Professional Documents
Culture Documents
L2Switching - With - ELAN 0x1
L2Switching - With - ELAN 0x1
with
ELAN 0x
ELAN02 8FE + 2GE 6FE + 2GE STM-4 TJ100MC4L, TJ100ME4, TJ100MC16/16X, TJ1500, TJ1270
Increase performance
Reduce cost
Notes (… contd.):
2. C-VLAN stands for Customer VLAN, S-VLAN stands for Service Provider VLAN
3. In each VLAN Tag Control Information of 2 bytes,
CFI
Priority VLAN Identifier
bits 7 6 5 4 3 2 1 0 7 6 5 4 3 2 1 0
msb lsb msb lsb
bytes First byte Second byte
12 bits are for VLAN Tag (possible no.s 1 to 4094) **
**
Tag 0 is used to indicate NO VLAN tagging WITH priority tagging, Tag 4095 unused.
1 bit is for Canonical Form Indicator (CFI), CFI=0 for Ethernet
and 3 bits are for Priority Tag (possible no.s 0 to 7, with 7 is higher priority)
4. MAC DA, SA, and the Payload areas remain the same in all three frame format.
5. FCS keeps on changing as Frame Check Sequence is calculated on more and more bytes.
6. Usage of VLAN Tag and Priority Tag will be described later.
User-configurable per-port basis, i.e., individually for each Eth / VCG port *
In .Q mode
If Ingress traffic is Tagged then PVID is not used
If ((Ingress traffic is Untagged) & (Acceptable frame type is ‘Admit all’))
then the traffic is C-VLAN-tagged by the PVID of the Ingress port
Ex: Eth 5 of an ELAN 0x card is the Ingress port, getting customer traffic with C-VLAN tag of 200 and the PVID of Eth 5 is
300. The number 300 will be unused in .Q mode, whereas in Q-in-Q mode the traffic will get S-VLAN tagged by 300.
Some Eth ports and/or some VCG ports will be member of a particular VLAN table
depending on the application.
Any particular Eth / VCG port can be member of many VLAN tables though.
Any Ingress traffic with VLAN-tag ‘a’ will search for**
its destination
by looking up ONLY the VLAN table no. ‘a’
Packets will be forwarded to
all the members of VLAN table no. ‘a’ (i.e. these ports will act as Egress ports)
excluding the Ingress port (assume that Ingress port is member of VLAN table no. ‘a’
* Table no.1, wherein ALL Eth and VCG ports are member (used for broadcast within the switch), is NOT
user-configurable.
** C-VLAN tag in case of .Q mode and S-VLAN tag in case of Q-in-Q mode
VCG 1 ETH 3
Untagged
SDH/SONET Ingress: VCG 1
Backbone VCG 2 & VCG 2
ELAN 0x Egress: ETH 3
A C
In Q-in-Q mode, the ports can be configured as a customer network port or provider network port. The ETH ports are
customer ports and VCG ports are provider ports by default.
In Q-in-Q mode, when any port is included as a member of any VLAN table, NO option is there to include the port either as
‘tagged’ or as ‘untagged’
Always any VCG port is included as ‘tagged’ and any ETH port as ‘untagged’
Why so? Will be discussed after Q-in-Q mode application slide
© Tejas Networks Confidential and Proprietary Software Enabled Transformation 13
Why Q-in-Q ?
ETH 5
ETH 5
Tagged, 100 A C
VCG 1 VCG 2
VLAN 100
ETH 5 ports are for
VLAN 100 ETH 1
ETH 1 ports are for Customer B, Can VLAN
Customer A, VLAN 100 is ETH 1 100 be modified in A,B,C ETH 5
B
made in A,B,C as shown??
VCG 1 VCG 1
ETH 1 ETH 5
VCG 2 VCG 2
NO
Note: Any MAC DA based table is a sub-table of a particular VLAN table – so, VLAN table rule can not be
bypassed, e.g., switching for some Ingress traffic with ‘latest’ tag ‘a’ can not be based on any MAC DA based
table which is a sub-table of VLAN table ‘b’
Statement is:
If (MAC DA of Ingress traffic = ‘Unicast DA’ entry in the static Unicast table)
Then the sole Egress port will be the ‘direct to’ port entry in the static Unicast table
Under the ‘VLAN table’ entry in the static Unicast table
Under which VLAN(s)? that (those) VLAN ids, which was learned by the port above
We need to discuss ‘Dynamic MAC learning’ feature.
