XpandIP+ Additional For Advance Course PDF

Introduction to IEEE 802.
1 P/Q
Prerequisites
Prior to taking this module, trainee should be familiar with the

following:
• Ethernet Topologies
• OSI 7 Layers model
2 Proprietary and Confidential

Agenda
Agenda
What is VLAN?
Advantages for using VLAN
Regular Ethernet frame
Tagged frame structure
Types of VLAN
Types of connections
802.1P implementations

What is VLAN?
A Layer 2 Protocol which enables enhanced

traffic maneuvers :
• Prioritization
• Filtering
• Provisioning
• Mapping (e.g. - ATM to/from ETH)

What is VLAN?
Regular ETH networks forward broadcast frames to all endpoints

What is VLAN?
VLAN networks forward broadcast frames only to pre-defined ports

(Profile Membership)
VLAN 1
Switch ports
VLAN 547

Advantages of VLAN
• Breaking large networks into smaller parts (Formation of virtual workgroups)
• Simplified Administration (no need for re-cabling when user moves)

• Improving Broadcast & Multicast traffic utilization
• Mapping expensive backbones (ATM) to simpler & cheaper ETH backbones
• Security – establishing tunnels / trunks through the network for dedicated

users (traffic between VLANs is restricted).

Before we start explaining bit by bit, what is VLAN
and how does it work, let us review first the
structure of a regular ETH frame

Untagged Ethernet Frame
FCS is created by the sender and recalculated by the receiver
Preamble + SFD DA SA Length / Type DATA + PAD FCS
4 Bytes
8 Bytes 6 Bytes 6 Bytes 2 Bytes 46 - 1500 Bytes (32-bit
CRC)
Minimum 64 Bytes < FRAME SIZE < Maximum 1518 Bytes
Length / Type < 1500 - Parameter indicates number of Data Bytes

Length / Type > 1536 - Parameter indicates Protocol Type (PPPoE, PPPoA, ARP etc.)

Tagged Ethernet Frame
• Additional information is inserted

• Frame size increases to 1522 Bytes
4 Bytes
Preamble + SFD DA SA VLAN TAG Length / Type DATA + PAD FCS
TPID = 0x8100 TCI
P‐TAG CFI VLAN ID

TPID = Tag protocol ID
3 Bit 1 Bit 12 Bit
TCI = Tag Control Information
CFI = 1 bit canonical Format Indicator

Tagging a Frame
VLAN ID uses 12 bits, therefore the number of maximum VLANs is 4096:

• 212 = 4096
• VID 0 = reserved
• VID 4090-4096 = reserved (dedicated for XPAND IP+’s internal purposes such as MNG etc.)
• VID 1 = default
• After tagging a frame, FCS is recalculated
• CFI is set to 0 for ETH frames, 1 for Token Ring to allow TR frames over
ETH backbones (some vendors may use CFI for internal purposes)

TPID / ETHER-Type / Protocol Type…
TPID in tagged frames in always set to Protocol type Value
0x8100 Tagged Frame 0x8100
ARP 0x0806
It is important that you understand the Q‐in‐Q (CISCO) 0x8100
meaning and usage of this parameter
Q‐in‐Q (other vendors) 0x88A8
Q‐in‐Q (other vendors) 0x9100
Later when we discuss QoS, we shall Q‐in‐Q (other vendors) 0x9200
demonstrate how & why the system RARP 0x8035

audits this parameter IP 0x0800
IPv6 0x86DD
PPPoE 0x8863/0x8864
MPLS 0x8847/0x8848
IS‐IS 0x8000
LACP 0x8809
802.1x 0x888E

VLAN Membership: By Port
Every switch port is associated with specific VLAN membership
• PRO – easy configured

• CON – no user mobility
For example – ports 1,2 and 3 can see each other but cannot PING
other ports (different VLAN membership)
1 2 3 4
VLAN 22 5 6 7 8
VLAN 5
VLAN 9
VLAN 333
VLAN 100
VLAN 1

VLAN Membership: By MAC
PRO – user mobility, no
reconfiguration when PC
moves
CON – needs to be assigned

initially, not an easy task
with thousands of
endpoints 00:20:8f:40:15:31
00:20:8f:40:15:ef
00:20:8f:40:15:30
VLAN 44
00:33:ef:38:01:23
00:33:ef:38:01:a0
00:33:ef:38:01:25
VLAN 5

VLAN Membership: By Subnet (L3 VLAN)
Membership is based on the Layer 3 header
No process of IP address is done
Main disadvantage – longer overall throughput
10.10.10.12
10.10.10.122
10.10.10.13
VLAN 44
11.1.1.10.12
11.1.1.10
11.1.1.10.23
VLAN 5

Port Types
Access Port – a port which is not aware of VLANs

(Cannot tag outgoing frames or un-tag incoming frames)
VLAN aware Switch
A
Device unaware of VLANs Switch tags the ingress

transmits untagged frames with VID according
(regular) ETH frames to specific Tagging
mechanism

Port Types
Trunk Port – a port which is aware of VLANs

(Can tag or un-tag incoming frames)
VLAN aware Switch
A T
Device unaware of VLANs Switch tags the ingress frames with VID according to
transmits untagged specific Tagging mechanism
(regular) ETH frames
Switch un-tags frames with VID received from network
and delivers untagged frames to Access ports

Port Types
Trunk Port can carry tagged frames with different VIDs.

This requires Port Membership configuration.
VLAN aware Switch
T
A
A A
This port is not a member of the Trunk
port membership list, hence, traffic is
discarded

Q-in-Q
• Additional VLAN (S-VLAN) is inserted

• Frame size increases to 1526 Bytes
4 Bytes 4 Bytes
Preamble + SFD DA SA S ‐ VLAN C ‐ VLAN Length / Type DATA + PAD FCS
TPID = 0x88A8 TCI TPID = 0x8100 TCI
P‐TAG CFI VLAN ID P‐TAG CFI VLAN ID

3 Bit 1 Bit 12 Bit 3 Bit 1 Bit 12 Bit

Port Types
Q-in-Q (A.K.A. Double Tagging…VLAN Encapsulation…)
+
VLAN
aware Switch
CN PN
Enhanced security – not exposing original VID
Improved flexibility of VID in the network

(Ingress VID was already assigned in the network)

Introduction to QoS / CoS
Mapping ATM QoS over ETH CoS (RFC 1483)
We can extend the benefits of ATM QoS into Ethernet LANs to guarantee Ethernet priorities
across the ATM backbone. A L2 switch or L3 router reads incoming 802.1p or IP ToS priority
bits, and classifies traffic accordingly.
To match the priority level with the appropriate ATM service class and other parameters, the
switch then consults a mapping table with pre-defined settings.
P-Tag 6 CBR
P-Tag 4 VBR
P-Tag 0 UBR
Hub
GE
Site
FE/GE RNC
GE
STM1/
n x T1/E1
IP+ OC3
Tail site MPLS
IP+ ATM Router
Router Core
Site BSC/MSC

Mapping ETH to MPLS and vice versa
XPAND IP+’s L2 switch can take part in the process of transporting
services through MPLS core
Frames/services are mapped to MPLS FECs according to:

• VLAN ID mapped to MPLS EXP bits
• VLAN P-Bit mapped to MPLS EXP bits
Hub
GE
Site
FE/GE RNC
GE
STM1/
n x T1/E1
IP+ OC3
STM1/
Tail site OC3
MPLS
IP+ MPLS Router
Router
Core
Site BSC/MSC

VLAN P-Bit Remap (Traffic Classes)
IEEE Recommendation
Ingress Number of Available Traffic Classes
The following table shows P‐Tags
IEEE definition of traffic 1 2 3 4 5 6 7 8
classes 0 (default) 0 0 0 0 0 1 1 1
It shows the ingress options 1 0 0 0 0 0 0 0 0

for P-Tag VS. egress P-tag 2 0 0 0 1 1 2 2 2
3 0 0 0 1 1 2 3 3
The number of egress
priorities (classes) depend 4 0 1 1 2 2 3 4 4
on the number of assigned 5 0 1 1 2 2 3 4 5
queues
6 0 1 2 3 3 4 5 6
7 0 1 2 3 4 5 6 7
Egress P‐Tag

VLAN P-Bit Remap (Traffic Classes)
• The default priority used for transmission by end stations is 0
• With a single queue, there are no choices. All traffic is Best Effort
• Multiple queues are needed to isolate Network Control from the user data traffic

Acronyms
• ETH – Ethernet
• NIC – Network Internet Card
• VID – Vlan ID
• VLAN – Virtual LAN
• P-TAG – Priority Tag, Priority Bits
• CFI – Canonical Format Indicator
• TPID – Tag Protocol Identifier
• FCS – Frame Check Sequence
• DA – Destination Address
• SA – Source Address
• QoS – Quality of Service

Associated IEEE Standards
• IEEE 802.3 : Ethernet (Max. frame size = 1518 bytes)
• IEEE 802.3ac : Ethernet (Max. frame size = 1522 bytes)
• IEEE 802.1 d : MAC Bridge first introduced the concept of Filtering
Services in a bridged local network
• IEEE 802.1 q : VLAN Tagging
• IEEE 802.1 p : Priority Tagging / Mapping
• IEEE 802.1ag : OAM (CFM)

Thank You
Trunk Vs. Access Vs. Hybrid
I6.8
Agenda
1. VLAN TAG Attributes
2. Access Port
3. Trunk Port
4. Extracting frames out of a trunk
5. General Guidelines
6. EMS Trunk Configuration

