Professional Documents
Culture Documents
CTR 8540 3.4.0 Getting Started Configuration - June2017
CTR 8540 3.4.0 Getting Started Configuration - June2017
260-668254-001
GETTING STARTED CONFIGURATION
IV AVIAT NETWORKS
GETTING STARTED CONFIGURATION
Or you can contact your local Aviat Networks office. Contact information is
available on our website at: http://www.aviatnetworks.com/services/customer-
support/technical-assistance/
VI AVIAT NETWORKS
GETTING STARTED CONFIGURATION
FCC Notices
l ODU 600, 5.8GHz, must be professionally installed and maintained.
l This equipment has been tested and found to comply with the limits for
a Class A digital device, pursuant to Part 15 of the FCC rules. These
limits are designed to provide reasonable protection against harmful
interference when the equipment is operated in a commercial
environment. This equipment generates, uses and can radiate radio
frequency energy and, if not installed and used in accordance with the
instruction manual, may cause harmful interference to radio
communications. Operation of this equipment in a residential
environment is likely to cause harmful interference in which case the
user will be required to correct the interference at their own expense.
l ODU 600, 5.8GHz, is compliant with the relevant parts of FCC CFR47,
Part 15.407.
l To ensure compliance with the FCC RF exposure requirements, a
minimum distance of 18 meters must be maintained between the
antenna and any persons whilst the unit is operational. This calculation
is based on the maximum conducted power and maximum antenna
gain.
l ODU 600, 5.8GHz, has been certified for use with a parabolic antenna
with a maximum gain of 45.9dBi or a flat panel antenna with a
maximum gain of 28dBi.
l The filters and software provided with this product allow for
transmission only in the frequency range 5725 – 5850 MHz to ensure
compliance with Part 15.407.
l According to the conducted power limit in FCC CFR 47, Part 15.407, the
power for this device has been limited to 1W (30dBm) at the antenna
port.
l FCC CFR47, Part 15.407 excludes the use of point-to-multipoint
systems, omnidirectional applications and multiple co-located
intentional radiators. This system is only for fixed, point-to-point
operation.
WEEE Directive
In accordance with the WEEE Directive (2012/19/EU), CTR 8540, CTR 8312, CTR
8311, and CTR 8380 is marked with the following symbol:
This symbol indicates that this equipment should be collected separately for the
purposes of recovery and/or recycling.
For information about collection and recycling of Aviat Networks equipment
please contact your local Aviat Networks sales office. If you purchased your
product via a distributor please contact the distributor for information regarding
collection and recovery/recycling.
More information on the WEEE Directive is available at our website:
http://www.aviatnetworks.com/products/compliance/weee/.
(WEEE is the acronym for Waste Electrical and Electronic Equipment)
RoHS Directive
CTR 8540, CTR 8312, CTR 8311, and CTR 8380 meets the requirements of ROHS
directive 2011/65/EU.
X AVIAT NETWORKS
GETTING STARTED CONFIGURATION
http://aviatnetworks.com/doc/ODU600spCTR8380.pdf
http://aviatnetworks.com/doc/ODU600spCTR8540.pdf
Contents
Overview
This Getting Started Guide is intended for use at new installations where the CTR
is received with factory defaults loaded.
It is applicable to SW release 3.4 for CTR 8500 and CTR 8300.
The guide overviews CTR configuration using CLI, and introduces CTR Portal, the
menu-based Web GUI for CTR 8500, and CTR 8300.
l Mention of CTR 8500 in this guide refers to the CTR 8500 product
family, which currently comprises the CTR 8540.
l Mention of CTR 8300 in this guide refers to the CTR 8300 product
family, which currently comprises the CTR 8312, and CTR 8311.
To configure CTR 8500 and CTR 8300 using its Web GUI, refer to the CTR Portal
Manual.
NOTE: Fo r i n fo rma ti o n o n ma n a g e me n t a cce ss u si n g Avi a t's Pro Vi si o n EMS,
o r o n SN MP u sa g e , co n ta ct Avi a t N e tw o rks.
To view health and safety requirements see Health & Safety on page 199.
Introduction
CTR 8500 and CTR 8300 provide in one compact carrier-class platform fully
integrated microwave link, L2 switch, and L3 router functions.
l The converged operation ensures interworking between microwave and
IP network links is optimized.
l Operation is uplink agnostic with options for IF or Ethernet connected
microwave, copper, or fiber media.
Contexts
aos# (Aviat operating system) indicates the privileged exec mode. It is the
prompt presented upon successful login.
l To enter the global configuration mode enter c t (configure terminal)
at the aos# prompt e.g.. aos# c t, at which point a prompt of aos
(config)# is returned.
l To enter the VLAN configuration mode enter aos(config)# vlan
<VID>, at which point a prompt of aos(config-vlan)# is returned.
o <> brackets denotes the user must input values specified, in this
instance the VLAN ID.
l To enter the interface configuration mode enter aos(config)# int gi
<port number>,(e.g. aos#(config)# int gi 0/4) at which point a
prompt of aos(config-if)# is returned.
o gi 0/4 indicates Ethernet switch port 4.
l Other modes such as aos(config-swl)# for software loading, and aos
(config-switch)# for switch configuration are illustrated in the
following sections. For a full showing of contexts refer to the CLI
Reference Manual.
l Enter 'exit' to go back one prompt level i.e. enter aos(config-vlan)#
exit to go back to aos(config)#.
l Enter 'end' to return to the aos# prompt from any level.
o Where your laptop has a COM port, connect to the CTR RJ-45
Maintenance V.24 port using the CTR serial cable (DB-9 female to
RJ-45, 2m). This cable is available as an accessory from Aviat
Networks, part number 037-502517-001.
o Where you laptop does not have a COM port, connect using a serial
USB adapter.
n For CTR 8540 an external adapter is required. A suitable USB to
DB-9 male adapter is available as an accessory from Aviat
Networks, part number 009-440084-001.
o The serial USB adapter is used in conjunction with the CTR
serial cable to complete connection to the CTR Maintenance
V.24 port.
o The serial USB adapter from Aviat Networks is WIN 7, WIN 8,
MAC OS compatible. Separate driver software is not required.
n For CTR 8300 a built-in adapter behind the Micro USB
Maintenance port provides USB-to-serial conversion.
o PC to CTR connection is via a standard USB to micro USB
adapter cable.
n CTR 8300 also has a standard RJ-45 Maintenance V.24 port,
which like the CTR 8540 requires an external serial USB to DB-9
male adapter, and a serial cable to complete the connection.
l Ethernet switch-port access is provided using a standard RJ-45 to RJ-45
Cat5 cable. A suitable cable (2m) is available as an accessory from
Aviat Networks, part number 037-579124-001.
l Both Serial and Telnet (or SSH) require a terminal emulation program
such as freeware 'PuTTY'. Download and install your preferred terminal
emulation program from the relevant supplier. The application can be
pinned to your PC task bar for easy on-going access.
l Secure SSH network access to a CTR can be forced by turning off Telnet
access using the command:
aos(config)# no feature telnet
To re-enable:
aos(config)# feature telnet
Procedure:
l Check/set your PC COM port settings.
Connection
CLI access from your PC is enabled through use of a terminal emulator, such as
PuTTY.
l Open and set the terminal emulator settings. Using PuTTY, the basic
options to load for a Telnet session are:
o IP address: 192.168.1.1 (CTR default IP address)
o Connection type: Telnet
o Port 23
Save these settings in PuTTY under Saved Sessions using a name such
as: CTR Telnet.
l Fit an RJ45 cable from your PC to the CTR front panel switchport 1.
l Open PuTTY, load the saved CTR Telnet session, and click Open.
l At the login prompt enter root (the default user name), followed by
the password (default: admin123 ). See Login on page 23.
NOTE: SSH ac c es s is s upported us ing C onnec tion ty pe: SSH , and Port:
22. At login y ou may be pres ented w ith a s ec urity alert notice w ith options
to add the hos t k ey to PuTTY' s c ac he. Selec t the Yes option.
Login
When a CLI session is opened you will be presented with the login (user name)
and password prompts.
For a new installation enter the default user name of root, followed by the
default password of admin123 , at which point the CTR 8500 or CTR 8300 End
User License Agreement is presented together with the terms by which you
enter into this agreement. This is followed by the aos# (Aviat operating system)
prompt, at which point the CTR is available for configuration.
l The End User License Agreement is presented as a one-time event after
power-up, and unless accepted, any subsequent reboot.
New user names and passwords can be created and assigned to individual users
after Login.
You will be logged out automatically after a period of being logged in without
activity: Idle Timer expired, Timing Out !!!
Otherwise you will be logged out when closing your terminal emulation program
e.g. 'PuTTY'.
Administrative Privilege
The default root user password of admin123 provides executive access
(privilege level 15).
l The root user has full administrative privileges and can access all
aspects of the system.
l The root user cannot be deleted, but the default root user password can
be changed.
l The administrator must log in as a root user to create or delete other
users, or to change user passwords.
The default guest user password for limited-privilege access is guest123 (view-
only, privilege level 1).
NOTE: Currently only privilege levels 15 and 1 are supported. Entry of a level
between 1 and 15 will result in view-only access (level 1).
For example: username root password Admin3213$ disables the default root
password of admin123, and replaces it with Admin3213$.
To create an additional user name and to set its password and privilege level:
aos(config)# username <user name> password <password> privilege <1-15>
aos(config)# config save
For example: username admin password Net3443* privilege 15 creates the user
name of admin with a password of Net3443* and a privilege level 15 for full access
rights.
Other related commands:
To delete a user and password (a currently active user cannot be deleted):
aos(config)# no username <user name>
ProVision Access
To access a CTR device under Aviat's ProVision EMS, SNMP must be enabled on
the CTR and a local user account established.
l The network administrator should determine the policy for SNMP
access, user-name, and password setting.
SNMP access is controlled through read and write SNMP community strings,
which define the relationship between the ProVision SNMP server and the CTR -
they act like passwords to control CTR's access to the server.
Procedure:
Configure the following on each CTR device. Refer to the CTR 8500/8300 CLI
Reference Manual for details.
LLDP
LLDP is default enabled on CTR 8540 and CTR 8300 to allow bridges to advertise
their capabilities, and to learn about the capabilities of other devices on the
same LAN. It is used by ProVision to provide a unified network management
view of the LAN topology and connectivity for network administration and
trouble-shooting. The CTR implementation conforms to IEEE 802.1AB (2005).
l A network administration station connected to one bridge is able to
access connectivity information on the complete network.
l The information is sent using LLD Protocol Data Units (LLD PDUs).
The out-of-box default is for TACACS+ to be disabled and for local login to be
enabled. The following sections describe how to enable the TACACS+ functions.
Deconfiguring TACACS+
Deconfigure a TACACS+ server so it is no longer used by the CTR:
aos# configure terminal
aos(config)# no tacacs-server [<index(1-3)>]
Configure local AAA method (instead of TACACS+):
aos(config)# login authentication local
Deconfigure TACACS+ Accounting if required:
aos(config)# no aaa accounting login tacacs
Show Commands
Show configured TACACS+ servers:
aos# show tacacs-server [<index(1-3)>]
Show configured AAA method:
aos# show aaa
The revert timer function should be used where planned configuration changes
may cause loss of management connectivity or remote-end connectivity, or
where there is potential for the change to disorder or corrupt an existing
configuration.
l The revert timer captures a snapshot of the current config, which will
be returned as the operating config if the timer is allowed to expire.
l While the revert timer is active, it will reset to its original time-out
value every time a configuration change is made (but the snapshot
remains as that which was captured at the revert-timer command).
l If a config save command is entered before timer expiry, the timer
function is aborted.
l If the timer is allowed to expire the terminal is rebooted and returned
with the snapshot config.
l A revert-cancel command is available to rescind the return to the
snapshot providing it is set within the time-out period after login
following the re-boot.
o This command applies after the terminal has rebooted and you have
determined there are no issues that require a revert to the saved
snapshot.
To set the revert timer:
aos# c t
aos(config)# revert-timer <seconds>
Output:
---------------------
VcId VRF-Name Interfaces
---- ------- ----------
0 default vlan1, vlan2
Out-of-Box Defaults
Use these show commands to view current and subsequent changes to
management access.
To view the current configuration:
aos# show running-config
To show the current management VLAN and port, and port type:
aos# show management
Current Management vlan = 2
Member ports: Gi0/1
Port type: out-of-band
NOTE: A rev ert timer func tion is av ailable to avoid loss of acc ess as a
result of c onfiguration c hanges that may c ause loss of connectivity. See
Confi gurati on Save and Revert Ti mer on page 27.
The following example illustrates management access change for port, VID, and
IP address:
l Switch port 4 is to be activated and set as the local management access
port
o When a port is activated its context (name of the switch) must be
specified. Currently this must be specified as: map switch default.
l VLAN 101 is to be set as the management VLAN (on port 4)
o For out-of-band (local PC) management the VLAN must be specified
as: untagged
l Management (terminal) IP address is to be set as 192.168.4.52
255.255.255.0
l VLAN 2 is to be shut down
To verify IP address:
aos# show ip int
To remove the default IP address from the default management VLAN, VLAN 2:
aos(config)# int vlan 2
aos(config-if)# shut
aos(config-if)# no vlan 2
aos(config-if) end
Because your PC is not VLAN aware, this process of changing the management
port and VID will also add the default VLAN 1 to the port 4 management port,
and add the management VLAN 101 to port 1.
To remove the VLAN 1 port association:
aos(config)# vlan 1
aos(config-vlan)# no ports
aos(config-vlan)# end
This process of adding a management port will also add the default VLAN 1 to
port 3.
To remove the vlan 1 port association:
aos(config)# vlan 1
aos(config-vlan)# no ports
aos(config-vlan)# end
Routed Management
Routed management using OSPF is an option available from SW release 3.0
onwards. It is particularly applicable in CTR 8500 and CTR 8300 networks
extended from Eclipse or other network devices using routed management.
l OSPF provides the dynamic routing function - NMS interfaces are
configured for OSPF.