Statement is:
If (MAC DA of Ingress traffic = ‘Unicast DA’ entry in the dynamic Unicast table)
Then the sole Egress port will be the ‘direct to’ port entry in the dynamic Unicast table
Under the ‘VLAN table’ entry in the dynamic Unicast table
Ageing Time
Feature for whole switch, NOT per-port feature
Value is configurable from UI between 1 second and 106 second
Value should be entered in units of Seconds, e.g., for 5 minutes, enter value 300
ETH 5
Client 2 2 2 2
Client
SA MAC1 3 3 VCG 1
3 3
4 4 VCG 5
4 4
5 5 5 5
Dynamic Unicast Table
VLAN = 100 VLAN
VLAN
= 100
= 100
DA = MAC 1 DADA
! ==MAC
MAC11
Egress = ETH 1
For Monitoring and analyzing the traffic contents locally (by means of any Eth test-set)
without disturbing the normal traffic flow.
‘Source’ port(s): the port(s), whose contents we want to mirror
‘Direct to’ or ‘mirror’ or probe port: the port, where traffic will be mirrored. Probe port is
not network connected.
Multiple source ports can be mirrored on to a probe port. If the combined rate of the source
ports is more than the probe port, then the mirrored traffic will be dropped.
2. The mirror port will NOT act as traffic port (neither as Ingress nor as Egress)
4. Even if a port is part of a VLAN then also allow that port to be configured as a destination
(probe) port.
5. Even if a port is part of LAG then also allow it to be configured as a Destination (probe)
port.
To connect two switches, we use a cable to connect two physical ports (one in each of the switches) and
configure them as a trunk.
But a single trunk has bandwidth limitations.
LAG is a process of inter-connecting two switches with two or more links between them (or between a
switch and a server), so that multiple links are combined into one bigger virtual link that can carry a higher
(combined) bandwidth.
All these multiple links participating in a Link Aggregation Group act like a single large (virtual) link.
A Link Aggregation Group (LAG) combines a number of physical ports together to make a single high-
bandwidth data path, so as to implement the traffic load sharing among the member ports in the group
and to enhance the connection reliability.
If two switches support 1 GE ports, multiple ports from one switch can be connected to multiple ports in
another switch to provide high-bandwidth connections (2 GE, 3 GE, etc) between the switches.
This approach is not only inexpensive (doesn’t require hardware upgrades), but also allows a granular
upgrade of interconnect bandwidth between the two switches.
• Type A
1. Distribution
2. Protection
• Type B
1. Static
2. LACP
Distribution Mode:
Multiple links participating in a LAG can also load-balance the traffic between them so that traffic is evenly
distributed.
All the links (ports) should have same speed and all the links will be active
100Mbps
400Mbps 100Mbps 400Mbps
A 100Mbps B
100Mbps
In this example, 400 Mbps of total traffic coming from multiple customers to node A is distributed equally among 4,
100Mbps links
Distribution technique usually depends on the vendor
In Tejas equipment, distribution happens based on the IP/MAC addresses of the traffic streams
• If there is failure on any of the links, the traffic will still be UP but packet drops happen equally on all the remaining
active links (i.e all the customers would experience equal amount of speed reduction)
100Mbps
400Mbps 100Mbps 300Mbps
A 100Mbps B
100Mbps
• Now, as soon the link becomes healthy again, traffic starts flowing through it automatically with no more packet drops
LAG LAG
Stream-1 Stream-1
SAxx.xx.xx.xx.xx.01(X) SAxx.xx.xx.xx.xx.03(Y)
DAyy.yy.yy.yy.yy.03(Y) DAyy.yy.yy.yy.yy.01(X)
SIPx.x.x.001(X) SIPx.x.x.003(Y)
DIPy.y.y.003(Y) DIPy.y.y.001(X)
Stream-2 Stream-2
SAxx.xx.xx.xx.xx.02(X+1) SAxx.xx.xx.xx.xx.04(Y+1)
DAyy.yy.yy.yy.yy.03(Y) DAyy.yy.yy.yy.yy.01(X)
SIPx.x.x.002(X+1) SIPx.x.x.004(Y+1)
DIPy.y.y.003(Y) DIPy.y.y.001(X)
Members of LAG is decided by the last bits of the MAC & IP address.
