Ethernet Operations, Administration, and Management

CH A P T E R
Ethernet Operations, Administration, and Management

The following topics describe how you can use Cisco ANA to monitor Carrier Ethernet services.

Ethernet OAM Overview, page 9-1 CFM, page 9-2 Ethernet LMI, page 9-10
Ethernet OAM Overview

Cisco ANA supports three, interrelated OEM components, including:
Connectivity Fault ManagementConnectivity Fault Management (CFM) is an end-to-end per-service-instance (per VLAN) Ethernet layer OAM protocol that includes connectivity monitoring, fault verification, and fault isolation. CFM allows you to manage individual customer service instances. Ethernet Virtual Connections (EVCs) are the services that are sold to customers and are designated by service VLAN tags. CFM operates on a per-service-VLAN (or per-EVC) basis. It lets you know when an EVC fails and provides tools to isolate the failure. Link OAMLink OAM allows you to monitor and troubleshoot a single Ethernet link. It is an optional sublayer implemented in the Data Link Layer between the Logical Link Control (LLC) and MAC sublayers of the Open Systems Interconnect (OSI) model. You can monitor a link for critical events and, if needed, put a remote device into loopback mode for link testing. Link OAM also discovers unidirectional links, which are created when one transmission direction fails. Ethernet Link Management Interface Ethernet Link Management Interface (LMI) operates between the customer edge (CE) and the user-facing provider edge (U_PE) devices. It allows you to automatically provision CEs based on EVCs and bandwidth profiles.
Figure 9-1 shows an overview of Ethernet OAM components. CFM applies to a CE-to-CE span, while Link OAM and Ethernet LMI apply to CE-to-U_PE spans.
Cisco Active Network Abstraction 3.7.1 Theory of Operations Guide OL-21805-01
9-1
Chapter 9 CFM
Figure 9-1
Ethernet OAM Components
Customer
Service Provider
Customer
CE
Ethernet Access
MPLS Core
Ethernet Access
CE
E-LMI
Customer Domain Provider Domain Operator Domain Operator Domain Connectivity Fault Management Operator Domain
Link OAM
CFM
CFM is an end-to-end, per-service-instance Ethernet layer operations, administration, and maintenance (OAM) protocol. It includes proactive connectivity monitoring, fault verification, and fault isolation for large Ethernet metropolitan-area networks (MANs) and WANs. CFM provides capabilities for detecting, verifying, and isolating connectivity failures in networks with bridges operated by multiple independent organizations, each with restricted management access to each other's equipment. CFM allows you to discover and verify end-to-end, Carrier Ethernet PE-to-PE or CE-to-CE paths through bridges and LANs. End-to-end can be PE-to-PE or CE-to-CE. A service can be identified as a S-VLAN or an EVC service. A customer service instance is an EVC, which is identified by an S-VLAN within an Ethernet island, and by a globally unique service ID. A customer service instance can be point-to-point or multipoint-to-multipoint. CFM consists of maintenance domains. Maintenance domains are administrative regions used to manage and administer specific network segments. Maintenance domains are organized in a hierarchy. The administrator assigns a maintenance level to the domain from 0 (lowest level) to 7 (highest level), and the maintenance level determines the domains position within the CFM hierarchy. CFM maintenance domain boundaries are indicated by maintenance points. A maintenance point is an interface point that participates within a CFM maintenance domain. Maintenance point types include:
Cisco Active Network Abstraction 3.7.1 Theory of Operations Guide
9-2
242666
OL-21805-01
Chapter 9
Ethernet Operations, Administration, and Management CFM
Maintenance End Points (MEPs)Active CFM elements residing at the edge of a domain. MEPs can be inward or outward facing. They periodically transmit continuity check messages and expect to periodically receive similar messages from other MEPs within a domain. (Continuity messages are described in CFM Messages section on page 9-4.) If requested, MEPs can also transmit traceroute and loopback messages. MEPs are responsible for keeping CFM messages within the boundaries of a maintenance domain.
Inward-Facing MEPsCommunicate through the bridge relay and uses the bridge-brain MAC
address. Inward MEPs send and receive CFM frames at their level through the relay function, not through the wire connected to the port where the MEP is configured. Inward MEPs drop all CFM frames at their level (or a lower level) that come from the direction of the wire. In addition, inward MEPs process all CFM frames at their level coming from the direction of the relay function, and drop all CFM frames at a lower level coming from the direction of the relay function. Inward MEPs transparently forward all CFM frames at their level (or a higher level), independent of whether they come from the relay function or wire side. If the port on which an inward MEP is configured is blocked by STP, the MEP no longer transmits or receives CFM messages.
Up MEP and Up MIP is provisioned on the C-VLAN component on a PE device port that
includes 802.1ad services. Up MEP generates double-tagged (CE-VLAN + SP-VLAN) CFM flows. MIPs on the CE-VLAN component process CFM frames that are single-tagged when coming from the wire-side and double-tagged when coming from the relay-function side.MIPs on the SP-VLAN component process untagged CFM frames from the wire and single-tagged CFM frames from the relay-function.
Note
Up MEP and Up MIP is supported on the Cisco ME 3400 Series and Cisco ME 3750 Series Ethernet access switches.
Outward-Facing MEPsCommunicate through the wire and can be configured on routed ports
and switch ports. A MIP configuration at a level higher than the outward MEP level is not required. Outward MEPs on routed ports use the port MAC address. Outward MEPs on port channels use the bridge-brain MAC address of the first member link. When port channel members change, the outward MEP identities do not have to change. Outward MEPs send and receive CFM frames at their level through the wire connected to the port where the MEP is configured. They drop all CFM frames at their level (or at a lower level) that come from the relay direction. In addition, outward MEPs process all CFM frames at their level coming from the wire direction, drop all CFM frames at a lower level coming from the wire direction, and transparently forward all CFM frames at levels higher than the out MEP level, independent of whether they come from the relay or wire side. This function is not applicable to routed ports. If the port on which the outward MEP is configured is blocked by Spanning-Tree Protocol, the MEP can still transmit and receive CFM messages via the wire.
Maintenance Intermediate Points (MIPs)Passive elements that catalog information received from MEPs and other MIPs. MIPs only respond to specific CFM messages such as traceroute and loopback, and they forward those messages within the maintenance domain. MIPs:
Apply to maintenance domains for all S-VLANs enabled or allowed on a port. Are internal to a domain, not at the boundary. Catalog and forward CFM frames received from MEPs and other MIPs using both the wire and
the relay function.