The following example illustrates basic CTR 8540 / Eclipse MNS interoperation.
l Eclipse and CTR 8540 #1 are on the same subnet, with an Ethernet
cable connection between Eclipse DAC GE3 and CTR port 1.
l On Eclipse, an in-band bridged mode NMS connection is configured
between the NCC and DAC GE3 modules. Alternatively a RJ-45 cable
connection can be used between the NCC and DAC GE3 front panel
ports. Eclipse is configured using its Portal craft tool.
o In the Networking screen Interface addressing is used with OSPFv4
is selected on the required interfaces.
o Eclipse NMS is assigned to VLAN 2, priority 7 in the Networking > In-
Band screen.
l The co-located CTR 8540 #1, is port 1 connected to the Eclipse DAC
GE3.
o VLAN 2 on port 1 is the default local OOB NMS port. This is reset for
in-band management. VLAN 2, the default management VLAN, is
retained.
o OSPF is configured on port 1 and on the radio interface ra 2/1.
l On CTR 8540 #2 OSPF is configured on the radio interface ra 2/1. The
management PC is connected to the default OOB management port; gi
0/1, VLAN 2. A default gateway should be set on the PC (192.168.5.1),
otherwise static routes can be set to provide access to the remote
terminals.
Figure 1. Simple CTR-Eclipse Routed Management Example
Eclipse Configuration
Eclipse NMS is assigned on VLAN 2 and included on the DAC GE3 trunk port
connection to the co-l0cated CTR 8540 #1.
l A bridged in-band connection is configured in the Networking > Inband
NMS screen with a user designated VID (2) and CoS priority (7). The
resulting VLAN is viewable in the DAC GE3 VLAN screen under VLAN
Membership, with a port designation of NMS. For configuration
information refer to the Eclipse User Manual > Volume 4 > Networking.
l In the Networking screen Interface addressing is selected, and on the
required interfaces IP addresses entered and OSPFv4 enabled.
Enable OSPF, set router ID, and add networks into routing table:
aos(config)# router ospf
aos(config-router)# router-id 192.168.3.2
aos(config-router)# network 192.168.3.2 area 0.0.0.0
Set VLAN 2 interface IP address (on default OOB local management port gi 0/1):
aos# c t
aos(config)# int vlan 2
aos(config-if)# ip address 192.168.5.1 255.255.255.0
aos(config-if)# no shut
aos(config-if)# ex
Enable OSPF, set router ID, and add networks into routing table:
aos(config)# router ospf
aos(config-router)# router-id 192.168.5.1
aos(config-router)# network 192.168.5.1 area 0.0.0.0
aos(config-router)# network 192.168.121.2 area 0.0.0.0
aos(config-router)# end
To verify the OSPF routing table on the CSRs, and that the subnet has been
learnt:
aos# sh ip ospf route
To configure the bridge from the default Customer mode to Provider Edge, first
revert to factory defaults:
l Restore factory defaults (see Revert to Default Config on page 44):
aos(config)# config load factory-defaults revert-timer <seconds>
Wait for the reboot to complete, login, and cancel the revert timer:
aos(config)# no revert-timer
l Disable the following non-applicable protocols:
aos(config)# sw default
aos(config-switch)# shutdown spanning-tree
aos(config-switch)# set gvrp disable
aos(config-switch)# set gmrp disable
aos(config-switch)# shutdown garp
aos(config-switch)# no ethernet cfm start
aos(config-switch)# exit
l Set Provider Edge mode:
aos(config)# bridge-mode provider-edge
Customer Bridge
To return to Customer mode from Provider Edge, first revert to factory defaults:
l Restore factory defaults (see Revert to Default Config on page 44):
aos(config)# config load factory-defaults revert-timer <seconds>
Wait for the reboot to complete, login, and cancel the revert timer:
aos(config)# no revert-timer
l Set customer mode:
aos(config)# bridge-mode customer
Transparent Bridge
enabled. As all port members belong to VLAN 1 they are included in the
same broadcast group and VLAN tags are ignored. Hence,
communication between the ports is 'transparent' - all tagged frames
received on one member port are forwarded to all other member ports
of VLAN 1.
l The creation of VLAN 4094 and associated adding of all ports, and the
transparent mode setting on VLAN 1 and associated adding of all ports,
is established using the command: set transparent enable.
l To disable transparent mode: set transparent disable
If these radio ports are also used for in-band management then add:
aos(config)# int radio 1/1
aos(config-if)# management
aos(config-if)# exit
aos(config)# int radio 1/2
aos(config-if)# management
aos(config-if)# exit
and
aos# show vlan port config
Port Type
A port type selection configures the bridge port type. Applicable types include:
l Customer Bridge Port customerBridgePort. This is the default port
type for a customer bridge and a provider bridge. Management access
can be 'in-band' or 'out-of-band'.
l Customer Edge Port customerEdgePort. This is the default port type
for a provider edge bridge. This port type only supports 'in-band'
management access.
l Proprietary Provider Network Port propProviderNetworkPort. This
option is required to enable 'out-of-band' management access when the
bridge mode is provider edge.
l Provider Network Port providerNetworkPort. This option is applicable
in provider bridges. The port is connected to a single provider.
Management access is 'in-band'.
l Customer Network Port customerNetworkPort. Sets the bridge port
type as customer network port. It has the following options:
o port-based
o s-tagged
o c-tagged
Example: to change port type on port 0/2 to propProviderNetworkPort:
aos(config)# int gi 0/2
aos(config-if)# bridge port-type propProviderNetworkPort
aos(config-if)# end
To verify IP address:
aos# show ip int
For more information see: Changing IP Address and Local Management Access
on page 29.
To enable a PoE port e.g. port 1 on a PoE module in slot 3, and set a max power
e.g. 60W:
l Max permissible power is 70W
l An alarm will be raised if the power draw exceeds the set max
aos(config)# int gi 3/1
aos(config-if)# map switch default
aos(config-if)# no shut
aos(config-if)# power inline auto max 60000
aos(config-if)# end
if a specific MTU size was set in a prior SW release, the set size will be
retained in the 3.0 upgrade.
l The MTU defines the largest frame size that can be passed by an
interface without the need for fragmentation.
l Its configuration requires the interface(s) to be shutdown (If the
interface selected is not enabled, its shutdown is not required).
NOTE: In C TR , the Max imum Trans mis s ion U nit (MTU ) setting applied to
an ethernet port or Inter VLAN R outing (IVR ) interface configures the
pay load w hic h lay er 2 c an ac c ept from the next higher layer. The default
MTU for ethernet and IVR interfac es in C TR is 1542 bytes. This w as
chosen to enable mos t internet applic ations to w ork over MPLS VPN
servic es . In the implementation of many other vendors, the interface MTU
is us ually tak en to be the max imum lay er 2 pack et size including layer 2
enc aps ulation. W hen inter-operating agains t suc h equipment, the
interfac e MTU v alue on C TR w ill hav e to be changed in order for IP
routing and MPLS protoc ols to inter-operate. For example, w hen w ork ing
w ith a dev ic e w hic h us es the different definition of MTU and a default
value of 1500 By tes , the MTU on C TR s hould be set to 1486 bytes.
To add a member port or ports to a VLAN e.g. VLAN 7 on ports 2 to 5, with ports
2, 4, 5 supporting tagged operation, and port 3 untagged:
aos(config)# vlan 7
aos(config-vlan)# ports add gi 0/2-5 untagged gi 0/3
aos(config-vlan)# end
l If a port is not specified as untagged it permits transmission (egress) of
frames with its specified VLAN tag (VID).
l If a port type is specified as untagged, frames are sent (egressed)
without a VLAN tag. Typically used on ports connected to an end-user
device, such as a PC.
l If 'add' is not included in the command, as in ports add gi 0/2, then any
NOTE: When a port is set as a trunk port it becomes a member of all VLANs. The
VLAN setting for such a port should not be directly modified at the VLAN level as
this may trigger errors. Instead the command "switchport trunk allowed vlan
add/remove vlanid" should be used. Normally this command would only be used
to remove a VLAN on a trunk port - or add it back in.
Wait for the reboot to complete, login, and cancel the revert timer:
aos(config)# no revert-timer
Slot Configuration
To set the expected plug-in module for a CTR 8540 slot. Applies to:
l POEx2 - Dual Power over Ethernet
l PWR - Redundant Power Supply
l PWRAUX - Redundant Power and Auxillary (not available at SW release
3.4)
l RACx1 - Single Radio Access
l RACx2 - Dual Radio Access
SW Loading
NOTE: SW loading is bes t performed us ing C TR Portal rather than C LI. It
is eas ier/fas ter.
When using CLI the operating SW is installed from a server whose location and
the required SW build is specified during the SW loading process. Telnet
connection to the CTR management port is required (do not use the serial V.24
Maintenance port).
l The following procedure is based on downloading a SW pack to your PC,
copying it to an http server on your PC, from where it is accessed and
installed on a CTR terminal.
l Once a terminal is operating within a network, new (updating) SW
would normally be installed remotely from a server located at the
network hub, using ProVision or other network management system.
For more SW load options, such as the activation timer, refer to the CTR
8500/8300 CLI Reference Manual.
NOTE: User configurations are retained for the current and prior SW versions.
Reversion to a prior version will install the configuration last saved with that
version. Similarly, return to a latter version will load the configuration saved
with that version - changes made while operating under an earlier version will
not be carried into latter versions.
l When a new SW version is loaded a configuration upgrade only runs
once; on the first boot up following the upgrade to the new version.
l From this point onwards the current and prior configurations are
completely independent.
l This means that if software is reverted to a previous version, any
changes to configuration made under this version will not be available
on the latter version after a subsequent return (reload) of the latter SW
version. Rather the configuration that was last used on that latter
version will be loaded.
Recommendations:
l Software should always be upgraded in ascending version order; avoid
rolling back to older versions where possible.
l If software version rollback is unavoidable, any configuration changes
made under the earlier software version will need to be reapplied after
subsequent software upgrade.
Procedure
This procedure is based on use of portable server Lighty2Go.
l Copy the downloaded CTR SW pack file (.swpack) to the HTDOCs folder
within the Lighty2Go folder.
o The SW pack will be automatically identified and installed from this
folder.
l Activate Lighty2Go by double clicking on the Start-Lighty batch file.
o After completion of the SW load process, double click on the Stop-
Lighty batch file. Otherwise it will remain available until PC
shutdown.
To confirm the current SW load:
aos# show swload
aos(config)# swload
aos(config-swl)# load-uri http://<IP address of your PC>/<sw file>.swpack
The loading process takes several minutes. During this time aos# show swload
can be used to verify the load action and its percent (load progress) completion.
Repeat aos# show swload to review load progress.
On load completion a terminal reboot is forced. On re-start a new login is
required.
To rollback to the previous load:
aos(config-swl)# rollback
If a load problem persists, won't load, or doesn't load correctly, or you wish to
abort the load, an abort command is used to return SW loading to an idle state,
which is required before any new load action is attempted. This can be
performed at any time up to the start of the SW activation process, after which
the rollback command must be used.
To abort a SW load:
aos(config-swl)# abort
License Loading
NOTE: Lic ens e loading is bes t performed us ing C TR Portal rather than
C LI. It is eas ier/fas ter.
Llicenses are available for Capacity, ACM operation to 256 QAM, ACM operation
to 1024 QAM, XPIC operation, 8x front panel switchport enable, SFP port enable,
TDM port enable, FPM (flexible power mode) for ODU 600 or ODU 600sp, and
Carrier Ethernet.
currently used).
l Type > dynamic indicates that license usage is assigned as-required,
such as ACM usage, which is assigned per-RAC when RACs are
configured for ACM operation.
l Type > static indicates that license usage is fixed (applied per-
chassis).
Example:
aos# clock set 18:04:10 18 october 2013
This command does not enable adjustment of time relative to UTC (Coordinated
Universal Time). UTC is set using an SNTP command, which first requires SNTP
enable. For example, to set UTC + 6.00 hours:
aos(config)# sntp
aos(config-sntp)# set sntp client enabled
aos(config-sntp)# set sntp client time-zone +6.00
Radio Configuration
NOTE: R adio c onfiguration is bes t performed using C TR Portal rather
than C LI. It is eas ier/fas ter.
Refer to:
l Radio Link Configuration on page 50
l Protected Radio Link Operation on page 53
l CCDP/XPIC Link Operation on page 58
l Protected CCDP/XPIC Link Operation (CTR 8540) on page 59
l ODU 600T/OBU Operation on page 61
l L1LA Operation on page 61
l L1LA Lite for CTR 8312 on page 64
l IDQ Optimization on page 65
l CTR 8500/8300 Configuration on page 14
Before configuring the radio elements check that the appropriate capacity and
any required feature (ACM, FPM) licenses are installed, and the RAC module is
plugged-in.
NOTE: CLI allows configuration of RAC/RFU radio elements without connection
to its intended RFU (ODU or IRU 600). If configured elements are not compatible
with the RFU, alarms will be raised when connection to the RFU is established.
At SW release 3.4 operation is supported on channel bandwidths of:
o ETSI: 3.5, 7, 14, 28, 40, 55 MHz.
o ANSI: 3.75, 5, 10, 20, 25, 30, 40, 50, 60, 80 MHz.
