuration mode
aos(config-if)#end

90 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

At Switch PB1
46. View the configured port types by executing the following command:
aos# show provider-bridge port config port
gigabitethernet 0/1
Provider Bridge Port configuration table
-----------------------------------------
Port Gi0/1
Port Type : Customer Edge
Port
Dot1x Protocol Tunnel Status : Peer
LACP Protocol Tunnel Status : Peer
Spanning Tree Tunnel Status : Peer
GVRP Protocol Tunnel Status : Discard
GMRP Protocol Tunnel Status : Discard
IGMP Protocol Tunnel Status : Discard
Service Vlan Classification : Customer Vlan
Ingress EtherType : 0x88a8
Egress EtherType : 0x8100
EtherType Swap Status : Disable
Service Vlan Translation Status : Disable
Require Drop Encoding : False
Use_Dei : False
PCP Selection Row : 8P0D
Unicast Mac Learning Status : Enable
Unicast Mac Learning Limit : 150
Customer Vlan : 1
Customer Vlan Status : Enabled
-------------------------------------------
47. View the VLAN configurations by executing the following command:
aos# show vlan
Vlan database
-------------
Vlan ID : 1
Member Ports :
Untagged Ports : None
Forbidden Ports : None
Name :
Status : Permanent
ServiceType : E-LAN
MacLearning Status : Enabled

260-668256-008 NOVEMBER 2015 91

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

--------------------------------------------------
--
Vlan ID : 2
Member Ports : Gi0/1, Gi0/2
Untagged Ports : Gi0/1
Forbidden Ports : None
Name :
Status : Permanent
ServiceType : E-LAN
MacLearning Status : Enabled
--------------------------------------------------
---
48. View the C-VLAN based service configuration by executing the following com-
mand
aos# show service vlan cvlan
Service Vlan Classification
---------------------------------------
Service Vlan Port Customer Vlan Untag-pep Untag-
cep Relay CVlan Id SVLAN Pri Type SVLAN Priority
----------- --------------------------------------
---
2 Gi0/1 2 False
False 2 NONE NA
At Switch PB2
49. View the configured port types by executing the following command:
aos# show provider-bridge port config port
gigabitethernet 0/1
Provider Bridge Port configuration table
-----------------------------------------
Port Gi0/1
Port Type : Customer
Network Port(Port-Based)
Dot1x Protocol Tunnel Status : Peer
LACP Protocol Tunnel Status : Peer
Spanning Tree Tunnel Status : Tunnel
GVRP Protocol Tunnel Status : Tunnel
GMRP Protocol Tunnel Status : Tunnel
IGMP Protocol Tunnel Status : Tunnel
Service Vlan Classification : PVID
Ingress EtherType : 0x88a8
Egress EtherType : 0x88a8
EtherType Swap Status : Disable

92 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Service Vlan Translation Status : Disable

Require Drop Encoding : False
Use_Dei : False
PCP Selection Row : 8P0D
Unicast Mac Learning Status : Enable
Unicast Mac Learning Limit : 150
--------------------------------------------------
--
50. Verify the VLAN configuration by executing the following command:
aos# show vlan
Vlan database
-------------
Vlan ID : 1
Member Ports :
Untagged Ports : None
Forbidden Ports : None
Name :
Status : Permanent
ServiceType : E-LAN
MacLearning Status : Enabled
--------------------------------------------------
--
Vlan ID : 2
Member Ports : Gi0/1, Gi0/2
Untagged Ports : Gi0/1
Forbidden Ports : None
Name :
Status : Permanent
ServiceType : E-LAN
MacLearning Status : Enabled
At Switch CB1
51. Verify the VLAN configuration by executing the following command:
aos# show vlan
Vlan database
-------------
Vlan ID : 1
Member Ports : Gi0/1, Gi0/2, Gi0/3, Gi0/4,
Gi0/5, Gi0/6
Gi0/7, Gi0/8, Gi0/9, Gi0/10,
Gi0/11, Gi0/12

260-668256-008 NOVEMBER 2015 93

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

Gi0/13, Gi0/14, Gi0/15,

Gi0/16, Gi0/17, Gi0/18
Gi0/19, Gi0/20, Gi0/21,
Gi0/22, Gi0/23, Gi0/24
Untagged Ports : Gi0/1, Gi0/2, Gi0/3, Gi0/4,
Gi0/5, Gi0/6
Gi0/7, Gi0/8, Gi0/9, Gi0/10,
Gi0/11, Gi0/12
Gi0/13, Gi0/14, Gi0/15,
Gi0/16, Gi0/17, Gi0/18
Gi0/19, Gi0/20, Gi0/21,
Gi0/22, Gi0/23, Gi0/24
Forbidden Ports : None
Name :
Status : Permanent
--------------------------------------------------
--
Vlan ID : 2
Member Ports : Gi0/1, Gi0/2
Untagged Ports : Gi0/2
Forbidden Ports : None
Name :
Status : Permanent
52. Verify the Spanning Tree configuration by executing the following command:
aos# show spanning-tree
Root Id Priority 32768
Address 00:03:02:03:04:01
Cost 0
Port 0 [0]
This bridge is the root
Max age 20 Sec, forward delay 15
Sec

MST00
MST00 is executing the mstp compatible Multiple
Spanning Tree Protocol
Bridge Id Priority 32768
Address 00:03:02:03:04:01
Max age is 20 sec, forward delay
is 15 sec
Name Role State Cost Prio
Type

94 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

---- ---- ----- ---- ---- -

----
Gi0/1 Designated Forwarding 200000 128
SharedLan
Gi0/2 Designated Forwarding 200000 128
SharedLan
At Switch CB2
53. Verify the VLAN configuration by executing the following command:
aos# show vlan
Vlan database
-------------
Vlan ID : 1
Member Ports : Gi0/1, Gi0/2, Gi0/3, Gi0/4,
Gi0/5, Gi0/6
Gi0/7, Gi0/8, Gi0/9, Gi0/10,
Gi0/11, Gi0/12
Gi0/13, Gi0/14, Gi0/15,
Gi0/16, Gi0/17, Gi0/18
Gi0/19, Gi0/20, Gi0/21,
Gi0/22, Gi0/23, Gi0/24
Untagged Ports : Gi0/1, Gi0/2, Gi0/3, Gi0/4,
Gi0/5, Gi0/6
Gi0/7, Gi0/8, Gi0/9, Gi0/10,
Gi0/11, Gi0/12
Gi0/13, Gi0/14, Gi0/15,
Gi0/16, Gi0/17, Gi0/18
Gi0/19, Gi0/20, Gi0/21,
Gi0/22, Gi0/23, Gi0/24
Forbidden Ports : None
Name :
Status : Permanent
--------------------------------------------------
--
Vlan ID : 2
Member Ports : Gi0/1, Gi0/2
Untagged Ports : Gi0/2
Forbidden Ports : None
Name :
Status : Permanent
54. Verify the Spanning Tree configuration by executing the following command:
aos# show spanning-tree
Root Id Priority 32768
Address 00:03:02:03:04:01