VLAN TAG Attributes
1. In L2 ETH switching, L2 traffic can be engineered using the VLAN TAG

attributes
2. L2 traffic is controlled by defining port membership: Access or Trunk
3. Together, port membership + L2 traffic engineering convert

connectionless to connection-oriented network
4. In such networks, services are better deployed and maintained
5. VLAN TAG attributes include:

• VLAN ID (12 bits)
• Priority Bits (3 bits)
6. Additional attributes may be used to engineer traffic:

• MAC DA
• Port number

Access Port
• Access Port is a port which is aware of a single VLAN only
• Ingress traffic is expected to be Untagged, e.g. – no VLAN

information exists within the received Ethernet frame
• All frames that are received through this port are tagged with
default VLAN (VID + P bits)
• All frames that exit through this port towards customer devices are
untagged (VLAN is removed)
• Users can configure the L2 switch to assign different tagging

scenarios to different ports

Access Port
• Let us examine the Tagging / Untagging process of a L2 switch
L2 ETH SW
DA SA Type Payload FCS

Access Port – Tagging ingress frames
• Let us examine the Tagging / Untagging process of Port #1
Tagging
Port #8
Port #1
DA SA VLAN TAG Type Payload FCS
Tagged frame
Access Port:Untagged frame

Access Port –
Utagging frames towards customer interfacing ports
• When Tagged frame from Network is forwarded to Access port, the

VLAN Tag is removed
Tagging
Port #8
Port #1
DA SA VLAN TAG Type Payload FCS
Tagged frame
Access Port:Untagged frame

Access Port – Tagging multiple ports
• The switch can individually tag multiple Access ports with same VID or
unique VID
Tagging
Port #8
Port #1 Port #2
DA SA VLAN TAG = 10 Type Payload FCS
DA SA Type Payload FCS DA SA VLAN TAG = 33 Type Payload FCS

Access Ports: Untagged frames

Trunk Port – multiple VIDs awareness
• To be able to transmit & receive multiple VLANs, the common port has to
be configured as a Trunk Port
Trunk Port
Port #8
Port #1 Port #2
DA SA Type Payload FCS DA SA VLAN TAG = 33 Type Payload FCS

Access ports: Untagged frames

Trunk Port – multiple VIDs awareness
• Any port can be configured as Trunk

• In this example, port #2 is facing customer device to forward all the
network VLANs (TX&RX)
Trunk Port
Port #8
Port #2
SA VLAN
DA Untagged TAG = 33
frames Type Payload FCS
Trunk & Access – Extracting frames out of a Trunk
• A certain VLAN can be extracted out of a Trunk via Access port assigned
with specific VLAN membership (Default VID)

Port #5: Access
Port #8: Trunk

Port #2:
Trunk DA SA VLAN TAG = 33 Type Payload FCS
SA
DA Untagged VLAN TAG = 33

General guidelines
• Access port can only receive untagged frames from customer device
• Access port can only transmit untagged frames towards customer device
• Access port supports single VLAN
• Access port can be connected to an Access port only
• Trunk port can only receive / transmit tagged frames
• Trunk port supports multiple VLANs
• Trunk port can be connected to a Trunk port only
• When configuring Access or Trunk port, membership needs to be defined

next (which VLANs are supported…)

Access + Trunk Port = Hybrid Port
• Hybrid Port is a combination of access port which is aware of a

single VLAN only and trunk port that allows multiple VLAN
• Ingress untagged traffic is tagged with default VLAN

• Ingress tagged traffic passes through based on VLAN membership
configuration
• Egress tagged traffic with default VLAN is untagged

• Egress tagged traffic passes through based on VLAN membership
configuration
• Users can configure the L2 switch to assign different tagging

scenarios to different ports

Extracting Frames Out of an Hybrid Port
• A certain VLAN can be extracted out of a Hybrid assigned with specific

VLAN membership (Default VID)
Port #2:
Hybrid Port #8: Trunk


SA
DA Untagged VLAN TAG = 33

EMS Trunk/Hybrid Configuration
1
3

Thank You
EMS Switch Configuration
Agenda
1. Switch mode review
2. Guidelines
3. Single Pipe Configuration
4. Managed Mode Configuration
5. Managed Mode Common Applications

Switch Modes
1. Single (Smart) Pipe (default mode, does not require license) –
Only single GbE interface is supported (Optical GbE-SFP or Electrical GbE -

10/100/1000).
Any traffic coming from any GbE interface will be sent directly to the radio and
vice versa.
This application allows QoS configuration.
Other FE (10/100) interfaces can be configured to be "functional" interfaces

(WSC, Protection, Management), otherwise they are shut down.
Single pipe does not forward “PAUSE” PDU (01-80-C2-00-00-01) and “Slow
protocols” PDU (01-80-C2-00-00-02).

Switch Modes
2. Managed Mode (license depended) –
This application is “802.1Q” VLAN aware bridge, allowing L2 switching based

on VLANs. This application also allows QoS configuration.
All Ethernet ports are allowed for traffic. Each traffic port can be configured to
be "access" port, "trunk" port or “hybrid”:
Allowed Egress
Type VLANs Allowed Ingress Frames
Frames
Only Untagged frames
Specific VLAN should be
Access (or Tagged with VID=0 – Untagged frames
assigned to access the port
"Priority Tagged“ )
A range of VLANs should be
Trunk Only Tagged frames Tagged frames
assigned to access the Port
Specific VLAN and a range of Only tagged frame as listed
Tagged and
Hybrid VLANs should be assigned to on the port and untagged
Untagged frames
access the port frames

Switch Modes
3. Metro Mode (license depended) –
This application is “802.1Q” VLAN aware bridge, allowing Q-in-Q (A.K.A.

VLAN Stacking). This mode allows the configuration of a PE port and CE port.
Allowed Ingress Allowed Egress

Type VLANs
Frames Frames
Specific S-VLAN should be Untagged frames, or Untagged or C-tag

Customer-
assigned to "Customer- frames with C-tag (ether-type= 0x8100)
Network
Network" port (ether-type=0x8100). frames.
Configurable S-tag. Configurable S‐tag.

A range of S-VLANs, or (ether-type) (ether‐type)
Provider- "all" S-VLANs should be 0x88a8 0x88a8
Network assigned to "Provider- 0x8100 0x8100
Network" port 0x9100 0x9100
0x9200 0x9200

Guidelines
• Changing switch modes requires a reset
• Resets do not change the XPAND IP+ settings (radio,

configuration, etc.)
• VLANs need to be created in the switch DB before assigned

to a port

Single Pipe Configuration
Single Pipe Configuration
Untagged
VID 4 45
VID 51 IP+ Switch
VID 100
Port 1: GbE (Optical or Electrical) Port 8 (Radio)

Port 3: FE (RJ45)

Configuration – Single Pipe
This is the default setting

Configuration – Single Pipe
Only one ingress port

can be used:
Port 1 (Opt. or Elec.)
Port 3 (RJ45)
When one is enabled

the other is disabled
No need to configure
VID membership

Managed Mode Configuration
Configuration – Managed Mode
Let’s use this diagram as an example -
Port #2 as Trunk (VID 200)
IFU‐B
IFU‐A
Radios as Trunk by
default Port #2 as Trunk
Port #3 as Trunk
(VID 200, VID 300)
(VID 300)

Make sure both IFUs are aware of

the required VIDs
You need to create the VIDs before

you assign them to a certain port
(Set # & Apply)

Next steps:
1. Go to Interfaces page
2. Enable the required port (Ingress ports)
3. Configure the port type as Trunk or Access
4. Assign allowed VLAN IDs (port membership)
5. Radio port is automatically configured as Trunk, all VLANs are

allowed by default

2
1

– Common Applications
Tagging / untangling
IP+
Access Port Radio = Trunk Port
Transmits and
receives
Transmits and Untagged
PC
receives frames
Untagged PC
frames 192.168.1.200
192.168.1.100

– Common Applications
Radio = Trunk Port
IP+
Trunk Port
Multiple L2
streams, each
identified with Traffic Generator
unique VID
Trunk Port

Metro Mode Configuration
Configuration guidelines
• Customer Network frames are encapsulated with a 2nd VLAN (S-VLAN)

and forwarded to a PN port
• PN ports transport multiple encapsulated networks, each associated with

a unique S-VLAN
• CN ports remove the S-VLAN towards a Customer interface
Network #1
C‐VLAN 100
S-VLAN 9 C‐VLAN 101
C‐VLAN 102
Radio Network 1
C‐VLAN 103
Ports
C‐VLAN 100
(PN) S-VLAN 8 C‐VLAN 101
Network 2 C‐VLAN 102
C‐VLAN 103
Network #2
19
Proprietary and Confidential
Simplified Flow
IP+
S-VLAN 1000
S-VLAN 222
S-VLAN 1000 PN CN CN
S-VLAN 222
Radio Port
ISP / BTS #1 ISP / BTS #2
C-VLAN 100 C-VLANs unknown