To set channel bandwidth:
l For the specified radio interface, ETSI or ANSI is entered together with
the bandwidth in MHz (for CTR 8312 the radio interfaces are identified
as 0/1 and 0/2; for CTR 8311 it is 0/1).
aos(config)# int ra 2/1
aos(config-radio)# bandwidth etsi 28
To set Tx power:
l Tx output power is set in steps of 0.1 dBm.
aos(config)# int ra 2/1
aos(config-radio)# power 10.3
To un-assign:
aos(config)# int ra 2/1
aos(config-radio)# no high-power
To disable ATPC:
aos(config)# int ra 2/1
aos(config-radio)# no atpc
To disable:
aos(config)# int ra 2/1
aos(config-radio)# no atpc fcc-compliant
Payload Encryption
To remove:
aos (config)# no payload-encryption enable
NOTE: Pay load enc ry ption w ill reduc e the maximum capacity of a link.
Example Link:
Configuration is identical for the local and remote sites except for the
synchronous mode NW clock settings.
l Intra-RAC protection requires configuration of synchronous mode on
the protected interfaces.
Configure hot-standby on RACx2 interfaces 2/1, 2/2 (Note that the lowest
numbered interface, in this case 2/1, must be specified for primary):
aos(config)# set prot 1 type hot-standby primary 2/1 secondary 2/2
To disable protection:
l The two interfaces are returned to non-protected operation, with each
retaining the radio settings established under protected operation.
aos(config)# no int prot 1
CAUTION: Before disabling protection, one of the links should be Tx muted to prevent
the potential for interference between the two identically configured radios.
Even though interfaces 2/2 and 4/2 are not used they must also be set
for protected operation. Interface 2/2 has the lowest numbered
interface, so it is specified for primary:
aos(config)# set prot 2 type hot-standby primary 2/2 secondary 4/2
o With interfaces 2/2 and 4/2 not used no further configuration of
these interfaces is required.
o If interfaces 2/2 and 4/2 are to be used to establish a second
protected link, a separate configuration for the primary interface
and secondary interface, and protection type, is required.
Configuration is identical for the local and remote sites except for the
synchronous mode NW clock settings.
Show Commands
The following show commands are available to verify radio interface, link
configuration, and status:
aos# show radio link
aos# show radio features
aos# show sensor
aos# show radio diagnostic
aos# show protection
aos# show int status
aos# show rxperf
Diagnostic Commands
Diagnostic commands are available to enable and disable the following actions.
For detailed information refer to the CR 8500/8300 CLI Reference Manual, or
open a CTR Portal session.
l Lock a modem onto a particular modulation
l Force an IF loopback
l Disable modulation (carrier only)
l Set a Tx mute
l Disable the power supply to an RFU
l View the XPD on an XPIC link. An XPD-proportional voltage is provided
at the RFU BNC connector (supported RFUs only).
2+0 XPIC operation is supported on CTR 8540 with a RACx2 module, and on CTR
8312 . Interface 1 (ODU1) is fixed for vertical polarization (must be connected
to the ODU connected to the vertical port on a dual-pol antenna), interface 2
(ODU2) is fixed for horizontal.
l XPIC operation requires a feature license. One XPIC license is
consumed per RACx2.
l A suitable dual-polarity antenna is required - refer to the CTR
8500/8300 Installation Guide for more information.
l Only one interface, ODU1, of the RACx2 needs to be XPIC enabled to
enable XPIC across both interfaces.
o Both interfaces must be separately configured for the same
frequency and channel bandwidth.
n Tx power and modulation do not need to be the same but to avoid
impacting the effectiveness of the XPIC function they should be
the same.
n Adaptive modulation can be used. The two links operate their
ACM stepping independently.
To disable XPIC:
l The two interfaces are returned to non-XPIC operation, with each
retaining the radio settings established under XPIC operation.
aos(config)# int ra 2/1
aos(config-radio)# no xpic
CAUTION: Before disabling XPIC one of the links should be Tx muted to prevent the
potential for interference between the two identically configured radios.
Two RACx2 modules are used to provide 2+2 XPIC operation - two XPIC links
are hot-standby or space-diversity protected.
l Two protected links are established using inter-RAC protection on
RACx2 modules, after which XPIC is enabled.
l Operation requires an XPIC feature license.
Step 4: Repeat steps 2 and 3 for int ra 2/2 and int ra 4/2 using the same
frequency, modulation, bandwidth, Tx power settings.
Step 5: Enable the protection instance:
aos(config)# int prot 1
aos(config-prot)# map switch default
aos(config-prot)# no shut
aos(config-radio)# exit
Step 8: Set XPIC operation between the protected links by enabling XPIC
on interface 1 of the primary RACx2:
aos(config)# int ra 2/1
aos(config-radio)# xpic
To set revertive switching and/or protection combiner (splitter) values, refer to the instruc-
tion under Example Protected Link above.
Settings are similar to ODU 600 except that ODU 600T can be set to Tx High or
Tx Low on bands 6 to 11 GHz. However, 5 GHz ODU 600Ts are fixed for Tx High
or Tx Low.
OBU Tx and Rx filter bandwidths for an ODU port are determined by the channel
bandwidth specified at time of OBU order, and are printed on the OBU label.
Measured Tx/Rx insertion loss figures are provided with each OBU.
When configuring an ODU 600T ensure that:
l Tx/Rx center frequencies are configured in keeping with the
corresponding OBU filter bandwidths.
l OBU Tx/Rx insertion losses are accounted for when setting/reading Tx
power, and reading measured RSL. Set/read figures are at the ODU
600T RF port, not at the OBU antenna port.
l ATPC must be set. This applies to fixed and adaptive modulation. Note
that settings for maximum and minimum Tx power under ATPC
operation must account for the OBU Tx insertion loss.
L1LA Operation
RACx2 and RACx1 modules for member links can be located in any CTR 8540
slot.
l The same slot relationship does not need to be maintained on CTRs at
each end of the L1LA trunk group.
NOTE: Vers ion 1 C TR 83x x do not s upport L1LA- only L1LA Lite.
L1LA Configuration:
The following example shows an L1LA configuration to group four member links.
The links could, as above, be simple 4+0, or 4+0 over two XPIC link pairs.
l The L1la engine is No. 1 (group 1)
l The L1LA group is named L1LA-North
aos(config)# l1la 1 group l1la-north
aos(config)# int l1la 1
aos(config-l1la)# ports add ra 2/1 ra 2/2 ra 4/1 ra 4/2
aos(config-l1la)# no shut
aos(config-l1la)# end
Where the L1LA group is to include protected links only the primary radio
interfaces are included in the 'ports add' row.
The L1LA interface is used in configurations where the group is the target, such
as the adding of L1LA interface to a VLAN:
aos(config)# vlan 7
aos(config-vlan)# ports add l1la 1
aos(config-vlan)# end
Show commands:
aos# sh l1la
aos# sh l1la status
L1LA Lite aggregates the capacity provided on one co-path or XPIC group of 2
member links supported from ODU1 and ODU2.
IDQ Optimization
IDQ optimization applies for an ODU that has a GaN PA (Power Amplifier),
currently all 6 GHz and 11 GHz, ODU 600, ODU 600T, and IRU 600 devices.
It resets the quiescent current (IDQ) on the PA to a value that equates to
optimum transmitted SNR. This calibration function is also performed
automatically on start-up or software upgrade.
l GaN devices can exhibit IDQ drift, which is a slow process.
l Re-calibration using the IDQ optimization command should only be
necessary when link SNR is found to be degraded under normal path
conditions (normal RSL). Current SNR values are displayed using the in
the command: aos# show sensor, and should be recorded at
commissioning for later comparison.
l At the outset, SNR values should be checked every quarter. This may
be extended to an annual check based on recorded performance.
l During the optimization process all traffic on the link is interrupted for
between 0.5 and 3 seconds.
l On a protected 1+1 or space diversity link the optimization process
To start the IDQ calibration procedure for a specific radio interface - in this
example ra 2/1:
aos(config)# int ra 2/1
aos(config-radio)# idq-optimization start
NOTE: Under normal use the show and stop commands are not required - the
calibration procedure will complete and stop automatically.
The following show commands are available to verify radio interface, link
configuration, and status. Use the show sensor command to view link XPD
(cross polarization discrimination):
aos# show radio link
aos# show radio features
aos# show sensor
aos# show radio diagnostic
aos# show protection
aos# show int status
aos# sh l1la
aos# sh l1la status
aos# show rxperf
Network Connectivity
Where terminals in the network are on the same subnet normal LAN connectivity
prevails.
Where terminals are on different subnets, static routing is used to enable
connectivity (dynamic routing is scheduled for a later SW release).
l IP routes are added to address all other terminals in the network, from
every terminal in the network.
aos(config)# end
Example:
aos(config)# ip route 192.172.6.0 255.255.255.0 192.168.1.12
To show ip routes:
aos# show ip route
Locate Me
A locate-me function is provided on CTR 8540 to physically identify it in an
equipment room by turning on a flashing light behind the Aviat logo on the CTR
front panel.
To turn on the locate-me function:
aos# locateme
To Show: Command
Current config running-config
Licenses and usage (License Count column shows the number of licenses license usage
of type; the Free Count shows the number of licenses available for use)
IP interfaces (and IP address) ip int
Interfaces interfaces
Active VLANs (and VLANs not active for which the port details are con- vlan
figured)
Management VLAN and interfaces management
QoS
NOTE: QoS c onfiguration is bes t performed using C TR Portal rather than
C LI. It is eas ier/fas ter.
The following CLI example illustrates basic QoS configuration using priority,
class and policy mapping, with scheduling at egress.
l For congestion avoidance using RED or WRED, see Congestion
Avoidance on page 76.
l Traffic policing (metering) is supported for CTR 8540.
l For more information refer to the CTR 8500/8300 QoS Configuration
Guide.
Options allow you to create a priority map, bind it to a VLAN or a port, and then
use any of the supported fields in the packet for classification (ipDSCP, ipTOS,
etc.). These mechanisms can apply regardless of a VLAN tag.
On VLAN tagged frames their CoS (Class of Service) 802.1p priority value is
used when determining port-port behavior through the switch. For native
(untagged) frames, the default priority of the input port is used. In both
instances a priority map is set on the active ports whereby the CoS value on the
ingressing frame (in-priority) is mapped by the classifier function to an egress
queue (regen-priority).
l On ingressing VLAN tagged frames the in-priority can be determined by
the CoS value in the VLAN tag.
Similarly a priority map can be set for ingressing DSCP (Differentiated Services
Code Point) tagged frames, whereby the DSCP value on the ingressing frame
(in-priority) is mapped by the classifier function to an 8-level (CoS value)
egress queue (regen-priority).
l The assigned regen value only impacts at the egress queue; the DSCP
value is retained beyond the switch.
l If an ingressing frame contains both DSCP and CoS tags, the DSCP tag
is used to determine QoS behavior within the switch.
l Ingress-to-egress port association on DSCP flows is MAC-learned.
Classifier Function :
Class maps and policy maps are set (are required) in support of the priority
mapping for Access Control List (ACL) purposes.
l A class map is used to isolate and name a traffic flow (or class) from all
other traffic. It sets the criteria to further classify a specific traffic flow.
l Once a flow is matched against class-map criteria, it is further
classified using the policy map.
l Multiple priority mappings can be mapped to a common class map, and
multiple class mappings to a common policy map. A common class map
would typically apply to all flows configured on an interface.
l The default policy map is map ID 1, class 1. If a policy map is not set
all class settings will be mapped to this default. Policy map setting
particularly applies where flows are to be metered, as for policing.
NOTE: Round Robin, Weighted Round Robin and Weighted Fair Queuing can (are
permitted) to drop high priority frames. Use of these schedulers is not
recommended when carrying high-priority traffic that must not be dropped e.g.
management or pseudo-wire. Instead, use schedulers with strict-priority
options such as Strict Round Robin, Strict Weighted Round Robin or Strict-
Weighted Fair Queuing, and ensure the essential traffic is assigned on queues 1
or 2 (priority 7 or 6 respectively).
The following diagram and configuration illustrates port-port connections and
egress queuing for a mix of tagged and untagged traffic. Traffic on switch ports
0/2, 0/3, 0/4 is bridged to radio (RACx2) port 2/1.
Configuration preconditions:
l Set Bridge Mode to Customer Bridge (default mode).
l Configure slot 2 for a RACx2 module.
l Install a Carrier Ethernet feature license.
l Install relevant radio link RAC/RFU capacity, FPM and ACM licenses.
l Configure radio link parameters using CLI or CTR Portal.
Procedure:
l Activate interfaces 0/2, 0/3, 0/4, 2/1. See: To Enable or Disable a
Port on page 40.
l Add Member ports to VLAN 10, VLAN 33, VLAN 110:
aos(config)# vlan 10
aos(config-vlan)# ports add gi 0/2 ra 2/1
aos(config-vlan)# exit
aos(config)# vlan 33
aos(config-vlan)# ports add gi 0/2 ra 2/1
aos(config-vlan)# exit
aos(config)# vlan 110
aos(config-vlan)# ports add gi 0/3 ra 2/1
aos(config-vlan)# end
In this example where all flows are to/from a common radio interface,
priority mapping for the radio interface 2/1 is not essential. However for
completeness it is shown here.
For VLAN and DSCP flows:
aos(config)# priority-map 11
aos(config-pri-map)# map int gi 0/2 in-priority-type vlanPri in-
priority 5 regen-priority 5
aos(config-pri-map)# exit
aos(config)# priority-map 12
aos(config-pri-map)# map int gi 0/2 in-priority-type vlanPri in-
priority 4 regen-priority 4
aos(config-pri-map)# exit
aos(config)# priority-map 13
aos(config-pri-map)# map int gi 0/3 in-priority-type vlanPri in-
priority 6 regen-priority 6
aos(config-pri-map)# exit
aos(config)# priority-map 14
aos(config-pri-map)# map int gi 0/4 in-priority-type ipDscp in-
priority 45 regen-priority 6
aos(config-pri-map)# exit
aos(config)# priority-map 15
aos(config-pri-map)# map int ra 2/1 in-priority-type vlanPri in-
priority 5 regen-priority 5
aos(config-pri-map)# exit
aos(config)# priority-map 16
aos(config-pri-map)# map int ra 2/1 in-priority-type vlanPri in-
priority 4 regen-priority 4
aos(config-pri-map)# exit
aos(config)# priority-map 17
aos(config-pri-map)# map int ra 2/1 in-priority-type vlanPri in-
priority 6 regen-priority 6
aos(config-pri-map)# exit
aos(config)# priority-map 18
aos( config-pri-map)# map int ra 2/1 in-priority-type ipDscp in-
priority 45 regen-priority 6
aos(config-pri-map)# exit
Congestion Avoidance
NOTE: C onges tion Av oidanc e c onfiguration is bes t performed using C TR
Portal rather than C LI. It is eas ier/fas ter.
