Login
- Table of Contents
-
- 04-Layer 2 - LAN Switching Configuration Guide
- 00-Preface
- 01-VLAN Configuration
- 02-MAC Address Table Configuration
- 03-Spanning Tree Configuration
- 04-Ethernet Link Aggregation Configuration
- 05-Port Isolation Configuration
- 06-QinQ Configuration
- 07-VLAN Mapping Configuration
- 08-BPDU Tunneling Configuration
- 09-GVRP Configuration
- 10-Loopback Detection Configuration
- 11-MAC-in-MAC Configuration
- 12-LLDP Configuration
- 13-MVRP Configuration
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 11-MAC-in-MAC Configuration | 221.76 KB |
MAC-in-MAC frame encapsulation
MAC-in-MAC configuration task list
Creating a MAC-in-MAC instance·
Displaying and maintaining MAC-in-MAC
MAC-in-MAC configuration example
|
|
NOTE: The switch does not support MAC-in-MAC when it works in standard mode. For more information about system working modes, see Fundamentals Configuration Guide. |
MAC-in-MAC overview
Basic concepts
Figure 1 shows a typical MAC-in-MAC network. This section introduces some basic concepts of MAC-in-MAC based on this network.
Figure 1 A typical MAC-in-MAC network
PBBN
As shown in Figure 1, a network using MAC-in-MAC is called a provider backbone bridge network (PBBN) or MAC-in-MAC network. For users, a PBBN is a Layer-2 switching network where Layer-2 connections are between different nodes.
PBN
As shown in Figure 1, a network connecting the PBBN with the customer network is a provider bridge network (PBN). The customer network can connect to the PBBN directly, or through a PBN.
MAC-in-MAC frame
A frame processed by MAC-in-MAC is called a MAC-in-MAC frame. For more information about the encapsulation format of a MAC-in-MAC frame, see “MAC-in-MAC frame encapsulation.”
BEB
As shown in Figure 1, a backbone edge bridge (BEB) is an edge device in the PBBN, like a PE device in an MPLS network. The BEB encapsulates frames from the customer network by using MAC-in-MAC, or de-encapsulates MAC-in-MAC frames from the PBBN and forwards them to the customer network.
BCB
As shown in Figure 1, a backbone core bridge (BCB) is a core device in the PBBN, like a P device in an MPLS network. It forwards MAC-in-MAC frames according to their B-MAC and B-VLAN. A BCB device only forwards frames and learns MAC addresses in the backbone network. It does not learn a large number of customer MAC addresses. In this way, the network deployment costs are reduced, and the PBBN is given better expandability.
B-MAC/B-VLAN
When encapsulating a customer frame, a BEB tags the frame with the service provider MAC address (known as backbone MAC address, B-MAC) and service provider VLAN (known as backbone VLAN, B-VLAN). Note that the B-MAC falls into source B-MAC and destination B-MAC. In the PBBN, a BCB forwards MAC-in-MAC frames according to their B-MAC and B-VLAN.
Uplink port/downlink port
The port that connects the BEB to the PBBN is the uplink port, and the port that connects the BEB to the customer network is the downlink port. After the frames from the customer network are encapsulated in MAC-in-MAC frames, they are forwarded out of uplink ports on the BEB; after the MAC-in-MAC frames from the PBBN are de-encapsulated, they are forwarded out of the corresponding downlink port on the BEB according to the customer MAC.
MAC-in-MAC instance and I-SID
MAC-in-MAC frame encapsulation
Figure 2 Format of a MAC-in-MAC frame
Figure 2 shows the format of a MAC-in-MAC frame. Table 1 describes some key fields in the frame.