260-668256-008 NOVEMBER 2015 95

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

Cost 400000
Port 1 [Gi0/1]
Max age 20 Sec, forward delay 15
Sec

MST00
MST00 is executing the mstp compatible Multiple
Spanning Tree Protocol
Bridge Id Priority 32768
Address 00:04:02:03:04:01
Max age is 20 sec, forward delay
is 15 sec
Name Role State Cost Prio
Type
---- ---- ----- ---- ---- ----
--
Gi0/1 Root Forwarding 200000 128
SharedLan
Gi0/2 Designated Forwarding 200000 128
SharedLan

96 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Translating VLAN in Provider Networks

Configuration Guidelines
1. Configuration of VID Translation table.
2. Configuration of Port based Service by setting PVID for the Customer Network Port
Port-Based.
3. Configuration of S-VLAN.

Default Configurations
By default, all the ports are configured, as “Provider Network Port” in PB1 and PB2 and Local
VID is equal to Relay VID in the VID Translation table.

Procedure
1. Configure port P1 in PB1 and PB2 as “Customer Network Port (Port-Based)”.
At Switch PB1
aos# configure terminal
aos#(config) interface gigabitethernet 0/1
aos(config-if)# bridge port-type
customerNetworkPort port-based
aos(config-if)#end
At Switch PB2
aos# configure terminal
aos#(config) interface gigabitethernet 0/1
aos(config-if)# bridge port-type
customerNetworkPort port-based
aos(config-if)#end
2. Create VLAN 2 with member ports as P1, P2 and untagged member ports as P1 in
PB1. Note that you can only do this for a VLAN without an IP address.
At Switch PB1
aos# configure terminal
aos# vlan 2
aos(config-vlan)# ports gigabitethernet 0/1,0/2
untagged gigabitethernet 0/1
aos(config-vlan)#end
3. Create VLAN 3 with member ports as P1, P2 and untagged member ports as P1 in
PB1.
At Switch PB1
aos# configure terminal
aos(config)# vlan 3
aos(config-vlan)# ports gigabitethernet 0/1,0/2
untagged gigabitethernet 0/1

260-668256-008 NOVEMBER 2015 97

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

aos(config-vlan)#end
4. Configure the VID Translation table for port P2 in PB1 as Local VID-3, Relay VID-
2.
At Switch PB1
aos# configure terminal
aos(config)# interface gigabitethernet 0/2
5. Configure the VID Translation table for port P2 as Local VID-3, Relay VID-2.
aos(config-if)# switchport service vlan mapping
3 2
aos(config-if)#end
In CB1 and CB2 do the following:
1. Create VLAN 2 with member ports as P1, P2, with p2 as untagged member port
2. Configure the PVID for port P2 as VLAN 2.
At switch CB1
aos# configure terminal
aos(config)# vlan 2
aos(config-vlan)#ports gigabitethernet 0/1,0/2
untagged gigabitethernet 0/2
aos(config-vlan)#exit
aos(config)# interface gigabitethernet 0/2
aos(config-if)#switchport pvid 2
aos(config-if)#end
At switch CB2
aos# configure terminal
aos(config)# vlan 2
aos(config-vlan)#ports gigabitethernet 0/1,0/2
untagged gigabitethernet 0/2
aos(config-vlan)#exit
aos(config)# interface gigabitethernet 0/2
aos(config-if)#switchport pvid 2
aos(config-if)#end
3. Configure the PVID for port P1 as VLAN 2 in PB1 and also configure the PVID for
port P1 as VLAN 3 in PB2.
At switch PB1
aos# configure terminal
aos(config)# interface gigabitethernet 0/1
aos(config-if)#switchport pvid 2
aos(config-if)#end
At switch PB2
aos# configure terminal
aos(config)# interface gigabitethernet 0/1
aos(config-if)#switchport pvid 3
aos(config-if)#end
4. Verify the configuration of VID Translation table by executing the following com-
mand:

98 AVIAT NETWORKS
 VLAN CONFIGURATION FOR CTR 8300 AND 8500

At Switch PB1
aos# show service vlan mapping
Service VLAN Mapping
-------------------------
Port Gi0/2
-----------
Local service VLAN Relay service VLAN 2
5. Verify whether, the customer network has been settled properly by executing the
following command:
At Switch CB1
aos# show spanning-tree
Root Id Priority 32768
Address 00:03:02:03:04:01
Cost 0
Port 0 [0]
This bridge is the root
Max age 20 Sec, forward delay 15
Sec
MST00
MST00 is executing the mstp compatible Multiple
Spanning Tree Protocol
Bridge Id Priority 32768
Address 00:03:02:03:04:01
Max age is 20 sec, forward delay
is 15 sec
Name Role State Cost Prio
Type
---- ---- ----- ---- ----
----
Gi0/1 Designated Forwarding 200000 128
SharedLan
Gi0/2 Designated Forwarding 200000 128
SharedLan
At Switch CB2
aos# show spanning-tree
Root Id Priority 32768
Address 00:03:02:03:04:01
Cost 200000
Port 1 [Gi0/1]
Max age 20 Sec, forward delay 15
Sec
MST00

260-668256-008 NOVEMBER 2015 99

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

MST00 is executing the mstp compatible Multiple

Spanning Tree Protocol
Bridge Id Priority 32768
Address 00:04:02:03:04:01
Max age is 20 sec, forward delay
is 15 sec
Name Role State Cost Prio
Type
---- ---- ----- ---- ---- ---
-
Gi0/1 Root Forwarding 200000 128
SharedLan
Gi0/2 Designated Forwarding 200000 128
SharedLan
6. A Ping from Host A to Host B is successful, indicating that VLAN translation is
successfully taking place.

100 AVIAT NETWORKS

 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Configuring PCP Decoding and Encoding

Table

Configuration Guidelines
1. Configure port types.
2. Configure PCP Encoding and Decoding table.
3. Configure S-VLAN.

Default Configurations
1. All ports are Provider Network ports by default.