C-VLAN 101
C-VLAN 102
20
CN-PN-PN-CN
C‐VLAN 100
BTS #2: S-VLAN 9 C‐VLAN 101
C‐VLAN 102
C‐VLAN 100 Radio BTS 2
C‐VLAN 103
C‐VLAN 101 Ports
C‐VLAN 102 C‐VLAN 100
C‐VLAN 103 (PN) S-VLAN 8 C‐VLAN 101
BTS 1 C‐VLAN 102
C‐VLAN 103
CN
CN
CN
BTS #1:
C‐VLAN 100 CN
C‐VLAN 101
C‐VLAN 102
C‐VLAN 103
21
CN-PN-PN-PN
C‐VLAN 100
S-VLAN 9 C‐VLAN 101
C‐VLAN 102
Radio BTS 2
C‐VLAN 103
BTS #2: Ports
C‐VLAN 101 (PN) S-VLAN 8 C‐VLAN 101
BTS 1 C‐VLAN 102
C‐VLAN 103
CN
CN
PN
BTS #1:
C‐VLAN 100
C‐VLAN 101
Customer Network Provider Network
C‐VLAN 102
C‐VLAN 103
22
Switch Mode Configuration
1 1. Set mode to Metro (requires reset)
2. Add the S-VLAN ID (set & apply)
23
CN Port Configuration
1. Go to Interfaces / Ethernet Ports page
2. Enable the port
3. Set the type to Customer Network
4. Type the port ID (EVC name, free string)
5. Type the S-VLAN ID
6. Enable Port Learning
7. Apply & Refresh
8. See screen capture next slide
24
CN Port Configuration
3
4
5
25
PN Port Configuration
1. Go to Interfaces / Ethernet Ports page
2. Enable the port
3. Set the type to Provider Network
4. Enable Port Learning
5. Edit (if needed) the allowed S-VLANs
6. Apply & Refresh
7. Set the required S-Tag (Ether-Type)
8. See screen capture next slide
26
PN Port Configuration
27
PN Port Configuration – Setting the S-Tag
This is the bottom of the

Interfaces/ETH ports
configuration page…
• 0x88A8
• 0x8100
• 0x9100
• 0x9200
7
28
Additional Information
QoS with Metro mode:

CN ports only audits the P-Bit of C-VLANs:
Ingress frames through CN ports can be classified by applying a VLAN P-Bit Classifier.
Link Configuration:
Metro switch can work with a remote Metro switch or remote Single Pipe switch
Metro switch cannot work with a remote Managed switch
RSTP with Metro mode:

RSTP is supported in Metro mode
29
Thank You
QoS Concept and Configuration
Agenda
• Introduction
• Why do we need QoS?
• Not all Traffic are the same…
• Traffic Engineering as a solution
• QoS in XPAND IP+

Introduction (1)
XPAND IP+ is more than a Radio:
High capacity MW Radio –

Up to 500Mbps @ 56MHz
ADM – Add & Drop Multiplexer:

It enables a matrix of cross-connections
L2 ETH
between TDM E1/T1,SDH VCs and
Radio channels ADM SW
L2 ETH Switch:
• 802.1p/q
• P-Bit remap MW
• Policers
• Shaping Radio
• Scheduler
• IPv4 / IPv6 Classification

Introduction (2)
In this presentation we shall focus on the QoS implemented with the

integrated L2 ETH switch
But first, let us understand

what does Quality Of Service
L2 ETH
stands for… ADM SW
MW
Radio

Understanding QoS
Why do we need QoS? (1)
Without controlling our Backbone /Core infrastructure -
• High cost of non-responsiveness: devices are deployed but not properly

allocated to transport customer traffic
• On the other hand – bad resource design results in congestion which will lead
to network downtime costs due to degradation of performance
• QoS (e.g. - Traffic Engineering) optimizes

network resources

Why do we need QoS? (2)
Mobile operators focus on reducing costs:
• Mobile Broadband growth requires Backhaul expansions, hence:

• Operators are stretching their cost-saving initiatives
• Operators will look for new ways to drive further Backhaul savings
• Operators must reduce their cost per Mbit
• QoS (e.g. - Traffic Engineering) optimizes network resources
Wireless Carrier Ethernet

Business center Backhaul Network
GE
WiMAX / 4G / LTE
Cellular site
WiMAX
STM-1 / OC-3
XPAND IP+ XPAND IP+
Hub / Aggregation site
TDM
E1/T1
2G/3G base station

Fundamental Fact
Static
Dynamic WWW
WWW
Multimedia
emails
FTP
Not all traffic is the same!

Skype
So why treated equally?...
Who’s first?
Traffic Engineering as a Solution
Your 1st assignment is identifying needs & solutions:
Static
Dynamic WWW
What is the BW requirement per service ? WWW
• Video requires more than voice Multimedia
• Data requires less than video

• FTP requires more than emails…
emails
What is the delay sensitivity of each service? FTP
• Delayed Voice is inacceptable…
• FTP can tolerate delays
Skype
Your 2nd assignment is grouping services into SLAs:
• Video & Multimedia – Low Services (Best Effort)
• FTP – Moderate Service
• Skype – Highest Service
Your 3rd assignment is configuring QoS in your network

QoS in XPAND IP+
XPAND IP+ L2 ETH Switch Ports
The IP+’s L2 Switch has 8 ports:
• Port #1 GbE (Opt. / Elec.)

• Port #3 to port #7 FE
• Port #8 (Radio port)

QoS Process
Q4 Q4
25
10 50
Q1 Q3
Q2
Rate Limit Queuing Scheduling Shaping
Ingress Port Egress Port (s)
12
Ingress VS. Egress
Every Switch port applies Ingress Rules and Egress Rules depending on traffic
characteristics (L2 header and applied policies)
Ingress Egress
port port
Customer Provider
Network Network
Egress Ingress
port port
Customer Provider
Network Network

Ingress VS. Egress: IP+
Radio port (ETH port #8):

• Ingress traffic relates to traffic received from remote IFU
• Egress traffic relates to traffic sent to remote IFU
Non-Radio ports (ports 1 to 7*):

• Ingress traffic relates to traffic received from customer
• Egress traffic relates to traffic sent to customer
Ingress
Egress
Port 1-7* Port 1-7*
Radio Radio
Egress
Ingress
* Ports 7, 6 & 5 can be used as management or data

Ingress Rate Limiting
Users can configure maximum ingress rate per port
Exceeding traffic will be discarded
Rate limitation can be configured per type of traffic (Policers)
FE Max. 100Mbps
Rate
25 Discard
Max. Allowed
10 50 Rate
Pass
Actual
Customer
Traffic
Time
Example: Policer assigned to FE interface

Using Queues
Every port of the L2 switch examines the ingress traffic and then it sorts it in a
buffer according to classification criteria
This process is called Queuing
Users can configure up to 4 queues where Q4 has the max. priority and Q1
has the lowest priority
Q4 High
Q3
Q2
Q1 Low

Using Queuing

Scheduling: Round Robin
Once the queues are filled with information, we need to empty them
Which queue should we empty first? Pro: no “queue starvation”

Con: no prioritization
Emptying cycle is fixed – all queues are treated equally
Q1 Low
Q1
Q2 Q2
Q3 Q3
Q4
Q4 High
time
t1 t2 t3 t4
Scheduling: Weighted Round Robin
Emptying cycle is configurable – every queue can be given specific weight
Pro: no “queue starvation”
Q1 Low
Q1
Q2 Q2
Q3 Q3
Q4
Q4 High time
t1 t2 t3 t4 t5

Scheduling: 4th Strict Priority
The switch will empty Q4 as long as it has something
Once empty – switch will perform RR on lower queues
If Q4 receives a frame during the Lower-Queues-RR, it will go back to focus

on Q4
Pro: Optimized Prioritization

Con: “Queue starvation”

Scheduling: All Strict Priority
The switch will empty a queue as long as the higher queue is empty
Pro: no “queue starvation”

Shaping
Bursts beyond a EIR (Excessive Information Rate) can be buffered and
retransmitted when capacity frees up, and only when shaping buffers are full
will packets be dropped.

Possible Scenarios
No need for
Ingress Queuing
Port 1-7* Port 1-7*
Radio Radio
Ingress Radio Egress No need

Queuing Scheduler = for Egress
Strict Priority Scheduler

Possible Scenarios
Ingress Queuing is
required in port 8
Port 1-7* Port 1-7*
Radio Radio
Ingress Radio Egress Egress

Queuing Scheduler = Scheduler
Round Robin is required

Thank You
EMS Basic QoS Configuration
Perquisites
End-users must be familiar with the following items prior to taking

this module:
• Introduction to Ethernet
• 802.1p/q
• QoS (Concept)
• IP+ Switch Configuration
• Trunk VS. Access

Agenda
• Introduction
• IP+ L2 Switch ports
• Step #1: Configure the switch
• Step #2: Configure the switch ports
• Step #3: Configure QoS per port
• Process Review
• Basic Configurations

Introduction (2)
In this presentation we shall focus on the L2 ETH switch:
• Four priority (CoS) queues
• Advanced CoS classifier:

9 VLAN Pbits / VLAN ID (RFC 802.1p,q)
9 IPv4 (RFC 791) / IPv6 (RFC 2460, RFC 2474)
9 MAC DA
L2 ETH
• Advanced ingress traffic policing /
rate-limiting per port/CoS
ADM SW
• Flexible scheduling:
Strict Priority, WRR or HRR
• Traffic shaping
• 802.3x flow control (for loss-less) operation

MW
Radio

XPAND IP+ L2 ETH Switch Ports
The IP+ L2 Switch has 8 ports:

• Port #3 to port #7 FE
• Port #8 (Radio port)

Step #1: Set your Switch
• Configure the switch mode: Pipe / Managed / Metro

• Configure VLAN IDs

Step #2: Configure Switch Ports
• Configure Port Type: Access / Trunk / Hybrid
• Configure Port Membership

Step #3: Configure QoS per Port

Step #3: Configure QoS per Port
Ingress Frame Frame qualifies YES

to 1st criteria? Queue / Remap
NO
Frame qualifies YES
to 2nd criteria? Queue / Remap
NO
Frame qualifies YES
to 3rd criteria?
Queue / Remap
NO
Default Queue
Process Review
Policer per port
25
10 50
Rate Limit

3 classifiers to audit & queue Ingress Traffic
Queuing

Egress port Scheduler
Q4 Q4
Q1 Q3
Q2
Scheduling

Egress Port Shaper
Shaping

Basic Configurations
1. Ingress Rate Limiting
Let’s say we want to limit Video streams

from customer interface towards the
network
Video streams are characterized with a

UDP protocol & multicast address
Therefore we shall define a Policer to

limit these parameters

1. Ingress Rate Limiting – Setting a Policer
There are 15 different
traffic types that we
can use
Each Policer can have

up to 5 conditions

1. Attaching a Policer to a port
To attach a Policer to a port simply select it from the list

2. Queuing according to Ingress P-Bits
Click on the VLAN Pbits to Queue link to open the configuration table
Using this table we can map 8 priority levels to 4

queues or lower number of classes
This table is global and can be used for other tasks

as well

2. Queuing according to Ingress P-Bits
Select “VLAN Pbits” as the 3rd classifier as shown below:
Set the Egress Scheduler as required -

3. Queuing Ingress Frames according to MAC
Click on the Static MAC link to open the configuration table
In this example, we prioritize 3 frames according to their MAC DA.