Queue size setting and the more advanced congestion avoidance RED and WRED
algorithms apply to CTR 8540 only.
Queue Size
Queue size (depth) settings in bytes or packets are used to set the maximum
number of bytes or packets that a queue can hold, above which all packets are
dropped (tail dropped). It indicates to the TCP end hosts to cease transmission
of packets until tail dropping has ceased.
Queue size limits can be set in packets (frames) or bytes:
l Packet-based has queue limits of 1-7000.
l Byte-based has queue limits of 1-524287.
Configuration preconditions:
l Set Bridge Mode to Customer Bridge (default mode).
l Configure slot 2 for a RACx2 module.
l Install a Carrier Ethernet feature license.
l Install relevant radio link RAC/RFU capacity, FPM and ACM licenses.
l Activate interfaces 0/2, 0/4, 2/1. See: To Enable or Disable a Port on
page 40.
l Configure radio link parameters using CLI or CTR Portal.
Procedure:
l To configure a queue size on radio port 2/1:
Queue size in packets (frames) with a queue limit of 3000:
aos(config)# queue-template 10
aos(config-qtemplate)# algorithm taildrop-frames queue-limit 3000
aos(config-qtemplate)# exit
aos(config)# queue 6 int ra 2/1 queue-template 11
aos(config)# end
aos(config-pri-map)# exit
aos(config)# priority-map 11
aos(config-pri-map)# map int ra 2/1 in-priority-type ipDscp in-
priority 40 regen-priority 6
aos(config-pri-map)# exit
aos(config)# class-map 10
aos(config-cls-map)# match access-group priority-map 10
aos(config-cls-map)# set class 300 drop-precedence 0
aos(config-cls-map)# exit
aos(config)# class-map 11
aos(config-cls-map)# match access-group priority-map 11
aos(config-cls-map)# set class 400 drop-precedence 1
aos(config-cls-map)# exit
aos(config)# policy-map 100
aos(config-ply-map)# set policy class 300
aos(config-ply-map)# exit
aos(config)# policy-map 101
aos(config-ply-map)# set policy class 400
aos(config-ply-map)# exit
aos(config)# end
NOTE:
ERPS
The following example illustrates configuration of ERPS on a basic three-node
ring. Port-protection (as distinct from service-based protection) is used,
whereby if the ERPS control process blocks or unblocks a ring port, all traffic
through that port is affected.
l For service-based protection separate R-APS VLANs (and associated
traffic VLANs) are configured, with the RPL (Ring Protection Link) owner
for each R-APS VLAN applied on different nodes.
l Service-based protection is not currently supported.
l The default ERPS version is V2. Support for V1 provided.
For comprehensive instruction refer to the CTR 8500/8300 ECFM and ERPS
Configuration Guides. An ECFM example is provided at: ECFM on page 100.
Figure 4. ERPS Node Topology
Configuration preconditions:
l Set Bridge Mode to Customer Bridge (default mode).
l Configure slot 4 in Nodes 2 & 3 for the PoE module
l Install a Carrier Ethernet feature license.
Procedure:
l Shutdown/disable spanning tree, GVRP, GMRP, GARP, on all three
nodes:
aos(config)# switch default
aos(config-switch)# shutdown spanning-tree
aos(config-switch)# set gvrp disable
aos(config-switch)# set gmrp disable
aos(config-switch)# shutdown garp
aos(config-switch)# end
To verify that spanning tree and GARP are shutdown, GVRP, GMRP are
disabled, and Bridge Mode is configured as Customer Bridge (default
mode):
aos# show vlan device info
l Activate required Gig-E interfaces. See To Enable or Disable a Port on
page 40.
o Interfaces 0/2, 0/3, 0/9 on node 1.
o Interfaces 0/5, 4/2 node 2.
o Interfaces 0/3, 0/12, 4/1 on node 3.
For node 1:
aos(config)# vlan 100
aos(config-vlan)# ports add gi 0/2,0/3,0/9
aos(config-vlan)# exit
aos(config)# vlan 200
aos(config-vlan)# ports add gi 0/2,0/3,0/9
aos(config-vlan)# end
For node 2:
aos(config)# vlan 100
aos(config-vlan)# ports add git 0/5,4/2
aos(config-vlan)# exit
aos(config)# vlan 200
aos(config-vlan)# ports add gi 0/5,4/2
aos(config-vlan)# end
For node 3:
aos(config)# vlan 100
aos(config-vlan)# ports add gi 0/3,0/12,4/1
aos(config-vlan)# exit
aos(config)# vlan 200
aos(config-vlan)# ports add gi 0/3,0/12,4/1
aos(config-vlan)# end
For node 1:
aos(config)# ethernet cfm domain name clark level 5
aos(config-ether-ecfm)# service name rex vlan 100
aos(config-ether-ecfm)# mep crosscheck mpid 111 vlan 100
For node 2:
aos(config)# ethernet cfm domain name clark level 5
aos(config-ether-ecfm)# service name rex vlan 100
aos(config-ether-ecfm)# mep crosscheck mpid 111 vlan 100
aos(config-ether-ecfm)# mep crosscheck mpid 112 vlan 100
aos(config-ether-ecfm)# exit
aos(config)# int gi 0/5
aos(config-if)# ethernet cfm enable
aos(config-if)# ethernet cfm mep domain clark mpid 112 vlan 100
active
aos(config-ether-mep)# exit
aos(config-if)# exit
aos(config)# ethernet cfm cc level 5 vlan 100 interval three-hundred-
hertz
aos(config)# ethernet cfm cc enable domain clark vlan 100
aos(config)# end
To verify that the domain is created and that the remote MAC is learned
in both nodes:
aos# show ether cfm service
l Create a CFM domain name (clark1), level (5), and service name
(rex1) in node 1 and node 3. MEP direction is down/outward by
default. CCM interval 300 Hz.
For Node 1:
aos(config)# ethernet cfm domain name clark1 level 5
aos(config-ether-ecfm)# service name rex1 vlan 100
aos(config-ether-ecfm)# mep crosscheck mpid 300 vlan 100
aos(config-ether-ecfm)# mep crosscheck mpid 400 vlan 100
aos(config-ether-ecfm)# exit
aos(config)# int gi 0/9
aos(config-if)# ethernet cfm enable
aos(config-if)# ethernet cfm mep domain clark1 mpid 300 vlan 100
active
aos(config-ether-mep)# exit
aos(config-if)# exit
For node 3:
aos(config)# ethernet cfm domain name clark1 level 5
aos(config-ether-ecfm)# service name rex1 vlan 100
aos(config-ether-ecfm)# mep crosscheck mpid 300 vlan 100
aos(config-ether-ecfm)# mep crosscheck mpid 400 vlan 100
aos(config-ether-ecfm)# exit
aos(config)# int gi 0/12
aos(config-if)# ethernet cfm enable
aos(config-if)# ethernet cfm mep domain clark1 mpid 400 vlan 100
active
aos(config-ether-mep)# exit
aos(config-if)# exit
aos(config)# ethernet cfm cc level 5 vlan 100 interval three-hundred-
hertz
aos(config)# ethernet cfm cc enable domain clark1 vlan 100
aos(config)# end
To verify that the domain is created and that the remote MAC is learned
in both nodes:
aos# show ether cfm service
l Create a CFM domain name (clark2), level (5), and service name
(rex2) in node 2 and node 3. MEP direction is down/outward by
default. CCM interval 300 Hz.
For node 2:
aos(config)# ethernet cfm domain name clark2 level 5
aos(config-ether-ecfm)# service name rex2 vlan 100
aos(config-ether-ecfm)# mep crosscheck mpid 500 vlan 100
aos(config-ether-ecfm)# mep crosscheck mpid 600 vlan 100
aos(config-ether-ecfm)# exit
aos(config)# int gi 4/2
aos(config-if)# ethernet cfm enable
aos(config-if)# ethernet cfm mep domain clark2 mpid 500 vlan 100
active
aos(config-ether-mep)# exit
aos(config-if)# exit
aos(config)# ethernet cfm cc level 5 vlan 100 interval three-hundred-
hertz
aos(config)# ethernet cfm cc enable domain clark2 vlan 100
aos(config)# end
For node 3:
aos(config)# ethernet cfm domain name clark2 level 5
aos(config-ether-ecfm)# service name rex2 vlan 100
aos(config-ether-ecfm)# mep crosscheck mpid 500 vlan 100
To verify that the domain is created and that the remote MAC is learned
in both nodes:
aos# show ether cfm service
l Enable ERPS in all 3 nodes:
aos (config)# no shutdown aps ring
aos (config)# aps ring enable
aos (config)# end
For node 1:
aos(config)# aps ring group 10
aos(config-ring)# aps working gi 0/3 gi 0/9 vlan 100
aos(config-ring)# aps working meg 1 me 1 mep 111 meg 2 me 1 mep 300
aos(config-ring)# end
For node 2:
aos(config)# aps ring group 10
aos(config-ring)# aps working gi 0/5 gi 4/2 vlan 100
aos(config-ring)# aps working meg 1 me 1 mep 112 meg 2 me 1 mep 500
aos(config-ring)# end
For node 3:
aos(config)# aps ring group 10
aos(config-ring)# aps working gi 0/12 gi 4/1 vlan 100
aos(config-ring)# aps working meg 1 me 1 mep 400 meg 2 me 1 mep 600
aos(config-ring)# end
Verify that the ERPS interface and CFM configuration are configured
correctly in nodes:
aos# show aps ring configuration
l Activate the ring (APS group) on all nodes:
Verify that the APS group is active, and ensure the ring state is shown as
Pending on all nodes (before configuring an RPL owner):
aos# show aps ring group 10
l Configure node 1 as RPL owner. Revertive switching is configured
with a WTR timer setting of 1000 milliseconds:
aos(config)# aps ring group 10
aos(config-ring)# no aps group active
aos(config-ring)# aps protect gi 0/9
aos(config-ring)# aps revert wtr 1000
aos(config-ring)# aps group active
aos(config-ring)# end
Verify that node 1 is configured as RPL owner and that ring state is Idle:
aos# show aps ring configuration
Verify timers:
aos# show aps ring group 10 timers
ESMC
NOTE: Sy nc E c onfiguration is bes t performed using C TR Portal rather
than C LI. It is eas ier/fas ter.
Configuration preconditions:
l Set Bridge Mode to Customer Bridge (default mode).
l Set slot 2 for the RACx2 module
l Install a Carrier Ethernet feature license.
l Install relevant radio link RAC/RFU capacity, FPM and ACM licenses.
l Configure radio link parameters using CLI or CTR Portal.
Procedure:
l Activate required Gig-E interfaces. See To Enable or Disable a Port on
page 40.
o Interfaces 0/2, 0/7, 2/1 on node 1.
o Interface 0/2, 2/1 on node 2.
To verify interface status:
aos# show int status
l Enable ESMC on Node interfaces.
Node 1:
aos(config)# int gi 0/2
aos(config-if)# synchronous mode esmc-enabled
aos(config-if)# exit
aos(config)# int gi 0/7
aos(config-if)# synchronous mode esmc-enabled
aos(config-if)# exit
aos(config)# int ra 2/1
aos(config-if)# synchronous mode esmc-enabled
aos(config-if)# exit
Node 2:
aos(config)# int gi 0/2
aos(config-if)# synchronous mode esmc-enabled
aos(config-if)# exit
aos(config)# int ra 2/1
aos(config-if)# synchronous mode esmc-enabled
aos(config-if)# exit
Node 1:
aos(config)# network-clock input-source 1 int gi 0/2
aos(config)# network-clock input-source 2 int gi 0/7
aos(config)# exit
Node 2:
aos(config)# network-clock input-source 1 int ra 2/1
aos(config)# exit
E1/T1 Pseudowires
NOTE: E1 ps eudow ire c onfiguration is bes t performed using C TR Portal
rather than C LI. It is eas ier/fas ter.
Configuration preconditions:
l Set Bridge Mode to Customer Bridge (default mode).
l Set slot 2 for a RACx2 module.
l Install Carrier Ethernet and TDM feature licenses.
l Install relevant radio link RAC/RFU capacity, FPM and ACM licenses.
l Configure radio link parameters using CLI or CTR Portal.