Procedure
1. Configure Port P1 as Customer Network Port (Port-Based).
At Switch PB1
aos# configure terminal
aos(config)# interface gigabitethernet 0/1
aos(config-if)# bridge port-type
customerNetworkPort port-based
aos(config-if)# end
2. Configure the PCP selection row for port P1 and P2 as 7P1D.
At Switch PB1
aos# configure terminal
aos(config)# interface gigabitethernet 0/1
3. Configure the PCP selection row for port P1 as 7P1D.
aos(config-if)# switchport provider-bridge pcp-
selection-row 7P1D
aos(config-if)# exit
aos(config)# interface gigabitethernet 0/2
4. Configure the PCP selection row for port P2 as 7P1D.
aos(config-if)# switchport provider-bridge pcp-
selection-row 7P1D
aos(config-if)# end
5. Configure the PCP decoding table for the received PCP value 5 to be decoded as pri-
ority 6 and drop-eligible true in Port P1 of PB1.
At Switch PB1
aos# configure terminal
aos(config)# interface gigabitethernet 0/1
6. Configure the PCP decoding table for the Port P1 as PCP - 5, Priority – 6 and DE -
True.

260-668256-008 NOVEMBER 2015 101

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

aos(config-if)# pcp-decoding 7P1D pcp 5 priority

6 drop-eligible true
aos(config-if)# end
7. Configure the PCP encoding table for the Port P2 as priority - –6, drop-eligible -
true, the PCP value as 5.
At Switch PB1
aos# configure terminal
aos(config)# interface gigabitethernet 0/2
8. PCP encoding table for the priority 6 drop-eligible true, the PCP value as 5.
aos(config-if)# pcp-encoding 7P1D priority 6
drop-eligible true pcp 5
aos(config-if)# end
9. View the PCP encoding/decoding table configurations by executing the following
command.
aos# show provider-bridge pcp decoding port
gigabitethernet 0/1
aos# show provider-bridge pcp encoding port
gigabitethernet 0/2
aos# show provider-bridge pcp decoding port
gigabitethernet 0/1
10. Port Gi0/1
-----------
PCP : 0 1 2 3 4 5 6 7
----------------------------------------------
8POD : 0 1 2 3 4 5 6 7
7P1D : 0 1 2 3 4DE 6DE 6 7
6P2D : 0 1 2DE 2 4DE 4 6 7
5P3D : 0DE 0 2DE 2 4DE 4 6 7
aos# show provider-bridge pcp encoding port
gigabitethernet 0/2
Port Gi0/2
-----------
DropEligible: 0 0DE 1 1DE 2 2DE 3 3DE 4 4DE 5 5DE
6 6DE 7 7DE
Priority :
--------------------------------------------------
----
8POD : 0 0 1 1 2 2 3 3 4 4 5 5 6 6
7 7
7P1D : 0 0 1 1 2 2 3 3 5 4 5 4 6 5
7 7
6P2D : 0 0 1 1 3 2 3 2 5 4 5 4 6 6
7 7

102 AVIAT NETWORKS

 VLAN CONFIGURATION FOR CTR 8300 AND 8500

5P3D : 1 0 1 0 3 2 3 2 5 4 5 4 6 6
7 7
11. Create VLAN 2 with member ports as P1 and P2.
At Switch PB1
aos# configure terminal
aos(config)# vlan 2
aos(config-vlan)# ports gigabitethernet 0/1,0/2
aos(config-vlan)# end
12. Send a VLAN 2 tagged packet with priority as 5 from Host A to port P1 of PB1.
13. Verify that the packet is sent out with VLAN 2 tag and priority 5 on port P2 of
PB1.

260-668256-008 NOVEMBER 2015 103

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

Configuring Provider Edge Port

Configurations and Service Priority
Regeneration Table

Configuration Guidelines
1. Configure port types.
2. Configure S-VLAN.
3. Configure PEP configurations.
4. Configure Service Priority Regeneration table configuration.

Default Configurations
1. All ports are Provider Network ports by default.
2. Provider Edge Port has the following default values:
3. PVID – CVID of the first customer VLAN assigned to this service.
4. User Priority – 0
5. Acceptable Frame Types – AdmitAll
6. Enable Ingress Filtering – Disabled.
7. Service Priority Regeneration table has receive-priority equal to regenerated pri-
ority.

Procedure
1. Configure port P1 as Customer Edge Port.
At Switch PB1
aos# configure terminal
aos(config)# interface gigabitethernet 0/1
aos(config-if)# bridge port-type
customerEdgePort
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config)# interface gigabitethernet 0/2
aos(config-if)# no shutdown
aos(config-if)# exit
2. Configure the S-VLAN membership.
At Switch PB1
aos# configure terminal
aos(config)# vlan 2

104 AVIAT NETWORKS

 VLAN CONFIGURATION FOR CTR 8300 AND 8500

aos(config-vlan)# ports gigabitethernet 0/1-2

untagged gigabitethernet 0/1
aos(config-vlan)# end
3. Create Provider Edge port and configure Provider Edge port configurations.
At Switch PB1
aos# configure terminal
aos(config)# interface gigabitethernet 0/1
aos(config-if)#switchport customer-vlan 2
service-vlan 2
4. Configure PVID for Provider Edge port (P1, S-VLAN2).
aos(config-if)#service-vlan 2 pvid 2
5. Configure Ingress filter for Provider Edge port (P1, S-VLAN2)
aos(config-if)#service-vlan 2 ingress-filter
enable
aos(config-if)#end
6. Configure Service Priority Regeneration table for the internal CNP (P1, S-VLAN2).
At Switch PB1
aos# configure terminal
aos(config)# interface gigabitethernet 0/1
7. Configure Service Priority Regeneration table for the Internal Customer Network
port (P1, S-VLAN 2).
aos(config-if)#service-vlan 2 recv-priority 2
regen-priority 3
aos(config)# end
8. Provider Edge port configuration is viewed as:
aos# show provider-bridge pep configuration
Provider Edge Port configuration
-------------------------------------
Port Gi0/1
Service VLAN-ID : 2
Port VLAN-ID : 2
Acceptable Frame Type : Admit all
Ingress Filtering : Enabled
Default Priority : 0
Oper status : Up
9. Service Priority Regeneration table configuration is viewed as:
aos# show provider-bridge priority regen
Service Priority Regeneration table
-----------------------------------
Port : Gi0/1 Service VLAN-ID : 2
Receive Priority Regenerated Priority
----------------- ---------------------
0 0

260-668256-008 NOVEMBER 2015 105

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

1 1
2 3
3 3
4 4
5 5
6 6
7 7
A unicast C-VLAN 2 tagged packet with priority 2 that is sent from Host A reaches Host B as a
double tagged packet with priority in the outertag as 3”.