Stop and drop all CFM frames at a lower level independent of whether they originate from the
wire or relay function.
9-3
Chapter 9 CFM
Forward all CFM frames at a higher level independent of whether they arrive from the wire or
relay function.
Are passive points that respond only when triggered by CFM traceroute and loopback messages. Use bridge-brain MAC addresses.
Transparent PointsPassive maintenance points similar to MIPs. However, transparent points do not catalog information from CFM messages; they only forward messages within the domain.
Figure 9-2 shows service provider CFM maintenance domains, including the service provider domain, maintenance level 6, and operator domains, which have a maintenance level of 3 or 4.
Figure 9-2 CFM Maintenance Domains
Operator 1 E1 PE 1 PE 2
Operator 2 PE 3 PE 4
CE 2
MEP Level 6
MIP
MIP
MEP Level 6
MEP MEP Level 3 MIP MIP MEP
MIP
MIP
MEP Level 4
157281
CFM Messages
CFM is based on the exchange of continuity messages among CFM domains:
Continuity CheckThe CFM heart-beat messages exchanged periodically between MEPs. They allow MEPs to discover other MEPs within a domain, and allow MIPs to discover MEPs. Continuity check messages are confined to a domain and an S-VLAN TracerouteTransmitted by a MEP at the request of the administrator to track the path, hop-by-hop, to a destination MEP. Traceroute messages allow the transmitting node to discover vital connectivity data about the path similar to the User Datagram Protocol (UDP) traceroute. LoopbackTransmitted by a MEP at the request of the administrator to verify connectivity to a particular maintenance point. The loopback indicates whether the destination is reachable, but does not allow hop-by-hop discovery of the path. CFM loopback messages are similar in concept to the Internet Control Message Protocol (ICMP) Echo (Ping) command.
9-4
OL-21805-01
Chapter 9
Cross-checkProvide a post-provisioning service connectivity verification. They allow the configuration of a static list of expected remote MEPs per service, and then cross-check this list against what is learned dynamically from the cross-check messages. Cross-check messages generate the appropriate alarms when errors are detected.
CFM over Bridge Domains