Table 1 Some key fields of a MAC-in-MAC frame
|
Field |
Full name |
Description |
|
B-DA |
Backbone destination MAC address |
Destination B-MAC, outer destination MAC address in a MAC-in-MAC frame. It is the MAC address of the BEB device at the destination end of the PBBN tunnel. The combination of B-DA and B-SA is B-MAC. |
|
B-SA |
Backbone source MAC address |
Source B-MAC, outer source MAC address in a MAC-in-MAC frame. It is the MAC address of the BEB device at the source end of the PBBN tunnel. The combination of B-DA and B-SA is B-MAC. |
|
B-Tag |
Backbone VLAN tag |
Outer VLAN tag in a MAC-in-MAC frame. It indicates the VLAN information and priority information of the frame within the PBBN. The Tag Protocol Identifier (TPID) in the B-tag is 0x8100. |
|
I-Tag |
Backbone service instance tag |
Service identifier of a MAC-in-MAC frame. The I-tag contains the backbone service instance priority code point (I-PCP) and backbone service instance drop eligibility indicator (I-DEI) on the BEB, backbone service instance identifier (I-SID), and the C-DA and C-SA of the customer frame. The TPID of the I-tag is 0x88E7. |
|
S-Tag |
Service provider VLAN tag |
Outer VLAN tag of the frame in the PBN, which indicates the VLAN information and priority information of the frame within the PBN. |
|
C-Tag |
Customer VLAN tag |
Inner VLAN tag of the frame in the PBN, which indicates the VLAN information and priority information of the frame within the customer network. |
|
|
NOTE: For more information about TPID, see the chapter “Configuring VLANs.” |
MAC-in-MAC frame forwarding
Figure 3 MAC-in-MAC frame forwarding
As shown in Figure 3, a MAC-in-MAC frame is forwarded in the PBBN using the following process:
1. BEB 1 encapsulates a customer frame with the corresponding B-MAC, B-VLAN, and I-SID, and then forwards the frame to the BCB through its uplink port.
2. BCB forwards the MAC-in-MAC frame from BEB 1 to BEB 2 according to its B-MAC and B-VLAN.
3. BEB 2 de-encapsulates the MAC-in-MAC frame from the BCB, restores the frames to a standard Ethernet frame, and then forwards the frame out of the corresponding downlink port to the customer network.
Protocols and standards
IEEE 802.1ah, Virtual Bridged Local Area Networks Amendment 7: Provider Backbone Bridges
MAC-in-MAC configuration task list
Perform the MAC-in-MAC-related configurations on the BEB devices only. The BCB devices simply forward MAC-in-MAC frames according to their B-MAC and B-VLAN.
Complete the following tasks to configure MAC-in-MAC:
|
Task |
Remarks |
|
Required |
|
|
Required |
|
|
Required |
|
|
Required |
|
|
Required |
|
|
Optional |
Configuring MAC-in-MAC
Enabling L2VPN
To configure MAC-in-MAC, which is a Layer-2 VPN technique, enable L2VPN first.
To enable L2VPN:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enable L2VPN and enter L2VPN view. |
l2vpn |
By default, L2VPN is disabled. |
|
|
NOTE: For more information about the l2vpn command, see MPLS Command Reference. |
Creating a MAC-in-MAC instance
To create a MAC-in-MAC instance, create a virtual switch instance of the MAC-in-MAC type and specify its I-SID. The I-SID identifies a type of services, and is the unique identifier of the MAC-in-MAC instance. The same I-SID must be used throughout a MAC-in-MAC network. For more information about the VSI, see MPLS Configuration Guide.
To create a MAC-in-MAC instance:
|
Step |
Command |
|
1. Enter system view. |
system-view |
|
2. Create a VSI of the MAC-in-MAC type, specify the I-SID, and enter VSI view. |
vsi vsi-name minm i-sid i-sid |
|
|
NOTE: For more information about the vsi command, see MPLS Command Reference. |
Configuring a B-VLAN
Only MAC-in-MAC instances with the same I-SID and B-VLAN can communicate. Therefore, you must specify a B-VLAN for a MAC-in-MAC instance.
To configure a B-VLAN for a MAC-in-MAC instance:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter VSI view. |
vsi vsi-name minm i-sid i-sid |
N/A |
|
3. Specify a B-VLAN for the MAC-in-MAC instance. |
minm bvlan vlan-id |
By default, no B-VLAN is specified for a MAC-in-MAC service instance. |
|
|
NOTE: · You can specify only one B-VLAN for a MAC-in-MAC instance, and specify the same B-VLAN for different MAC-in-MAC instances. · The B-VLAN must be a static, existing VLAN. · For more information about the vsi command, see MPLS Command Reference. |
Configuring an uplink port
You can specify one or more uplink ports for a MAC-in-MAC instance. On the BEB, frames from the customer network are encapsulated in MAC-in-MAC frames in the corresponding MAC-in-MAC instances, and then forwarded out of the corresponding uplink ports.