106 AVIAT NETWORKS

 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Tunneling Of Customer STP Packets and

Customer GVRP Protocol Packets –
Provider Bridges
This section describes the tunneling of Customer Spanning Tree Protocol packets and Customer
GVRP protocol packets at provider bridges present in the provider network.

Configuration Guidelines
1. Configure the ports as customer ports (access ports).
2. Disable Spanning Tree on port, where STP tunneling is required.
3. Set the STP tunneling.
4. Disable GVRP on port, where GVRP tunneling is required.
5. Set the GVRP tunneling.
6. Configure the service interfaces.
7. Configure the S-VLAN.

Default Configurations
1. All ports are configured as “Provider Network ports” by default.

Procedure
1. Configure port P1 of PB1 as Customer Edge Port and port P1 of PB2 as Customer
Network Port (Port-Based).
At Switch PB1
aos# configure terminal
aos# interface gigabitethernet 0/1
aos(config-if)# bridge port-type
customerEdgePort
aos(config-if)#end
At Switch PB2
aos# configure terminal
aos# interface gigabitethernet 0/1
aos(config-if)# bridge port-type
customerNetworkPort port-based
aos(config-if)#end
2. Create VLAN 2 with member ports as P1, P2 and untagged member port as P1 in
both PB1 and PB2 bridges.
At Switch PB1
aos# configure terminal
aos(config)# vlan 2

260-668256-008 NOVEMBER 2015 107

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

aos(config-vlan)# ports gigabitethernet 0/1,0/2

untagged gigabitethernet 0/1
aos(config-vlan)#end
At Switch PB2
aos# configure terminal
aos(config)# vlan 2
aos(config-vlan)# ports gigabitethernet 0/1,0/2
untagged gigabitethernet 0/1
aos(config-vlan)#end
3. Configure the CVID Registration table for the port P1 in PB1 as “C-VLAN 2, S-
VLAN 2”. This results in creating the PEP for S-VLAN 2 in the C-VLAN component.
At switch PB1
aos# configure terminal
aos(config)# interface gigabitethernet 0/1
aos(config-if)# switchport customer-vlan 2
service-vlan 2
aos(config-vlan)#end
4. Configure the port PVID of P1 in PB2 as VLAN 2.
At Switch PB2
aos# configure terminal
aos(config)# interface gigabitethernet 0/1
aos(config-if)# switchport pvid 2
aos(config-if)#end
5. Disable the Spanning Tree on port P1 and configure the CPVID for the port P1 as
VLAN 2.
At Switch PB
aos# configure terminal
aos(config)# interface gigabitethernet 0/1
6. Disable the Spanning Tree on port P1.
aos(config-if)# spanning-tree disable
7. Configure the CPVID as 2 for the port P1.
aos(config-if)# switchport Dot1q customer PB
aos(config-if)#end
8. Configure the tunnel status for STP, GVRP as “tunnel” in port P1 of PB1. In Cus-
tomer Network ports, the tunnel protocol status for STP and GVRP are “tunnel” by
default. So, there is no need for configuring tunnel status in PB2.
At Switch PB1
aos# configure terminal
aos(config)# interface gigabitethernet 0/1
9. Enable the tunnel status of STP in port P1.
aos(config-if)# l2protocol-tunnel stp
10. Enable the tunnel status of GVRP in port P1.
aos(config-if)# l2protocol-tunnel gvrp
aos(config-if)#end

108 AVIAT NETWORKS

 VLAN CONFIGURATION FOR CTR 8300 AND 8500

11. Create the VLAN 2 with member port as P2 and untagged member port as P2 in
both CB1 and CB2. Also configure the PVID of the port P2 as VLAN 2 in CB1 and
CB2.
At Switch CB1
aos# configure terminal
aos(config)# vlan 2
aos(config-vlan)#ports gigabitethernet 0/2
untagged gigabitethernet 0/2
aos(config-vlan)# exit
aos(config)#interface gigabitethernet 0/2
aos(config-if)#switchport pvid 2
aos(config-if)#end
At Switch CB2
aos# configure terminal
aos(config)# vlan 2
aos(config-vlan)#ports gigabitethernet 0/2
untagged gigabitethernet 0/2
aos(config-vlan)# exit
aos(config)#interface gigabitethernet 0/2
aos(config-if)#switchport pvid 2
aos(config-if)#end
12. Now, the VLAN 2 is learnt on the port P1 of CB1 and CB2, and port P1 is the root
port of the Customer Network-Spanning Tree.
At Switch PB1
13. Verify that the Customer Spanning Tree is disabled.
aos# show customer spanning-tree
Port [Gi0/1] Root Id Priority 0
Address 00:00:00:00:00:00
Cost 0
Root Ports
Hello Time 2 Sec, Max Age 20 Sec,
Forward Delay 15 Sec

Customer Spanning tree Protocol has been disabled

Bridge Id Priority 0
Address 00:01:02:03:04:01
Hello Time 2 sec, Max Age 0 sec,
Forward Delay 15 sec
Name Role State Cost Prio
Type
---- ---- ----- ---- ---- ----
-
PEP-Service:2 Disabled Unknown 128 32
SharedLan

260-668256-008 NOVEMBER 2015 109

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

CEP-Gi0/1 Disabled Unknown 200000 32

SharedLan
-------------------------------------------------
14. Verify that the STP and GVRP tunnel status are configured as “tunnel”.
aos# show provider-bridge port config port
gigabitethernet 0/1
Provider Bridge Port configuration table
-----------------------------------------
Port Gi0/1
Port Type : Customer
Edge Port
Dot1x Protocol Tunnel Status : Peer
LACP Protocol Tunnel Status : Peer
Spanning Tree Tunnel Status : Tunnel
GVRP Protocol Tunnel Status : Tunnel
GMRP Protocol Tunnel Status : Discard
IGMP Protocol Tunnel Status : Discard
Service Vlan Classification : Customer
Vlan
Ingress EtherType : 0x88a8
Egress EtherType : 0x8100
EtherType Swap Status : Disable
Service Vlan Translation Status : Disable
Require Drop Encoding : False
Use_Dei : False
PCP Selection Row : 8P0D
Unicast Mac Learning Status : Enable
Unicast Mac Learning Limit : 150
Customer Vlan : 2
Customer Vlan Status : Enabled
--------------------------------------------------
--
At Switch CB1
15. Verify the Spanning Tree port roles and states by executing the following com-
mand:
aos# show spanning-tree
Root Id Priority 32768
Address 00:03:02:03:04:01
Cost 0
Port 0 [0]
This bridge is the root