Untagged CFM packets can be associated with a MEP. An incoming untagged customer CFM packet has an EtherType of CFM and is mapped to an EVC or bridge domain based on the encapsulation configured on the EFP. The EFP is configured specifically to recognize these untagged packets. An EFP is a logical demarcation point of an EVC on an interface and can be associated with a bridge domain. The VLAN ID is used to match and map traffic to the EFP. VLAN IDs have local significance per port similar to ATM or Frame Relay virtual circuits. CFM is supported on a bridge domain associated with an EFP. The association between the bridge domain and the EFP allows CFM to use the encapsulation on the EFP. All EFPs in the same bridge domain form a broadcast domain. The bridge domain ID determines the broadcast domain. The distinction between a VLAN port and the EFP is the encapsulation. VLAN ports use a default dot1q encapsulation. For EFPs, untagged, single tagged, and double tagged encapsulation exists with dot1q and IEEE dot1ad EtherTypes. Different EFPs belonging to the same bridge domain can use different encapsulations.
CFM in Cisco ANA NetworkVision

CFM properties are displayed in the Cisco ANA NetworkVision Logical Inventory. You can expand the CFM tree to display a list of maintenance domains, and view CFM properties, maintenance domains, and MIPs in the Cisco ANA NetworkVision content area (Figure 9-3).
9-5
Chapter 9 CFM
Figure 9-3
CFM Maintenance Domains in Cisco ANA NetworkVision
1 2
CFM Logical Inventory tree Maintenance domains
MIPs
9-6
OL-21805-01
248317
Chapter 9
Expanding a CFM maintenance domain displays the maintenance domain properties and associations (Figure 9-4).
Figure 9-4 Maintenance Domain Maintenance Associations
1 CFM maintenance domain
Maintenance domain maintenance associations
Expanding a CFM maintenance association displays the maintenance association properties and its MEPs (Figure 9-4). If a MEP has a remote MEP, a notation appears in the Remote MEPS column. The remote MEP properties can also be viewed.
248316
9-7
Chapter 9 CFM
Figure 9-5
Maintenance Association Properties and MEPs
1 MEPs 2 Maintenance association properties
CFM Command Builder Templates