Procedure:
The procedure for Node 1 is detailed. The procedure for Node 2 is essentially
identical apart from the destination MAC address and SyncE settings.
l Activate required Gig-E and radio interfaces, 0/2 and 2/1. See To
Enable or Disable a Port on page 40.
l Add member port for VLAN 110 on the radio port. All four pseudowire
instances are to be assigned on VLAN 110.
aos(config)# vlan 110
aos(config-vlan)# ports add ra 2/1
aos(config-vlan)# end
l Set trib mode of operation to E1:
aos(config)# controller mode e1
aos(config-if)# end
l Set the circuit emulation (cem) for trib 1:
l To destination switch with MAC address 00:eO:e2:70:a6:71
l Virtual circuit ID (vcid) 1, a local identifier (recommend use of
values of 1 to 16 to match the trib port number)
l MEF 8 pseudowire
l On VLAN 110
l Reset the pseudowire egress queue priority (VLAN priority) from
default 7 (highest) to 6
l Using the Real Time Transport Protocol (rtp)
l Using an rtp payload of 256 bytes for E1 (192 bytes applies for T1)
l Packet re-ordering is enabled
Repeat the configuration for tribs 2-4 (cem 0/2 to cem 0/4).
l The vcid should be set to match the trib interface number (it can be
set differently at each end of the link e.g. trib 1 at one end and trib
7 at the other).
l The ecid must be uniquely set per pseudowire circuit, and must be
the same at both ends of the link.
l As all four pseudowire circuits have the same source/destination,
all are transported on the same VLAN.
aos(config-if)# exit
Node 2:
aos(config)# int radio 2/1
aos(config-if)# synchronous mode esmc-enabled
aos(config-if)# exit
aos(config)# network-clock input-source 1 int ra 2/1
aos(config)# network-clock hold-off 300
aos(config)# network-clock wait-to-restore 0
aos(config)# end
STM1/OC3 Pseudowire
A TSoP (Transparent SONET/SDH over Packet) SFP module is available to
provide fully transparent transport of an STM1/OC3 stream across an Ethernet
network.
l The STM1/OC3 bit-stream is encapsulated as a pseudowire and mapped
into an Ethernet Virtual Circuit (EVC) and transported as a VLAN on a
SyncE channel.
l Only two SFP modules may be connected (end-end) in the same VLAN.
If multiple STM1/OC3 pseudowires are required, then multiple VLAN’s
(EVCs) must be used.
l The SFP module automatically detects for STM1 or OC3.
l The optical LC interface supports a 155 Mbit/s, S1.1 (15km), 1310nm,
single-mode, optical data link.
l The configured radio path must provide a capacity of not less than 168
Mbit/s.
l The MTU size on all source, intermediate, and destination interfaces
must be not less than 860 bytes. CTR default is 1500.
Configuration entails:
l Activation of SFP port and in-path switch/radio ports.
l VLAN activation on in-path switch/radio port(s).
l ESMC (SyncE) configuration on in-path traffic ports.
o The STM1/OC3 SFP cannot be used to source the clock.
o If a clock source is not available on one of the bridge ports, the
internal clock on one CTR can be used to clock the other.
In the example below:
l VLAN 110 is configured for the STM1 pseudowire. Member ports are gi
0/9 and ra 2/1.
l VLAN 110 priority is set to 5 (default VLAN priority is 0).
l Internal clocking is used - the clock input source is configured on node
1, port 0/9, where without a clock input on that port the clock falls back
to internal.
Configuration preconditions:
l Set Bridge Mode to Customer Bridge (default mode).
l Set slot 2 for a RACx2 module.
l Install the STM1/OC3 SFP transceiver in slot 0/9.
l Install Carrier Ethernet license.
l Install relevant radio link RAC/RFU capacity, FPM and ACM licenses.
l Configure radio link parameters using CLI or CTR Portal. The
modulation/bandwidth selection must provide a capacity of not less
than 168 Mbit/s.
l Ensure all source, intermediate and destination interfaces support an
MTU size of not less than 860 bytes.
Procedure:
The procedure for Node 1 is detailed. The procedure for Node 2 is essentially
identical apart from SyncE settings.
l Activate required Gig-E and radio interfaces, 0/9 and 2/1. See To
Enable or Disable a Port on page 40.
l Set the PVID to 110 on port 0/9 so that untagged frames (from the
SFP) are tagged on ingress, and untagged on egress (to the SFP):
aos(config)# vlan 110
aos(config-vlan)# ports gi 0/9 untagged gi 0/9
aos(config-vlan)# exit
aos(config)# int gi 0/9
aos(config-if)# switchport pvid 110
aos(config-if)# end
l Set the priority (802.1p) on VLAN 110 to 5:
aos(config)# int gi 0/9
aos(config-if)# switchport priority default 5
aos(config-if)# end
l Add member port ra 0/2 to VLAN 110:
aos(config)# vlan 110
aos(config-vlan)# ports add ra 2/1
aos(config-vlan)# exit
Node 2:
aos(config)# int radio 2/1
aos(config-if)# synchronous mode esmc-enabled
aos(config-if)# exit
aos(config)# network-clock input-source 1 int ra 2/1
aos(config)# end
Static LAG
LAG (static) and LACP are supported on CTR 8540 and CTR 8312.
Static LAG enables the bundling together of physical ports to form a single
logical channel.
l The capacity provided on multiple co-path links is aggregated to
provide one logical link of combined capacity.
l The links may be established on user-port connections to an external
switch.
o L1LA is required to aggregate co-path radio links.
l On the aggregation (trunk) port(s) the capacity supported is nominally
the sum of the capacity of each link.
l Links should be of the same port speed/duplex setting.
The example below illustrates simple LAG operation on two user port
connections to an external switch.
VLAN 112 is used to map the aggregated channel group (port-channel 1) to the
front panel switchport 0/2.
Figure 8. Example Static LAG Application
Configuration preconditions:
l Set Bridge Mode to Customer Bridge (default mode).
l Set slot 2 for a RACx2 module.
l Install Carrier Ethernet feature license.
l Install relevant radio link RAC/RFU capacity, FPM and ACM licenses.
l Configure radio link parameters using CLI or CTR Portal.
l Do not disable STP.
Procedure:
As the same interfaces are used on both nodes, the procedure is the same for
both nodes.
l Activate required Gig-E interfaces, o/5 and 0/6. See To Enable or
Disable a Port on page 40.
To allow local PC management access, the port type for management access
must be set to Proprietary Provider Network Port.
The following diagram and procedure illustrates basic operation.
l Customer 1 has tagged and untagged traffic. A Port VID (5) is
configured for untagged at ingress.
l Customer 2 has tagged traffic only.
l Both customers have an overlapping VID (33). These VLANs are held
separate over the service provider network.
l Each customer is assigned a unique S-VLAN.
Configuration preconditions:
l Revert to factory defaults. See Revert to Default Config on page 44.
l Set Bridge Mode to Provider Edge. See To Set Bridge Mode on page 35
l To re-enable local management access on port 1, change port type to
Prop Provider Network Port. See Reestablishing Local Management
Access on page 39.
l Install required feature licenses: Carrier Ethernet and Gig-E SFP Ports.
Procedure:
l Activate required switch interfaces, 0/2, 0/3, 0/12. See To Enable or
Disable a Port on page 40.
l Assign port type as Customer Edge for the customer interfaces:
aos(config)# int gi 0/2
aos(config-if)# bridge port-type customerEdgePort
aos(config-if)# exit
aos(config)# int gi 0/3
aos(config-if)# bridge port-type customerEdgePort
aos(config-if)# end
To show S-VLANs:
aos# show service vlan
l On CEP port 0/3 configure C-VLAN to S-VLAN mapping:
aos(config)# int gi 0/3
aos(config-if)# switchport customer-vlan 33 service-vlan 150
untagged-pep False untagged-cep False
aos(config-if)# switchport customer-vlan 100 service-vlan 150
untagged-pep False untagged-cep False
To show S-VLANs:
aos# show service vlan
l Configure the S-VLAN's and add ports 0/2 and 0/12, and 0/3 and 0/12,
as members. The S-VLAN tag is stripped (untagged) at CEP egress:
aos(config)# sw default
aos(config-switch)# vlan 140
aos(config-switch-vlan)# vlan active
aos(config-switch-vlan)# ports add gi 0/2,0/12 untagged gi 0/2
aos(config-switch-vlan)# exit
aos(config-switch)# vlan 150
aos(config-switch-vlan)# vlan active
aos(config-switch-vlan)# ports add gi 0/3,0/12 untagged gi 0/3
aos(config-switch-vlan)# end
ECFM
ECFM (Ethernet Connectivity Fault Management), also known as Service OAM, is
used to detect network faults and provide measures of network performance. It
operates through use of messaging (CFM PDUs [Ethernet frames]) sent
alongside user traffic whereby the frame content defines the message type and
function.
l CTR support for CFM is compatible with the IEEE 802.1ag, and ITU-T
Y.1731 standards.
l These protocols allow for two types of maintenance points and up to
eight Maintenance Domains (MD’s) to be associated with a given
service.
l A Maintenance End Point (MEP) is used at the edge of a domain to
control management of a given service. A Maintenance Intermediate
Point (MIP) is optionally used within the domain, between MEPs, to aid
in the monitoring and maintenance of the service.
l The eight Maintenance Domain (MD) levels are typically grouped as
follows:
o Subscriber MD: Levels 5-7 are typically are allocated for Subscriber
use for managing the service within the Subscriber’s domain, e.g.,
from CE to CE.
o Service Provider MD: Levels 3-4 are typically allocated for Service
Provider use for managing the service within the Service Provider’s
domain, e.g., from UNI-to-UNI.
o Operator MD: Levels 1-2 are typically allocated for Operator use for
managing the service from within the Operator’s domain.
o UNI Maintenance Entity (UNI ME): The UNI ME, typically at level 0,
is allocated for managing the UNI link.
For more information refer to the CTR 8500/8300 CLI Reference Manual or to the
CTR 8500/8300 ECFM Configuration Guide.
CFM CC functions support continuity checking for a given EVC (Ethernet Virtual
Connection) across the entire service using a CC Message (CCM), sent from one
MEP to another MEP. For services with more than two MEPs, CCMs are enabled
on all MEPs such that each MEP sends CCMs to all of its peers.
A service provider may elect to send CCMs at a fast rate to quickly detect
service failures, and perhaps switch the service to a back-up protected path.
Alternatively, CCMs could be sent at a slower rate to track the service
performance. Another use case is basic fault management, where CCMs are
used to detect loss of continuity or unintended connectivity among MEPs.
Link Trace
The CFM Link Trace (LT) or 'traceroute' function enables path tracing for a given
EVC across the entire service using a LT Message (LTM), which is sent on
demand from one MEP towards a target MEP (or target MIP). If a MIP is
configured between the MEPS at the same MD level as set in the LTM, the MIP
will respond with a LT Response (LTR) to the source MEP, and relay the original
LTM towards the target, with the TTL (Time To Live) field decremented.
Loopback
The CFM Loopback (LB) function enables the pinging of a target MEP or MIP using
an LB Message (LBM), which is sent on demand from one MEP towards the target
MEP or MIP. If a MIP is configured between the MEPs at the same MD level as set
in the LBM, and if the target for the LBM is the MIP itself, then the MIP will
respond with a LB Response (LBR) to the source MEP.
Example Network
In the example 802.1ag network below:
l Untagged frames received on ports 0/2 at each end of the network are
assigned a VLAN tag (PVID) of 6 over the network. This PVID is stripped
at egress.
l VLAN 6 is assigned to domain level 5
l The assigned domain name is 'wingate'
l The assigned service name is 'client1'
l MIPS are created indirectly on nodes 3 & 4 using implicit MIP creation
based on evaluation of the default MD level (5), corresponding to VLAN
6
o Where permitted it will create one MIP instance for every
vlan/interface pair on the bridge node
o Other evaluation objects can be selected for implicit MIP creation.
MIPs can also be created explicitly.
Configuration preconditions:
l Set Bridge Mode to Customer Bridge (default mode).
l Configure slot 2 on all nodes for a RACx2 module.
l Install optical SFPs where shown on nodes 2 & 3.
l Install a Carrier Ethernet feature license.
l Install a Gig-E SFP license on nodes 2 & 3.
l Install relevant radio link RAC/RFU capacity, FPM and ACM licenses.
l Configure radio link parameters using CLI or CTR Portal.
Procedure:
l Activate required Gig-E and radio interfaces. See To Enable or Disable
a Port on page 40.
Interface 0/2, 2/1 on nodes 1 & 4; interface 0/9, 2/1 on nodes 2 & 3.
To verify interface status:
aos# show int status
l Set VLAN 6 port membership (0/2) and switchport PVID 6 on nodes 1
& 4:
aos(config)# vlan 6
aos(config-vlan)# ports add gi 0/2 untagged gi 0/2
aos(config-vlan)# exit
aos(config)# int gi 0/2
aos(config-int)# switchport pvid 6
aos(config-int)# exit
l Set VLAN 6 port membership on nodes 2 & 3:
aos(config)# vlan 6
aos(config-vlan)# ports add gi 0/9
aos(config-vlan)# ports add ra 2/1
aos(config-vlan)# exit
l Enable ECFM 802.1ag on all nodes:
aos(config)# ethernet cfm start
aos(config)# ethernet cfm enable
aos(config)# end
For more information on ECFM configuation and opertion, refer to the CTR
8500/8300 ECFM Configuration Guide.
IP/MPLS
CTR provides comprehensive MPLS capabilities with LDP and RSVP-TE signaled
LSPs. Layer 2 and layer 3 virtual private networks are supported.
This is the circuit or virtual circuit through which the customer edge device
connects to the provider edge device to access L2VPN service. The attachment
circuit could be a physical interface (e.g. an Ethernet port), a VLAN or a VLAN
over a specific physical interface.
The capability to direct traffic flows across the network based on predefined
paths or user-defined criteria such as bandwidth, latency, etc. MPLS traffic
engineering has two key components:
l Traffic Engineering extensions (TE Extensions) to IGPs (for example,
IS-IS or OSPF) which allow traffic engineering metrics to be exchanged
across the routers in the network
l A signaling protocol which can signal MPLS label switched paths
calculated based on TE information.
LDP is another protocol used to signal MPLS Label Switched Paths (LSPs) across
MPLS network. When used for this purpose, LDP entity on each router
automatically forms adjacency with LDP entities in its immediate neighbours to
signal the LSPs across the network. This is non-targeted mode of operation. LDP
can also operate in targeted mode whereby the user manually configures the
adjacency. Non-targeted mode is typically used to signal MPLS labels for L2VPN
pseudowires across the edge devices on a service provider’s network. CTR
supports both non-targeted and targeted LDP modes.