The ingress frames are put in a queue according to the Priority settings and VLAN P-Bits to Queue
table. Ingress frames with MAC DA that are not listed in this table will be handled by the next
classifiers .

3. Queuing Ingress Frames according to MAC
Next, select “Queue Decision” as the 1st criteria
Frames with MAC that do not comply to the table will be classified by the 2nd &
3rd classifiers

4. Queuing Ingress Packets according ToS / DSCP
Click on the “IP Pbits to Queue”

Link to configure ToS /DSCP for IPv4
or IPv6

4. Queuing Ingress Packets according ToS / DSCP
Next, select “IP-TOS ” as the 3rd criteria

5. Assigning Port traffic to a specific Queue
Select “Port ” as the 3rd criteria

Select to which queue the port should assign the ingress frames

6. Queuing Ingress frames according to VLAN ID
Click on the “VLAN ID to Queue” Link to configure the table

6. Queuing Ingress frames according to VLAN ID
Select “Queue Decision” as the 2nd criteria
Frames with VID that do not comply to the table will be classified by the 3rd
classifier

7. Egress Shaper
• Reducing the egress rate to a value between 64kbps and 1Mbps requires
setting it in steps of 64kbps
• Reducing the egress rate to a value between 1Mbps and 100Mbps requires
setting it in steps of 1Mbps
• Reducing the egress rate to a value between 100Mbps and 1Gbps requires
setting it in steps of 10Mbps

Thank You
Automatic State Propagation
Agenda
• Introduction
• Interfacing IP+ with external devices
• Configuration VS. Functionality
• Dead Lock Example
• ASP in Managed / Metro Mode

Introduction
“Automatic State Propagation” ("GigE Tx mute override") enables propagation of radio
failures back to the line, to improve the recovery performance of resiliency protocols
(such as xSTP).
The feature allows the user to configure which criteria will force GbE port (or ports in case
of “remote fault”) to be muted / shut down, in order to allow the network find alternative
paths.
The feature is not operational in "External Protection".
Radio LOF
Need to find
alternative path

Interfacing IP+ with external devices
When external devices do not support Fault Propagation –
Configure the following:

1. Enable Local LOC – to mute local GbE when LOC is raised
2. Enable Remote Fault – to mute local transmitter in case of remote LOF / Link ID
mismatch & LOC
3. Enable Local Excessive BER – recommended but not necessary

Interfacing IP+ with external devices
When external devices support Fault Propagation (another IP+) –
Configure the following:

1. Disable Local LOC
2. Enable Remote Fault – to mute local transmitter in case of remote LOF / Link ID
mismatch & LOC
3. Disable Local Excessive BER - to avoid a dead lock scenario

Example: Avoiding Dead Lock in Single Pipe
Site B Site A
TX RX
RX TX
1. GbE FO breaks down or disconnects at the ingress port of Site A

Site B Site A
TX
LOC
RX
RX TX

2. LOC alarm is raised

Site B Site A
TX
LOC
RX
RX X TX

3. LOC alarm triggers Site A to shut down its transmitter (TX Mute)

Site B Site A
TX
LOC
RX
LOC
RX X TX

4. Site B detects silence on ingress port and declares LOC

Site B Site A
TX
LOC
X RX
LOC
RX X TX

4. Site B detects silence on ingress port and declares LOC
5. Site B shuts down its transmitter – both sites are in a state of a dead lock

Automatic State Propagation in Single Pipe
11
Single Pipe - Propagation Criteria
Local and remote IFUs must
Using Optical GbE (SFP) have identical settings:
1. ASP Enabled
2. ACM profile threshold
3. Excessive BER enabled
Local Criteria:
• LOC (GbE)
• Radio LOF
• LINK ID Mismatch
• Excessive BER
• ACM profile is below threshold
1 8 8 1
Actions: Actions:
Mute port 1 (GbE ‐SFP) Mute port 1 (GbE ‐SFP)

Using Electrical GbE (RJ45) have identical settings:
1. ASP Enabled
Local Criteria:
• Radio LOF
• Excessive BER
8 8
Actions: Actions:
Shut down Elec. Shut down Elec.
port port

Using Electrical GbE (RJ45) have identical settings:
1. ASP Enabled
Local GbE Criteria: 8 8
• LOC
Port is logically closed but not

shut down
LOC will not trigger port shut Remote LOC will not trigger
down (it will not be possible to port shut down (it will not be
enable the port when LOC is possible to enable the port
cleared) when LOC is cleared)

Automatic State Propagation in Managed /
Metro Mode
ASP in Managed / Metro Mode
• Alarms are never propagated to a GbE port
• GbE will never shut down
• Alarms will be propagated to the Radio port
• In 1+1 external protection, ASP is disabled.

Managed / Metro - Propagation Criteria
have identical settings:
1. ASP Enabled
Local Criteria:
• Radio LOF
• Excessive BER
8 8
Actions:
Shut down Radio

Managed / Metro - Propagation Criteria
have identical settings:
1. ASP Enabled
Local criteria: 8 8
• GbE LOC Actions:
No action taken
Shut down Radio

Thank You
Asymmetrical links
Broadband Wireless is Asymmetric in Nature
• Real traffic capture from a big 3G

network in Europe.
• As can be seen the actual
Uplink to Downlink ratio is ~1:6
• Usually ratio is ~1:3

Legacy communication systems
• Legacy circuit switching telephony communications carrying voice require
same BW allocation for uplink and downlink.
DL
UL
• Traditionally MW PtP links are symmetrical.

• Regulation provides same BW in both direction, and there is a GAP
between the high frequency band and the low frequency band direction.
GAP
Low High
f9 f10 f11 f12 f13 f14 f15 f16 f9’ f10’f11’f12’f13’f14’f15’f16’

Asymmetrical links
• The idea is to use the available spectrum in a more optimal way that takes
into consideration the fact that downlink capacity is 3 times greater than
uplink.
• To do this we will take the available spectrum, split it into small segments
(7MHz wide or 3.5MHz wide) and allocate the different segments
asymmetrically over the links.
• We will present ~50% more bandwidth using the same spectrum by having
different BW per direction.
DL
UL
50% More Capacity

Spectrum utilization
Low
High
A B
14MHz 14MHz
Symmetric f1’ f2’ f1 f2

f2
A->B B->A
Low High
21MHz 7MHz
f1’ f2’
f2
Asymmetric 7+7+7=21MHzf1 f4
A->B B->A
Legend
21MHz 14MHz 7MHz

Example 1 - Chain
• Radio chain that uses 14MHz channels.
• We will need two channels of 14MHz Æ overall 28MHz BW.
100Mbps 100Mbps f3’f4’
DL f1f2
DL
f1’f2’ UL f3f4 UL
100Mbps/used 33Mbps 100Mbps/used 33Mbps
• In regular planning we get capacity of ~100Mbps (200Bytes frame length) both ways but
only partially utilize it in the UL direction.
• We will split each 14MHz channel into two 7MHz segments. We are using over all 8
such segments (for down and up directions)
150Mbps
150Mbps
DL
DL f1f2 f3 f2’f3’f4’
f1’ UL f4 UL
50Mbps/used 33Mbps 50Mbps/used 33Mbps

• We now get capacity of ~150Mbps (200bytes) using 21MHz channel in the DL direction
and ~50Mbps in the UL direction.
• Overall we use the same spectrum (28MHz) and get 50% more capacity.

Example 2 - Aggregation
• Aggregation of two 14MHz tails and one 28MHz feed. (Overall we use 56MHz ).
100Mbps 200Mbps
DL f1f2 f5’f6’f7’f8’
DL
f1’f2’ UL UL
100/33Mbps f5 f6 f7 f8
100Mbps f3 f4
DL 200Mbps/used 66Mbps
f3’f4’
UL
100Mbps/used 33Mbps
• In regular planning we get ~200Mbps at the feed and 100Mbps for each tail.

Example 2 – Aggregation – cont.
• We will split all the channels into segments of 7MHz, and assign them differently.
150Mbps 300Mbps
DL
DL f1f2 f3 f3’f4’f5’f6’f7’f8’
f1’ UL
50/33Mbps f7 f8 UL
150Mbps f4 f5 f6
DL 100Mbps/used 66Mbps
f2’ UL
50Mbps/used 33Mbps
• We now have ~300Mbps at the feed using 42MHz channel for the DL and 14MHz for
the UL, and 150Mbps at the tails using 21MHz channels for the DL and 7MHz for the
UL. (200bytes)
• Overall we use the same spectrum (56MHz) and get 50% more capacity.