You can configure the uplink ports in either VSI view or interface view. If the same port is configured as an uplink port in both VSI view and interface view, the latest configuration takes effect.
|
|
CAUTION: · The uplink port configuration takes effect only after you specify a B-VLAN for the MAC-in-MAC instance. · To make the uplink port configuration take effect, assign them to the B-VLAN. |
Configuring an uplink port in VSI view
To configure an uplink port in VSI view:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter VSI view. |
vsi vsi-name minm i-sid i-sid |
N/A |
|
3. Specify an uplink port for the MAC-in-MAC instance. |
minm uplink interface-type interface-number |
By default, no uplink port is specified for a MAC-in-MAC service instance. |
|
|
NOTE: For more information about the vsi command, see MPLS Command Reference. |
Configuring an uplink port in interface view
To configure an uplink port in interface view:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter Layer-2 Ethernet interface view or Layer-2 aggregate interface view. |
interface interface-type interface-number |
N/A |
|
3. Specify the port as the uplink port for the MAC-in-MAC instance. |
minm uplink vsi vsi-name |
By default, a port is not configured as the uplink port of any MAC-in-MAC service instance. |
Configuring a downlink port
On the BEB, frames from the customer network are mapped to MAC-in-MAC instances based on the match criteria configured on downlink ports, and MAC-in-MAC frames from the PBBN are de-encapsulated in the corresponding MAC-in-MAC instances and then forwarded out of the corresponding downlink ports based on their customer MAC addresses.
You can specify one or more downlink ports for a MAC-in-MAC instance.
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Create a service instance and enter service instance view. |
service-instance instance-id |
By default, no service instance exists on a port. |
|
4. Configure the match criteria. |
encapsulation { s-vid vlan-id [ only-tagged ] | port-based | tagged | untagged } |
By default, no match criterion is configured. |
|
5. Associate the service instance with the specified MAC-in-MAC instance. |
xconnect vsi vsi-name [ access-mode { ethernet | vlan } ] |
By default, a service instance is not associated with any MAC-in-MAC service instance. |
|
|
NOTE: For more information about the service-instance, encapsulation, and xconnect vsi commands, see MPLS Command Reference. |
Applying a global CAR action
You can apply a global CAR action to a service instance to rate-limit the incoming or outgoing traffic of the service instance.
To apply a global CAR action:
|
Step |
Command |
Remarks |
|
1. Enter system view. |
system-view |
N/A |
|
2. Enter interface view. |
interface interface-type interface-number |
N/A |
|
3. Enter service instance view. |
service-instance instance-id |
N/A |
|
4. Apply a global CAR action to the service instance. |
car { inbound | outbound } name car-name |
By default, no global CAR action is applied to a service instance. |
|
|
NOTE: If you want to configure traffic policing on an attachment circuit (AC), do that before binding it to a MAC-in-MAC instance. For more information about an AC, see MPLS Configuration Guide. |
Displaying and maintaining MAC-in-MAC
|
Task |
Command |
Remarks |
|
Display the uplink connection information of the specified MAC-in-MAC instance. |
display minm connection [ vsi vsi-name ] [ | { begin | exclude | include } regular-expression ] |
Available in any view |
|
Clear the uplink connection information of the specified MAC-in-MAC instance. |
undo minm connection [ vsi vsi-name [ linkid link-id ] | { bvlan vlan-id | interface interface-type interface-number } * ] |
Available in user view |
|
Clear the service instance statistics of an interface. |
reset service-instance statistics [ interface interface-type interface-number [ service-instance instance-id [ inbound | outbound ] ] ] |
Available in user view |
MAC-in-MAC configuration example
|
|
NOTE: By default, Ethernet, VLAN, and aggregate interfaces are in DOWN state. Before configuring these interfaces, use the undo shutdown command to bring them up. |
Network requirements
As shown in Figure 4, enable customer network A to communicate with customer network B by using the MAC-in-MAC protocol.