© Tejas Networks Confidential and Proprietary Software Enabled Transformation 31
LAG-Link Selection
Stream-1
EXOR of last byte (Applicable both for MAC & IP)
Stream-2
EXOR of last byte (Applicable both for MAC & IP)
Protection Mode:
LAG is also used for increasing link reliability.
Since multiple links connect two devices, even if one fails the other links keep carrying the information and the traffic
on the failed link is also transferred to them.
That way, loss of a single link between two switches doesn’t stop the communication between them.
The number of links that can combine to form a larger link between two devices is generally restricted by
the hardware vendor.
LAG is a static protocol and needs to be configured individually for each pair of physical ports.
• Here only 2 links should be present. One will be work and the other will be protect
• Always 1 link will be active at a time in LAG protection mode
• Only when work path goes down, protect path will become active and start carrying the traffic
• If work path becomes healthy after a failure, the traffic will still be in protect path until there is a failure on protect path
100Mbps WORK
100Mbps 100Mbps
A B
100Mbps
PROTECT
• In this case, if work link fails then traffic switches over to the protect link
• But if the work link gets restored after a while, the traffic will still flow through protect and will not switch back to work
unless there is a failure on protect
100Mbps WORK
100Mbps 100Mbps
A B
100Mbps
PROTECT
• In static mode, it is not mandatory to configure LAG at both the ends of the links.
• Static LAG works even with one end configuration because it doesn’t make use of LACP packets to establish connectivity
between the ports on a link
100Mbps WORK
100Mbps 100Mbps
A B
100Mbps
PROTECT
100Mbps WORK
100Mbps 100Mbps
A B
100Mbps
PROTECT
LACP is similar to LAG, where multiple ports/links between two switches combine to provide higher
bandwidth links between them.
Additionally, ports that are LACP enabled can automatically configure themselves into trunk groups,
without any manual configuration/intervention.
The main purpose of LACP is to automatically add/delete individual links to the aggregate bundle, while
adding new links and also after recovering from link failures.
LACP can monitor to verify if all the links are connected to the right group.
Basically, LACP helps automate the configuration and maintenance of LAG’s.
LACP is a dynamic protocol.
LACP is a standard and hence LACP can be implemented between multi-vendor switches.
Maximum number of bundled ports allowed in the port channel: Valid values are usually from 1 to 8.
LACP packets are sent with multicast group MAC address 01:80:c2:00:00:02
During LACP detection period LACP packets are transmitted every second
LACP can have the port-channel load-balance mode
LACP mode :
Active: Enables LACP unconditionally.
Passive: Enables LACP only when an LACP device is detected. (This is the default state).
SP
WRR + SP
CoS Q7 CA
WFQ + SP
Tail Drop
WRED (with two colour meter)
• If Extended IP based ACL, extended L3 fields as shown below will be matching criteria
SIP and SIP mask
DIP and DIP mask
IP Precedence value, IP TOS value, DSCP value (only one value at a time can be used)
Protocol number
L4 ports (source and destination)
AND
Match criteria-3
OR PORT
ACL
Match criteria-1*
AND
Match criteria-3*
ACL Type Filter Criteria Max Filter Criteria per Max Rules per ACL
ACL Rule
send
I/p data
drop
Enabling flow control while doing ERL => Switch has to buffer!
>EBS EIR allows Service Provider to efficiently use network during non-peak
usage
C CIR ensures Service Provider meets the minimum guaranteed bandwidth
≤ CBS as per SLAs
E
≤ EBS
Yes
High? CoS Queue 7
No
No
No
Low? CoS Queue 1
Yes
CoS Queue 0
Q6
Q7
Q7
B min 100%
CoSQ Q0 Q1 Q2 Q3 Q4 Q5 Q6 Q7
Mode WFQ WFQ WFQ WFQ WFQ SP SP SP
Bmin 5 10 15 20 25 - - -
Bmax 10 20 30 40 50 60 75 100
Available Bandwidth (Y Mbps) Active queues B/w (Mbps) distribution by the scheduler
75 Mbps Q0, Q1, Q2, Q3 & Q4 Q0 (5) + Q1 (10) + Q2 (15) + Q3 (20) + Q4 (25)