110 AVIAT NETWORKS

 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Max age 20 Sec, forward delay 15

Sec

MST00
MST00 is executing the mstp compatible Multiple
Spanning Tree Protocol
Bridge Id Priority 32768
Address 00:03:02:03:04:01
Max age is 20 sec, forward delay
is 15 sec
Name Role State Cost Prio
Type
---- ---- ----- ---- ---- ---
---
Gi0/1 Designated Forwarding 200000 128
SharedLan
Gi0/2 Designated Forwarding 200000 128
SharedLan
Verify the VLAN configuration by executing the
following command:
aos# show vlan
VLAN database
-------------
VLAN ID : 1
Member Ports : Gi0/1, Gi0/2, Gi0/3, Gi0/4,
Gi0/5, Gi0/6
Gi0/7, Gi0/8, Gi0/9, Gi0/10,
Gi0/11, Gi0/12
Gi0/13, Gi0/14, Gi0/15,
Gi0/16, Gi0/17, Gi0/18
Gi0/19, Gi0/20, Gi0/21,
Gi0/22, Gi0/23, Gi0/24
Untagged Ports : Gi0/1, Gi0/2, Gi0/3, Gi0/4,
Gi0/5, Gi0/6
Gi0/7, Gi0/8, Gi0/9, Gi0/10,
Gi0/11, Gi0/12
Gi0/13, Gi0/14, Gi0/15,
Gi0/16, Gi0/17, Gi0/18
Gi0/19, Gi0/20, Gi0/21,
Gi0/22, Gi0/23, Gi0/24
Forbidden Ports : None
Name :
Status : Permanent

260-668256-008 NOVEMBER 2015 111

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

--------------------------------------------------
--
VLAN ID : 2
Member Ports : Gi0/1, Gi0/2
Untagged Ports : Gi0/2
Forbidden Ports : None
Name :
Status : Permanent
At Switch CB2
16. Verify the spanning tree port roles and states by executing the following com-
mand:
aos# show spanning-tree
Root Id Priority 32768
Address 00:03:02:03:04:01
Cost 200000
Port 1 [Gi0/1]
Max age 20 Sec, forward delay 15
Sec

MST00
MST00 is executing the mstp compatible Multiple
Spanning Tree Protocol
Bridge Id Priority 32768
Address 00:04:02:03:04:01
Max age is 20 sec, forward delay
is 15 sec
Name Role State Cost Prio
Type
---- ---- ----- ---- ----
----
Gi0/1 Root Forwarding 200000 128
SharedLan
Gi0/2 Designated Forwarding 200000 128
SharedLan
Verify the VLAN configuration by executing the
following command:
aos# show VLAN
VLAN database
-------------
VLAN ID : 1
Member Ports : Gi0/1, Gi0/2, Gi0/3, Gi0/4,
Gi0/5, Gi0/6

112 AVIAT NETWORKS

 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Gi0/7, Gi0/8, Gi0/9, Gi0/10,

Gi0/11, Gi0/12
Gi0/13, Gi0/14, Gi0/15,
Gi0/16, Gi0/17, Gi0/18
Gi0/19, Gi0/20, Gi0/21,
Gi0/22, Gi0/23, Gi0/24
Untagged Ports : Gi0/1, Gi0/2, Gi0/3, Gi0/4,
Gi0/5, Gi0/6
Gi0/7, Gi0/8, Gi0/9, Gi0/10,
Gi0/11, Gi0/12
Gi0/13, Gi0/14, Gi0/15,
Gi0/16, Gi0/17, Gi0/18
Gi0/19, Gi0/20, Gi0/21,
Gi0/22, Gi0/23, Gi0/24
Forbidden Ports : None
Name :
Status : Permanent
--------------------------------------------------
--
VLAN ID : 2
Member Ports : Gi0/1, Gi0/2
Untagged Ports : Gi0/2
Forbidden Ports : None
Name :
Status : Permanent
17. Ping from Host A to Host B. The ping is successful.

260-668256-008 NOVEMBER 2015 113

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

Tunneling Of Customer STP Packets and

Customer GVRP Protocol Packets –
Customer Bridges
This section describes the tunneling of Customer STP packets and Customer GVRP protocol
packets at Customer bridges present in the provider network.

Configuration Guidelines
1. Disable Spanning Tree on port where STP tunneling is required.
2. Disable GVRP on port where GVRP tunneling is required.
3. Set the STP tunneling and GVRP tunneling.
4. Configure S-VLAN

Default Configurations
All bridges AOS1, AOS2, AOS3 and ISS4 will be configured as customer bridges.

Procedure
1. Create VLAN 2 with member ports as P1, P2 and untagged member port as P1 in
both AOS1 and AOS2 bridges.
At Switch AOS1
aos# configure terminal
aos(config)# vlan 2
aos(config-vlan)# ports gigabitethernet 0/1,0/2
untagged gigabitethernet 0/1
aos(config-vlan)#end
At Switch AOS2
aos# configure terminal
aos(config)# vlan 2
aos(config-vlan)# ports gigabitethernet 0/1,0/2
untagged gigabitethernet 0/1
aos(config-vlan)#end
2. Configure the port PVID of P1 in AOS1 and AOS2 as VLAN 2.
At Switch AOS1
aos# configure terminal
aos(config)# interface gigabitethernet 0/1
aos(config-if)# switchport pvid 2
aos(config-if)#end
At Switch AOS2
aos# configure terminal

114 AVIAT NETWORKS

 VLAN CONFIGURATION FOR CTR 8300 AND 8500

aos(config)# interface gigabitethernet 0/1

aos(config-if)# switchport pvid 2
aos(config-if)#end
3. Disable Spanning Tree on port P1 of both AOS1 and AOS2.
At Switch AOS1
aos# configure terminal
aos(config)# interface gigabitethernet 0/1
4. Disable the Spanning Tree on port P1.
aos(config-if)# spanning-tree disable
aos(config-if)#end
At Switch AOS2
aos# configure terminal
aos(config)# interface gigabitethernet 0/1
5. Disable the Spanning Tree on port P1.
aos(config-if)# spanning-tree disable
aos(config-if)#end
6. Disable the GVRP Protocol on Port P1 of both AOS1 and AOS2.
At Switch AOS1
aos# configure terminal
aos(config)# switch default
7. Disable the GVRP protocol on port P1.
aos(config-default)# set port gvrp
gigabitethernet 0/1 disable
aos(config-default)#end
At Switch AOS2
aos# configure terminal
aos(config)# switch default
8. Disable the GVRP protocol on port P1.
aos(config-default)# set port gvrp
gigabitethernet 0/1 disable
aos(config-default)#end
9. Configure the tunnel status for STP, GVRP as “tunnel” in port P1 of AOS1 and
AOS2.
At Switch AOS1
aos# configure terminal
aos(config)# interface gigabitethernet 0/1
10. Configure the tunnel status of STP in port P1.
aos(config-if)# l2protocol-tunnel stp
11. Configure the tunnel status of GVRP in port P1.
aos(config-if)# l2protocol-tunnel gvrp
aos(config-if)#end
At Switch AOS2
aos# configure terminal
aos(config)# interface gigabitethernet 0/1