Example 3 – Rings
• We will look on a ring with 6 hops, that in regular plan uses two 28MHz
channels.
f1 f2 f3 f4
A
f1’ f2’
f3’ f4’
F B
f3’ f4’
f1’ f2’
f3 f4
f1 f2
E C
f1 f2
f3’ f4’ f3 f4
f1’ f2’
D
• In regular planning we have a 200Mbps ring (28MHz 200Byte). We can
sustain up to 66Mbps per site when there are no failure, and it can drop to
40Mbps per site if there is a failure near the root.
Example 4 – Rings cont.
• We will spilt the 28MHz into four segments of 7MHz.
f1 f2 f3 f2 f3 f4
A
f1’
F f4’
f2’ f3’ f4’
B
f1’ f2’ f3’
f4
f1
E C
f1
f1’ f2’ f3’ f4’ f2 f3 f4
D
• We now have 300Mbps from the root in both direction, and 100Mbps toward
root. (when there are no failures in the ring).
• We increase capacity by 50%.
Example 4 – Failures in the Ring
• Assume failure far from the root.
f1 f2 f3 f2 f3 f4
A
f1’
f4’
F B
f2’ f3’ f4’
f1’
f4
f1
E C
f1 f2 f3
f1’ f2’ f3’ f4’ f4
D
• We need to change segment allocation in nods C, D, E because the
direction of traffic changed in those nodes. We still have 300Mbps in the DL
direction
Example 4 – Failures in the Ring
• Assume failure near the root.
f1 f2 f3 f4
A
f1’
f4’
F B
f2’ f3’ f4’
f1’
f4
f1 f2 f3
E C
f1 f2 f3
f2’ f3’ f4’ f4
f1’
D
• We need to change segment allocation in nods B, C, D, E because the
direction of traffic changed in those nodes. We still have 300Mbps in the DL
direction Æ 60Mbps per site in the DL direction which is 50% more
Practical exercise
13
Content
• Preparation
• Theoretical link
• Configuration
• Practical example

Preparation
• Asymmetrical link is supported from software release 6.8
• Download and install software package 6.8
• Make sure you have activated software license for asymmetrical link

Configuration Steps
1. In software release 6.8 you can choose MRMC table

Configuration Steps – Cont’d
2. TX / RX script
Scripts for links they must be

in pairs

TX / RX Script Concept
TX / RX TX / RX
42Mbps / 132Mbps 132Mbps / 42Mbps

85Mbps / 270Mbps 270Mbps / 85Mbps
DL
UL
Site A - customer Site B - provider

• Assumes site A is a customer site (less TX bandwidth)
3. Select the MRMC script of site A (more RX)

• Assumes site B is the provider site (more TX bandwidth)
3. Select the MRMC script of site B (less RX)

Test Example
DL
270Mbps
85Mbps
UL
Site A - customer Site B - provider

Result
DL
UL

Thank You
EMS xSTP Configuration
Agenda
• Student Perquisites
• General Overview
• Limitations
• Site / Node Types
• Switchover Criteria
• In Band Management
• Out of band Management
• Configuration Example

Student Perquisites
Viewers / end-user are required to have previous experience prior to
practicing this module:
1. End users should be familiar with Switch configuration
2. Be End users should be familiar with setting port membership
3. End users should be familiar with management mode configuration
4. End users should be familiar with configuring Automatic State Propagation

Tree Topology
• STP indentifies bridges by MAC addresses
• Each port of each bridge must be identified as well
• BRIDGE ID = 64 bit =
16 Priority bits (user) + 48 MAC bits (vendor)
• Default P-bits = 0x8000
• Bridge with lowest ID = ROOT
• To avoid loops, there is only one bridge that forwards

messages from Root to towards branches (links)

STP Demo – Step by Step
Bridge ID:4261.00-00-00-00-00-01 Bridge ID:4261.00-00-00-00-00-09
Bridge Bridge
A B
Bridge ID:4261.00-00-00-00-00-02 Bridge

C


I am the
Root
Bridge Bridge I am the
A B Root
I am the
Root
Bridge ID:4261.00-00-00-00-00-02 Bridge
C
All bridges declare themselves as Roots


Root ID: 4261.00-00-00-00-00-01 Root ID: 4261.00-00-00-00-00-09
Bridge Bridge
A B
Bridge ID:4261.00-00-00-00-00-02 Bridge

Root ID: 4261.00-00-00-00-00-02
C
All bridges define the Root ID (same as their

Bridge ID)


Root ID: 4261.00-00-00-00-00-01 Root ID: 4261.00-00-00-00-00-09
Bridge Bridge
A B
Root ID: 4261.00‐00‐00‐00‐00‐02
Root ID: 4261.00‐00‐00‐00‐00‐02
Bridge ID:4261.00-00-00-00-00-02 Bridge

Root ID: 4261.00-00-00-00-00-02
C
Bridge C sends messages to Bridge A and

Bridge B to notify “who’s the boss”…


Root ID: 4261.00-00-00-00-00-01 Root ID: 4261.00-00-00-00-00-09
Root ID: 4261.00‐00‐00‐00‐00‐02 Root ID: 4261.00‐00‐00‐00‐00‐02
Bridge Bridge
A B
Bridge ID:4261.00-00-00-00-00-02 Bridge

Root ID: 4261.00-00-00-00-00-02
C
Bridge C sends messages to Bridge A and

Bridge B to notify “who’s the boss”…

Bridge ID:4261.00-00-00-00-00-01 01<02 09>02 Bridge ID:4261.00-00-00-00-00-09

Root ID: 4261.00-00-00-00-00-01 Root ID: 4261.00-00-00-00-00-09
I am the Bridge C is
Root ID: 4261.00‐00‐00‐00‐00‐02 Root ID: 4261.00‐00‐00‐00‐00‐02
Root! the Root!
Bridge Bridge
A B
I am still
Bridge ID:4261.00-00-00-00-00-02 Bridge
Root ID: 4261.00-00-00-00-00-02 the Root!
C
Bridge C sends messages to Bridge A & Bridge B

to notify “who’s the boss”…


Root ID: 4261.00-00-00-00-00-01 Root ID: 4261.00-00-00-00-00-02
Bridge Bridge
A B
I am still
Bridge ID:4261.00-00-00-00-00-02 Bridge
Root ID: 4261.00-00-00-00-00-02 the Root!
C
Bridge B updates its Root ID accordingly

Bridge A does not need to change its Root ID since
it qualifies as a Root

I am the
Bridge ID:4261.00-00-00-00-00-01 Root! Bridge ID:4261.00-00-00-00-00-09
Root ID: 4261.00-00-00-00-00-01 Root ID: 4261.00-00-00-00-00-02
Root ID: 4261.00‐00‐00‐00‐00‐01
Bridge Bridge
A B
Root ID: 4261.00‐00‐00‐00‐00‐01
Bridge ID:4261.00-00-00-00-00-02 Bridge

Root ID: 4261.00-00-00-00-00-02
C
Now, Bridge A sends its Root ID to all….


Root ID: 4261.00-00-00-00-00-01 Root ID: 4261.00-00-00-00-00-02
Root ID: 4261.00‐00‐00‐00‐00‐01
Bridge Bridge
09>01
A B
Bridge A is
the Root
02>01
Bridge ID:4261.00-00-00-00-00-02 Bridge Bridge A is
Root ID: 4261.00-00-00-00-00-02
C the Root
Root ID: 4261.00‐00‐00‐00‐00‐01
Now, Bridge A sends its Root ID to all….


Root ID: 4261.00-00-00-00-00-01 Root ID: 4261.00-00-00-00-00-01
Root Bridge
Bridge Root Port Bridge

A (RP) B
Root Port
(RP)
Bridge ID:4261.00-00-00-00-00-02 Bridge

Root ID: 4261.00-00-00-00-00-01
C
Now all Bridges agree that Bridge A is the Root.
The other Bridges now select a port closest to the

Bridge Root (link cost – how many links it takes to
get to Root…)


Root ID: 4261.00-00-00-00-00-01 Root ID: 4261.00-00-00-00-00-01
Root Bridge
Bridge Designated Port Root Port Bridge

A (DP) (RP) B Designated
Designated
Port (DP)
Port (DP)
Designated Port Non -
(DP) Designated
Port (NDP)
Root Port
(RP) Designated
Port (DP)
Bridge ID:4261.00-00-00-00-00-02 Bridge
Root ID: 4261.00-00-00-00-00-01 Designated
C
Port (DP)
A designated port forwards traffic away from
the Root and towards the leaves…


Root ID: 4261.00-00-00-00-00-01 Root ID: 4261.00-00-00-00-00-01
Root Bridge Forward Forward
Forward
Forward Bridge DP RP Bridge
A B
DP
DP DP Forward
Blocked NDP
RP DP
Bridge ID:4261.00-00-00-00-00-02 Forward
Bridge
Root ID: 4261.00-00-00-00-00-01
C
DP
STP Bridge state:
DP = Forward Forward
NDP = Blocked (Listen, No-Talk)
RP = Forward


Root ID: 4261.00-00-00-00-00-01 Root ID: 4261.00-00-00-00-00-01
Root Bridge
Bridge DP RP Bridge
A B
DP
DP DP NDP
Link Failure
Forward
RP DP
Bridge ID:4261.00-00-00-00-00-02 Bridge
Root ID: 4261.00-00-00-00-00-01
C
DP
STP errors:
When a Blocked port fails to receive, or

encounters excessive losses, it transits to
Forward state

RSTP Disabled
RSTP Nera’s Fast

Disabled IEEE 802.1w Ring RSTP
When disabled, XPAND IP+’s L2 switch is most suitable for

topologies that do not require ETH service protections (Chain
Topology)

Standard 802.1w RSTP
RSTP Nera’s Fast

RSTP is an improved and much faster version of 801.d STP.
The re-convergence of the STP may carry on for 50 seconds

while RSTP re-convergence time may last for less than a
second.
With this feature enabled, XPAND IP+ can merge with existing
standard RSTP networks.