CFM Command Builder templates allow you to perform some CFM configurations on network devices. To use the CFM Command Builder templates, you identify all CFM domains and all MEPs and MIPs that reside within each domain. Then you apply the templates starting from the lowest domain to the highest. That is, you begin with the operator domain, proceed to the service provider domain, and end with the customer domain. CFM templates are numbered to ensure that you complete them in the proper sequence. Table 9-1 lists the CFM templates delivered with Command Builder. Some templates, such as cfm-2-configure-globalparams, can be applied on more than one device. Others, such as cfm-3-configure-mip, must be applied to one device at a time. Commands are divided into network, service, and diagnostic commands. Perform the network commands after the devices are added. Perform the service commands every time a service is enabled in the network. Diagnostic commands can be run at any time after the CFM is configured on the network.
9-8
248315
OL-21805-01
Chapter 9
Table 9-1
CFM Command Builder Templates
Command
Network Provisioning
Description Configures the CFM domain. Defines CFM global parameters.
Applies To All MIPs and MEPs in the domain All MIPs and MEPs in the domain
CLI Commands ethernet cfm domain $domain$level $level$ mep archive-hold-time $holdtime$ ethernet cfm enable ethernet cfm traceroute cache ethernet cfm traceroute cache size $size$ ethernet cfm traceroute cache hold-time $holdtime$
cfm-1-configure-domain
cfm-2-configure-globalparams
cfm-3-configure-mip
Configures the domain MIPs.
All MIPs in the domain, one MIP at a time All MEPs in the domain
ethernet cfm mip level $level$
cfm-4-define-continuitycheck
Configures the CFM continuity check. Defines the CFM service ID. Configures the domain MEPs.
ethernet cfm cc level $level$ vlan $vlans$ interval $interval$ loss-threshold $loss-threshold$
Service Provisioning
cfm-5-configure-serviceid
All MIPs and MEPs in the domain All MEPs in the domain, one MEP at a time All MEPs in the domain All MEPs in the domain
ethernet cfm domain $domain$ level $level$ service $domain$-$svlanid$ vlan $svlanid$ ethernet cfm mep level $level$ mpid $mpid$ vlan $vlans$
cfm-6-configure-mep
cfm-7-enable-continuitycheck cfm-8-enable-snmpservertraps
Enables the CFM continuity check. Enables the SMMP server trap.
ethernet cfm cc enable level $level$ vlan $vlans$ snmp-server enable traps ethernet cfm cc mep-up mep-down cross-connect loop config snmp-server enable traps ethernet cfm crosscheck mep-missing mep-unknown service-up
Diagnostic Commands
cfm-diag-ping-mac
Pings CFM remote MEP supplying MAC Pings CFM remote MEP supplying MPID Pings CFM remote MEP supplying Milticast
ping ethernet $remote-mac$ domain $domain$ vlan $vlans$ ping ethernet mpid $mpid$ domain $domain$ vlan $vlans$ ping ethernet multicast domain $domain$ vlan $vlans$
cfm-diag-ping-mpid
cfm-diag-ping-multicast
9-9
Chapter 9 Ethernet LMI
Table 9-1
CFM Command Builder Templates (continued)
Command cfm-diag-traceroute-mac
Description
Applies To
CLI Commands traceroute ethernet $remote-mac$ domain $domain$ vlan $vlans$ traceroute ethernet mpid $mpid$ domain $domain$ vlan $vlans$
Traceroute remote MEP supplying MAC Traceroute remote MEP supplying MPID
cfm-diag-traceroute-mpid
Ethernet LMI
Ethernet LMI defines the protocol and procedures that allows CE devices to be automatically configured by the service provider U_PE device. Ethernet LMI also notifies the CE device about EVC status changes. Ethernet LMI protocol communicates the following information to the CE device:
EVC additionsIf a new EVC is added to the network, for example, a new branch office is connected to headquarters, Ethernet LMI notifies the respective CEs after the service provider turns on the service. In particular, the service endpoints are notified of the corresponding VLAN ID to be used by a given service (also known as C-VLAN to EVC map attribute). EVC deletionsIf an EVC is removed from the network, Ethernet LMI notifies the respective CEs after the service provider turns off the service. EVC stateAfter receiving an EVC inactive or active state notification, the CE device can take corrective action, such as rerouting traffic to a different EVC or other WAN service if the EVC is inactive, or returning traffic to normal routes after the EVC becomes active. Remote UNI is downAfter receiving notification that a remote UNI is down notification, the CE device can take corrective action, such as rerouting traffic to a different EVC or other WAN service. The device returns traffic to the normal routes after it receives notification that the remote UNI is up. UNI and EVC attributesEthernet LMI communicates the following UNI and EVC attributes to the CE device:
EVC identificationCommunicates the VLAN ID used to identify each EVC (C-VLAN to
EVC map). This removes the possibility of a VLAN mismatch between the service provider and customer equipment.
Remote UNI identificationCommunicates the names of the remote UNIs associated to a
given CE device service. This information can be used to verify that the right end points are connected by an EVC.
Bandwidth profilesCommunicates bandwidth provided to the CE device. If an enterprise is
subscribed to a 50-Mbps service, the CE device can automatically configure itself to shape the egress traffic to 50 Mbps on the WAN interface. By shaping to 50 Mbps rather than having the service provider police a 100-Mbps stream down to 50 Mbps, enterprise customers reduce the number of dropped packets and increase the throughput they receive. The Ethernet LMI process flow is shown in Figure 9-6 on page 9-11,
9-10
OL-21805-01
Chapter 9
Ethernet Operations, Administration, and Management Ethernet LMI
Figure 9-6
Ethernet LMI Process Flow
Customer
Service Provider
Service Provider
Customer
E-LMI CE Ethernet Access MPLS Core Ethernet Access CE
CE
U-PE
EVC additions/deletions EVC state Remote UNI status UNI and EVC attributes
U-PE
CE
Ethernet LMI Communication
Ethernet LMI Communication
Ethernet LMI and Cisco ANA NetworkVision