260-668256-008 NOVEMBER 2015 115

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

12. Enable the tunnel status of STP in port P1.

aos(config-if)# l2protocol-tunnel stp
13. Enable the tunnel status of GVRP in port P1.
aos(config-if)# l2protocol-tunnel gvrp
aos(config-if)#end
14. Create VLAN 2 with member port as P2 and untagged member port as P2 in both
AOS3 and ISS4. Also configure the PVID of the port P2 as VLAN 2 in AOS3 and ISS4.
At Switch AOS3
aos# configure terminal
aos(config)# vlan 2
aos(config-vlan)#ports gigabitethernet 0/2
untagged gigabitethernet 0/2
aos(config-vlan)# exit
aos(config)#interface gigabitethernet 0/2
aos(config-if)#switchport pvid 2
aos(config-if)#end
At Switch ISS4
aos# configure terminal
aos(config)# vlan 2
aos(config-vlan)#ports gigabitethernet 0/2
untagged gigabitethernet 0/2
aos(config-vlan)# exit
aos(config)#interface gigabitethernet 0/2
aos(config-if)#switchport pvid 2
aos(config-if)#end
15. At the end of these configuration VLAN 2 is learnt on port P1 of AOS3 and ISS4,
and port P1 is the root port of the Customer Network-Spanning Tree (AOS3 and
ISS4).
At Switch AOS1
aos# show spanning-tree
Switch default
Root Id Priority 32768
Address 00:01:02:03:04:01
Cost 0
Port 0 [0]
This bridge is the root
Max age 20 Sec, forward delay 15 Sec

MST00
MST00 is executing the mstp compatible Multiple
Spanning Tree Protocol
Bridge Id Priority 32768
Address 00:01:02:03:04:01

116 AVIAT NETWORKS

 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Max age is 20 sec, forward delay is

15 sec
Name Role State Cost Prio
Type
---- ---- ----- ---- ---- -
----
Gi0/1 Disabled Forwarding 200000 128
SharedLan
Gi0/2 Designated Forwarding 200000 128
SharedLan
16. Execute the following show command to view that the STP and GVRP protocol
tunnel status is configured as ’tunnel’ in AOS1.
aos# show vlan port config port gigabitethernet
0/1
Switch default
Vlan Port configuration table
-------------------------------
Port Gi0/1
Port Vlan ID : 1
Port Acceptable Frame Type : Admit All
Port Ingress Filtering : Disabled
Port Mode : Hybrid
Port Gvrp Status : Enabled
Port Gmrp Status : Enabled
Port Gvrp Failed Registrations : 0
Gvrp last pdu origin :
00:00:00:00:00:00
Port Restricted Vlan Registration : Disabled
Port Restricted Group Registration : Disabled
Mac Based Support : Disabled
Port-and-Protocol Based Support : Enabled
Default Priority : 0
Dot1x Protocol Tunnel Status : Peer
LACP Protocol Tunnel Status : Peer
Spanning Tree Tunnel Status : Tunnel
GVRP Protocol Tunnel Status : Tunnel
GMRP Protocol Tunnel Status : Peer
IGMP Protocol Tunnel Status : Peer
--------------------------------------------------
---
At Switch AOS2
aos# show spanning-tree

260-668256-008 NOVEMBER 2015 117

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

Switch default
Root Id Priority 32768
Address 00:01:02:03:04:01
Cost 200000
Port 2 [Gi0/2]
Max age 20 Sec, forward delay 15
Sec

MST00
MST00 is executing the mstp compatible Multiple
Spanning Tree Protocol
Bridge Id Priority 32768
Address 00:02:02:03:04:01
Max age is 20 sec, forward delay
is 15 sec
Name Role State Cost Prio
Type
---- ---- ----- ---- ---- -
----
Gi0/1 Disabled Forwarding 200000 128
SharedLan
Gi0/2 Root Forwarding 200000 128
SharedLan
17. Execute the following show command to view that the STP and GVRP protocol
tunnel status is configured as ’tunnel’ in AOS2.
aos# show vlan port config port gigabitethernet
0/1
Switch default
Vlan Port configuration table
-------------------------------
Port Gi0/1
Port Vlan ID : 1
Port Acceptable Frame Type : Admit All
Port Ingress Filtering : Disabled
Port Mode : Hybrid
Port Gvrp Status : Enabled
Port Gmrp Status : Enabled
Port Gvrp Failed Registrations : 0
Gvrp last pdu origin :
00:00:00:00:00:00
Port Restricted Vlan Registration : Disabled
Port Restricted Group Registration : Disabled

118 AVIAT NETWORKS

 VLAN CONFIGURATION FOR CTR 8300 AND 8500

Mac Based Support : Disabled

Port-and-Protocol Based Support : Enabled
Default Priority : 0
Dot1x Protocol Tunnel Status : Peer
LACP Protocol Tunnel Status : Peer
Spanning Tree Tunnel Status : Tunnel
GVRP Protocol Tunnel Status : Tunnel
GMRP Protocol Tunnel Status : Peer
IGMP Protocol Tunnel Status : Peer
--------------------------------------------------
---
At Switch AOS3
18. Execute the following show command to verify that the Spanning tree has settled
in AOS3 by tunneling of STP packets.
aos# show spanning-tree
Switch default
Root Id Priority 32768
Address 00:03:02:03:04:01
Cost 0
Port 0 [0]
This bridge is the root
Max age 20 Sec, forward delay 15 Sec
MST00
MST00 is executing the mstp compatible Multiple
Spanning Tree Protocol
Bridge Id Priority 32768
Address 00:03:02:03:04:01
- Max age is 20 sec, forward delay
is 15 sec
Name Role State Cost Prio
Type
---- ---- ----- ---- ---- ---
---
Gi0/1 Designated Forwarding 200000 128
SharedLan
Gi0/2 Designated Forwarding 200000 128
SharedLan
19. Verify the VLAN learning happened properly in AOS3 using the following com-
mand
aos# show vlan
VLAN database
-------------