The following sections show example networks and configurations to
demonstrate MPLS features of CTR. Following examples are included:
l VPWS Service over RSVP-TE signaled LSPs
l VPLS Service over RSVP-TE signaled LSPs
l L3VPN Service over LDP signaled LSPs
l TE LSPs with 1-to-1 End-to-End Protection
Initial Configuration
Router R1
Create a virtual context with the name default and shut down Spanning Tree:
aos# configure terminal
aos(config)# switch default
aos(config-switch)# shutdown spanning-tree
aos(config-switch)# end
Router R2
Create a virtual context with the name ‘default’ and shut down Spanning Tree.
aos# configure terminal
aos(config)# switch default
aos(config-switch)# shutdown spanning-tree
aos(config-switch)# end
Configure interfaces gi 0/1 and 0/2
aos(config)# interface gigabitethernet 0/1
aos(config-if)# no switchport
aos(config-if)# ip address 10.0.12.2 255.255.255.0
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config)# interface gi 0/2
aos(config-if)# no switchport
aos(config-if)# ip address 10.0.23.2 255.255.255.0
aos(config-if)# no shutdown
aos(config)# end
Configure Loopback 0
aos# configure terminal
aos(config)# interface loopback 0
aos(config-if)# ip address 2.2.2.2 255.255.255.255
aos(config-if)# no shutdown
aos(config-if)# exit
Router R3
Create a virtual context with the name ‘default’ and shut down Spanning Tree.
aos# configure terminal
aos(config)# switch default
aos(config-switch)# shutdown spanning-tree
aos(config-switch)# end
Configure interfaces gi 0/1, 0/2 and 0/3
aos(config)# interface gigabitethernet 0/1
aos(config-if)# no switchport
aos(config-if)# ip address 10.0.23.3 255.255.255.0
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config)# interface gigabitethernet 0/2
aos(config-if)# no switchport
aos(config-if)# ip address 20.1.1.1 255.255.255.0
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config)# interface gi 0/3
aos(config-if)# no switchport
aos(config-if)# ip address 10.0.34.3 255.255.255.0
aos(config-if)# no shutdown
aos(config)# end
Configure Loopback 0
aos# configure terminal
aos(config)# interface loopback 0
aos(config-if)# ip address 3.3.3.3 255.255.255.255
aos(config-if)# no shutdown
aos(config-if)# exit
Router R4
Create a virtual context with the name ‘default’ and shut down Spanning Tree.
aos# configure terminal
Configuring ISIS
Router R1
Router R2
Router R3
Router R4
aos(config-router)# end
Enable IS-IS on Loopback 0
aos# configure terminal
aos(config)# interface loopback 0
aos(config-if)# ip router isis
aos(config-if)#end
Enable network broadcast on all interfaces
aos# configure terminal
aos(config-if)# interface gi 0/1
aos(config-if)# ip router isis broadcast
aos(config-if)# exit
aos(config-if)# interface gi 0/4
aos(config-if)# ip router isis broadcast
aos(config-if)# exit
After IS-IS is enabled on all CTRs, use the following commands to check the
routing table:
aos# show ip route
aos# show ip isis route
It will take a few seconds for the routing protocols to converge and the routing
information to become stable in the tables.
Configuring ISIS-TE
Configure ISIS-TE
aos# configure terminal
aos(config)# router isis
aos(config-router)# mpls traffic-eng router-id 1.1.1.1
aos(config-router)# mpls traffic-eng
aos(config-router)# end
Router R2
Configure ISIS-TE
aos# configure terminal
aos(config)# router isis
aos(config-router)# mpls traffic-eng router-id 2.2.2.2
aos(config-router)# mpls traffic-eng
aos(config-router)# end
Router R3
Configure ISIS-TE
aos# configure terminal
aos(config)# router isis
aos(config-router)# mpls traffic-eng router-id 3.3.3.3
aos(config-router)# mpls traffic-eng
aos(config-router)# end
Router R4
Configure ISIS-TE
aos# configure terminal
aos(config)# router isis
aos(config-router)# mpls traffic-eng router-id 4.4.4.4
aos(config-router)# mpls traffic-eng
aos(config-router)# end
Router R2
aos(config-mpls-te-link)# no shutdown
aos(config-mpls-te-link)# interface gigabitethernet 0/1
aos(config-mpls-comp-link)# min lsp bandwidth 1024
aos(config-mpls-comp-link)# max reservable bandwidth 1000000
aos(config-mpls-comp-link)# switching-capability psc1 encoding
packet
aos(config-mpls-comp-link)# no shutdown
aos(config-mpls-comp-link)# exit
aos(config-mpls-te)# advertise
Router R3
Router R4
Enable MPLS IP on all the MPLS interfaces. This has to be done before any MPLS
specific protocols (RSVP-TE, LDP) can be used on the interface. MPLS IP should
be enabled only on router ports and not on AC ports which are configured as
switch ports.
aos# configure terminal
aos(config-if)# interface gi 0/1
aos(config-if)# shutdown
aos(config-if)# mpls ip
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config-if)# interface gi 0/3
aos(config-if)# shutdown
aos(config-if)# mpls ip
aos(config-if)# no shutdown
aos(config-if)# exit
Router R2
Router R3
aos(config-if)# shutdown
aos(config-if)# mpls ip
aos(config-if)#no shutdown
aos(config-if)# exit
Router R4
Enabling RSVP
Router R1
Configure RSVP and enable it on all the interfaces used in MPLS forwarding
(router ports). Once enabled, the RSVP-TE entity on the CTR will try to form
adjacency with RSVP-TE entity on the neighboring device on each link where
RSVP-TE has been enabled. After the adjacency is up, the link can be used in
RSVP-TE signaled LSPs.
aos# configure terminal
aos(config)# rsvp
aos(config-rsvp)# router-id 1.1.1.1
aos(config-rsvp)# signalling label range min 100100 max 100199
aos(config-rsvp)# signalling hello supported
aos(config-rsvp)# signalling hello refresh interval 6000
aos(config-rsvp)# set rsvp enable
aos(config-rsvp)# interface gigabitethernet 0/1
aos(config-rsvp-if)# signalling hello supported
aos(config-rsvp-if)# no shutdown
aos(config-rsvp-if)# exit
aos(config-rsvp)# interface gigabitethernet 0/3
aos(config-rsvp-if)# signalling hello supported
aos(config-rsvp-if)# no shutdown
aos(config-rsvp-if)# exit
Router R2
Router R3
Router R4
After configuring RSVP on all devices, the following CLI commands can be used
at any CTR to inspect the status:
aos# sh rsvp neighbor
aos# sh rsvp counters messages
aos(config-mpls-ldp-entity-1)# no shutdown
aos(config-mpls-ldp-entity-1)#end
Router R3
After configuring T-LDP on all devices, the following CLI commands can be used
at any CTR to inspect the status:
aos# sh mpls ldp parameters
aos# sh mpls ldp neighbor
Tunnel Configurations
Unlike LDP signaled LSPs which are negotiated automatically, traffic engineered
MPLS tunnels have to be manually configured. MPLS TE tunnels are
unidirectional. Each tunnel is configured at the head end device. In this
example, a tunnel from R1 to R3 will be configured on R1, whereas the reverse
tunnel will be configured on R3.
LSP between R1 and R3
l RSVP signalling
l 20 Mbps bandwidth
l Q7 priority
l Dynamic operation. For explicit path configuration see Example 4: End-
to-End Protection Switching on page 166.
aos# configure terminal
aos(config)# interface mplstunnel 113
aos(config-if)# tunnel mpls destination 3.3.3.3 source 1.1.1.1
aos(config-if)# tunnel signalling protocol rsvp
aos(config-if)# tunnel mode mpls traffic-eng
aos(config-if)# tunnel mpls traffic-eng bandwidth 20000
aos(config-if)# tunnel mpls traffic-eng priority 7 7
aos(config-if)# tunnel endpoint capability encoding lsp-packet
switching psc1
aos(config-if)# tunnel type mpls
aos(config-if)# tunnel mpls traffic-eng path-option number 1
dynamic
aos(config-if)# no shutdown
aos(config-if)# end
Router R3
l RSVP signalling
l 20 Mbps bandwidth
l Q7 priority
l Dynamic operation. For explicit path configuration see Example 4: End-
to-End Protection Switching on page 166.
aos# configure terminal
aos(config)# interface mplstunnel 131
aos(config-if)# tunnel mpls destination 1.1.1.1 source 3.3.3.3
aos(config-if)# tunnel signalling protocol rsvp
aos(config-if)# tunnel mode mpls traffic-eng
aos(config-if)# tunnel mpls traffic-eng bandwidth 20000
aos(config-if)# tunnel mpls traffic-eng priority 7 7
aos(config-if)# tunnel endpoint capability encoding lsp-packet
switching psc1
aos(config-if)# tunnel type mpls
aos(config-if)# tunnel mpls traffic-eng path-option number 1
dynamic
aos(config-if)# no shutdown
aos(config-if)# end
After configuring the tunnels, the following CLI commands can be used to
inspect the status of tunnels on edge and transit devices:
aos# sh rsvp request
aos# show mpls traffic-engineering tunnels brief
aos# show mpls traffic-engineering tunnels
Create a VPWS between R1 and R3. VPWS is a point to point service and is
configured directly under the attachment circuit interface on each device.
Router R1
Router R3
After configuring the tunnels, the following CLI commands can be used to
inspect the status of tunnels on edge and transit devices:
aos(config-if)# show mpls l2transport detail
To connect Host A, Host B and Host C, VPLS needs to be created between R1, R3
and R4.
Initial Configuration
Router R1
Create a virtual context with the name ‘default’ and shut down Spanning Tree.
aos# configure terminal
aos(config)# switch default
aos(config-switch)# shutdown spanning-tree
aos(config-switch)# end
Configure interfaces gi 0/1, 0/2 and 0/3
aos(config)# interface gigabitethernet 0/1
aos(config-if)# no switchport
aos(config-if)# ip address 10.0.12.1 255.255.255.0
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config)# interface gigabitethernet 0/2
aos(config-if)# no switchport
aos(config-if)# ip address 10.1.1.1 255.255.255.0
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config)# interface gi 0/3
aos(config-if)# no switchport
aos(config-if)# ip address 10.0.14.1 255.255.255.0
aos(config-if)# no shutdown
aos(config)# end
Configure Loopback 0
aos# configure terminal
aos(config)# interface loopback 0
aos(config-if)# ip address 1.1.1.1 255.255.255.255
aos(config-if)# no shutdown
aos(config-if)# exit
Router R2
Create a virtual context with the name ‘default’ and shut down Spanning Tree.
aos# configure terminal
aos(config)# switch default
aos(config-switch)# shutdown spanning-tree
aos(config-switch)# end
Configure interfaces gi 0/1 and 0/2
aos(config)# interface gigabitethernet 0/1
aos(config-if)# no switchport
aos(config-if)# ip address 10.0.12.2 255.255.255.0
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config)# interface gi 0/2
aos(config-if)# no switchport
aos(config-if)# ip address 10.0.23.2 255.255.255.0
aos(config-if)# no shutdown
aos(config)# end
Configure Loopback 0
aos# configure terminal
aos(config)# interface loopback 0
aos(config-if)# ip address 2.2.2.2 255.255.255.255
aos(config-if)# no shutdown
aos(config-if)# exit
Router R3
Create a virtual context with the name ‘default’ and shut down Spanning Tree.
aos# configure terminal
aos(config)# switch default
aos(config-switch)# shutdown spanning-tree
aos(config-switch)# end
Configure interfaces gi 0/1, 0/2 and 0/3
aos(config)# interface gigabitethernet 0/1
aos(config-if)# no switchport
aos(config-if)# ip address 10.0.23.3 255.255.255.0
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config)# interface gigabitethernet 0/2
aos(config-if)# no switchport
aos(config-if)# ip address 20.1.1.1 255.255.255.0
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config)# interface gi 0/3
aos(config-if)# no switchport
aos(config-if)# ip address 10.0.34.3 255.255.255.0
aos(config-if)# no shutdown
aos(config)# end
Configure Loopback 0
aos# configure terminal
aos(config)# interface loopback 0
aos(config-if)# ip address 3.3.3.3 255.255.255.255
aos(config-if)# no shutdown
aos(config-if)# exit
Router R4
Create a virtual context with the name ‘default’ and shut down Spanning Tree.
aos# configure terminal
aos(config)# switch default
aos(config-switch)# shutdown spanning-tree
aos(config-switch)# end
Configure interfaces gi 0/1, 0/2 and 0/4
aos(config)# interface gigabitethernet 0/1
aos(config-if)# no switchport
aos(config-if)# ip address 10.0.14.4 255.255.255.0
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config)# interface gigabitethernet 0/2
aos(config-if)# no switchport
aos(config-if)# ip address 30.1.1.1 255.255.255.0
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config)# interface gi 0/4
aos(config-if)# no switchport
aos(config-if)# ip address 10.0.34.4 255.255.255.0
aos(config-if)# no shutdown
aos(config)# end
Configure Loopback 0
aos# configure terminal
aos(config)# interface loopback 0
aos(config-if)# ip address 4.4.4.4 255.255.255.255
aos(config-if)# no shutdown
aos(config-if)# exit
Configuring ISIS
Configure the R routers with the following NET IDs.
Router R1
Router R2
l Wide Metric
aos# configure terminal
aos(config)# router isis
aos(config-router)# net 49:00:10:22:22:22:22:22:22:00
aos(config-router)# is-type level-2
aos(config-router)# metric-style wide
aos(config-router)# end
Enable IS-IS on Loopback 0
aos# configure terminal
aos(config)# interface loopback 0
aos(config-if)# ip router isis
aos(config-if)# end
Enable network broadcast on all interfaces
aos# configure terminal
aos(config-if)# interface gi 0/1
aos(config-if)# ip router isis broadcast
aos(config-if)# exit
aos(config-if)# interface gi 0/2
aos(config-if)# ip router isis broadcast
aos(config-if)# exit
Router R3
aos(config-if)# exit
aos(config-if)# interface gi 0/3
aos(config-if)# ip router isis broadcast
aos(config-if)# exit
Router R4
After IS-IS is enabled on all CTRs, use the following commands to check the
routing table:
aos# show ip route
aos# show ip isis route
It will take a few seconds for the routing protocols to converge and the routing
information to become stable in the tables.