Configuration procedures
1. Configure Device A:
# Create VLAN 20.
<DeviceA> system-view
[DeviceA] vlan 20
[DeviceA-vlan20] quit
# Enable L2VPN.
[DeviceA] l2vpn
[DeviceA-l2vpn] quit
# Create a VSI of the MAC-in-MAC type named aaa, specify the I-SID as 100, and configure Ethernet encapsulation for the instance.
[DeviceA] vsi aaa minm i-sid 100
[DeviceA-vsi-aaa] encapsulation ethernet
# Specify VLAN 20 as the B-VLAN for MAC-in-MAC instance aaa.
[DeviceA-vsi-aaa] minm bvlan 20
[DeviceA-vsi-aaa] quit
# Configure port GigabitEthernet3/0/1 as a trunk port, assign it to VLAN 20, and configure it as an uplink port of MAC-in-MAC instance aaa.
[DeviceA] interface GigabitEthernet 3/0/1
[DeviceA-GigabitEthernet3/0/1] port link-type trunk
[DeviceA-GigabitEthernet3/0/1] port trunk permit vlan 20
[DeviceA-GigabitEthernet3/0/1] minm uplink vsi aaa
[DeviceA-GigabitEthernet3/0/1] quit
# Configure port GigabitEthernet 3/0/2 as a trunk port, and assign it to all VLANs. Create service instance 1 on port GigabitEthernet 3/0/2, configure the port-based match criteria, and associate the service instance with MAC-in-MAC instance aaa by using the access mode of Ethernet.
[DeviceA] interface GigabitEthernet 3/0/2
[DeviceA-GigabitEthernet3/0/2] port link-type trunk
[DeviceA-GigabitEthernet3/0/2] port trunk permit vlan all
[DeviceA-GigabitEthernet3/0/2] service-instance 1
[DeviceA-GigabitEthernet3/0/2-srv1] encapsulation port-based
[DeviceA-GigabitEthernet3/0/2-srv1] xconnect vsi aaa access-mode ethernet
[DeviceA-GigabitEthernet3/0/2-srv1] quit
[DeviceA-GigabitEthernet3/0/2] quit
2. Configure Device B:
Configure Device B as you configure Device A. (Details not shown)
3. Verify the configuration :
Use the display minm connection command to display the uplink connection information (that is, the remote B-MAC information learned) of MAC-in-MAC instance aaa. For example:
# Display the uplink connection information of MAC-in-MAC instance aaa on Device A.
[DeviceA] display minm connection vsi aaa
1 connection(s) exist
VSIIndex LinkID BMAC BVLAN Interface Name State AGING TIME(s)
1 1 000f-e200-0001 20 GigabitEthernet3/0/1 Learned AGING
Troubleshooting
Symptom
The customer frames cannot be transmitted to the peer network by using MAC-in-MAC.
Analysis
· No VSI of the MAC-in-MAC type is configured on the BEB, or the configured VSI is down.
· The MAC-in-MAC configurations on the BEBs are inconsistent.
· The B-VLAN in the BEB is not created on the BCB, or the ports connecting the BEB and BCB are not both assigned to the B-VLAN.
Solution
1. User the display vsi verbose command to display the MAC-in-MAC configuration of the VSI. If the VSI is not configured with MAC-in-MAC, configure it. If the VSI is down, use the undo shutdown command to bring the VSI up. For more information about the display vsi verbose command, see MPLS Command Reference.
2. Use the display vsi verbose command on all BEBs to see whether they are consistent in the MAC-in-MAC configuration, especially the I-SID and B-VLAN. The MAC-in-MAC configurations on the BEBs should be consistent.
3. Use the display vlan all command on all BCBs to see whether the B-VLAN in the BEB is created on the BCB, and whether the ports connecting the BEB and BCB are both assigned to the B-VLAN. All ports connecting the BEB and BCB must be assigned to the VLAN.