Nera’s Fast Ring RSTP
RSTP Nera’s Fast

Nera Networks ring solution enhances the RSTP algorithm for

ring topologies, accelerating the failure propagation relative to
the regular RSTP:
• Up to 4 nodes < 150mSec

• Up to 8 nodes < 200mSec

Nera’s Fast Ring RSTP Overview
• Ring-RSTP itself is different than “classic” RSTP, as it exploits the topology of

the ring, in order to accelerate convergence.
• Ethernet-Fast-Ring-RSTP will use the standard RSTP BPDUs:

01-80-C2-00-00-00
• The ring is revertible. When the ring is set up, it is converged according to
RSTP definitions. When a failure appears (e.g. LOF is raised), the ring is
converged. When the failure is removed (e.g. LOF is cleared) the ring reverts
back to its original state, still maintaining service disruption limitations.
• RSTP PDUs coming from “Edge” ports are discarded (and not processed or
broadcasted).

System Limitations
User should be aware of the following limitations:
1. Ring RSTP is a proprietary implementation of Nera Networks, and cannot

inter-work with other Ring RSTP implementations of other 3rd party vendors.
2. Ring RSTP gives improved performance for ring topologies. For any other
topology the algorithm will converge but performance may take several
seconds:
• For this reason, there should be only 2 edge ports in every node.
• Also, only one loop should be present
3. Ring RSTP can be activated in “Managed Switch” or “Metro Switch”

applications; it is not available in any the “Single Pipe” application.
4. Ring RSTP may run with protection 1+1, but in some cases (change of root
node) the convergence time may be above 1sec.

Site / Node Types
The ring can be constructed by two types of nodes/sites:
1. Node/Site Type A:
• The site is connected to the ring with one Radio interface (e.g. East) and one
Line interface (e.g. West).
• The site contains only one IP+ IFU. The Radio interface towards one direction
(e.g. East), and one of the Gigabit (Copper or Optical) interfaces, towards the
second direction (e.g. West).
• Other line interfaces are in “edge” mode, meaning, they are user interfaces,
and are not part of the ring itself.

Site / Node Types
The ring can be constructed by two types of nodes/sites:
2. Node/Site Type B:
• The site is connected with Radios to both directions of the ring (e.g. East &
West).
• Site contains two IFUs. Each IFU support the Radio in one direction
• One IFU runs with the “Ring RSTP”, and the second
runs in “Single pipe” mode.
• Both IFUs are connected via Gigabit interface

(either optical or electrical).
• Other line interfaces are in “edge” mode.

Switchover / Convergence Criteria
The following failures will initiate convergence:
• Radio LOF
Note:
• Link ID mismatch. Ring port (non-edge port)
shutdown will initiate
• Radio Excessive BER (optional) convergence!
However, since this is a user action,

• ACM profile is below pre-determined threshold (optional).
it is not considered a failure, thus it
is not “propagated”.
• Line LOC
When user issues “port shutdown”
• Node cold reset (“Pipe” and/or “Switch”). fast convergence should not
be expected.
• Node power down (“Pipe” and/or “Switch”)
• xSTP port disable / enable

In-Band Management (1)
In this scenario, management is part of the data traffic, thus, management is
protected with the traffic when the ring is re-converged as a result of a ring
failure.
• “Managed Switch” IFUs will be configured to “In-Band”, while “Single Pipe” IFUs will be
configured to “Out-of-Band”.
• “Single Pipe” nodes will be connected with external Ethernet cable to the
“Managed Switch” for management.
• The reason for that requirement is the “automatic state propagation”

behavior of the “Single Pipe” that shuts down its GbE traffic port upon failure,
thus, management might be lost to it.
Note – When using a node (Outdoor Enclosure), there is no need to configure

Management mode for the 2nd slot

In-Band Management (2)

Out of band Management (1)
• In this scenario, all elements (“Single pipe” and “Managed Switch” IFUs)
should be configured to “Out-of-band”, with WSC “enabled”. Management will
be delivered over WSC.
• External xSTP switch should be used in order to gain resilient management,

and resolve the management loops.
• The following picture demonstrates 4 sites ring, with out-of-band management:

Out of band Management (2)

EMS Configuration
Setup Configuration
Site #1 Site #2
1 6 7 1 6 7
Pipe (slot #2) Pipe (slot #2)
1 2 3 4 5 6 7 1 2 3 4 5 6 7
Managed (slot #1) Managed (slot #1)
Site #3
1 6 7
Managed (slot #2)
1 2 3 4 5 6 7
Managed (slot #1)
EMS
1. You may start with out of band configuration to avoid physical loops
2. Establish the Radio links according to the setup scheme

Setup Configuration
Site #1 Site #2
1 6 7 1 6 7
1 2 3 4 5 6 7 1 2 3 4 5 6 7
Site #3
1 6 7
Managed (slot #2)
1 2 3 4 5 6 7
Managed (slot #1)
EMS
3. Connect between slot 2 and slot 1 using ports number 1 and fibers
4. Enable RSTP in all Managed Switch IFUs (see next slide)

Setup Configuration – Enabling RSTP

Setup Configuration – Configuring In Band MNG
Site #1 Site #2
1 6 7 1 6 7
1 2 3 4 5 6 7 1 2 3 4 5 6 7
Site #3
1 6 7
Managed (slot #2)
1 2 3 4 5 6 7
Managed (slot #1)
EMS
5. Enable In Band Management + VID 200

6. Connect the EMS PC to one of the IFUs (MNG port #7), disconnect other connections
7. Verify all GbE ports 1 of Slots #1 are Trunk & members of VID 200 (next slide)

GbE Port #1 Configuration
Add Services of other VLANs as

well if the RING is required to pass
ETH data as well (see example
below, VID 1000…)
Please note – the VIDs need to be

created first in the Switch
Configuration page

RSTP Verification
Site #1 Site #2
1 6 7 1 6 7
1 2 3 4 5 6 7 1 2 3 4 5 6 7
Site #3
1 6 7
Managed (slot #2)
1 2 3 4 5 6 7
Managed (slot #1)
EMS
8. PING EMS to all Sites at the same time (multiple PING sessions)

RSTP Verification
Aggregated Path Cost
9. Examine which switch is the Root Bridge and which ports are the Root Ports
10. Verify that the ring is set up properly (one Root)

RSTP Verification
11. Identify the Edge Ports and Non-Edge ports in your setup and make sure they are
configured correctly

Enabling ASP
Make sure that all RING IFUs (Pipe & Managed) support Automatic State
Propagation (enabled).
Enabling ASP allows RSTP Ring to converge faster by propagating radio

alarms into the Line and thus, accelerating port state changes.
Configure the ASP Criteria as required.

Triggering a Switchover
• Disconnect a radio link and make sure PING to all Main units is maintained
• Restore connectivity.
• Disconnect a different radio link and make sure PING to all Main units is
maintained
• Repeat the same tests with traffic and trails (SNCP).

Prioritizing RSTP Ports & Topologies
Prioritization Criteria
1. Bridge Priority (User configurable)
2. MAC Address (unique per IFU)
3. Port Priority (User configurable)
4. Path Cost (User configurable)

Setting the Bridge Priority
All bridges are given the same Bridge Priority

(32768) by default.
Values range by multiples of 4096.
A bridge with lower priority will become the Root

Bridge.
You may consider this option as a “Topology Fine

Tuning Potentiometer…”

Reading the Aggregated Path Cost
This value shows the time it takes for the bridge to

get to the Root-Bridge (in terms of interface
capacity).
• The bigger the capacity – the lower the cost

• The lower the cost the better
Root Bridges will show this value = 0
This value indicates the aggregated cost a bridge

has to go through to get to the Root bridge.