Ethernet LMI logical inventory is displayed in the Ethernet LMI logical inventory item shown in Figure 9-7. The Ethernet LMI logical inventory includes two tabs:
Device EVCsDisplays the device EVCs. You can also view the EVC UNI properties in a separate window. Additionally, from the device EVC you can navigate to maintenance association in the logical inventory, and from the UNI Properties window you can navigate to physical interface inventory for local UNIs. ELMI InterfacesDisplays the interfaces that have Ethernet LMI enabled. Each interface is hyperlinked to allow you to jump to the interface in the Physical Inventory tree.
242665
9-11
Chapter 9 Link OAM
Figure 9-7
Ethernet LMI Logical Inventory
1 2 3
Ethernet LMI Logical Inventory Device EVCs Ethernet LMI Interfaces
Link OAM
Link OAM is an optional sub-layer implemented in the Open Systems Interconnection (OSI) Data Link Layer between the Logical Link Control and MAC sub-layers (Figure 9-9).
9-12
OL-21805-01
249221
Chapter 9
Ethernet Operations, Administration, and Management Link OAM
Figure 9-8
Link OAM in the OSI Model
The Link OAM frames, OAM Protocol Data Units (OAMPDUs), cannot propagate beyond a single hop within an Ethernet network. Link OAM processes include:
DiscoveryDiscovery is the first Link OAM process. During discovery, Link OAM identifies the devices at each end of the link and learns their OAM capabilities. Discovery uses information from the OAM PDUs. During the discovery phase, the following information is advertised within periodic information OAM PDUs:
OAM modeConveyed to the remote OAM entity. The mode can be either active or passive and
can be used to determine device functionality.

OAM configuration (capabilities)Advertises the capabilities of the local OAM entity. A peer
can use this information to determine what functions are supported and accessible; for example, loopback capability.
OAM PDU configurationIncludes the maximum OAM PDU size for receipt and delivery.
This information along with the 10 frames per second rate limit can be used to limit the bandwidth allocated to OAM traffic.
Platform identityA combination of an organization unique identifier (OUI) and 32-bits of
vendor-specific information. OUI allocation, controlled by the IEEE, is typically the first three bytes of a MAC address. Discovery includes an optional phase in which the local station can accept or reject the configuration of the peer OAM entity. For example, a node might require that its partner support loopback capability to be accepted into the management network. These policy decisions might be implemented as vendor-specific extensions.
Link monitoringDetects and indicates link faults under a variety of conditions. Link monitoring uses the event notification OAM PDU and sends events to the remote OAM entity when problems are detected on the link. Error events include:
Error Symbol Period (error symbols per second)Number of symbol errors that occurred
during a specified period exceeded a threshold. These errors are coding symbol errors.
Error Frame (error frames per second)Number of frame errors detected during a specified
period exceeded a threshold.
9-13
Chapter 9 Link OAM
Error Frame Period (error frames per n frames)Number of frame errors within the last n
frames that exceeds a threshold.