Configuring ISIS-TE
The base IS-IS protocol is not capable of exchanging traffic engineering
information by itself. To achieve this, TE extensions to IS-IS have to be turned
on in each device. The following commands enable ISIS-TE on the routers.
Router R1
Configure ISIS-TE
aos# configure terminal
aos(config)# router isis
aos(config-router)# mpls traffic-eng router-id 1.1.1.1
aos(config-router)# mpls traffic-eng
aos(config-router)# end
Router R2
Configure ISIS-TE
aos# configure terminal
aos(config)# router isis
aos(config-router)# mpls traffic-eng router-id 2.2.2.2
aos(config-router)# mpls traffic-eng
aos(config-router)# end
Router R3
Configure ISIS-TE
aos# configure terminal
aos(config)# router isis
aos(config-router)# mpls traffic-eng router-id 3.3.3.3
aos(config-router)# mpls traffic-eng
aos(config-router)# end
Router R4
Configure ISIS-TE
aos# configure terminal
aos(config)# router isis
aos(config-router)# mpls traffic-eng router-id 4.4.4.4
aos(config-router)# mpls traffic-eng
aos(config-router)# end
Router R2
aos(config-mpls-comp-link)# no shutdown
aos(config-mpls-comp-link)# exit
aos(config-mpls-te)# advertise
Create TE Link, te23, from P2 to P3 with the following configuration:
l IPv4 address type
l Metric 100
l Minimum bandwidth of 1024 bps
l Maximum bandwidth of 1 Gbps
l PSC1 switching capability
l Packet encoding
aos# configure terminal
aos(config)# mpls traffic-eng tunnels
aos(config)# mpls traffic-eng
aos(config-mpls-te)#te-link te21
aos(config-mpls-te-link)# shutdown
aos(config-mpls-te-link)# address-type ipv4
aos(config-mpls-te-link)# metric 100
aos(config-mpls-te-link)# local te-link ipv4 10.0.12.2 remote te-
link ipv4 10.0.12.1
aos(config-mpls-te-link)# resource-class class-value 1
aos(config-mpls-te-link)# no shutdown
aos(config-mpls-te-link)# interface gigabitethernet 0/1
aos(config-mpls-comp-link)# min lsp bandwidth 1024
aos(config-mpls-comp-link)# max reservable bandwidth 1000000
aos(config-mpls-comp-link)# switching-capability psc1 encoding
packet
aos(config-mpls-comp-link)# no shutdown
aos(config-mpls-comp-link)# exit
aos(config-mpls-te)# advertise
Router R3
aos(config-mpls-te-link)# shutdown
aos(config-mpls-te-link)# address-type ipv4
aos(config-mpls-te-link)# metric 100
aos(config-mpls-te-link)# local te-link ipv4 10.0.23.3 remote te-
link ipv4 10.0.23.2
aos(config-mpls-te-link)# resource-class class-value 1
aos(config-mpls-te-link)# no shutdown
aos(config-mpls-te-link)# interface gigabitethernet 0/1
aos(config-mpls-comp-link)# min lsp bandwidth 1024
aos(config-mpls-comp-link)# max reservable bandwidth 1000000
aos(config-mpls-comp-link)# switching-capability psc1 encoding
packet
aos(config-mpls-comp-link)# no shutdown
aos(config-mpls-comp-link)# exit
aos(config-mpls-te)# advertise
Create TE Link, te34, from P3 to P4 with the following configuration:
l IPv4 address type
l Metric 100
l Minimum bandwidth of 1024 bps
l Maximum bandwidth of 1 Gbps
l PSC1 switching capability
l Packet encoding
aos# configure terminal
aos(config)# mpls traffic-eng tunnels
aos(config)# mpls traffic-eng
aos(config-mpls-te)#te-link te34
aos(config-mpls-te-link)# shutdown
aos(config-mpls-te-link)# address-type ipv4
aos(config-mpls-te-link)# metric 100
aos(config-mpls-te-link)# local te-link ipv4 10.0.34.3 remote te-
link ipv4 10.0.34.4
aos(config-mpls-te-link)# resource-class class-value 1
aos(config-mpls-te-link)# no shutdown
aos(config-mpls-te-link)# interface gigabitethernet 0/3
aos(config-mpls-comp-link)# min lsp bandwidth 1024
aos(config-mpls-comp-link)# max reservable bandwidth 1000000
aos(config-mpls-comp-link)# switching-capability psc1 encoding
packet
aos(config-mpls-comp-link)# no shutdown
aos(config-mpls-comp-link)# exit
aos(config-mpls-te)# advertise
Router R4
Enable MPLS IP on all the MPLS interfaces. This has to be done before any MPLS
specific protocols (RSVP-TE, LDP) can be used on the interface. MPLS IP should
be enabled only on router ports and not on AC ports which are configured as
switch ports.
aos# configure terminal
aos(config-if)# interface gi 0/1
aos(config-if)# shutdown
aos(config-if)# mpls ip
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config-if)# interface gi 0/3
aos(config-if)# shutdown
aos(config-if)# mpls ip
aos(config-if)# no shutdown
aos(config-if)# exit
Router R2
aos(config-if)# mpls ip
aos(config-if)# no shutdown
aos(config-if)# exit
Router R3
Router R4
Enabling RSVP
Router R1
Configure RSVP and enable it on all the interfaces used in MPLS forwarding
(router ports). Once enabled, the RSVP-TE entity on CTR will try to form
adjacency with RSVP-TE entity on the neighboring device on each link where
RSVP-TE has been enabled. After the adjacency is up, the link can be used in
RSVP-TE signaled LSPs.
aos# configure terminal
aos(config)# rsvp
Router R2
Router R3
aos(config-rsvp-if)# no shutdown
aos(config-rsvp-if)# exit
aos(config-rsvp)# interface gigabitethernet 0/3
aos(config-rsvp-if)# signalling hello supported
aos(config-rsvp-if)# no shutdown
aos(config-rsvp-if)# exit
Router R4
After configuring RSVP on all devices, the following CLI commands can be used
at any CTR to inspect the status:
aos# sh rsvp neighbor
aos# sh rsvp counters messages
Router R3
Router R4
Router R4
After configuring T-LDP on all devices, the following CLI commands can be used
at any CTR to inspect the status:
aos# sh mpls ldp parameters
aos# sh mpls ldp neighbor
Tunnel Configurations
Unlike LDP signaled LSPs which are negotiated automatically, traffic engineered
MPLS tunnels have to be manually configured. MPLS TE tunnels are
unidirectional. Each tunnel is configured at the head end device. In this
example, a tunnel from R1 to R3 will be configured on R1, whereas the reverse
tunnel will be configured on R3.
LSP between R1 and R3
Router R3
Router R4
l Q7 priority
l Dynamic operation
aos# configure terminal
aos(config)# interface mplstunnel 241
aos(config-if)# tunnel mpls destination 1.1.1.1 source 4.4.4.4
aos(config-if)# tunnel signalling protocol rsvp
aos(config-if)# tunnel mode mpls traffic-eng
aos(config-if)# tunnel mpls traffic-eng bandwidth 20000
aos(config-if)# tunnel mpls traffic-eng priority 7 7
aos(config-if)# tunnel endpoint capability encoding lsp-packet
switching psc1
aos(config-if)# tunnel type mpls
aos(config-if)# tunnel mpls traffic-eng path-option number 1
dynamic
aos(config-if)# no shutdown
aos(config-if)# end
Router R4
l RSVP signalling
l 20 Mbps bandwidth
l Q7 priority
l Dynamic operation
aos# configure terminal
aos(config)# interface mplstunnel 243
aos(config-if)# tunnel mpls destination 3.3.3.3 source 4.4.4.4
aos(config-if)# tunnel signalling protocol rsvp
aos(config-if)# tunnel mode mpls traffic-eng
aos(config-if)# tunnel mpls traffic-eng bandwidth 20000
aos(config-if)# tunnel mpls traffic-eng priority 7 7
aos(config-if)# tunnel endpoint capability encoding lsp-packet
switching psc1
aos(config-if)# tunnel type mpls
aos(config-if)# tunnel mpls traffic-eng path-option number 1
dynamic
aos(config-if)# no shutdown
aos(config-if)# end
After configuring the tunnels, the following CLI commands can be used to
inspect the status of tunnels on edge and transit devices:
aos# sh rsvp request
aos# show mpls traffic-engineering tunnels brief
aos# show mpls traffic-engineering tunnels
At R1
At R3
VLAN Configuration
Create a VLAN for the VPLS on R1, R3 and R4. In this example, the attachment
circuit is VLAN 102 over physical port specified on each device. This is known as
Port + VLAN attachment circuit.
Router R1
Router R3
Router R4
Create a VPLS service between R1, R3 and R4. VPLS and VCCV configurations
has to be applied on all edge routers participating in the VPLS instance. Full
mesh of L2VPN pseudowires is configured.
Router R1
Setup a VPLS with R3 and R4 with the following configuration. Pseudowires are
created to R3 and R4. A virtual forwarding instance is created and connected to
attachment circuit which is VLAN 102 over port gi 0/1.
aos# configure terminal
aos(config)# switch default
aos(config-switch)# l2 vfi VPLS_R1_R3_R4 manual
aos(config-switch-vfi)# vpn 102
aos(config-switch-vfi)# neighbor 3.3.3.3 pwidfec pwid 213 groupid
1 encapsulation mpls mplstype te 213 231
Configuring VCCV control channel capabilities and connectivity verification
capabilities.
aos(config-switch-vfi)# pseudowire-oam pwid 213 local-cc-type
router-alert-label local-cv-type lsp-ping bfd-ach-encap-fault
remote-cc-type router-alert-label remote-cv-type lsp-ping bfd-ach-
encap-fault
aos(config-switch-vfi)# end
aos# configure terminal
aos(config)# int gi 0/1
aos(config-switch-vfi)# xconnect vfi VPLS_R1_R3_R4 port-vlan vlan
102
end
Router R3
Setup a VPLS with R1 and R4 with the following configuration. Pseudowires are
created to R3 and R4. A virtual forwarding instance is created and connected to
attachment circuit which is VLAN 102 over port gi 0/2.
aos# configure terminal
aos(config)# switch default
aos(config-switch)# l2 vfi VPLS_R1_R3_R4 manual
aos(config-switch-vfi)# vpn 102
aos(config-switch-vfi)# neighbor 1.1.1.1 pwidfec pwid 213 groupid
1 encapsulation mpls mplstype te 231 213
aos(config-switch-vfi)# end
aos# configure terminal
aos(config)# int gi 0/2
aos(config-switch-vfi)# xconnect vfi VPLS_R1_R3_R4 port-vlan vlan
102
end
Router R4
Setup a VPLS with R1 and R3 with the following configuration. Pseudowires are
created to R3 and R4. A virtual forwarding instance is created and connected to
attachment circuit which is VLAN 102 over port gi 0/2.
aos# configure terminal
aos(config)# switch default
aos(config-switch)# l2 vfi VPLS_R1_R3_R4 manual
aos(config-switch-vfi)# vpn 102
aos(config-switch-vfi)# neighbor 1.1.1.1 pwidfec pwid 214 groupid
1 encapsulation mpls mplstype te 241 214
aos(config-switch-vfi)# neighbor 3.3.3.3 pwidfec pwid 234 groupid
1 encapsulation mpls mplstype te 243 234
aos(config-switch-vfi)# end
aos# configure terminal
aos(config)# int gi 0/2
aos(config-switch-vfi)# xconnect vfi VPLS_R1_R3_R4 port-vlan vlan
102
end
Initial Configuration
Router R1
Create a virtual context with the name ‘default’ and shut down Spanning Tree.
aos# configure terminal
aos(config)# switch default
aos(config-switch)# shutdown spanning-tree
aos(config-switch)# shutdown lldp
aos(config-switch)# end
Configure interface gi 0/10
aos(config)# interface gigabitethernet 0/10
aos(config-if)# no switchport
aos(config-if)# ip address 10.0.12.1 255.255.255.0
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config)# end
Configure Loopback 0
aos# configure terminal
aos(config)# interface loopback 0
aos(config-if)# ip address 1.1.1.1 255.255.255.255
aos(config-if)# no shutdown
aos(config-if)# exit
Router R2
Create a virtual context with the name ‘default’ and shut down Spanning Tree.