260-668256-008 NOVEMBER 2015 119

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

VLAN ID : 1
Member Ports : Gi0/1, Gi0/2
Untagged Ports : Gi0/1, Gi0/2
Forbidden Ports : None
Name :
Status : Permanent
--------------------------------------------------
--
VLAN ID : 2
Member Ports : Gi0/1, Gi0/2
Untagged Ports : Gi0/1
Forbidden Ports : None
Name :
Status : Permanent
At Switch ISS4
20. Verify that the Spanning tree has settled in ISS4 by tunneling of STP packets by
executing the following command.
aos# show spanning-tree
Switch default
Root Id Priority 32768
Address 00:03:02:03:04:01
Cost 200000
Port 2 [Gi0/2]
Max age 20 Sec, forward delay 15
Sec

MST00
MST00 is executing the mstp compatible Multiple
Spanning Tree Protocol
Bridge Id Priority 32768
Address 00:04:02:03:04:01
Max age is 20 sec, forward delay
is 15 sec
Name Role State Cost Prio
Type
---- ---- ----- ---- ----
----
Gi0/1 Root Forwarding 200000 128
SharedLan
Gi0/2 Designated Forwarding 200000 128
SharedLan

120 AVIAT NETWORKS

 VLAN CONFIGURATION FOR CTR 8300 AND 8500

21. Execute the following show command to verify whether VLAN learning happened
properly in ISS4.
aos# show vlan
VLAN database
-------------
VLAN ID : 1
Member Ports : Gi0/1, Gi0/2
Untagged Ports : Gi0/1, Gi0/2
Forbidden Ports : None
Name :
Status : Permanent
--------------------------------------------------
--
VLAN ID : 2
Member Ports : Gi0/1, Gi0/2
Untagged Ports : Gi0/1
Forbidden Ports : None
Name :
Status : Permanent

260-668256-008 NOVEMBER 2015 121

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

Tunnelling Over Q-in-Q Bridge

Configuration Guidelines
1. Configuring bridge modes.
2. Configuring the port type of the port that is connected to a Q-in-Q bridge as Pro-
prietary Provider Network Port.
3. Configuring the S-VLAN.

Default Configurations
1. All ports are configured as “Provider Network Ports” by default.

Proceudre
1. ”Configure port P1 of PB1 and PB2 as “Proprietary Provider Network Port”.
At switch PB1
aos#configure terminal
aos(config)# interface gigabitethernet 0/1
aos(config-if)# bridge port-type
propProviderNetworkPort
aos(config-if)# end
At switch PB2
aos#configure terminal
aos(config)# interface gigabitethernet 0/1
aos(config-if)# bridge port-type
propProviderNetworkPort
aos(config-if)# end
2. Configure VLAN 2 with member ports as P1 and untagged member ports as P1 in
CB1 and CB2. Also configure the PVID of port P2 as VLAN 2.
At Switch CB1
aos(config)# vlan 2
aos(config-vlan)# ports gigabitethernet 0/1,0/2
untagged gigabitethernet 0/2
aos(config-vlan)# exit
aos(config)# interface gigabitethernet 0/1
aos(config-if)# switchport pvid 2
aos(config-if)# end
At Switch CB2
aos(config)# vlan 2
aos(config-vlan)# ports gigabitethernet 0/1,0/2
untagged gigabitethernet 0/2
aos(config-vlan)# exit
aos(config)# interface gigabitethernet 0/2

122 AVIAT NETWORKS

 VLAN CONFIGURATION FOR CTR 8300 AND 8500

aos(config-if)# switchport pvid 2

aos(config-if)# end
3. Verify the topology convergence in CB1 and CB2, and VLAN membership propaga-
tion in PB1 and PB2.
At Switch CB1
aos# show spanning-tree
Root Id Priority 32768
Address 00:01:02:03:04:01
Cost 200000
Port 1 [Gi0/1]
Max age 20 Sec, forward delay 15
Sec

MST00
MST00 is executing the mstp compatible Multiple
Spanning Tree Protocol
Bridge Id Priority 32768
Address 00:03:02:03:04:01
Max age is 20 sec, forward delay
is 15 sec
Name Role State Cost Prio
Type
---- ---- ----- ---- ---- --
--
Gi0/1 Root Forwarding 200000 128
SharedLan
Gi0/2 Designated Forwarding 200000 128
SharedLan
At Switch CB2
aos# show spanning-tree
Root Id Priority 32768
Address 00:01:02:03:04:01
Cost 400000
Port 1 [Gi0/1]
Max age 20 Sec, forward delay 15
Sec

MST00
MST00 is executing the mstp compatible Multiple
Spanning Tree Protocol
Bridge Id Priority 32768
Address 00:04:02:03:04:01

260-668256-008 NOVEMBER 2015 123

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

Max age is 20 sec, forward delay

is 15 sec
Name Role State Cost Prio
Type
---- ---- ----- ---- ---- -
----
Gi0/1 Root Forwarding 200000 128
SharedLan
Gi0/2 Designated Forwarding 200000 128
SharedLan
At Switch PB1
aos# show vlan brief
Vlan database
-------------
Vlan ID : 1
Member Ports : Gi0/1, Gi0/2
Untagged Ports : None
Forbidden Ports : None
Name :
Status : Permanent
ServiceType : E-LAN
MacLearning Status : Enabled
--------------------------------------------------
--
Vlan ID : 2
Member Ports : Gi0/1, Gi0/2
Untagged Ports : None
Forbidden Ports : None
Name :
Status : Dynamic Gvrp
ServiceType : E-LAN
MacLearning Status : Enabled
At Switch PB2
aos# show vlan brief
Vlan database
-------------
Vlan ID : 1
Member Ports : Gi0/1, Gi0/2
Untagged Ports : None
Forbidden Ports : None
Name :
Status : Permanent

124 AVIAT NETWORKS

 VLAN CONFIGURATION FOR CTR 8300 AND 8500

ServiceType : E-LAN
MacLearning Status : Enabled
--------------------------------------------------
--
Vlan ID : 2
Member Ports : Gi0/1, Gi0/2
Untagged Ports : None
Forbidden Ports : None
Name :
Status : Dynamic Gvrp
ServiceType : E-LAN
MacLearning Status : Enabled

260-668256-008 NOVEMBER 2015 125

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

Port-Based MAC Address Limiting

Figure 6-2. Topology 3

Configuration Guidelines
1. Configuration of bridge modes.
2. Configuration of Unicast Mac status and Unicast Mac limit.
3. Configuration of S-VLAN.