Setting the Port Priority
All ports are given the same priority – 128
Should you wish to manually select the Root Port, you

may set a lower value
Ports with lower priority are more likely to be chosen

as the Root Port

Setting the Path Cost
The bigger the port capacity is, the lower this value
becomes
For example:
1GbE is given lower path cost than FE port
The bridge assigns a Root Port with the lowest Path

Cost to the Root Bridge

Thank You
Link Aggregation (IEEE 802.3ad)
Agenda
Agenda
Definition
Advantages
Feature Review
Applications
Load Balance Example
LAG Configuration

Introduction to Link Aggregation
IEEE Definition:
• Link Aggregation allows one or more links to be aggregated

together to form a Link Aggregation Group, such that a MAC
Client can treat the Link Aggregation Group as if it were a
single link
• The Link Aggregation Group is consisting of N parallel N

instances of full duplex point-to-point links operating at the
same data rate
• Traffic sent to the ports in such a group is distributed through

a load balancing function

Advantages
Benefits of using Link Aggregation
1. Increased aggregate bandwidth
Link Aggregation allows the establishment of full duplex point-to-point links

that have a higher aggregate bandwidth than the indivIFUal links that form the
aggregation.
The capacity of the multiple links is combined into one logical link.
100 Mbps

2. Improved Resiliency
In case of a failed link, remaining links take over utilization of new available BW
Traffic via LAG is distributed according to user’s policy – improved reliability

3. Reduced Complexity & Administration
When multiple ports are allocated between two ETH switches, broadcast storms are
created due to physical loops. STP is required to eliminate loops by blocking the redundant
port.
When multiple ports are allocated between 2 Routers, Routing Protocols are required to
control traffic paths.
With LA – STP or routing protocols are not needed, therefore, less processing is involved.
STP requires blocking and

path cost calculations

4. Reduced Cost
Instead of utilizing an expensive GbE port(s) to transport 200Mbps –
>> we trunk N x FE ports

5. Improved Network Efficiency / Security
For sites with limited IP address space that nevertheless require large amounts of
bandwidth, you need only one IP address for a large aggregation of interfaces.
For sites that need to hide the existence of internal interfaces, the IP address of
the aggregation hides its interfaces from external applications.
(These examples refer to using L2 topologies as well)
Multiple
Interfaces
Single
Interface
Customer Public
Network Network
Feature Review
LAG Distribution Policy
Traffic sent to ports in a group is distributed through a load balancing function.
Two methods are available for Link Aggregation Group traffic distribution:
1. Simple XOR:
In this method the 3 LSBs of DA and SA are XORed and the result is used to select
one of the ports in the group.
This method can be used for testing & debugging.
2. Hash (default):
In this method the hash function (used by the traffic switch for address table lookups)
is used to select one of the ports in the group.
This provides better statistical load balancing.

LAG Distribution: Simple XOR
We can easily demo balanced traffic distribution using the XOR method –
(Configure your Traffic Generator with the following MACs)
Stream MAC (HEX) Last 3 bits XOR result Assigned LAG Port

SA ‐> 00:20:8f:0a:02:01 001
‐ > DA 00:20:8f:0a:01:01 001
000 (0) Link #1
SA ‐> 00:20:8f:0a:02:02 010
‐ > DA 00:20:8f:0a:01:02 010
000 (0) Link #1
SA ‐> 00:20:8f:0a:02:03 011
‐ > DA 00:20:8f:0a:01:03 011
000 (0) Link #1
SA ‐> 00:20:8f:0b:e1:03 011
‐ > DA 00:20:8f:0a:e1:04 100
111 (5) Link #2
SA ‐> 00:20:8f:0b:e1:03 011
‐ > DA 00:20:8f:0a:e1:01 001
010 (2) Link #3
SA ‐> 00:20:8f:0b:e1:07 111
‐ > DA 00:20:8f:0a:e1:04 100
011 (3) Link #4

Static LAG guidelines
1. Only traffic ports (including radio port) can belong to a LAG
2. Management ports / WSC ports cannot be grouped in a LAG
3. LAG is supported in IFUs configured as Managed or Metro switch
4. LAG is not supported in a Single Pipe mode
5. All ports in a LAG must be in the same IFU (same switch)
6. There may be up to 3 LAGs per IFU
7. A LAG may contain from 1 to 5 physical ports

Static LAG guidelines (continued)
8. LAGs are virtual ports that do not permanently exist in the system
9. When a LAG is created, it will automatically inherit all the ports’

characteristics, except for the following:
• xSTP role (edge, non-edge)

• path cost
10. The LAG will initially receive default values for these parameters
11. Dynamic Link Aggregation (LACP) is not supported

Grouping ports in LAG
Ports 1-2 (GBE ports) and ports 3-7 (FE only ports) cannot be in the same LAG
group even if the GBE ports are configured as 100Mbps.
GbE FE GbE FE
1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8
IP+ IFU IP+ IFU

Grouping ports in LAG
Radio port (port 8) may be in a LAG with the GBE ports only
GbE FE GbE FE
1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8
IP+ IFU IP+ IFU

Applications
Introduction to Link Aggregation
Multiple PHYs are grouped together to support a higher capacity PHY.
Grouped ports are known as LAG – Link Aggregation Group.
Stackable Multiple Radio System Standalone Site

(Nodal) Site implemented with LAG
1 2 3 4 5 6 7 8
Single Pipe
1 2 3 4 5 6 7 8
GbE
1 2 3 4 5 6 7 8 PHY
Multiple FE
ports as a LAG
GbE
PHY Port #2 and Radio
form a LAG

1+0 LAG
1 2 3 4 5 6 7 8
Static LAG
3rd party
Switch or Router
• Dual (redundant) GbE interfaces facing the Switch/Router

• Static Link Aggregation Group (or equivalent) configured on the Switch/Router
interfaces connected to the IP+
• Any failure in the local GbE interfaces will be handled by the link aggregation mechanism

1+1 HSB W/O LAG 1+1 HSB or
2+0 “ABC”
1 2 3 4 5 6 7 8
1 2 3 4 5 6 7 8
3rd party
No need for LAG
Switch or Router
• Single GE interfacing a 3rd party Switch/Router

• Optical splitter/combiner is used to connect to each of the IP+ GbE interfaces in (1+1)
protected configuration
• STBY IP+ GbE interface is disabled
• MW Radio link switchovers are transparent to Switch/Router
(traffic interruption <50mSecs)

1+1 HSB With LAG
1 2 3 4 5 6 7 8
1 2 3 4 5 6 7 8
3rd party No need for LAG

Switch or Router 1+1 HSB or
2+0 “ABC”
Static LAG
• Dual (redundant) GE interfaces facing the 3rd party Switch/Router

• Static Link Aggregation Group (or equivalent) is configured on the Switch/Router
interfaces connected to the IP+ units
• STBY IP+ disables its Ethernet interface towards the Switch/Router
• As a result, the Switch/Router sends all traffic over the Ethernet interface connected to
the “active” IP+
• Any failure detected in radio link or Ethernet interface will trigger a switch-over to the
“back-up” unit with <50msecs traffic interruption on the radio link
• The Switch/Router detects the switch-over and start sending traffic over the interface
connected to the new “active” unit only

1+1 HSB With dual GbE + LAG
1+1 HSB or
2+0 “ABC”
Static LAG
Static LAG 1 2 3 4 5 6 7 8
1 2 3 4 5 6 7 8
3rd party
Switch or Router Static LAG
• Dual (redundant) GE interface to the Switch/Router

• Static Link Aggregation Group (or equivalent) is configured on the Switch/Router
interfaces connected to the IP+s
• Static Link Aggregation Group (or equivalent) is configured on the IP+
• 2 optical splitter/combiners are used to connect each of the 2 interfaces on the
Switch/Router to each of the corresponding interfaces on the IP+s

1+1 HSB With dual GbE + LAG (cont.)
1+1 HSB or
2+0 “ABC”
Static LAG
Static LAG 1 2 3 4 5 6 7 8
1 2 3 4 5 6 7 8
3rd party
Switch or Router Static LAG
• STBY IP+ disables its Ethernet interface towards the Switch/Router

• Any failure detected in radio link or equipment will trigger switch-over to the “back-up”
IP+ unit with <50msecs traffic interruption on the radio link
• Any failure in the local GbE interfaces will be handled by the link aggregation
mechanism without triggering switch-over to the “back-up” IP+ unit!

Load Balance Example
Load balance example
1 2 3 4 5 6 7 8
50%
P
1 2 3 4 5 6 7 8
S
GbE 50%
PHY
Port #2 and Radio
form a LAG
IFU #2 is configured as Single Pipe

IFU #1 is configured as Managed Switch to support LAG
Traffic injected via GbE port #1 is distributed evenly between Port #2 & Port #8
Port #2 is linked to a Pipe IFU, hence, a Multi-Radio system is achieved:
GbE port #1 = (50% via Radio #1) + (50% via Radio #2)

2) Alarm is
propagated
3) Port 1 is 1) Link
shut down Degradation
1 2 3 4 5 6 7 8
P
1 2 3 4 5 6 7 8
S
GbE 4) Port 2 is out X

50% 100%
PHY of the LAG
5) Radio 1
takes 100%
1) Radio #2 encounters a signal degradation
2) Since ASP is enabled, the alarm is propagated to port #1
3) IFU #1 detects the alarms and shuts down port #2
4) Port #2 is not part of the LAG
5) Radio #1 takes full control (100%) of traffic
Enable Automatic State Propagation on both IFUs

Shut down
64QAM 256QAM
1 2 3 4 5 6 7 8
P
1 2 3 4 5 6 7 8
S
GbE X
50% 100%
PHY
100%
To improve system resiliency, Automatic State Propagation can shut down the
LAG interface when ACM degrades below a pre-determined profile.

LAG Configuration
Configuring LAG
The following settings must be identical on all LAG ports
(Port(s) with different settings will not be added to the LAG)
• QoS configuration (Classification Criteria, Port ReMap table, Egress Scheduler)

• Speed (data rate)
• Type (access/trunk or CN/PN)
• interface (electrical/optical)
• Full Duplex
• Auto-Negotiation
• VLANs
VLAN list must be identical
“allow all” is considered a different value (must be equal in all ports)
• Port Learning State
Please note - ports with CFM MEP/MIPs will not be added to a LAG (which may
have its own MEP/MIPs).

Configuring LAG (continued)
The following parameters CANNOT be configured on ports that are already
grouped in a LAG:
• Admin status
• Flow control
• Ingress rate limiting Policer name
• Shaper (egress rate limiting)
• Peer port parameters
• MAC address
• IP address
• Slot ID
• Port number
• Description
:

Removing a Port from LAG
• Ports removed from a LAG will keep the existing port parameters, but will
be initially disabled in order to prevent loops.
• In addition, when the last port is removed from a LAG, the LAG will be
deleted.
• Therefore it is necessary to remove all MEP/MIPs from a LAG before

removing the last port.