Error Frame Seconds Summary (error seconds per n seconds)Number of error seconds
(1-second intervals with at least one frame error) within the last n seconds that exceeds a threshold. Because IEEE 802.3ah OAM does not provide a guaranteed delivery of any OAM PDU, the event notification OAM PDU might be sent multiple times to reduce the probability of a lost notification. A sequence number is used to recognize duplicate events.
Remote Failure indicationInforms peers when a received path goes down. Because link connectivity faults caused by slowly deteriorating quality are difficult to detect, Link OAM communicates such failure conditions to its peer using OAMPDU flags. The following failure conditions can be communicated:
Link FaultLoss of signal is detected by the receiver; for instance, the peer's laser is
malfunctioning. A link fault is sent once per second in the information OAM PDU. Link fault applies only when the physical sublayer is capable of independent transmit and receive operations.
Dying GaspAn unrecoverable condition has occurred; for example, a power failure. This type
of condition is vendor specific. A notification about the condition may be sent immediately and continuously.
Critical EventAn unspecified critical event has occurred. This type of event is vendor
specific. A critical event may be sent immediately and continuously.
Remote LoopbackAn OAM entity can put its remote peer into loopback mode using the loopback control OAM PDU. Loopback mode helps an administrator ensure the quality of links during installation or when troubleshooting. In loopback mode, every frame received is transmitted back on the same port except for OAM PDUs and pause frames. The periodic exchange of OAM PDUs must continue during the loopback state to maintain the OAM session. The loopback command is acknowledged by responding with an information OAM PDU with the loopback state indicated in the state field. This acknowledgement allows an administrator, for example, to estimate if a network segment can satisfy a service-level agreement. Acknowledgement makes it possible to test delay, jitter, and throughput. When an interface is set to the remote loopback mode the interface no longer participates in any other Layer 2 or Layer 3 protocols; for example Spanning Tree Protocol (STP) or Open Shortest Path First (OSPF). The reason is that when two connected ports are in a loopback session, no frames other than the OAM PDUs are sent to the CPU for software processing. The non-OAM PDU frames are either looped back at the MAC level or discarded at the MAC level. From a user's perspective, an interface in loopback mode is in a link-up state.
Figure 9-9 shows Link OAM placement within a service provider network.
9-14
OL-21805-01
Chapter 9
Ethernet Operations, Administration, and Management Link OAM
Figure 9-9
Link OAM Process Flow
Customer
Service Provider
Service Provider
Customer
802.3ah Ethernet in the First Mile Ethernet Access MPLS Core Ethernet Access
CE
CE
CE
U-PE
Link and OAM capability discovery Link monitoring Remote MIB variable retrieval Remote failure indication Remote loopback
CE
U-PE
802.3ah OAMPDUs
802.3ah OAMPDUs
Link OAM and Cisco ANA NetworkVision

Link OAM properties can be viewed in both the Cisco ANA NetworkVision logical and physical inventories. Figure 9-10 shows the major Link OAM properties displayed from the OAM Logical Inventory item.
242667
9-15
Chapter 9 Link OAM
Figure 9-10
Link OAM Logical Inventory
Figure 9-10 shows the detailed Link OAM properties displayed by double-clicking an OAM entry in the OAM logical inventory table.
Figure 9-11 Link OAM Properties
9-16
OL-21805-01
249223

Ethernet Operations, Administration, and Management

Diunggah oleh

Informasi Dokumen

Deskripsi Asli:

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Ethernet Operations, Administration, and Management

Diunggah oleh

Hak Cipta:

Format Tersedia

CH A P T E R