Default Configurations
1. All ports are configured as “Provider Network Ports” by default.

Procedure
1. Configure the Unicast Mac status as “disabled” for port P1 of PB1. Note that uni-
cast-mac learning can only be set on a VLAN.
aos#configure terminal
aos(config)# vlan 2
2. Disable the Unicast Mac Learning status.
aos(config-if)# switchport unicast-mac learning
disable
aos(config)#end
3. Send five unicast packets of different sources from P1 of HA to P1 of PB1.
4. Verify that the Mac address is not learnt on the port P1 using the following com-
mand:
At Switch PB1
aos#show mac-address-table
VLAN Mac Address Type Ports
---- ----------- ---- -----
Total Mac Addresses displayed: 0
5. Configure the Unicast Mac Learning status as enabled for port P1 of PB1. Also con-
figure the Unicast Mac Limit for port P1 as 5.
At Switch PB1
aos#configure terminal

126 AVIAT NETWORKS

 VLAN CONFIGURATION FOR CTR 8300 AND 8500

aos(config)# interface gigabitethernet 0/1

6. Enable the Unicast Mac Learning status for port P1
aos(config-if)# switchport unicast-mac learning
enable
7. Enable the Unicast Mac Learning Limit as 5 for port P1
aos(config-if)# switchport unicast-mac learning
limit 5
aos(config-if)# end
8. Send 10 unicast packets of different sources from P1 of HA to P1 of PB1.
At Switch PB1
aos# show mac-address-table
Vlan Mac Address Type Ports
---- ----------- ---- -----
1 00:11:22:33:44:0a Learnt Gi0/1
1 00:11:22:33:44:1a Learnt Gi0/1
1 00:11:22:33:44:2a Learnt Gi0/1
1 00:11:22:33:44:3a Learnt Gi0/1
1 00:11:22:33:44:4a Learnt Gi0/1
9. The status of the Unicast Mac Learning status and Mac Limit are viewed using
the following command:
aos# show provider-bridge port config port
gigabitethernet 0/1
Provider Bridge Port configuration table
-----------------------------------------
Port Gi0/1
Port Type : Provider
Network Port
Service VLAN Classification : PVID
Ingress EtherType : 0x88a8
Egress EtherType : 0x88a8
EtherType Swap Status : Disable
Service VLAN Translation Status : Enable
Require Drop Encoding : False
Use_Dei : False
PCP Selection Row : 8P0D
Unicast Mac Learning Status : Enable
Unicast Mac Learning Limit : 5
--------------------------------------------------
--

260-668256-008 NOVEMBER 2015 127

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

VLAN-Based MAC Address Limiting

Configuration Guidelines
1. Configuration of bridge modes.
2. Configuration of Multicast Mac status and Multicast Mac limit.
3. Configuration of S-VLAN.

Default Configurations
1. All ports are ”Provider Network Ports” by default.

Procedure
1. Configure the Unicast Mac status as “disabled” for VLAN 2 of PB1.
aos#configure terminal
aos(config)# vlan 2
2. Disable the Unicast Mac Learning status for VLAN 2
aos(config-vlan)# set unicast-mac learning
enable
aos(config-vlan)#end
3. Send five unicast packets of different sources from P1 of HA to P1 of PB1.
4. Verify that the Mac address is not learnt on the port P1 using the following com-
mand:
At Switch PB1
aos#show mac-address-table
Vlan Mac Address Type Ports
---- ----------- ---- -----
Total Mac Addresses displayed: 0
5. Configure the Unicast Mac Learning status as enabled for VLAN 2 of PB1 and also
configure the Unicast Mac Limit for VLAN 2 as 5.
At Switch PB1
aos#configure terminal
aos(config)# vlan 2
6. Enable the Unicast Mac Learning status for VLAN 2.
aos(config-vlan)# set unicast-mac learning
enable
7. Enable the Unicast Mac Learning limit as 5 for port P1.
aos(config-vlan)# vlan unicast-mac learning
limit 5
aos(config-vlan)# end
8. Send 10 unicast packets of different sources from P1 of HA to P1 of PB1.
At Switch PB1

128 AVIAT NETWORKS

 VLAN CONFIGURATION FOR CTR 8300 AND 8500

aos# show mac-address-table

Vlan Mac Address Type Ports
---- ----------- ---- -----
2 00:11:22:33:44:0a Learnt Gi0/1
2 00:11:22:33:44:1a Learnt Gi0/1
2 00:11:22:33:44:2a Learnt Gi0/1
2 00:11:22:33:44:3a Learnt Gi0/1
2 00:11:22:33:44:4a Learnt Gi0/1
9. The status of the Unicast Mac Learning status and Mac limit are viewed using the
following command:
aos# show vlan learning params
VLAN Id : 1
Mac Learning Status : Enable
Mac Learning Limit : 150
-------------------------------------
Vlan Id : 2
Mac Learning Status : Enable
Mac Learning Limit : 5

Customer Controlled Provider Bridges

Provider Bridges placed in the customer network are termed as Customer Controlled Provider
Bridges. This provides the customer to choose the services in the customer premises than
requesting the provider for services.
The Customer Controlled Provider Edge Bridge provides C-Tagged service interfaces within the
customer’s own network. These Customer Controlled Provider Bridges are connected to the Pro-
vider Controlled Bridges through CNP S-Tagged interfaces. The communication between the
Customer Controlled Provider Bridge and the Connecting Provider Bridge is through S-VLAN
tag.

Proprietary Provider Network Port

Proprietary Provider Network Port is mainly used to interop with the Q-in-Q bridges in the pro-
vider network. PPNP is always connected to a Q-in-Q bridge in the provider network; else it is
considered as misconfiguration.
Note that:
l The Ingress ether type of PPNP is always 0x8100.
l Packets received with C-Tag (0x8100) are treated as S-Tag packets and are processed.
l The packet that has to be transmitted on this port with S-Tag has ether type as
0x8100. On PPNP, the Provider Spanning Tree protocol and Provider GVRP protocol
transmits the control packets with destination address as defined for customer
bridges.

260-668256-008 NOVEMBER 2015 129

CHAPTER 6. FLOW BASED PROVIDER BRIDGE CONFIGURATION

l To transmit the tunneled Customer STP and GVRP packets, the destination Mac
address is changed as per the administrator configuration.

130 AVIAT NETWORKS

 260-668256-008
WWW.AVIATNETWORKS.COM