EMS Configuration
Setting Load Balance Policy
Open page:
Configuration / Ethernet Switch
Select Simple XOR for demos or

lab test or HASH for real traffic
Create VLAN(s) per service(s) in

the switch DB (if such VID do not
exist yet)

Creating LAG
1. Go to Configuration / Interfaces / Ethernet Ports
2. Click on “Create LAG”

Selecting ports to LAG
Select the LAG ports and group ID
• Available ports highlight in blue when selected

• Non-available ports (part of an existing LAG) are not configurable

Removing ports from existing LAG
1. At the bottom of the Ethernet Ports page you should see the LAG as a
new interface with its members listed as well
2. Click on this link to modify the LAG (add/remove)

Troubleshooting
1. When adding ports to LAG fails, the reasons might be:
2. QoS mismatch
3. VLAN membership mismatch
4. Physical properties mismatch (auto-neg, speed, flow control etc.)
Check the Ethernet Ports + QoS pages and compare these parameters if
problem continues

Example
1. We generate a data stream through GbE SFP port 1 of both lower IFUs
2. Port 2 & 8 form a LAG on both sites
3. Upper IFUs are set as Pipe
4. Traffic will be evenly distributed among the radio ports
5. Assign Radio license > Line rate
6. Clear all PM data
1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8
1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8
Data stream
Data stream
Using RMON (PM) to analyze LAG
Make note of received &
transmitted traffic through port 1
Please note:
Slight differences may appear
since EMS is a web based
application and data is
accumulating
1 2 3 4 5 6 7 8
1 2 3 4 5 6 7 8
Data stream
Check the received & sent
registers of port 1 and LAG
ports:
Data received on Port 1 is

equally distributed through
Port 2 and Port 8
+
=

Disconnect the ETH cable
connecting lower IFU to
upper IFU (port 2)
LAG port 2 does not

transmit data now
Port 8 takes 100% of data

transmission

Thank You
EMS Security Configuration
Agenda
• SSH
• HTTPS
• SFTP
• Users & Groups
• Password

Security Configuration
Update first FTP connection

SSH – Secured Shell
• SHHv1 and SSHv2 are supported.
• SSH protocol can be used as a secured alternative to "Telnet".
• SSH protocol is always be operational. Admin user can choose whether to
disable
• "Telnet" protocol, which will be "enabled" by default. Server authentication
will be based on IP+’s "public key".
• Key exchange algorithm is RSA.
• Supported Encryptions: aes128-cbc, 3des-cbc, blowfish-cbc, cast128-cbc,
arcfour128, arcfour256, arcfour, aes192-cbc, aes256-cbc, aes128-ctr,
aes192-ctr, aes256-ctr.
• MAC (Message Authentication Code): SHA-1-96 (MAC length = 96 bits, key
length = 160 bit). Supported MAC: hmac-md5, hmac-sha1, hmac-
ripemd160, hmac-sha1-96, hmacmd5-96'
• The server will authenticate the user based on “user name” and
“password”. Number of failed authentication attempts is not limited.
• Server timeout for authentication: 10 min. This value cannot be configured.

HTTPS
In order to manage the system using HTTPS protocol, user should
follow the following steps:
• 1. Create the IFU certificate based on IFU's public key.
• 2. Download the IFU certificate.
• 3. Using CA certificate (Optional steps)

i. Download the IFU CA's certificate.
ii. Enable WEB CA certificate.
• 4. Set WEB Protocol parameter to HTTPS

HTTPS – Public Key Upload
The public key should be uploaded by the user for generating the IFU’s
digital certificate:
• The upload will be done by using FTP/SFTP (s

• The public key file will be in PEM format.
• Click “Upload Public Key”
• The status of the “upload” operation can be monitored. The returned status
values are: “ready” (default), “in-progress”, “success”, “failed”. In any case
of failure, an appropriate error message will appear.

HTTPS – Certificate Download (1)
Download IFU server certificate and/or IFU CA certificate (optional) :
• Download is done by using FTP/SFTP.

• PEM and DER certificate formats are supported.
• For downloading the IFU server certificate and/or IFU's CA certificate to the system, the
following steps must be fulfilled for each file type:
Determine certificate file name (“Admin” privilege).

Determine the certificate file type (“Admin” privilege): “Target Certificate” (for WEB
server digital certificate) or “Target CA certificate” (for WEB CA digital certificate).
Determine certificate file format (“Admin” privilege): Format could be PEM (for PEM
formatted file), or DER (for DER formatted file).
Determine whether to include the
CA certificate into the WEB configuration
definitions. This is an optional configuration
and is recommended for adapting the
WEB interface to all the WEB browsers
applications (“Admin” privilege).

HTTPS – Certificate Download (2)
After setting the above configurations, a “Download Certificate” command
should be issued.
The status of the download operation can be monitored. The returned status
values are: “ready”, “in-progress”, “success”, “failed”.
It is recommended to “refresh” the WEB page when certificate download

operation is terminated.
To apply the new certificate, the WEB server should be restarted (“Admin”
privilege). WEB server will be automatically restarted when it is configured to
HTTPS.

HTTPS - Activation
WEB interface protocol can be configured to be HTTP (default) or HTTPS

(cannot be both at the same time).
While switching to HTTPS mode, the following must be fulfilled:

• WEB server certificate file exist.
• Certificate public key is compatible to IFU’s private key.
• If one of the above tests fails, the operation will return an appropriate error
indication.
• Open WEB Browser and type the URL ”https:\\<IP of target IFU>”.
Note:
This parameter is NOT copied when “copy to mate” operation is initiated,
for security reasons (unsecured unit should not be able to override security
parameters of secured unit).

SFTP (Secure FTP)
SFTP can be used for the following operations:
• Configuration upload/download,
• Upload the unit info.
• Upload public key.
• Download certificate files.
• SW download

Users, Groups & Passwords
Adding Users
To add / edit users & groups click on the

item as shown in the captured imaged (left)
Click Add User to add new users…

Adding Users

Adding Users
New users will be required to change their password when

they log in for the first time

Changing Password
A valid password should be a mix of upper and lower case letters, digits, and other
characters.
You can use an 8 character long password with characters from at least 3 of these 4
classes. An upper case letter that begins the password and a digit that ends it do not
count towards the number of character classes used.

Changing Password
Good example:
L00pBack – using capital letters, small letters and digits (zeros instead of “O”)
Bad example:
Loopback – missing digits or other characters
Loopbacks – using more than 8 characters

Thank You

XpandIP+ Additional For Advance Course PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

XpandIP+ Additional For Advance Course PDF

Uploaded by

Copyright:

Available Formats

Introduction to IEEE 802.

Prior to taking this module, trainee should be familiar with the

2 Proprietary and Confidential

3 Proprietary and Confidential

A Layer 2 Protocol which enables enhanced

4 Proprietary and Confidential

Regular ETH networks forward broadcast frames to all endpoints

5 Proprietary and Confidential

VLAN networks forward broadcast frames only to pre-defined ports

6 Proprietary and Confidential

• Breaking large networks into smaller parts (Formation of virtual workgroups)

• Simplified Administration (no need for re-cabling when user moves)

• Security – establishing tunnels / trunks through the network for dedicated

7 Proprietary and Confidential

8 Proprietary and Confidential

FCS is created by the sender and recalculated by the receiver

Preamble + SFD DA SA Length / Type DATA + PAD FCS

Minimum 64 Bytes < FRAME SIZE < Maximum 1518 Bytes

Length / Type < 1500 - Parameter indicates number of Data Bytes

9 Proprietary and Confidential

• Additional information is inserted

Preamble + SFD DA SA VLAN TAG Length / Type DATA + PAD FCS

P‐TAG CFI VLAN ID

10 Proprietary and Confidential

VLAN ID uses 12 bits, therefore the number of maximum VLANs is 4096:

• After tagging a frame, FCS is recalculated

11 Proprietary and Confidential

Later when we discuss QoS, we shall Q‐in‐Q (other vendors) 0x9200

demonstrate how & why the system RARP 0x8035

12 Proprietary and Confidential

Every switch port is associated with specific VLAN membership

• PRO – easy configured

13 Proprietary and Confidential

CON – needs to be assigned

14 Proprietary and Confidential

Main disadvantage – longer overall throughput

15 Proprietary and Confidential

Access Port – a port which is not aware of VLANs

Device unaware of VLANs Switch tags the ingress

16 Proprietary and Confidential

Trunk Port – a port which is aware of VLANs

17 Proprietary and Confidential

Trunk Port can carry tagged frames with different VIDs.

18 Proprietary and Confidential

• Additional VLAN (S-VLAN) is inserted

Preamble + SFD DA SA S ‐ VLAN C ‐ VLAN Length / Type DATA + PAD FCS

TPID = 0x88A8 TCI TPID = 0x8100 TCI

P‐TAG CFI VLAN ID P‐TAG CFI VLAN ID

19 Proprietary and Confidential

Enhanced security – not exposing original VID

Improved flexibility of VID in the network

20 Proprietary and Confidential

22 Proprietary and Confidential

Frames/services are mapped to MPLS FECs according to:

23 Proprietary and Confidential

It shows the ingress options 1 0 0 0 0 0 0 0 0

24 Proprietary and Confidential

• The default priority used for transmission by end stations is 0

25 Proprietary and Confidential

26 Proprietary and Confidential

• IEEE 802.3ac : Ethernet (Max. frame size = 1522 bytes)

27 Proprietary and Confidential

1. VLAN TAG Attributes