Router R3
Create a virtual context with the name ‘default’ and shut down Spanning Tree.
aos# configure terminal
aos(config)# switch default
aos(config-switch)# shutdown spanning-tree
aos(config-switch)# shutdown lldp
aos(config-switch)# end
Configure interface l1la 1
aos(config)# interface l1la 1
aos(config-if)# no switchport
aos(config-if)# ip address 10.0.23.3 255.255.255.0
aos(config-if)# no shutdown
aos(config-if)# exit
Configure Loopback 0
aos# configure terminal
aos(config)# interface loopback 0
aos(config-if)# ip address 3.3.3.3 255.255.255.255
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config)# end
Router 6 (CE1)
Create a virtual context with the name ‘default’ and shut down Spanning Tree.
aos# configure terminal
aos(config)# switch default
aos(config-switch)# shutdown spanning-tree
aos(config-switch)# shutdown lldp
aos(config-switch)# end
Configure interfaces gi 0/2 and 0/3
aos(config)# interface gigabitethernet 0/2
aos(config-if)# shutdown
aos(config-if)# no map switch default
aos(config-if)# no switchport
aos(config-if)# exit
aos(config)# interface gigabitethernet 0/3
aos(config-if)# shutdown
aos(config-if)# no map switch default
aos(config-if)# no switchport
aos(config-if)# exit
aos(config)# end
Configure Loopback 0
aos# configure terminal
aos(config)# interface loopback 0
aos(config-if)# ip address 6.6.6.6 255.255.255.255
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config)# end
Configure interface gi 0/2
aos# configure terminal
aos(config)# interface gigabitethernet 0/2
aos(config-if)# no ip address
aos(config-if)# ip address 20.0.67.6 255.255.255.0
aos(config-if)# exit
aos(config)# interface gigabitethernet 0/2
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config)# end
Router 7 (CE2)
Create a virtual context with the name ‘default’ and shut down Spanning Tree.
aos# configure terminal
aos(config)# switch default
aos(config-switch)# shutdown spanning-tree
aos(config-switch)# shutdown lldp
aos(config-switch)# end
Configure interfaces gi 0/2 and 0/3
aos(config)# interface gigabitethernet 0/2
aos(config-if)# shutdown
aos(config-if)# no map switch default
aos(config-if)# no switchport
aos(config-if)# exit
aos(config)# interface gigabitethernet 0/3
aos(config-if)# shutdown
aos(config-if)# no map switch default
aos(config-if)# no switchport
aos(config-if)# exit
aos(config)# end
Configure Loopback 0
aos# configure terminal
aos(config)# interface loopback 0
aos(config-if)# ip address 7.7.7.7 255.255.255.255
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config)# end
Configure interface gi 0/2
aos# configure terminal
aos(config)# interface gigabitethernet 0/2
aos(config-if)# no ip address
aos(config-if)# ip address 30.0.76.7 255.255.255.0
aos(config-if)# exit
aos(config)# interface gigabitethernet 0/2
aos(config-if)# no shutdown
aos(config-if)# exit
aos(config)# end
After creating IP interfaces, use the following CLI command to check their status
on each device:
Configuring ISIS
IS-IS is used as the IGP within the provider’s network in this example.
Configure the R routers with the following NET IDs.
Router R1
Router R2
Router R3
After waiting for the routing protocol to converge, the routing tables can be
inspected using following CLI commands on any CTR in provider’s network:
aos# show ip route
aos# show ip isis route
Router R2
Router R3
aos(config-if)#no shutdown
aos(config-if)# exit
aos(config)# end
Enabling LDP
The following example demonstrates using LDP as a signalling protocol to signal
MPLS LSPs. An LDP entity has to be created on each MPLS router in provider's
network. By default, LDP will be enabled on all interfaces on which MPLS IP has
been enabled. The LDP entities will form adjacency with the neighbors on all the
MPLS enabled links and will participate in label negotiation and LSP signaling.
Router R1
Router R2
aos(config-mpls-ldp-entity-1)# no shutdown
aos(config-mpls-ldp-entity-1)#end
Router R3
After configuring LDP on all MPLS routers use following CLI commands to inspect
the status of LDP entities and the LDP database:
aos# show mpls ldp parameters
aos# show mpls ldp discovery
aos# show mpls ldp neighbor
aos# show mpls ldp database
VRF Configurations
A VRF has to be configured for each L3VPN service. VRF is only configured in
provider edge devices. Other devices in the provider’s network simply forward
MPLS labeled traffic and are agnostic to VPN service.
VRF between R1 and R3
aos(config-if)# no shutdown
aos(config-if)# end
aos# configure terminal
aos(config)# ip vrf red
aos(config)# end
aos# configure terminal
aos(config)# interface gi 0/2
aos(config-if)# ip vrf forwarding red
aos(config-if)# ip address 20.0.67.1 255.255.255.0
aos(config-if)# no shutdown
aos(config-if)# end
Define a static route for customer data
aos# configure terminal
aos(config)# ip vrf red 6.6.6.6 255.255.255.255 20.0.67.6
aos(config)# end
aos# configure terminal
aos(config)# ip vrf red mpls
aos(config-vrf)# rd 100:11
aos(config-vrf)# route-target export 700:11
aos(config-vrf)# route-target export 300:11
aos(config)# end
Router R3
aos(config)# end
aos# configure terminal
aos(config)# ip vrf red mpls
aos(config-vrf)# rd 300:11
aos(config-vrf)# route-target export 300:11
aos(config-vrf)# route-target export 700:11
aos(config)# end
Router R3
Add a route for customer data from CE1 to CE2 through the L3VPN
Router 6 (CE1)
Router 7 (CE2)
The topology is similar to Example 1: VPWS Service on page 106. This example
illustrates setting up MPLS tunnel with dynamic working path and explicit /strict
protecting path. Once the protected tunnel is configured, steps in examples 1, 2,
or 3 could be followed to establish a VPN service over the tunnel.
Initial Configurations
This section explains the initial configurations for entering different modes.
At R1:
Create a virtual context with the name default and shut down the spanning tree:
aos# configure terminal
aos(config)# switch default
aos(config-switch)# shutdown spanning-tree
aos(config-switch)# end
At R2:
Create a virtual context with the name default and shut down the spanning tree:
aos# configure terminal
aos(config)# switch default
aos(config-switch)# shutdown spanning-tree
aos(config-switch)# end
At R3:
Create a virtual context with the name default and shut down the spanning tree:
aos# configure terminal
aos(config)# switch default
aos(config-switch)# shutdown spanning-tree
aos(config-switch)# end
At R4:
Create a virtual context with the name default and shut down the spanning tree:
aos# configure terminal
aos(config)# switch default
aos(config-switch)# shutdown spanning-tree
aos(config-switch)# end
Configuring ISIS
At R1
At R2
At R3
At R4
At R2
At R3
At R4
Creating TE Links
At R1
aos(config-mpls-comp-link)# no shutdown
aos(config-mpls-comp-link)# exit
aos(config-mpls-te)#advertise
At R2
At R3
aos(config-mpls-te)#te-link te32
aos(config-mpls-te-link)#metric 100
At R4
At R1
At R2
At R3
At R3
Configure router-id
aos(config-rsvp)# router-id 1.1.1.1
At R2
Configure router-id
aos(config-rsvp)# router-id 2.2.2.2
At R3
Configure router-id
aos(config-rsvp)# router-id 3.3.3.3
At R4
Configure router-id
aos(config-rsvp)# router-id 4.4.4.4
At R3
aos(config-mpls-ldp-entity-1)#end
Tunnel Configurations
Hop Table Configurations
Before a strict path can be used as a path option for an MPLS TE tunnel, the path
needs to specified as a sequence of IP addresses for each hop. The path thus
created is given an ID and is saved in the configuration to be used in the tunnel
configuration.
At R1
Tunnel Configurations
At R1
Specify the encoding type and switching type for the tunnel
aos(config-if)#tunnel endpoint capability encoding lsp-packet switching psc1
After configuring tunnels, the following CLI commands can be used to inspect
the status of tunnels on edge and transit devices:
aos# sh rsvp request
aos# show mpls traffic-engineering tunnels brief
aos# show mpls traffic-engineering tunnels
You need to pay attention to Protection status – this should normally say
Available to indicate that protection is configured and the protecting path is
available. In case of a failure on working path, the tunnel switches to protecting
path and the protection status should say in use.
At R1
At R3
After configuring the BFD following CLI commands can be used to inspect the
status:
aos#Show bfd global info
aos#Show bfd session details/mapping/summary
aos#Show bfd stats
aos#Show bfd neighbours summary/detail/all
Configuring VPLS
Follow all steps in example 2 to set up the VPLS service with Port + VLAN based
attachment circuits.
Create access control list with VLAN 102 which is the VLAN for Port+VLAN
Attachment circuits:
aos# configure terminal
aos(config)# mac access-list extended 10
aos(config-ext-macl) # permit any any vlan 102
aos(config-ext-macl) # end
At router R1
aos# configure terminal
aos(config)# interface gi 0/1
aos(config-if)# mac access-group 10 in
aos(config-if)# end
At routers R3 and R4
aos# configure terminal
aos(config)# interface gi 0/2
aos(config-if)# mac access-group 10 in
aos(config-if)# end
Create Meters
Create policy maps with settings: yellow traffic marked with PCP=0, red traffic
dropped. Apply the class maps and meters created above to the policy map.
aos# configure terminal
aos(config)# policy-map 10
aos(config-ply-map)# set policy class 10
aos(config-ply-map)# set meter 10 exceed-action set-inner-vlan-pri
0 violate-action drop
aos(config-ply-map)# end
At router R1
aos# configure terminal
aos(config)# vlan 102
aos(config-vlan)# l2vpn-rate-limit egress set policy 20 interface
gigabitethernet 0/1
aos(config-vlan)# end
aos#
At routers R3 and R4
aos# configure terminal
aos(config)# vlan 102
aos(config-vlan)# l2vpn-rate-limit egress set policy 20 interface
gigabitethernet 0/2
aos(config-vlan)# end
aos#
The active configuration can be viewed using the following command:
aos#show l2vpn-rate-limit
Deconfiguring TACACS+
Deconfigure a TACACS+ server so it is no longer used by the CTR:
aos# configure terminal
aos(config)# no tacacs-server 1
Configure local AAA method (instead of TACACS+);
aos(config)# login authentication local
Deconfigure TACACS+ Accounting if required:
aos(config)# no aaa accounting login tacacs
CTR Portal
CTR Portal provides an easy-to-use interface for configuration, monitoring,
maintenance, and diagnostic functions.
CTR Portal should be used to:
o Load SW, license, and configuration files
o Configure radio/links
o Set plug-in slots
o Set Bridge Mode
o Set Router ports
o Configure basic OSPF
o Configure switch-port settings
o Configure QoS
o Configure VLANs
o Set local date and time
o View/access alarms, diagnostics, performance, events, statistics
o Configure L1LA
o Configure MEF 8 pseudowire (E1 only)
o Configure Synchronous Mode
CTR Portal access is achieved through one of the following browsers:
l Internet Explorer 10.0 or later
l Mozilla Firefox 25.0 or later
l Google Chrome 30.0 or later
l Apple Safari 6.0 or later
NOTE: J av as c ript mus t be enabled on all brow s er ty pes.
NOTE: A minimum PC dis play res olution of 1024 x 768 is required.
Login
Login is achieved by entering the IP address of the CTR, followed by a user
name and password.
l User names and passwords cannot be set using CTR Portal - these must
be set using CLI. See Changing IP Address and Local Management
Access on page 29.
o The default user name is root, and the default password for full
Pre-Login
Before login is attempted your PC must be set to have a LAN-compatible IP
address (your PC must operate as a device on the same LAN as the CTR), and an
RJ-45 (Cat5) cable must be connected from your PC Local Area Connection port
to the CTR management port, which is default switch-port 1. For setup
information see Switch Port Access on page 21.
Procedure:
With your PC connected to the CTR:
l Launch a web browser on your computer.
l Enter the CTR IP address in the address bar of the web page. For
example, if the IP address of the CTR is 192.168.1.1, then enter
192.168.1.1 in the address bar.
l The Login page appears.
CAUTION: Local safety regulations must be used if mandatory. Safety instructions in this guide should
be used in addition to the local safety regulations. Should there be conflict between safety instructions stated
in this guide and those from local regulations, mandatory local norms shall prevail.
Mains Power Supply CTR dc power, IF, tributary, auxiliary and NMS cables are not to be routed with any AC
Routing mains power lines. They are also to be kept away from any power lines which cross them.
Maximum Ambient The maximum ambient temperature (Tmra) for CTR indoor units and outdoor units is
Temperature +55° C (131° F). To ensure correct operation and to maximize long term component
reliability, ambient temperatures must not be exceeded. Operational specification
compliance is not guaranteed for higher ambients.
The maximum ambient temperature applies to the immediate operating environment of
the CTR indoor unit, which, if installed in a rack, is the ambient within the rack.
DC Supply Voltage CTR power supply modules have the +ve pin on their d.c. power supply connector connected to chassis ground.
and Polarity They must be used with a -48 Vdc power supply which has a +ve ground; the power supply ground conductor is the
+ve supply to CTR.
WARNING: The input is reverse polarity protected against swapping the -
48Vdc and Earth feeds. The input is not protected against feeding +48Vdc to
the Ground pin and Earth to the -48Vdc pin. This will result in an internal
protection circuit failure. NEVER connect to a Negative- Earth Supply.
For IRU 600 variants that require a separate wide-mouth +/-21 to +/-56 Vdc power supply connection, both pins on its
power supply connector are isolated from chassis ground.
Connection to D.C. CAUTION: This equipment has a connection between the earthed conductor of the d.c. supply
Supply Ground circuit and the earthing conductor.
This equipment must be connected directly to the d.c. supply system grounding electrode conductor or to a bonding
jumper from a grounding terminal bar or bus to which the d.c. supply system grounding electrode is connected.
Switching or disconnecting devices must not be in the grounded circuit conductor between the d.c. source and the
point of connection of the grounding electrode conductor.
This equipment must be located in the same immediate area (such as, adjacent cabinets) as any other equipment
that has a connection between the grounded conductor of the same d.c. supply circuit and the grounding conductor,
and also the point of grounding of the d.c. system. The d.c. system shall not be grounded elsewhere.
The d.c. supply source must be located within the same premises as the equipment.
Main Power Supply An appropriate disconnect device for the -48 Vdc power supply unit must be provided as
Disconnect part of the building installation.
Restricted Access The CTR system must be installed in restricted access sites. The indoor unit and
associated power supply must be installed in restricted areas, such as dedicated
equipment rooms, closets, cabinets, or the like. Access to any tower and antenna location
must be restricted.
For USA:
In restricted access areas install the CTR system in accordance with articles 110-26 and
110-27 of the 2002 National Electrical Code ANSI/NFPA 70, or to any subsequent update
to this code for the relevant articles.